![]() ![]() I've no idea how to diagnose this as this is the first time using Grafana/ES/Graylog and JSON (it's a miracle I got this far, there were many bumps!). The error only disappears if I include "group by / geo hash grid / src location / precision ", at which point the map is still blank. When I try to mirror your query settings from your screenshot, I get the error message "missing geohash value". It's just the map points that don't display. So it seems that my Maxmind stuff is working. the NST WUI Ntopng implementation now supports the Ntopng REST API the results from using the fast directory scanner - dirble can now be displayed in. On the other dashboard widgets for the firewall logs I can see that the country names, geo locations, etc. Everything else is working, including the NPI dashboard where I am getting points on the map. I'm also having the problem with no points on the map for the firewall logs. If you don't mind, how is your hardware doing? I'm running VM Ubuntu and it's almost 3GB of ram all the time. (~/pfsense-analytics/Docker/grafana/provisioning/dashboards/) Make copies of those files (ndpi.json & firewall.json) then edit accordingly. If you want to edit grafana dashboards, you need to edit the. Make sure you have configure pfsense to send logs to graylog (Status, System Logs, Settings>Remote Logging Options > remote log server "graylog_ip:5442" > check "firewall events" and "save". Go to the Time Picker and choose 2 days or more, I don't know why, but data from 1 hour doesn't show.Īlso, if you go to one of the panels and enter "edit", remove the query string and enter just an asterisk (*), you should see data coming (don't ask, I don't know why.) abierto ms confiable del mundo - DHCP- NTP - SNMP - Routed - Ntopng - OpenVPN. Not receiving log from pfsense is another thing. Its either pfSense configs (not likely) or the > hardware (more likely). Tar zxvf /etc/graylog/server/mm.tar.gz -C /etc/graylog/server/ -strip-components=1Īgain, thanks for all the help so far. ![]() I used 15 to help me refer to my licence key within getGeo.sh in order to buil. My only issue is that there is no map data being shown in either the Firewall Logs or DPI dashboards. I might have some error within there possibly that's not allowing it to work?Ĭurl -output /etc/graylog/server/mm.tar.gz ' ' Everything else is working fine in Grafana and Graylog. Would you mind posting exactly what you have in your getGeo.sh file? (minus the license key of course). But, my firewall logs are still not working, even though the key that I typed into NTOPNG is identical to the one I typed into my getGeo.sh file. I have setup a gmail smtp endpoint on pfsense ntopng no problem. My DPI dashboard maps are now WORKING (so thank you for that advice). Next, we want to create a container with ntopng running on https port 3001 using this. If we have missed the screen, just wait until the next loop/boot. usr/local/share/GeoIP/GeoIPupdate.Xwug8W/GeoI100% of 1187 kB 3953 kBps # /usr/local/bin/ntopng-geoipupdate.shĮdit: They switched geo location libs in 3.6 so I assume this is related.I entered my GeoLite2 License Key into the NTOPNG spot as well as the my getGeo.sh file. 2 Prepare for Pressing 2 key (For getting into pfSense single user mode) 3 When we see the following screen, Press 2 to enter Single user mode. I've run both of the following, but no positive impact after a restart of # /usr/local/bin/geoipupdate.sh Moreover, ntopng automatically installs ntopng-data and that it is taken in priority over Maxmind. And finally, I noticed that it didn't work with your ntopng-data package but works perfectly with MaxMind geolocation. The status of ntopng does show that maxmind 1.3.2 is compiled in, and the maxmind files are on my opensense system. After reading that it worked at your place (and still not at mine), I decided to reinstall Ntopng. I've manually ran the download scripts etc, but to no avail, all ips are still non geolocated. Geolocation does not seem to be working with ntopng plugin. ![]()
0 Comments
Leave a Reply. |