No module named "stix2" #118

AntoninHL · 2019-07-05T07:57:17Z

Hi,

I did a pull this morning, and after restart, I have a new error:

worker_1 | ModuleNotFoundError: No module named 'stix2'

more details:

integration_1    |  * Starting enhanced syslogd rsyslogd
integration_1    | rsyslogd: imklog: cannot open kernel log (/proc/kmsg): Operation not permitted.
integration_1    | rsyslogd: activation of module imklog failed [v8.32.0 try http://www.rsyslog.com/e/2145 ]
integration_1    |    ...done.
integration_1    | Requirement already satisfied: requests in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 1))
integration_1    | Requirement already satisfied: pycti in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 2))
integration_1    | Requirement already satisfied: schedule in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 3))
integration_1    | Requirement already satisfied: python-dateutil in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 4))
integration_1    | Requirement already satisfied: PyYAML in /usr/local/lib/python3.6/dist-packages (from -r requirements.txt (line 5))
integration_1    | Requirement already satisfied: chardet<3.1.0,>=3.0.2 in /usr/local/lib/python3.6/dist-packages (from requests->-r requirements.txt (line 1))
integration_1    | Requirement already satisfied: idna<2.9,>=2.5 in /usr/lib/python3/dist-packages (from requests->-r requirements.txt (line 1))
integration_1    | Requirement already satisfied: urllib3!=1.25.0,!=1.25.1,<1.26,>=1.21.1 in /usr/local/lib/python3.6/dist-packages (from requests->-r requirements.txt (line 1))
integration_1    | Requirement already satisfied: certifi>=2017.4.17 in /usr/local/lib/python3.6/dist-packages (from requests->-r requirements.txt (line 1))
integration_1    | Requirement already satisfied: datefinder in /usr/local/lib/python3.6/dist-packages (from pycti->-r requirements.txt (line 2))
integration_1    | Requirement already satisfied: six>=1.5 in /usr/lib/python3/dist-packages (from python-dateutil->-r requirements.txt (line 4))
integration_1    | Requirement already satisfied: pytz in /usr/local/lib/python3.6/dist-packages (from datefinder->pycti->-r requirements.txt (line 2))
integration_1    | Requirement already satisfied: regex>=2017.02.08 in /usr/local/lib/python3.6/dist-packages (from datefinder->pycti->-r requirements.txt (line 2))
integration_1    | Requirement already satisfied: urllib3 in /usr/local/lib/python3.6/dist-packages (from -r connectors/mitre/requirements.txt (line 1))
integration_1    | Requirement already satisfied: python-dateutil in /usr/local/lib/python3.6/dist-packages (from -r connectors/mitre/requirements.txt (line 2))
integration_1    | Requirement already satisfied: six>=1.5 in /usr/lib/python3/dist-packages (from python-dateutil->-r connectors/mitre/requirements.txt (line 2))
integration_1    | Requirement already satisfied: urllib3 in /usr/local/lib/python3.6/dist-packages (from -r connectors/openctidata/requirements.txt (line 1))
integration_1    | Requirement already satisfied: python-dateutil in /usr/local/lib/python3.6/dist-packages (from -r connectors/openctidata/requirements.txt (line 2))
integration_1    | Requirement already satisfied: six>=1.5 in /usr/lib/python3/dist-packages (from python-dateutil->-r connectors/openctidata/requirements.txt (line 2))
integration_1    | Requirement already satisfied: pymisp in /usr/local/lib/python3.6/dist-packages (from -r connectors/misp/requirements.txt (line 1))
integration_1    | Requirement already satisfied: urllib3 in /usr/local/lib/python3.6/dist-packages (from -r connectors/misp/requirements.txt (line 2))
integration_1    | Requirement already satisfied: python-dateutil in /usr/local/lib/python3.6/dist-packages (from -r connectors/misp/requirements.txt (line 3))
integration_1    | Requirement already satisfied: six in /usr/lib/python3/dist-packages (from pymisp->-r connectors/misp/requirements.txt (line 1))
integration_1    | Requirement already satisfied: jsonschema in /usr/local/lib/python3.6/dist-packages (from pymisp->-r connectors/misp/requirements.txt (line 1))
integration_1    | Requirement already satisfied: requests in /usr/local/lib/python3.6/dist-packages (from pymisp->-r connectors/misp/requirements.txt (line 1))
integration_1    | Requirement already satisfied: attrs>=17.4.0 in /usr/local/lib/python3.6/dist-packages (from jsonschema->pymisp->-r connectors/misp/requirements.txt (line 1))
integration_1    | Requirement already satisfied: setuptools in /usr/lib/python3/dist-packages (from jsonschema->pymisp->-r connectors/misp/requirements.txt (line 1))
integration_1    | Requirement already satisfied: pyrsistent>=0.14.0 in /usr/local/lib/python3.6/dist-packages (from jsonschema->pymisp->-r connectors/misp/requirements.txt (line 1))
integration_1    | Requirement already satisfied: certifi>=2017.4.17 in /usr/local/lib/python3.6/dist-packages (from requests->pymisp->-r connectors/misp/requirements.txt (line 1))
integration_1    | Requirement already satisfied: chardet<3.1.0,>=3.0.2 in /usr/local/lib/python3.6/dist-packages (from requests->pymisp->-r connectors/misp/requirements.txt (line 1))
integration_1    | Requirement already satisfied: idna<2.9,>=2.5 in /usr/lib/python3/dist-packages (from requests->pymisp->-r connectors/misp/requirements.txt (line 1))
integration_1    | Traceback (most recent call last):
integration_1    |   File "connectors_scheduler.py", line 11, in <module>
integration_1    |     from pycti import OpenCTI
integration_1    |   File "/usr/local/lib/python3.6/dist-packages/pycti/__init__.py", line 1, in <module>
integration_1    |     from .opencti import OpenCTI
integration_1    |   File "/usr/local/lib/python3.6/dist-packages/pycti/opencti.py", line 11, in <module>
integration_1    |     from pycti.opencti_stix2 import OpenCTIStix2
integration_1    |   File "/usr/local/lib/python3.6/dist-packages/pycti/opencti_stix2.py", line 10, in <module>
integration_1    |     from stix2 import ObjectPath, ObservationExpression, EqualityComparisonExpression, HashConstant
integration_1    | ModuleNotFoundError: No module named 'stix2'

