Remediation Module for Guidance Encase. Allows Sourcefire to pass event details to Encase so that it can automatically carry out post event analysis.
I am receiving the error "No module.template file found in module." when attempting to install the .tgz file, even though the module.template file is clearly in the archive. Is there a new version or are there additional changes I should make to the archive?
I think the download is an archive inside a zip. Maybe you worked this out. Not sure.
Please make sure that you
1. Un zip the zip
2. Unarchive the archive inside the zip
3. Browse that folder from the console remediation module upload dialog box.
Thanks for the assistance. Unfortunately, when I try that, I receive the following error:
module.template is not a valid module file.
I found the solution... The files are in a directory (ECCCyberSFModule) once untarred and uncompressed. They should be in the root of the gzipped tar file. I re-created the tgz file (e.g. tar czf ECCCyberSFModule.tgz module.template ECCCyberSFModule.pl ) and the resultant file was accepted as a valid module.
I hope this helps someone else!
1. Extract ZIP
2. Rename .gtar file to .tgz
3. Install the remediation module.