How to install google/stenographer on Rocky Linux v8


Disable SELINUX First

1. vim /etc/selinux/config
2. Set SELINUX=disabled
3. reboot

Make directories for future use

4. mkdir -p /etc/stenographer/
5. adduser -M -U stenographer
6. mkdir -p /data/stenographer/
7. chown -R stenographer:stenographer /data/stenographer

Download Stenographer

8. dnf groupinstall "Development Tools"
9. dnf --enablerepo=powertools install snappy-devel snappy.x86_64 libseccomp-devel.x86_64 libseccomp.x86_64 libaio.x86_64 libaio-devel.x86_64 leveldb leveldb-devel.x86_64 jq rsyslog tcpdump
10. cd /usr/local/src/
11. git clone https://github.com/google/stenographer.git

Build Stenographer from Source (Install go if not installed before)

12. cd /usr/local/src/stenographer/
13. go mod init stenographer
14. go mod tidy
15. go build
16. cp stenographer /usr/bin/
17. cp stenoread /usr/bin/
18. cp stenocurl /usr/bin/

Install Stenotype

19. cd stenotype
20. make
21. cp stenotype /bin/
22. cp stenotype /usr/sbin/
23. setcap 'CAP_NET_RAW+ep CAP_NET_ADMIN+ep CAP_IPC_LOCK+ep' /bin/stenotype
24. setcap 'CAP_NET_RAW+ep CAP_NET_ADMIN+ep CAP_IPC_LOCK+ep' /usr/sbin/stenotype

Create system unit file and stenographer configuration files

25. cd ../configs/
    cp systemd.conf /etc/systemd/system/stenographer.service
26. cp steno.conf /etc/stenographer/config
27. vim /etc/stenographer/config

{
  "Threads": [
    { "PacketsDirectory": "/data/stenographer/thread0/packets/directory"
    , "IndexDirectory": "/data/stenographer/thread0/index/directory"
    , "MaxDirectoryFiles": 30000
    , "DiskFreePercentage": 70
    }
  ]
  , "StenotypePath": "/usr/bin/stenotype"
  , "Interface": "enp0s3"
  , "Port": 4321
  , "Host": "192.168.0.147"
  , "Flags": ["-vv", "--seccomp=none"]
  , "CertPath": "/etc/stenographer/certs"
}

Create SSL keys for stenographer

    cd /usr/local/src/stenographer
	./stenokeys.sh

not its time to start the Service

systemctl start stenographer
systemctl status stenographer	

make test, if the stenographer is working or not

stenoread 'port 22 and after 1m ago'

Use the following method to find the required data

stenoread '( host 192.168.0.184 and port 14795)  and (host 192.168.0.132 and port 5060 ) or ( host 192.168.0.132 and port 5060)  and (host 192.168.0.110 and port 51410 ) or ( host 192.168.0.110 and port 20004)  or ( host 192.168.0.132 and port 37622)  or ( host 192.168.0.132 and port 37672)  or ( host 192.168.0.184 and port 10400)  and after 2024-08-28T06:29:52Z and before 2024-08-28T06:40:21Z' -w /home/hrhashmi/call.pcap

Enjoy 😉

How to Install go in Rocky Linux v8

1. dnf update
2. dnf install wget
3. cd /usr/local/src/
4. wget https://go.dev/dl/go1.19.2.linux-amd64.tar.gz
5. cd /usr/local/
6. tar -xvf /usr/local/src/go1.19.2.linux-amd64.tar.gz 
7. vim /etc/profile.d/go.sh
8. export PATH=$PATH:/usr/local/go/bin
9. close the terminal and start again
10. go version

Enjoy :)

How to compile and run a next application ?

Install nodejs Use  this  link for further reading curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.0/install.sh | bash nvm inst...