But the plateform seems to work...
Nope...
no more integration of observables...

Antonin

The text was updated successfully, but these errors were encountered:

AntoninHL · 2019-07-05T08:03:40Z

But the plateform seems to work...

Nope...
no more integration of observables...

SamuelHassine · 2019-07-05T08:17:39Z

@Wesh: Thanks we are aware of this bug, we will publish a hotfix this morning.

x26sperluette · 2019-07-08T09:44:16Z

Hi,

I have a similar issue, even with the latest commit (d423baa).

Details :

worker_1         | ModuleNotFoundError: No module named 'stix2'  
worker_1         | Traceback (most recent call last):  
worker_1         |   File "worker_import.py", line 10, in <module>  
worker_1         |     from pycti import OpenCTI  
worker_1         |   File "/usr/local/lib/python3.6/dist-packages/pycti/__init__.py", line 1, in <module>  
worker_1         |     from .opencti import OpenCTI  
worker_1         |   File "/usr/local/lib/python3.6/dist-packages/pycti/opencti.py", line 11, in <module>  
worker_1         |     from pycti.opencti_stix2 import OpenCTIStix2  
worker_1         |   File "/usr/local/lib/python3.6/dist-packages/pycti/opencti_stix2.py", line 10, in <module>  
worker_1         |     from stix2 import ObjectPath, ObservationExpression, EqualityComparisonExpression, HashConstant  
worker_1         | ModuleNotFoundError: No module named 'stix2'

The platform is up but MISP integration is not working.

