IBM QRadar SOAR

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

View Only

Back to discussions

Expand all | Collapse all

Installing SOAR Function Utilities app in Air Gapped Environment.

1. Installing SOAR Function Utilities app in Air Gapped Environment.

SOAR Engineer

Posted Mon August 14, 2023 02:10 PM

Hi Team,

Installed resilient-circutis by enabling internet access.

Then moved the server to air gapped environment and trying to install the SOAR Function Utilities app from IBM App Exchange:https://exchange.xforce.ibmcloud.com/hub/extension/2130e450a06aa760b2556bf981068159 following the below link:

Installing an app package on the SOAR Platform

[integration@localhost packages]$ pip3 install --user fn_soar_utils-1.0.1.tar.gz 
Processing ./fn_soar_utils-1.0.1.tar.gz
  Installing build dependencies ... error
  error: subprocess-exited-with-error
  
  × pip subprocess to install build dependencies did not run successfully.
  │ exit code: 1
  ╰─> [7 lines of output]
      WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc8fdd30>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/
      WARNING: Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc8fdfd0>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/
      WARNING: Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc89f2e0>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/
      WARNING: Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc89f490>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/
      WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc89f640>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/
      ERROR: Could not find a version that satisfies the requirement setuptools>=40.8.0 (from versions: none)
      ERROR: No matching distribution found for setuptools>=40.8.0
      [end of output]
  
  note: This error originates from a subprocess, and is likely not a problem with pip.
error: subprocess-exited-with-error

× pip subprocess to install build dependencies did not run successfully.
│ exit code: 1
╰─> See above for output.

note: This error originates from a subprocess, and is likely not a problem with pip.
[integration@localhost packages]$

Here is pip3.9 list

[integration@localhost packages]$ pip3.9 list
Package                      Version
---------------------------- ---------
beautifulsoup4               4.12.2
cachetools                   5.3.1
certifi                      2023.7.22
cffi                         1.15.1
charset-normalizer           3.2.0
circuits                     3.2.2
cryptography                 41.0.3
decorator                    5.1.1
Deprecated                   1.2.14
filelock                     3.12.2
idna                         3.4
importlib-metadata           6.8.0
jaraco.classes               3.3.0
jeepney                      0.8.0
Jinja2                       3.1.2
jwcrypto                     1.4.2
keyring                      23.13.1
MarkupSafe                   2.1.3
more-itertools               10.1.0
pip                          23.2.1
pycparser                    2.21
pyOpenSSL                    23.2.0
PySocks                      1.7.1
pytz                         2023.3
requests                     2.31.0
requests-pkcs12              1.15
requests-toolbelt            1.0.0
resilient                    49.1.51
resilient-app-config-plugins 1.0.0
resilient-circuits           49.1.51
resilient-lib                49.1.51
retry2                       0.9.5
SecretStorage                3.3.3
setuptools                   57.1.0
six                          1.16.0
soupsieve                    2.4.1
urllib3                      1.26.16
watchdog                     2.3.1
wrapt                        1.15.0
zipp                         3.16.2
[integration@localhost packages]$

Python3.9 --version

[integration@localhost packages]$ python3.9 --version
Python 3.9.16
[integration@localhost packages]$

pip3.9 --version

[integration@localhost packages]$ pip3.9 --version
pip 23.2.1 from /usr/local/lib/python3.9/site-packages/pip (python 3.9)
[integration@localhost packages]$

Please suggest, how to install the app in air gapped environment.

------------------------------
SOAR Engineer
------------------------------

2. RE: Installing SOAR Function Utilities app in Air Gapped Environment.

Allen Lee

Posted Mon August 28, 2023 02:42 AM

Hi SOAR guys -

Could you please extract the fn_soar_utils-1.0.1.tar.gz file? After that, cd to the directory and execute "python3.9 setup.py install"

------------------------------
Allen Lee
------------------------------

Original Message

Original Message:
Sent: Mon August 14, 2023 02:09 PM
From: SOAR Engineer
Subject: Installing SOAR Function Utilities app in Air Gapped Environment.

