Re: [Ntop] syslog integration (Suricon 2019) throws an error

Mon, 18 Nov 2019 07:58:58 -0800 

Hi,

> On 18 Nov 2019, at 15:05, Muenz, Michael <m.mu...@spam-fetish.org> wrote:
> 
> Hi,
> 
> I viewed the recording of Suricon 2019 and tried to add syslog interface to 
> ntopng, but it always fails:
> 
> [...]
> 
> Nov 18 14:23:17 collector ntopng[5983]: 18/Nov/2019 14:23:17 [Ntop.cpp:1994] 
> Registered interface eth0 [id: 0]
> Nov 18 14:23:18 collector ntopng: [main.cpp:239] ERROR: An exception occurred 
> during syslog://10.24.64.12:9999 interface creation[19]: No such device
> Nov 18 14:23:18 collector ntopng[5983]: 18/Nov/2019 14:23:18 [main.cpp:239] 
> ERROR: An exception occurred during syslog://10.24.64.12:9999 interface 
> creation[19]: No such device
> Nov 18 14:23:18 collector ntopng[5983]: 18/Nov/2019 14:23:18 [main.cpp:302] 
> PID stored in file /var/run/ntopng.pid
> Nov 18 14:23:18 collector ntopng[5983]: 18/Nov/2019 14:23:18 [Utils.cpp:592] 
> User changed to ntopng
> Nov 18 14:23:18 collector ntopng[5983]: 18/Nov/2019 14:23:18 
> [HTTPserver.cpp:1199] Web server dirs 
> [/usr/share/ntopng/httpdocs][/usr/share/ntopng/scripts]
> Nov 18 14:23:18 collector ntopng[5983]: 18/Nov/2019 14:23:18 
> [HTTPserver.cpp:1202] HTTP server listening on 3000
> 
> [...]
> 
> Nov 18 14:23:18 collector ntopng[5983]: 18/Nov/2019 14:23:18 [Ntop.cpp:403] 
> Welcome to ntopng x86_64 v.3.8.191111 - (C) 1998-18 ntop.org

Suricata integration is part of the latest ntopng 3.9 dev. Please, update from 
3.8 to 3.9.

Regards,

Simone


> Nov 18 14:23:18 collector ntopng[5983]: 18/Nov/2019 14:23:18 [Ntop.cpp:413] 
> Built on Debian GNU/Linux 9.1 (stretch)
> 
> 
> I also tried with latest FreeBSD release which also breaks same way. My 
> config looks like this:
> 
> #cat /etc/ntopng/ntopng.conf | grep -v "#"
> 
> -G=/var/run/ntopng.pid
> -i=eth0
> -i=syslog://10.24.64.12:9999
> 
> Any idea what went wrong?
> 
> 
> Best,
> 
> Michael
> 
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop

_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop

Reply via email to