Issues with Kibana
antmar904 opened this issue · comments
Hi.
It looks like your PS script is unable to find the Kibana executable. Here is my output:
MemProcFS-Analyzer v0.2 - Automated Forensic Analysis of Windows Memory Dumps for DFIR
(c) 2021 Martin Willing (https://evild3ad.com/)
Analysis date: 2022-06-09 13:39:55 UTC
[Info] Current Version: MemProcFS v4.7 (2022-04-26)
[Info] Latest Release: MemProcFS v4.8 (2022-05-12)
[Info] Dowloading Latest Release ...
[Info] Extracting Files ...
[Info] Dokany File System Library NOT found.
[Info] Latest Release: Dokany File System Library v1.4.0.1000 (2020-06-01)
[Info] Please download/install the latest release of Dokany File System Library manually:
https://github.com/dokan-dev/dokany/releases/tag/v1.4.0.1000 (DokanSetup_redist.exe)
[Info] Current Version: Elasticsearch v8.2.0
[Info] Latest Release: Elasticsearch v8.2.2 (2022-05-26)
[Info] Dowloading Latest Release ...
[Info] Extracting Files ...
[Info] Current Version: Kibana v8.2.0
[Info] Latest Release: Kibana v8.2.2 (2022-05-26)
[Info] Dowloading Latest Release ...
[Info] Extracting Files ...
Rename-Item : Cannot rename because item at 'E:\Tools\MemProcFS-Analyzer-v0.2\Tools\kibana-8.2.2-windows-x86_64' does not exist.
At E:\Tools\MemProcFS-Analyzer-v0.2\MemProcFS-Analyzer.ps1:514 char:9
+ Rename-Item "$SCRIPT_DIR\Tools\kibana-$LatestRelease-windows- ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Rename-Item], PSInvalidOperationException
+ FullyQualifiedErrorId : InvalidOperation,Microsoft.PowerShell.Commands.RenameItemCommand
[Info] Current Version: EvtxECmd v1.0.0.0
Invoke-WebRequest : The remote server returned an error: (404) Not Found.
At E:\Tools\MemProcFS-Analyzer-v0.2\MemProcFS-Analyzer.ps1:551 char:17
+ ... $Headers = (Invoke-WebRequest -Uri $URL -UseBasicParsing -Method Head ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand
Cannot index into a null array.
At E:\Tools\MemProcFS-Analyzer-v0.2\MemProcFS-Analyzer.ps1:552 char:5
+ $LatestSHA1 = $Headers["x-bz-content-sha1"]
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : NullArray
[Info] Dowloading Latest Release ...
Invoke-WebRequest : { "code": "not_found", "message": "File with such name does not exist.", "status": 404 }
At E:\Tools\MemProcFS-Analyzer-v0.2\MemProcFS-Analyzer.ps1:568 char:5
+ Invoke-WebRequest -Uri $URL -OutFile "$SCRIPT_DIR\Tools\$Zip"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand
[Info] Current Version: AmcacheParser v1.5.1.0
[Info] You are running the most recent version of AmcacheParser.
[Info] Current Version: AppCompatCacheParser v1.5.0.0
[Info] You are running the most recent version of AppCompatCacheParser.
[Info] Current Version: ImportExcel v7.5.2
[Info] Latest Release: ImportExcel v7.5.3 (2022-05-30)
[Info] Dowloading ImportExcel v7.5.3 ...
WARNING: The version '7.5.2' of module 'ImportExcel' is currently in use. Retry the operation after closing the applications.
[Info] Current Version: IPinfo CLI v2.8.0 (2022-03-22)
[Info] Latest Release: IPinfo CLI v2.8.0 (2022-03-21)
[Info] You are running the most recent version of IPinfo CLI.
[Info] Starting Elasticsearch ...
[Info] Starting Kibana ...
I think the dl link for Kibana changed and the one you have in your script is wrong.
duplicate