Snort mailing list archives
Re: OpenFPC Daemonlogger Segfault Through OpenFPC
From: Kevin Ross <kevross33 () googlemail com>
Date: Tue, 26 Aug 2014 15:09:20 +0100
Hi, Sorry I was meaning the openfpc side as not sure if that was still being worked on/supported. Glad to hear daemonlogger getting more done to it. Both openfpc & Daemonlogger do a very nice job for my needs :D Thanks, Kevin On 26 August 2014 12:47, Joel Esler (jesler) <jesler () cisco com> wrote:
Most certainly *is* supported. We have future plans for daemonlogger, we just haven’t updated the code in awhile. I’ll get this over to the developer. -- *Joel Esler* Open Source Manager Threat Intelligence Team Lead Talos On Aug 26, 2014, at 5:09 AM, Kevin Ross <kevross33 () googlemail com> wrote: Hi, I know this is an older tool which isn't supported but I use it for ease of integration into snorby & also that it stores onto disk and then fetches on request making it better for my sensors as PCAP solutions like moloch are just too resource intensive so I would appreciate any help kindly given (or suggestions for another suitable maintained PCAP option similar in nature). My systems were updated recently and fine; now following reboot daemonlogger segfaults when run through openfpc so I am not able to get PCAPs. If I run daemonlogger say with just daemonlogger -i eth1 it is fine and logs PCAPs but when using openfpc -a start it says it starts and then in status it is stopped and shows in /var/log/messages as segfault error with same memory location and things for each system: System 1 Error - kernel: : daemonlogger[23570]: segfault at 0 ip 0000000000402a0a sp 00007fffbc8be100 error 4 in daemonlogger[400000+7000] System 2 Error - kernel: : daemonlogger[3392]: segfault at 0 ip 0000000000402a0a sp 00007fff0e1e8c90 error 4 in daemonlogger[400000+7000] Running the queue daemon in debug mode and things is fine and shows nothing but I have no idea how to debug daemonlogger through openfpc. Some other points: - Daemonlogger Version1.2.1 (latest version installed) - Latest openfpc - System running Centos 6.4 - SELINUX tried relabel, disabled etc. Thank you for any help in advance. Kindest Regards, Kevin Ross ------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- OpenFPC Daemonlogger Segfault Through OpenFPC Kevin Ross (Aug 26)
- Re: OpenFPC Daemonlogger Segfault Through OpenFPC Joel Esler (jesler) (Aug 26)
- Re: OpenFPC Daemonlogger Segfault Through OpenFPC Kevin Ross (Aug 26)
- Re: OpenFPC Daemonlogger Segfault Through OpenFPC Joel Esler (jesler) (Aug 26)
- Re: OpenFPC Daemonlogger Segfault Through OpenFPC John York (Aug 26)
- Re: OpenFPC Daemonlogger Segfault Through OpenFPC Kevin Ross (Aug 26)
- Re: OpenFPC Daemonlogger Segfault Through OpenFPC Joel Esler (jesler) (Aug 26)
- Re: OpenFPC Daemonlogger Segfault Through OpenFPC Marty Roesch (maroesch) (Aug 26)
- Re: OpenFPC Daemonlogger Segfault Through OpenFPC Jeremy Hoel (Aug 26)
- Re: OpenFPC Daemonlogger Segfault Through OpenFPC Kevin Ross (Aug 27)
- Re: OpenFPC Daemonlogger Segfault Through OpenFPC Leon Ward (leonward) (Aug 27)
- Re: OpenFPC Daemonlogger Segfault Through OpenFPC Jeremy Hoel (Aug 27)
- Re: OpenFPC Daemonlogger Segfault Through OpenFPC Kevin Ross (Aug 28)
- Re: OpenFPC Daemonlogger Segfault Through OpenFPC Leon Ward (leonward) (Aug 29)
- Re: OpenFPC Daemonlogger Segfault Through OpenFPC Jeremy Hoel (Aug 26)