Comments (2)
I found that I had to manually run some MYSQL statements to get them to show
up. They are at least parsing now, although it looks like there may still be
some errors. I'll update the ticket after I check things out some more.
Original comment by [email protected]
on 3 Jul 2014 at 9:14
- Added labels: ****
- Removed labels: ****
from enterprise-log-search-and-archive.
OK, I have made significant progress. Is anyone out there? lol
I rewrote the Barracuda parser from the ground up, based on the excellent
Barracuda Spam & Virus Firewall Version 5.x Syslog Guide, along with real-world
logs. Everything validates properly.
Another problem was that the SQL statements I found from the mailing list to
enable the class in the database had incorrect class IDs:
Bad:
INSERT INTO classes (id, class, parent_id) VALUES(26, "BARRACUDA_SCAN", 0);
INSERT INTO classes (id, class, parent_id) VALUES(27, "BARRACUDA_RECV", 0);
INSERT INTO classes (id, class, parent_id) VALUES(28, "BARRACUDA_SEND", 0);
Good:
INSERT INTO classes (id, class, parent_id) VALUES(27, "BARRACUDA_SCAN", 0);
INSERT INTO classes (id, class, parent_id) VALUES(28, "BARRACUDA_RECV", 0);
INSERT INTO classes (id, class, parent_id) VALUES(29, "BARRACUDA_SEND", 0);
I dropped those rows and fixed that.
I'm going to give it a few days to see what pops in unclassified, then update
the parsers as needed. Of course, if you want them I am happy to share.
Original comment by [email protected]
on 9 Jul 2014 at 12:12
- Added labels: ****
- Removed labels: ****
from enterprise-log-search-and-archive.
Related Issues (20)
- Upgrade Fails HOT 1
- cannot create any dashboards HOT 1
- Valid grep regex misses
- Front End shows ELSA as title and a blank page after a new install HOT 1
- System Dashboard (Query and Load Statistics
- Using interval to calculate the time difference between two log records
- Internal Server Error [500] with Dashboard
- line "1node(s) with ... logs..." doesn't update and offline dahsboards HOT 1
- node update failure HOT 5
- Parsing is not successful on the web interface HOT 1
- Installer fails on FreeBSD - can provide a patch unless the project is inactive
- Unable to open elsa dash board from Apache HOT 3
- distribution packaging
- lumberjack support
- Question about UNIQUE KEY for "fields" table
- Log Size Limit Problem
- Parser for BIND queries not classifying/parsing data from udp(); or log file (custom class and fields)
- The date of the "From" field is locked in a day and not advance. HOT 1
- Trouble installing ELSA correctly
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from enterprise-log-search-and-archive.