Please help me about how to use sagan
49 views
Skip to first unread message
Cao Xuân Sang
Mar 22, 2021, 10:50:44 PM3/22/21
to sagan-users
hi everyone, when I run 'sagan' command, the terminal appears and stuck like this, so have i done install sagan ?
Da Beave
Mar 23, 2021, 8:12:40 AM3/23/21
to sagan...@googlegroups.com
Sagan is waiting for data to go into the named pipe / fifo. It could be that not much data is entering the pipe or your syslog service isn't writing to the fifo.
Check make sure data is being written correctly. Once it is.working, Sagan will get past that line and let you know it is processing data.
I hope this helps
On Mon, Mar 22, 2021, 10:50 PM Cao Xuân Sang <sang...@gmail.com> wrote:
hi everyone, when I run 'sagan' command, the terminal appears and stuck like this, so have i done install sagan ?
--
You received this message because you are subscribed to the Google Groups "sagan-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sagan-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sagan-users/74b1ca54-1665-47c0-a8fb-f9d44ad5abdbn%40googlegroups.com.
Cao Xuân Sang
Mar 23, 2021, 10:01:36 AM3/23/21
to sagan...@googlegroups.com
thank you, can you guide me how to make sagan running correctly
Vào Th 3, 23 thg 3, 2021 vào lúc 19:12 Da Beave <dab...@gmail.com> đã viết:
To view this discussion on the web visit https://groups.google.com/d/msgid/sagan-users/CAEAd5jmd8jGDUdETu558yTffPkuEcnXWbCWFFY2aiD%3Db0ikj2A%40mail.gmail.com.
Da Beave
Mar 23, 2021, 10:03:00 AM3/23/21
to sagan...@googlegroups.com
Sagan is running correctly. You have to verify that the syslog settings are giving data to Sagan.
To view this discussion on the web visit https://groups.google.com/d/msgid/sagan-users/CAGpCxe3EP-a7NVGC8nwjx5-GqJXv3stpEVGcAqUFXs-wXz%3DZLA%40mail.gmail.com.
Cao Xuân Sang
Mar 23, 2021, 10:04:50 AM3/23/21
to sagan...@googlegroups.com
how i can do that? and can i test sagan log by use Nmap ?
Vào Th 3, 23 thg 3, 2021 vào lúc 21:03 Da Beave <dab...@gmail.com> đã viết:
You received this message because you are subscribed to a topic in the Google Groups "sagan-users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/sagan-users/1fRnrsFlImY/unsubscribe.
To unsubscribe from this group and all its topics, send an email to sagan-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sagan-users/CAEAd5jnP071KdKRdsDB4PH6q1mYadCNAOoabLJ17XsEm26B-zg%40mail.gmail.com.
Da Beave
Mar 23, 2021, 10:11:38 AM3/23/21
to sagan...@googlegroups.com
Stop Sagan and use the "cat" (as the user root) to see if data is getting into your FIFO.
If it is not, you need to debug you syslog configurations. See the Sagan documentation on how to setup your syslog daemon .
To view this discussion on the web visit https://groups.google.com/d/msgid/sagan-users/CAGpCxe3DMk-f-dhbudnW8TE5pRM7MdktCGsxQ3mv6jx%2BZMwnug%40mail.gmail.com.
Cao Xuân Sang
Mar 26, 2021, 1:29:46 PM3/26/21
to sagan-users
here is output when i run sagan --debug syslog,engine
any wrong ? :(
any wrong ? :(
Vào lúc 21:11:38 UTC+7 ngày Thứ Ba, 23 tháng 3, 2021, Da Beave đã viết:
Da Beave
Mar 27, 2021, 2:19:01 PM3/27/21
to sagan...@googlegroups.com
Looks like you are passing it JSON. Did you configure Sagan for JSON input ?
To view this discussion on the web visit https://groups.google.com/d/msgid/sagan-users/e1423499-6f45-4fd8-939a-b49b531223c5n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages