Ohad I am unable to see such file on my setup. Can you please send me a portion of this log? Are you sure nprobe is creating it?
Regards Luca On 02/12/2015 08:47, Ohad Kleinman wrote: > > Hi Luca, > > The log file that I am referring to is [email protected] > <mailto:[email protected]> located in /var/log/nprobe directory. > > > > Yes currently we are using both dumping files in text format and also > to the elastic search. > > > > I hope this helps. > > > > Ohad > > > > *From:*[email protected] > <mailto:[email protected]> > [mailto:[email protected] > <mailto:[email protected]>] *On Behalf Of *Luca Deri > *Sent:* Wednesday, December 02, 2015 9:37 AM > *To:* [email protected] > <mailto:[email protected]> > *Subject:* Re: [Ntop-misc] nProbe big log file with elastic search > > > > Hi Ohad, > > using the latest nProbe I have been unable to reproduce the issue you > reported. I have even started nprobe with strace just to make sure I > didn’t miss anything but the .log file you mention is not created. > > > > Instead using -P you are telling nprobe to dump flows in text format > (in addition to pushing them to ES): is this what you want? > > > > Where is this .log file created? (path I mean) > > > > Regards Luca > > > > On 29 Nov 2015, at 13:04, Ohad Kleinman <[email protected] > <mailto:[email protected]>> wrote: > > > > Luca, > > Please see attached the configuration file that we are using. > > > > Ohad > > > > *From:* [email protected] > <mailto:[email protected]> > [mailto:[email protected] > <mailto:[email protected]>] *On Behalf > Of *Luca Deri > *Sent:* Sunday, November 29, 2015 12:22 PM > *To:* [email protected] > <mailto:[email protected]> > *Subject:* Re: [Ntop-misc] nProbe big log file with elastic search > > > > Ohad, > > nProbe should not write to this log. I think it is a combination > of options we do not handle properly. Can you please let send me > the complete command line you are using to start nProbe so I can > analyse it? > > > > Thanks Luca > > > > On 29 Nov 2015, at 08:14, Ohad Kleinman <[email protected] > <mailto:[email protected]>> wrote: > > > > Hi Luca, > > Can you confirm if there is a way to make the nprobe > to *not* write to the log file each flow that is being > exported to elastic? > > > > Thanks > > > > Ohad > > > > > > *From:* [email protected] > <mailto:[email protected]> > [mailto:[email protected] > <mailto:[email protected]>] *On Behalf > Of *Luca Deri > *Sent:* Monday, November 23, 2015 2:59 PM > *To:* [email protected] > <mailto:[email protected]> > *Subject:* Re: [Ntop-misc] nProbe big log file with elastic search > > > > Hi Ohad, > > is this file on the ElasticSearch side right? > > > > Regards Luca > > > > On 18 Nov 2015, at 15:34, Ohad Kleinman <[email protected] > <mailto:[email protected]>> wrote: > > > > Hi, > > We are using nProbe with the option of writing all flows > into elastic search, the [email protected] > <mailto:[email protected]> file is becoming large as each > flow that is written into the elastic search is also being > written into the log file. > > > > Is there any parameter that can disable this? > > > > Thanks. > > > > Ohad > > _______________________________________________ > Ntop-misc mailing list > [email protected] > <mailto:[email protected]> > http://listgateway.unipi.it/mailman/listinfo/ntop-misc > > > > _______________________________________________ > Ntop-misc mailing list > [email protected] > <mailto:[email protected]> > http://listgateway.unipi.it/mailman/listinfo/ntop-misc > > > > <nprobe.conf>_______________________________________________ > Ntop-misc mailing list > [email protected] <mailto:[email protected]> > http://listgateway.unipi.it/mailman/listinfo/ntop-misc > > > > > > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