Hi Team,

Installed resilient-circutis by enabling internet access.

Installing an app package on the SOAR Platform

[integration@localhost packages]$ pip3 install --user fn_soar_utils-1.0.1.tar.gz Processing ./fn_soar_utils-1.0.1.tar.gz  Installing build dependencies ... error  error: subprocess-exited-with-error    × pip subprocess to install build dependencies did not run successfully.  │ exit code: 1  ╰─> [7 lines of output]      WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc8fdd30>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/      WARNING: Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc8fdfd0>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/      WARNING: Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc89f2e0>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/      WARNING: Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc89f490>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/      WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc89f640>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/      ERROR: Could not find a version that satisfies the requirement setuptools>=40.8.0 (from versions: none)      ERROR: No matching distribution found for setuptools>=40.8.0      [end of output]    note: This error originates from a subprocess, and is likely not a problem with pip.error: subprocess-exited-with-error× pip subprocess to install build dependencies did not run successfully.│ exit code: 1╰─> See above for output.note: This error originates from a subprocess, and is likely not a problem with pip.[integration@localhost packages]$

Here is pip3.9 list

[integration@localhost packages]$ pip3.9 listPackage                      Version---------------------------- ---------beautifulsoup4               4.12.2cachetools                   5.3.1certifi                      2023.7.22cffi                         1.15.1charset-normalizer           3.2.0circuits                     3.2.2cryptography                 41.0.3decorator                    5.1.1Deprecated                   1.2.14filelock                     3.12.2idna                         3.4importlib-metadata           6.8.0jaraco.classes               3.3.0jeepney                      0.8.0Jinja2                       3.1.2jwcrypto                     1.4.2keyring                      23.13.1MarkupSafe                   2.1.3more-itertools               10.1.0pip                          23.2.1pycparser                    2.21pyOpenSSL                    23.2.0PySocks                      1.7.1pytz                         2023.3requests                     2.31.0requests-pkcs12              1.15requests-toolbelt            1.0.0resilient                    49.1.51resilient-app-config-plugins 1.0.0resilient-circuits           49.1.51resilient-lib                49.1.51retry2                       0.9.5SecretStorage                3.3.3setuptools                   57.1.0six                          1.16.0soupsieve                    2.4.1urllib3                      1.26.16watchdog                     2.3.1wrapt                        1.15.0zipp                         3.16.2[integration@localhost packages]$

Python3.9 --version

[integration@localhost packages]$ python3.9 --versionPython 3.9.16[integration@localhost packages]$

pip3.9 --version

[integration@localhost packages]$ pip3.9 --versionpip 23.2.1 from /usr/local/lib/python3.9/site-packages/pip (python 3.9)[integration@localhost packages]$

Please suggest, how to install the app in air gapped environment.

------------------------------
SOAR Engineer
------------------------------

3. RE: Installing SOAR Function Utilities app in Air Gapped Environment.

Nick Mumaw

Posted Tue August 29, 2023 09:44 AM

The way Allen described it is perfect, but if you would also like to setup an air-gapped environment with apphost, check out this playlist that walks you through that setup!

https://www.youtube.com/playlist?list=PLTLN10cI6swAprESsrBbrvGRqaZ6FyYvu

------------------------------
Nick Mumaw, GPEN, GPYC
Cyber Security Specialist - SOAR
IBM - Security
------------------------------

Original Message

Original Message:
Sent: Mon August 14, 2023 02:09 PM
From: SOAR Engineer
Subject: Installing SOAR Function Utilities app in Air Gapped Environment.

Hi Team,

Installed resilient-circutis by enabling internet access.

