Hello Williams,
i have an error when running run.py :
(dataprotect) -bash-4.2$ python run.py
2020-02-28 11:16:15,312 INFO [app] Configuration file: app.config.dataxxxxt
2020-02-28 11:16:15,314 INFO [app] Resilient server: resilient.xxxxxxx.ma
2020-02-28 11:16:15,315 INFO [app] Resilient user:
asabri@xxxxxxx.ma2020-02-28 11:16:15,316 INFO [app] Resilient org: ChildORG
2020-02-28 11:16:15,316 INFO [app] Logging Level: INFO
2020-02-28 11:16:15,318 WARNING [co3] Unverified HTTPS requests (cafile=false).
2020-02-28 11:17:57,595 INFO [filelock] Lock 140296961410448 released on datxxxxt.lock.file
Traceback (most recent call last):
File "run.py", line 11, in <module>
app.run()
File "/home/resadmin/dataprotect/dataprotect/lib/python2.7/site-packages/resilient_circuits/app.py", line 333, in run
application = App(*args, **kwargs)
File "/home/resadmin/dataprotect/dataprotect/lib/python2.7/site-packages/resilient_circuits/app.py", line 181, in __init__
self.do_initialization()
File "/home/resadmin/dataprotect/dataprotect/lib/python2.7/site-packages/resilient_circuits/app.py", line 207, in do_initialization
self.action_component = Actions(self.opts)
File "/home/resadmin/dataprotect/dataprotect/lib/python2.7/site-packages/resilient_circuits/actions_component.py", line 262, in __init__
super(Actions, self).__init__(opts)
File "/home/resadmin/dataprotect/dataprotect/lib/python2.7/site-packages/resilient_circuits/actions_component.py", line 88, in __init__
self._get_fields()
File "/home/resadmin/dataprotect/dataprotect/lib/python2.7/site-packages/resilient_circuits/actions_component.py", line 146, in _get_fields
for dest in client.cached_get("/message_destinations")["entities"])
File "/home/resadmin/dataprotect/dataprotect/lib/python2.7/site-packages/cachetools/__init__.py", line 87, in wrapper
v = method(self, *args, **kwargs)
File "/home/resadmin/dataprotect/dataprotect/lib/python2.7/site-packages/resilient/co3.py", line 282, in cached_get
return self.get(uri, co3_context_token, timeout)
File "/home/resadmin/dataprotect/dataprotect/lib/python2.7/site-packages/resilient/co3.py", line 276, in get
_raise_if_error(ex.get_response())
File "/home/resadmin/dataprotect/dataprotect/lib/python2.7/site-packages/resilient/co3.py", line 211, in _raise_if_error
raise SimpleHTTPException(response)
resilient.co3.SimpleHTTPException: Forbidden: {"success":false,"title":null,"message":"Forbidden","hints":[],"error_code":"generic"}
How can i resolve that please ?
Thank you,,
------------------------------
Ayman Sabri Cyber Security Analyst II
------------------------------
Original Message:
Sent: Tue February 25, 2020 01:12 PM
From: BEN WILLIAMS
Subject: Multiple Organizations app.config resilient configurations
Hi Ayman,
"Now in the virtual envirenment, i need to install resilient circuits , "without installing the functions? or i should install the functions also in the childORG ?", and configure the app.config then run circuits."
You need to install the functions as you have for the instance pointing to configORG.
"So the resilient circuits should be run in both the configORG and childORG (without running customize in the child)and the functions of childORG should work right ?"
Correct. A small difference is that the Resilient Circuits instance configured to use configORG does not need to be running all the time since all it is used for is to "push" up to the configORG.
------------------------------
BEN WILLIAMS
Original Message:
Sent: Tue February 25, 2020 12:17 PM
From: Ayman Sabri
Subject: Multiple Organizations app.config resilient configurations
Hi Williams,
Sorry but i need more help. Lets see an example :
I have and configuration org called configORG, and child org called childORG
I need to install resilient circuits for the configORG and configure the app.config then install my functions and run customize and push the configuration to childORG.
now in the virtual envirenment, i need to install resilient circuits , "without installing the functions? or i should install the functions also in the childORG ?", and configure the app.config then run circuits .
So the resilient circuits should be run in both the configORG and childORG (without running customize in the child)and the functions of childORG should work right ?
Thank you soo much for help (y)
------------------------------
Ayman Sabri Cyber Security Analyst II
Original Message:
Sent: Tue February 25, 2020 10:19 AM
From: BEN WILLIAMS
Subject: Multiple Organizations app.config resilient configurations
Hi Ayman,
Yes. The instance that points to the configuration org will "push" (resilient-circuits customize) to the configuration org. This org will config push to the child orgs.
You then need to have an instance of Resilient Circuits for each child org and these instances will NOT run resilient-circuits customize but they will run the calls to the functions and apps when they are triggered in the child orgs.
Hope that makes sense.
------------------------------
BEN WILLIAMS
Original Message:
Sent: Tue February 25, 2020 09:28 AM
From: Ayman Sabri
Subject: Multiple Organizations app.config resilient configurations
Hello,
I still have one question, i should install functions in the configuration orgnaization and push the config to all child orgs , and then configure resilient circuits on each child org, then the functions will work ?
------------------------------
Ayman Sabri Cyber Security Analyst II
Original Message:
Sent: Mon February 24, 2020 02:16 AM
From: BEN WILLIAMS
Subject: Multiple Organizations app.config resilient configurations
Hi Ayman,
Please take a look at the Integration Server guide https://www.ibm.com/support/knowledgecenter/SSBRUQ_36.0.0/doc/Integration_Server/mssp_deploy.html for more information.
In short, you need to reference the configuration org to install your apps/functions to the configuration org (resilient-circuits customize) but this instance of Resilient Circuits is only really to be used when adding/removing/updating these apps/functions so that they can be pushed down to the child orgs.
You also need an instance of Resilient Functions for each child org as these instances are what will run the specific apps/functions when you call rules/workflow in the child orgs. In each instance you need to install the same apps/functions but you do not run resilient-circuits customize.
If you search within the community you will find some other pages where this has been asked, for example https://community.ibm.com/community/user/security/communities/community-home/digestviewer/viewthread?MessageKey=9b298549-795f-4242-a296-5644cfbc3044&CommunityKey=d2f71e8c-108e-4652-b59c-29d61af7163e&tab=digestviewer#bm9b298549-795f-4242-a296-5644cfbc3044
------------------------------
BEN WILLIAMS
Original Message:
Sent: Fri February 21, 2020 06:24 AM
From: Ayman Sabri
Subject: Multiple Organizations app.config resilient configurations
Hello,
I'm using Resilient for multiple organizations (MSSP) , i want to know what to put in the configuration file 'app.config' :
[resilient]
# Basic service connection
host=resilient.*****
port=443
# Use (api_key_id, api_key_secret)
#api_key_id=ApiKeyId
#api_key_secret=ApiKeySecret
# Or (email, password)
email=asabri@********
password=*********
org={Should i put the configuration organization here}
# Actions Module connection
#stomp_port=65001
# Directory containing additional components to load
# componentsdir=components
# Existing directory to write logs to, or set with $APP_LOG_DIR
logdir=/tmp
logfile=app.log
loglevel=DEBUG
Thank you
------------------------------
Ayman Sabri
------------------------------