Hi Ohad, using the latest nProbe I have been unable to reproduce the issue you reported. I have even started nprobe with strace just to make sure I didn’t miss anything but the .log file you mention is not created.
Instead using -P you are telling nprobe to dump flows in text format (in addition to pushing them to ES): is this what you want? Where is this .log file created? (path I mean) Regards Luca > On 29 Nov 2015, at 13:04, Ohad Kleinman <[email protected]> wrote: > > Luca, > Please see attached the configuration file that we are using. > > Ohad > > From: [email protected] > <mailto:[email protected]> > [mailto:[email protected] > <mailto:[email protected]>] On Behalf Of Luca Deri > Sent: Sunday, November 29, 2015 12:22 PM > To: [email protected] <mailto:[email protected]> > Subject: Re: [Ntop-misc] nProbe big log file with elastic search > > Ohad, > nProbe should not write to this log. I think it is a combination of options > we do not handle properly. Can you please let send me the complete command > line you are using to start nProbe so I can analyse it? > > Thanks Luca > >> On 29 Nov 2015, at 08:14, Ohad Kleinman <[email protected] >> <mailto:[email protected]>> wrote: >> >> Hi Luca, >> Can you confirm if there is a way to make the nprobe to not write to the log >> file each flow that is being exported to elastic? >> >> Thanks >> >> Ohad >> >> >> From: [email protected] >> <mailto:[email protected]> >> [mailto:[email protected] >> <mailto:[email protected]>] On Behalf Of Luca Deri >> Sent: Monday, November 23, 2015 2:59 PM >> To: [email protected] <mailto:[email protected]> >> Subject: Re: [Ntop-misc] nProbe big log file with elastic search >> >> Hi Ohad, >> is this file on the ElasticSearch side right? >> >> Regards Luca >> >>> On 18 Nov 2015, at 15:34, Ohad Kleinman <[email protected] >>> <mailto:[email protected]>> wrote: >>> >>> Hi, >>> We are using nProbe with the option of writing all flows into elastic >>> search, the [email protected] <mailto:[email protected]> file is becoming >>> large as each flow that is written into the elastic search is also being >>> written into the log file. >>> >>> Is there any parameter that can disable this? >>> >>> Thanks. >>> >>> Ohad >>> _______________________________________________ >>> Ntop-misc mailing list >>> [email protected] <mailto:[email protected]> >>> http://listgateway.unipi.it/mailman/listinfo/ntop-misc >>> <http://listgateway.unipi.it/mailman/listinfo/ntop-misc> >> >> _______________________________________________ >> Ntop-misc mailing list >> [email protected] <mailto:[email protected]> >> http://listgateway.unipi.it/mailman/listinfo/ntop-misc >> <http://listgateway.unipi.it/mailman/listinfo/ntop-misc> > > <nprobe.conf>_______________________________________________ > Ntop-misc mailing list > [email protected] <mailto:[email protected]> > http://listgateway.unipi.it/mailman/listinfo/ntop-misc > <http://listgateway.unipi.it/mailman/listinfo/ntop-misc>
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