Installing an app package on the SOAR Platform

[integration@localhost packages]$ pip3 install --user fn_soar_utils-1.0.1.tar.gz Processing ./fn_soar_utils-1.0.1.tar.gz  Installing build dependencies ... error  error: subprocess-exited-with-error    × pip subprocess to install build dependencies did not run successfully.  │ exit code: 1  ╰─> [7 lines of output]      WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc8fdd30>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/      WARNING: Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc8fdfd0>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/      WARNING: Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc89f2e0>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/      WARNING: Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc89f490>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/      WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'NewConnectionError('<pip._vendor.urllib3.connection.HTTPSConnection object at 0x7fbadc89f640>: Failed to establish a new connection: [Errno -2] Name or service not known')': /simple/setuptools/      ERROR: Could not find a version that satisfies the requirement setuptools>=40.8.0 (from versions: none)      ERROR: No matching distribution found for setuptools>=40.8.0      [end of output]    note: This error originates from a subprocess, and is likely not a problem with pip.error: subprocess-exited-with-error× pip subprocess to install build dependencies did not run successfully.│ exit code: 1╰─> See above for output.note: This error originates from a subprocess, and is likely not a problem with pip.[integration@localhost packages]$

Here is pip3.9 list

[integration@localhost packages]$ pip3.9 listPackage                      Version---------------------------- ---------beautifulsoup4               4.12.2cachetools                   5.3.1certifi                      2023.7.22cffi                         1.15.1charset-normalizer           3.2.0circuits                     3.2.2cryptography                 41.0.3decorator                    5.1.1Deprecated                   1.2.14filelock                     3.12.2idna                         3.4importlib-metadata           6.8.0jaraco.classes               3.3.0jeepney                      0.8.0Jinja2                       3.1.2jwcrypto                     1.4.2keyring                      23.13.1MarkupSafe                   2.1.3more-itertools               10.1.0pip                          23.2.1pycparser                    2.21pyOpenSSL                    23.2.0PySocks                      1.7.1pytz                         2023.3requests                     2.31.0requests-pkcs12              1.15requests-toolbelt            1.0.0resilient                    49.1.51resilient-app-config-plugins 1.0.0resilient-circuits           49.1.51resilient-lib                49.1.51retry2                       0.9.5SecretStorage                3.3.3setuptools                   57.1.0six                          1.16.0soupsieve                    2.4.1urllib3                      1.26.16watchdog                     2.3.1wrapt                        1.15.0zipp                         3.16.2[integration@localhost packages]$

Python3.9 --version

[integration@localhost packages]$ python3.9 --versionPython 3.9.16[integration@localhost packages]$

pip3.9 --version

[integration@localhost packages]$ pip3.9 --versionpip 23.2.1 from /usr/local/lib/python3.9/site-packages/pip (python 3.9)[integration@localhost packages]$

Please suggest, how to install the app in air gapped environment.

------------------------------
SOAR Engineer
------------------------------

IBM QRadar SOAR

IBM QRadar SOAR

Installing SOAR Function Utilities app in Air Gapped Environment.

SOAR EngineerMon August 14, 2023 02:10 PM

Allen LeeMon August 28, 2023 02:42 AM

Nick MumawTue August 29, 2023 09:44 AM

1. Installing SOAR Function Utilities app in Air Gapped Environment.

2. RE: Installing SOAR Function Utilities app in Air Gapped Environment.

3. RE: Installing SOAR Function Utilities app in Air Gapped Environment.

Additional
Resources

Office

Quick Links

IBM QRadar SOAR

IBM QRadar SOAR

Installing SOAR Function Utilities app in Air Gapped Environment.

SOAR EngineerMon August 14, 2023 02:10 PM

Allen LeeMon August 28, 2023 02:42 AM

Nick MumawTue August 29, 2023 09:44 AM

1. Installing SOAR Function Utilities app in Air Gapped Environment.

2. RE: Installing SOAR Function Utilities app in Air Gapped Environment.

3. RE: Installing SOAR Function Utilities app in Air Gapped Environment.

Related Content

IBM QRadar SOAR Python Libraries v51.0.0.0.430

Microsoft Teams for SOAR install problem

Release of v48.0 Python Libraries to PyPi

SOAR installation package

Release of v49.0.4423 Python Libraries to PyPi

Additional Resources

Office

Quick Links

Additional
Resources