About borising

Hi @lmori,   Do you think, there's a possibility that I can troubleshoot this someway myself?   Regards, Bo ... View more

Hi @lmori   My minemeld updated a couple of hours ago to 0.9.42 (good work with the backup!), but I still can't see any indicators in the syslog node, even that my firewall have sent plenty of logs since the upgrade.   How could we troublehsoot this further?   Have a great day! ... View more

Hi again @lmori     I just did a debug session of when rsyslogd receives a syslog message, as I had a suspicion that it might be an issue parsing the 8.x logs.   Though I can't really get much out of it, you might 🙂    So if you think you could use the output for further debugging, then let me know.   Regards, Bo Rising ... View more

Hi @soc_enav,   Thats one great write up on how to use Minemeld! Keep it coming 🙂   Regards, Bo ... View more

Hi @lmori,   I started out with 8.0.3-h4, but have upgraded to 8.0.4 along the way.   Regards, Bo ... View more

Hi @lmori,   Then I'll just wait, and update this message, when I have tested further 🙂   Regards, Bo ... View more

Hi @lmori,   When do you think the next release will be available?   Regards, Bo ... View more

Hi @lmori,   Any luck of finding out what causes this problem?   Thanks! ... View more

Here you go:   xxx@minemeld01:~$ sudo rabbitmqctl list_queues | grep -i syslog localSyslog:rpc 0 mbus:directslave:localSyslog:rpc 0 mbus:slave:localSyslog:rpc 0 xxx@minemeld01:~$ ... View more

Hi Luigi,   There are only 2 rsyslog.log files, which I have cat'ed below. Rsyslogd is running, as you can see. xxx@minemeld01:/var/log$ cat rsyslog.log xxx@minemeld01:/var/log$ cat rsyslog.log.1 Jul 2 21:44:32 minemeld01 rsyslogd: [origin software="rsyslogd" swVersion="8.17.0" x-pid="5101" x-info="http://www.rsyslog.com"] start Jul 2 21:44:32 minemeld01 rsyslogd: rsyslogd's groupid changed to 104 Jul 2 21:44:32 minemeld01 rsyslogd: rsyslogd's userid changed to 101 Jul 2 21:45:14 minemeld01 rsyslogd: [origin software="rsyslogd" swVersion="8.17.0" x-pid="5101" x-info="http://www.rsyslog.com"] exiting on signal 15. Jul 2 21:45:14 minemeld01 rsyslogd: [origin software="rsyslogd" swVersion="8.17.0" x-pid="5420" x-info="http://www.rsyslog.com"] start Jul 2 21:45:14 minemeld01 rsyslogd: rsyslogd's groupid changed to 104 Jul 2 21:45:14 minemeld01 rsyslogd: rsyslogd's userid changed to 101 Jul 4 06:53:12 minemeld01 rsyslogd: [origin software="rsyslogd" swVersion="8.17.0" x-pid="5420" x-info="http://www.rsyslog.com"] rsyslogd was HUPed xxx@minemeld01:/var/log$ ps xau | grep rsyslogd xxx 430 0.0 0.1 11764 1960 pts/1 S+ 17:08 0:00 grep --color=auto rsyslogd syslog 5420 0.0 0.0 378196 708 ? Ssl Jul02 0:03 rsyslogd And the rsyslog version: xxx@minemeld01:/var/log$ dpkg -l | grep rsyslog ii rsyslog 8.17.0-0adiscon2trusty1 amd64 a rocket-fast system for log processing ii rsyslog-minemeld 8.16-0 amd64 minemeld modules for rsyslog ii rsyslog-mmnormalize 8.17.0-0adiscon2trusty1 amd64 The rsyslog-mmnormalize package provides log normalization ... View more

Hi Luigi,   I have attached the screenshot, and a screenshot of the sources tab and how it looks on the Nodes page.   Regards, Bo ... View more

Hi,   I have had disabled the dnsproxy for my appletv for the last couple of months, which worked for me.   But then after upgrading my appletv to the latest releaes yesterday evening, Netflix suddenly stopped working.   I then enabled the "allow header range option", and Netflix worked again 🙂   So thank you for the tip!   PS.: Running 8.0.3-h4. ... View more

Hi @Angelo, you have a small typo in the second path for nginx:   [minemeld ~]$ sudo mv /etc/nginx/minemeld.cer /etc/ngnix/minemeld.cer-orig [minemeld ~]$ sudo mv /etc/ngnix/minemeld.pem /etc/ngnix/minemeld.pem-orig   Should instead be:   [minemeld ~]$ sudo mv /etc/nginx/minemeld.cer /etc/nginx/minemeld.cer-orig [minemeld ~]$ sudo mv /etc/ngnix/minemeld.pem /etc/nginx/minemeld.pem-orig ... View more