SamuelHassine · 2019-07-08T12:46:37Z

Hello @x26sperluette, the stix2 Python moduleis now directly included in the Docker images. Even if you used the latest commit from the Git repository, you have to pull your Docker images with the new version as well. Please see this Stackoverflow question. Just do:

docker-compose rm -f
docker-compose -f docker-compose.yml up -d

NB: If you are using the volumes for Grakn and Elasticsearch persistence, your data will be safe and keep during the update.

ehmueller · 2020-09-03T16:55:54Z

I am installing opencti on bare metal server and used script for the ubuntu installation. When starting the openct-server service I get errors about stix2 module not being found.

I have verified this module was installed with pip, please advice.

Sep 3 16:51:39 shdw018test yarn[30987]: yarn run v1.22.5
Sep 3 16:51:39 shdw018test yarn[30987]: $ node --max_old_space_size=8192 build/index.js
Sep 3 16:51:40 shdw018test yarn[30987]: {"level":"info","message":"[INIT] > Starting OPENCTI...","timestamp":"2020-09-03T16:51:40.711Z"}
Sep 3 16:51:40 shdw018test yarn[30987]: {"level":"info","message":"[PRE-CHECK] > Grakn is alive","timestamp":"2020-09-03T16:51:40.748Z"}
Sep 3 16:51:40 shdw018test yarn[30987]: {"level":"info","message":"[PRE-CHECK] > ElasticSearch is alive","timestamp":"2020-09-03T16:51:40.764Z"}
Sep 3 16:51:40 shdw018test yarn[30987]: {"level":"info","message":"[PRE-CHECK] > Minio is alive","timestamp":"2020-09-03T16:51:40.781Z"}
Sep 3 16:51:40 shdw018test yarn[30987]: {"level":"info","message":"[PRE-CHECK] > RabbitMQ is alive","timestamp":"2020-09-03T16:51:40.949Z"}
Sep 3 16:51:40 shdw018test yarn[30987]: {"level":"info","message":"[PRE-CHECK] > Redis is alive","timestamp":"2020-09-03T16:51:40.960Z"}
Sep 3 16:51:41 shdw018test yarn[30987]: {"level":"info","message":"[API-PYTHON] > Traceback (most recent call last):","timestamp":"2020-09-03T16:51:41.075Z"}
Sep 3 16:51:41 shdw018test yarn[30987]: {"level":"info","message":"[API-PYTHON] > File "src/python/stix2_create_pattern.py", line 4, in ","timestamp":"2020-09-03T16:51:41.076Z"}
Sep 3 16:51:41 shdw018test yarn[30987]: {"level":"info","message":"[API-PYTHON] > from stix2 import ObjectPath, EqualityComparisonExpression, ObservationExpression","timestamp":"2020-09-03T16:51:41.076Z"}
Sep 3 16:51:41 shdw018test yarn[30987]: {"level":"info","message":"[API-PYTHON] > ModuleNotFoundError: No module named 'stix2'","timestamp":"2020-09-03T16:51:41.077Z"}
Sep 3 16:51:41 shdw018test yarn[30987]: {"error":{"traceback":"Traceback (most recent call last):\n File "src/python/stix2_create_pattern.py", line 4, in \n from stix2 import ObjectPath, EqualityComparisonExpression, ObservationExpression\nModuleNotFoundError: No module named 'stix2'\n","executable":"python3","options":null,"script":"src/python/stix2_create_pattern.py","args":["check","health"],"exitCode":1},"level":"error","message":"[OPENCTI] GraphQL initialization fail","timestamp":"2020-09-03T16:51:41.088Z"}
Sep 3 16:51:41 shdw018test yarn[30987]: error Command failed with exit code 1.

