I am trying to import PANOS-Threat Logs into MineMeld using the syslogMiner.
I have configured the Miner and the LogForwarding via Panorama and can see the incoming logs at the Minemeld instance using tcpdump.
Still I see no indicators in my Miner-Node. The Engine Logs show following error that I think is relevant to the problem:
(2082)syslog._amqp_consumer ERROR: Miner_Test - Exception in consumer glet Traceback (most recent call last): File "/opt/minemeld/engine/0.9.60/local/lib/python2.7/site-packages/minemeld/ft/syslog.py", line 739, in _amqp_consumer password=self.rabbitmq_password File "/opt/minemeld/engine/0.9.60/local/lib/python2.7/site-packages/amqp/connection.py", line 165, in __init__ self.transport = self.Transport(host, connect_timeout, ssl) File "/opt/minemeld/engine/0.9.60/local/lib/python2.7/site-packages/amqp/connection.py", line 186, in Transport return create_transport(host, connect_timeout, ssl) File "/opt/minemeld/engine/0.9.60/local/lib/python2.7/site-packages/amqp/transport.py", line 299, in create_transport return TCPTransport(host, connect_timeout) File "/opt/minemeld/engine/0.9.60/local/lib/python2.7/site-packages/amqp/transport.py", line 95, in __init__ raise socket.error(last_err) error: [Errno 111] Connection refused
I already checked the forums for similar errors, but couldnt find anything that helped me. I also stumbled about the advice to restart rabbitmq-server, but this service doesnt exist on my instance. For installation I followed the tutorial here:
If anyone can assist me with this problem I would be very glad!
... View more