I have a problem installing ossim in a proxmox virtual machine

V

V6smoke

New Member
Aug 14, 2024
1
0
1
In fact, the error it gives me is the following: execution of <<grub-install/dev/sda>> failed, apparently the Grub could not be installed in dev/sda of the disk, I spent hours trying to solve the problem and I could not find it, I am new to using Proxmox so I need help with this error that I get when installing the ossim in Proxmox.
 
The message
execution of <<grub-install /dev/sda>> failed
is not an OSSIM problem – it is a Proxmox/Debian installer problem that appears while the AlienVault ISO is trying to drop the bootloader on the virtual disk.
  1. Use the “correct” disk type for the VM
    • Create the VM → “OS” tab → choose “Linux 5.x/6.x” (not “Other”).
    • On the “Hard-disk” tab pick “VirtIO” (or “SCSI” with the “VirtIO-scsi” controller).
    • Never IDE – the installer often maps IDE disks as /dev/hda and then GRUB fails.
  2. Give the installer a real BIOS boot partition
    • Add a second “EFI” disk (size 1 GB, type EFI), or
    • Switch the whole VM to “BIOS: SeaBIOS” (i.e. legacy mode) and tick “Pre-Enroll keys” OFF.
    • If you stay in UEFI mode, be sure the first partition on the disk is a FAT32 ESP (≈ 512 MB).
    • The OSSIM installer does not create that ESP automatically.
  3. Boot the ISO in IDE (CD-ROM) but install to VirtIO/SCSI
    • Proxmox sometimes maps the CD as /dev/sda and the real disk as /dev/sdb.
    • When the partitioning wizard asks “Install GRUB to MBR?”, press <No> and type
      /dev/sdb (or /dev/vda for VirtIO).
    • That single step alone fixes the majority of “grub-install failed” reports

      .
  4. Fast/Cheap rescue if you are stuck right now
    • Let the installer finish (ignore the GRUB error).
    • Reboot into the OSSIM rescue mode (boot the ISO again → “Rescue mode”).
    • mount /dev/vda1 /mnt # adapt to your disk
      mount /dev/vda2 /mnt/boot # if a separate /boot exists
      mount --bind /dev /mnt/dev
      mount --bind /proc /mnt/proc
      mount --bind /sys /mnt/sys
      chroot /mnt

    • Further reading
      The ageing/forwarding behaviour is explained in detail (with Proxmox examples) in
      “Open Source Security Operation Platform: OSSIM Best Practice”, Chapter 5 “Sensor Deployment on Virtual Platforms”.

 
You must log in or register to reply here.
Top Bottom