Not able to download PCAP from moloch UI - Error talking to node 'moloch-114-zxy' using host 'moloch-114-zxy:8005' check viewer logs on moloch-113-pft'
150 views
Skip to first unread message
sarfaraj sayyad
Jul 27, 2020, 8:22:53 AM7/27/20
to Moloch Full Packet Capture
I am running moloch on aPaaS container.
Every time My instance gets new host-name. When I am trying to download PCAPs its giving me below error.
Actually when PCAP gets ingested that time host name was different and when I am trying to download its different. Because of that getting below error.
Error talking to node 'moloch-114-zxy' using host 'moloch-114-zxy:8005' check viewer logs on moloch-113-pft'
How to resolve this?
Regards,
Sarfaraj
Matt C
Jul 27, 2020, 10:17:10 AM7/27/20
to Moloch Full Packet Capture
Moloch won't work without a consistent hostname. The pcap files are tied to the node name. You'll need to fix your container hostname.
- Matt
sarfaraj sayyad
Jul 27, 2020, 10:19:51 AM7/27/20
to Moloch Full Packet Capture
Is there any way to start the viewer with static hostname?
Matt C
Jul 27, 2020, 10:29:22 AM7/27/20
to Moloch Full Packet Capture
Try running moloch-capture with the -n/--node flag. That will override whatever the container's hostname is set to and make the pcaps filenames consistent. If you also run the viewer with the -host flag, I think it will do what you want.
- Matt
sarfaraj sayyad
Jul 27, 2020, 11:41:08 AM7/27/20
to Moloch Full Packet Capture
moloch-cpture -n option is working and overriding name to static but some how viewer is not picking -host option.
Reply all
Reply to author
Forward
0 new messages