pip install stix2

Requirement already satisfied: stix2 in /usr/local/lib/python3.7/dist-packages (1.4.0)
Requirement already satisfied: six in /usr/lib/python3/dist-packages (from stix2) (1.11.0)
Requirement already satisfied: python-dateutil in /usr/local/lib/python3.7/dist-packages (from stix2) (2.8.1)
Requirement already satisfied: stix2-patterns in /usr/local/lib/python3.7/dist-packages (from stix2) (1.3.0)
Requirement already satisfied: simplejson in /usr/local/lib/python3.7/dist-packages (from stix2) (3.17.2)
Requirement already satisfied: pytz in /usr/local/lib/python3.7/dist-packages (from stix2) (2020.1)
Requirement already satisfied: requests in /usr/local/lib/python3.7/dist-packages (from stix2) (2.24.0)
Requirement already satisfied: antlr4-python3-runtime~=4.8.0; python_version >= "3" in /usr/local/lib/python3.7/dist-packages (from stix2-patterns->stix2) (4.8)
Requirement already satisfied: chardet<4,>=3.0.2 in /usr/lib/python3/dist-packages (from requests->stix2) (3.0.4)
Requirement already satisfied: certifi>=2017.4.17 in /usr/lib/python3/dist-packages (from requests->stix2) (2018.1.18)
Requirement already satisfied: idna<3,>=2.5 in /usr/lib/python3/dist-packages (from requests->stix2) (2.6)
Requirement already satisfied: urllib3!=1.25.0,!=1.25.1,<1.26,>=1.21.1 in /usr/lib/python3/dist-packages (from requests->stix2) (1.22)

ehmueller · 2020-09-03T18:29:53Z

I set my environment from python2.7 to python3.7 which got me around the stix2 issue. Now I am having an issue starting the workers.

