Re: Dumps/Logging
10 views
Skip to first unread message
Message has been deleted
Pavel Odintsov
Jan 8, 2021, 1:53:33 PM1/8/21
to GG, FastNetMon user group
Hello!
I think you may consider upgrade, we have removed logic to automatically generate packet dumps when they are disabled.
You can upgrade this way:
sudo apt-get update sudo apt-get install --only-upgrade fastnetmon
On Fri, 8 Jan 2021 at 14:24, GG <gastong...@gmail.com> wrote:
Hi Pavel,Attack dumps and logs seems to be growing fast even though I have them disabled. Do they have a limit and rotate at some point? Am I using the wrong configuration parameters?show main collect_simple_attack_dumpsdisabledshow main collect_attack_pcap_dumpsdisabledshow main logging_levelinfoshow main logging_local_syslog_loggingdisabledshow main logging_remote_syslog_loggingdisabledls /var/log/fastnetmon/ -lhtotal 97M-rw-r--r--. 1 root root 225K Jan 8 14:15 api_gateway.logdrwxr-x---. 2 root root 1.6M Jan 8 14:16 attacks_dumps-rw-rw-rw-. 1 root root 95M Jan 8 14:16 fastnetmon.log-rw-r--r--. 1 root root 972 Jan 4 19:01 traffic_db.logdu -sk /var/log/fastnetmon/attacks_dumps/ -h109M /var/log/fastnetmon/attacks_dumps/Regards,GG--
Follow us on social media: Twitter: https://twitter.com/fastnetmon | Facebook: https://www.facebook.com/fastnetmon/ | LinkedIn: https://www.linkedin.com/company/fastnetmon/
---
You received this message because you are subscribed to the Google Groups "FastNetMon user group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fastnetmon+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/fastnetmon/1a4f8216-1ff7-4e69-9192-5d76730518e2n%40googlegroups.com.
Pavel Odintsov
GG
Jan 8, 2021, 2:23:42 PM1/8/21
to FastNetMon user group
Pavel, it seems to be the latest.
yum update
yum upgrade fastnetmon
Dependencies resolved.
Nothing to do.
Complete!
show fastnetmon_version
2.0.217 adb3944c9f10af49ba444e59c240c5172a64e226
Pavel Odintsov
Jan 8, 2021, 2:27:58 PM1/8/21
to GG, FastNetMon user group
Hello!
Can you remove all attack dumps and then wait for some detected attacks?
Maybe they’re just old ones happened before upgrade?
It’s safe to remove all files in attacks_dump folder.
To view this discussion on the web visit https://groups.google.com/d/msgid/fastnetmon/8e640e9b-49d7-4a78-8a01-aaa86422c158n%40googlegroups.com.
Sincerely yours, Pavel Odintsov
gaston gutierrez
Jan 8, 2021, 4:18:02 PM1/8/21
to Pavel Odintsov, FastNetMon user group
Hi Pavel,
show fastnetmon_version
2.0.217 adb3944c9f10af49ba444e59c240c5172a64e226
Still getting dumps, but I can have a cron removing old entries anyway. It's nice to have the most recent ones.
show main collect_simple_attack_dumps
disabled
disabled
show fastnetmon_version
2.0.217 adb3944c9f10af49ba444e59c240c5172a64e226
Thank you.
Pavel Odintsov
Jan 8, 2021, 4:20:11 PM1/8/21
to gaston gutierrez, FastNetMon user group, Pavel Odintsov
Hello!
Can you raise ticket to ZenDesk sup...@fastnetmon.zendesk.com and share latest fastnetmon.log about it please?
To view this discussion on the web visit https://groups.google.com/d/msgid/fastnetmon/CAD8AvFzaGt7CY5k8ANvh4v5pueduWH5Xi12af7py17pde_VS4A%40mail.gmail.com.
Pavel Odintsov
Reply all
Reply to author
Forward
0 new messages