• Support
  • Forums
  • Blogs

Cannot access web interface after upgrade

paulrikerpaulriker

Just upgraded to 5.2. I could initially access the web interface fine (2 days ago) but now I cannot. I tried restarting the server and apache to no avail. How do I go about diagnosing this? Is there a particular error log I should focus on?

Share post:

Answers

  • paulriker,

    The primary logs to look at ar /var/log/apaches access.log and error.log, and /var/log/alienvault/ui/ui.log.

    Are you running OSSIM or USM, and what does the system do when you attempt to access the UI?
  • Hello Paul and Kcoe, 

    I have the same issue, after an update from 5.2.2 to 5.5.0 I;m unable to logon, if I check the Access.log I see :
    192.168.5.175 - - [23/Jan/2018:21:17:09 +0100] "GET / HTTP/1.1" 302 2577 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:09 +0100] "GET /ossim/ HTTP/1.1" 302 489 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:09 +0100] "GET /ossim/session/login.php HTTP/1.1" 200 3394 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:09 +0100] "GET /ossim/style/av_common.css?t=e03f97833bf49a1c8026f88718a7dc59 HTTP/1.1" 200 12169 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:09 +0100] "GET /ossim/style/tipTip.css HTTP/1.1" 200 1367 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:09 +0100] "GET /ossim/style//session/login.css HTTP/1.1" 200 1829 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:09 +0100] "GET /ossim/style//fancybox/jquery.fancybox-1.3.4.css HTTP/1.1" 200 2146 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:09 +0100] "GET /ossim/js//fancybox/jquery.fancybox-1.3.4.pack.js HTTP/1.1" 200 6049 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:09 +0100] "GET /ossim/js/jquery.tipTip.js HTTP/1.1" 200 2480 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:09 +0100] "GET /ossim/js/jquery.min.js HTTP/1.1" 200 34076 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:09 +0100] "GET /ossim/js/jquery.base64.js HTTP/1.1" 200 37983 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:10 +0100] "GET /ossim/pixmaps/ossim.png HTTP/1.1" 200 9740 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:10 +0100] "GET /ossim/style/font/OpenSans-Regular-webfont.woff HTTP/1.1" 200 23590 "https://192.168.5.18/ossim/style/av_common.css?t=e03f97833bf49a1c8026f88718a7dc59" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:10 +0100] "GET /ossim/style/font/OpenSans-Semibold-webfont.woff HTTP/1.1" 200 23290 "https://192.168.5.18/ossim/style/av_common.css?t=e03f97833bf49a1c8026f88718a7dc59" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:10 +0100] "GET /favicon.ico HTTP/1.1" 200 1773 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:11 +0100] "POST /ossim/session/login.php HTTP/1.1" 200 3452 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:11 +0100] "GET /ossim/style//fancybox/jquery.fancybox-1.3.4.css HTTP/1.1" 200 2146 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:11 +0100] "GET /ossim/style/tipTip.css HTTP/1.1" 200 1229 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:11 +0100] "GET /ossim/style//session/login.css HTTP/1.1" 200 1691 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"
    192.168.5.175 - - [23/Jan/2018:21:17:11 +0100] "GET /ossim/style/av_common.css?t=c13f5310d25ce69bbbd36226a66bc711 HTTP/1.1" 200 12169 "https://192.168.5.18/ossim/session/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"

    When I check the ui.log i see:
    n /usr/share/ossim/include/ossim_db.inc on line 322 (pconnect)
    [Tue Jan 23 07:38:14 2018] [DATABASE ERROR] [] Can't connect to MySQL server on '127.0.0.1' (111) called in /usr/share/ossim/www/nfsen/getsensorname.php and defined in /usr/share/ossim/include/ossim_db.inc on line 322 (pconnect)
    [Tue Jan 23 07:38:14 2018] [DATABASE ERROR] [] Can't connect to MySQL server on '127.0.0.1' (111) called in /usr/share/ossim/scripts/vulnmeter/util.php and defined in /usr/share/ossim/include/ossim_db.inc on line 322 (pconnect)
    [Tue Jan 23 07:38:18 2018] [DATABASE ERROR] [] Can't connect to MySQL server on '127.0.0.1' (111) called in /usr/share/ossim/www/nfsen/getsensorname.php and defined in /usr/share/ossim/include/ossim_db.inc on line 322 (pconnect)

    MySQLd is running , command "netstat -anp |grep mysqld" gives :
    tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      3201/mysqld
    tcp        0      0 127.0.0.1:3306          127.0.0.1:45945         ESTABLISHED 3201/mysqld
    tcp        0      0 127.0.0.1:3306          127.0.0.1:45944         ESTABLISHED 3201/mysqld
    tcp        0      0 127.0.0.1:3306          127.0.0.1:45965         ESTABLISHED 3201/mysqld
    tcp        0      0 127.0.0.1:3306          127.0.0.1:45967         ESTABLISHED 3201/mysqld
    tcp        0      0 127.0.0.1:3306          127.0.0.1:45938         ESTABLISHED 3201/mysqld
    tcp        0      0 127.0.0.1:3306          127.0.0.1:45937         ESTABLISHED 3201/mysqld
    tcp        1      0 127.0.0.1:3306          127.0.0.1:44981         CLOSE_WAIT  3201/mysqld
    tcp        0      0 127.0.0.1:3306          127.0.0.1:45888         ESTABLISHED 3201/mysqld
    tcp        0      0 127.0.0.1:3306          127.0.0.1:45966         ESTABLISHED 3201/mysqld
    tcp        0      0 127.0.0.1:3306          127.0.0.1:45949         ESTABLISHED 3201/mysqld
    tcp        0      0 127.0.0.1:3306          127.0.0.1:46536         ESTABLISHED 3201/mysqld
    unix  2      [ ACC ]     STREAM     LISTENING     11838    3201/mysqld         /var/run/mysqld/mysqld.sock

    I used the "Resetting the AlienVault API Key" , it didn;t ask me for the root password as mentioned on https://www.alienvault.com/documentation/usm-appliance/usm-backup-restore/resetting-api-key.htm

    Could I add a new user on the Jailbreak console?
    Something else to get me WebGUI access ?

    Regards, 
    Onedutch
  • To contribute to above, my password has included special characters like "&J%@pT6#kq3EB^!" and is +30 long.. Could this be a problem ?

    Regards, 
    Onedutch
  • Solution:
    - Restored installation 5.2.2 Alienvault
    - changed the Password , made it shorter then 30  without special characters
    - Update Online in Shell (not in web gui)
    - Restart , I was able to login, I had to change my password

    The password lenght or complexity was a problem. 

    Regards, 
    Onedutch
    dirty_white_hatQoyyuum
Sign In or Register to comment.