Luca, Please see a link to the attached the log file, I hope this helps.
https://dl.dropboxusercontent.com/u/27973370/nprobe-eth0%400.log Ohad *From:* [email protected] [mailto: [email protected]] *On Behalf Of *Luca Deri *Sent:* Wednesday, December 02, 2015 2:42 PM *To:* [email protected] *Subject:* Re: [Ntop-misc] nProbe big log file with elastic search Ohad I am unable to see such file on my setup. Can you please send me a portion of this log? Are you sure nprobe is creating it? Regards Luca On 02/12/2015 08:47, Ohad Kleinman wrote: Hi Luca, The log file that I am referring to is [email protected] located in /var/log/nprobe directory. Yes currently we are using both dumping files in text format and also to the elastic search. I hope this helps. Ohad *From:* [email protected] [mailto: [email protected]] *On Behalf Of *Luca Deri *Sent:* Wednesday, December 02, 2015 9:37 AM *To:* [email protected] *Subject:* Re: [Ntop-misc] nProbe big log file with elastic search Hi Ohad, using the latest nProbe I have been unable to reproduce the issue you reported. I have even started nprobe with strace just to make sure I didn’t miss anything but the .log file you mention is not created. Instead using -P you are telling nprobe to dump flows in text format (in addition to pushing them to ES): is this what you want? Where is this .log file created? (path I mean) Regards Luca On 29 Nov 2015, at 13:04, Ohad Kleinman <[email protected]> wrote: Luca, Please see attached the configuration file that we are using. Ohad *From:* [email protected] [mailto: [email protected]] *On Behalf Of *Luca Deri *Sent:* Sunday, November 29, 2015 12:22 PM *To:* [email protected] *Subject:* Re: [Ntop-misc] nProbe big log file with elastic search Ohad, nProbe should not write to this log. I think it is a combination of options we do not handle properly. Can you please let send me the complete command line you are using to start nProbe so I can analyse it? Thanks Luca On 29 Nov 2015, at 08:14, Ohad Kleinman <[email protected]> wrote: Hi Luca, Can you confirm if there is a way to make the nprobe to *not* write to the log file each flow that is being exported to elastic? Thanks Ohad *From:* [email protected] [mailto: [email protected]] *On Behalf Of *Luca Deri *Sent:* Monday, November 23, 2015 2:59 PM *To:* [email protected] *Subject:* Re: [Ntop-misc] nProbe big log file with elastic search Hi Ohad, is this file on the ElasticSearch side right? Regards Luca On 18 Nov 2015, at 15:34, Ohad Kleinman <[email protected]> wrote: Hi, We are using nProbe with the option of writing all flows into elastic search, the [email protected] file is becoming large as each flow that is written into the elastic search is also being written into the log file. Is there any parameter that can disable this? Thanks. Ohad _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc <nprobe.conf>_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