Sep 3 18:28:24 shdw018test systemd[1]: opencti-worker@1.service: Main process exited, code=exited, status=1/FAILURE
Sep 3 18:28:24 shdw018test systemd[1]: opencti-worker@1.service: Failed with result 'exit-code'.
Sep 3 18:28:24 shdw018test systemd[1]: opencti-worker@1.service: Service hold-off time over, scheduling restart.
Sep 3 18:28:24 shdw018test systemd[1]: opencti-worker@1.service: Scheduled restart job, restart counter is at 4.
Sep 3 18:28:24 shdw018test systemd[1]: Stopped OpenCTI Worker daemon 1.
Sep 3 18:28:24 shdw018test systemd[1]: Started OpenCTI Worker daemon 1.
Sep 3 18:28:24 shdw018test python3.7[5580]: INFO:root:Listing Threat-Actors with filters null.
Sep 3 18:28:24 shdw018test python3.7[5580]: Traceback (most recent call last):
Sep 3 18:28:24 shdw018test python3.7[5580]: File "/opt/opencti/worker/worker.py", line 300, in
Sep 3 18:28:24 shdw018test python3.7[5580]: worker = Worker()
Sep 3 18:28:24 shdw018test python3.7[5580]: File "/opt/opencti/worker/worker.py", line 212, in init
Sep 3 18:28:24 shdw018test python3.7[5580]: self.api = OpenCTIApiClient(self.opencti_url, self.opencti_token)
Sep 3 18:28:24 shdw018test python3.7[5580]: File "/usr/local/lib/python3.7/dist-packages/pycti/api/opencti_api_client.py", line 125, in init
Sep 3 18:28:24 shdw018test python3.7[5580]: "OpenCTI API is not reachable. Waiting for OpenCTI API to start or check your configuration..."
Sep 3 18:28:24 shdw018test python3.7[5580]: ValueError: OpenCTI API is not reachable. Waiting for OpenCTI API to start or check your configuration...
Sep 3 18:28:24 shdw018test python3.7[5580]: Error in sys.excepthook:
Sep 3 18:28:24 shdw018test python3.7[5580]: Traceback (most recent call last):
Sep 3 18:28:24 shdw018test python3.7[5580]: File "/usr/lib/python3/dist-packages/apport_python_hook.py", line 63, in apport_excepthook
Sep 3 18:28:24 shdw018test python3.7[5580]: from apport.fileutils import likely_packaged, get_recent_crashes
Sep 3 18:28:24 shdw018test python3.7[5580]: File "/usr/lib/python3/dist-packages/apport/init.py", line 5, in
Sep 3 18:28:24 shdw018test python3.7[5580]: from apport.report import Report
Sep 3 18:28:24 shdw018test python3.7[5580]: File "/usr/lib/python3/dist-packages/apport/report.py", line 30, in
Sep 3 18:28:24 shdw018test python3.7[5580]: import apport.fileutils
Sep 3 18:28:24 shdw018test python3.7[5580]: File "/usr/lib/python3/dist-packages/apport/fileutils.py", line 23, in
Sep 3 18:28:24 shdw018test python3.7[5580]: from apport.packaging_impl import impl as packaging
Sep 3 18:28:24 shdw018test python3.7[5580]: File "/usr/lib/python3/dist-packages/apport/packaging_impl.py", line 24, in
Sep 3 18:28:24 shdw018test python3.7[5580]: import apt
Sep 3 18:28:24 shdw018test python3.7[5580]: File "/usr/lib/python3/dist-packages/apt/init.py", line 23, in
Sep 3 18:28:24 shdw018test python3.7[5580]: import apt_pkg
Sep 3 18:28:24 shdw018test python3.7[5580]: ModuleNotFoundError: No module named 'apt_pkg'
Sep 3 18:28:24 shdw018test python3.7[5580]: Original exception was:
Sep 3 18:28:24 shdw018test python3.7[5580]: Traceback (most recent call last):
Sep 3 18:28:24 shdw018test python3.7[5580]: File "/opt/opencti/worker/worker.py", line 300, in
Sep 3 18:28:24 shdw018test python3.7[5580]: worker = Worker()
Sep 3 18:28:24 shdw018test python3.7[5580]: File "/opt/opencti/worker/worker.py", line 212, in init
Sep 3 18:28:24 shdw018test python3.7[5580]: self.api = OpenCTIApiClient(self.opencti_url, self.opencti_token)
Sep 3 18:28:24 shdw018test python3.7[5580]: File "/usr/local/lib/python3.7/dist-packages/pycti/api/opencti_api_client.py", line 125, in init
Sep 3 18:28:24 shdw018test python3.7[5580]: "OpenCTI API is not reachable. Waiting for OpenCTI API to start or check your configuration..."
Sep 3 18:28:24 shdw018test python3.7[5580]: ValueError: OpenCTI API is not reachable. Waiting for OpenCTI API to start or check your configuration...
Sep 3 18:28:24 shdw018test systemd[1]: opencti-worker@1.service: Main process exited, code=exited, status=1/FAILURE
Sep 3 18:28:24 shdw018test systemd[1]: opencti-worker@1.service: Failed with result 'exit-code'.
Sep 3 18:28:25 shdw018test systemd[1]: opencti-worker@1.service: Service hold-off time over, scheduling restart.
Sep 3 18:28:25 shdw018test systemd[1]: opencti-worker@1.service: Scheduled restart job, restart counter is at 5.
Sep 3 18:28:25 shdw018test systemd[1]: Stopped OpenCTI Worker daemon 1.
Sep 3 18:28:25 shdw018test systemd[1]: opencti-worker@1.service: Start request repeated too quickly.
Sep 3 18:28:25 shdw018test systemd[1]: opencti-worker@1.service: Failed with result 'exit-code'.
Sep 3 18:28:25 shdw018test systemd[1]: Failed to start OpenCTI Worker daemon 1.

SamuelHassine mentioned this issue Jul 5, 2019

Docker-compose doesn't work #114

Closed

SamuelHassine closed this as completed in 8be9ee2 Jul 5, 2019

SamuelHassine added bug use for describing something not working as expected solved use to identify issue that has been solved (must be linked to the solving PR) labels Jul 7, 2019

SamuelHassine self-assigned this Jul 7, 2019

SamuelHassine added this to the Release 1.0.2 milestone Jul 7, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

No module named "stix2" #118

No module named "stix2" #118

No module named "stix2" #118

No module named "stix2" #118

Comments

pip install stix2