Discussions

Ask a Question
ANSWERED

metlo-ingestor.service not found on eu-west-2 image

We create new instance from image https://backend.metlo.com/deploy/aws?region=eu-west-2 but i cannot find metlo-ingestor service sudo systemctl start metlo-ingestor.service Unit metlo-ingestor.service could not be found. I am doing something wrong or need to install something else ? I didn't find it on Guide.
ANSWERED

unable to find endpoint

HI Team, We have configured metlo in GCP and daemonset in GKE. Data is not getting exported to application. Here are the attached log of one of pod 21/10/2022 -- 06:56:59 - <Error> - [ERRCODE: SC_ERR_STATS_LOG_GENERIC(278)] - eve.stats: stats are disabled globally: set stats.enabled to true. See https://suricata.readthedocs.io/en/suricata-6.0.5/configuration/suricata-yaml.html#stats 21/10/2022 -- 06:56:59 - <Info> - Running in live mode, activating unix socket 21/10/2022 -- 06:56:59 - <Info> - 1 rule files processed. 1 rules successfully loaded, 0 rules failed 21/10/2022 -- 06:56:59 - <Info> - Threshold config parsed: 0 rule(s) found 21/10/2022 -- 06:56:59 - <Info> - 1 signatures processed. 0 are IP-only rules, 0 are inspecting packet payload, 1 inspect application layer, 0 are decoder event only 21/10/2022 -- 06:56:59 - <Info> - Going to use 1 thread(s) 21/10/2022 -- 06:56:59 - <Info> - Running in live mode, activating unix socket 21/10/2022 -- 06:56:59 - <Info> - Using unix socket file '/var/run/suricata/suricata-command.socket' 21/10/2022 -- 06:56:59 - <Notice> - all 1 packet processing threads, 2 management threads initialized, engine started. 21/10/2022 -- 06:56:59 - <Info> - All AFP capture threads are running. 21/10/2022 -- 06:56:58 - <Notice> - This is Suricata version 6.0.5 RELEASE running in SYSTEM mode 21/10/2022 -- 06:56:58 - <Info> - CPUs/cores online: 1 21/10/2022 -- 06:56:59 - <Info> - Found an MTU of 1460 for 'eth0' 21/10/2022 -- 06:56:59 - <Info> - Found an MTU of 1460 for 'eth0' 21/10/2022 -- 06:56:59 - <Info> - Setting logging socket of non-blocking in live mode. 21/10/2022 -- 06:56:59 - <Info> - eve-log output device (unix_stream) initialized: /etc/suricata-logs/eve.sock 21/10/2022 -- 06:56:59 - <Notice> - JsonRdpLog logger not enabled: protocol rdp is disabled 21/10/2022 -- 06:56:59 - <Notice> - JsonIKEv2Log logger not enabled: protocol ikev2 is disabled 21/10/2022 -- 06:56:59 - <Notice> - JsonKRB5Log logger not enabled: protocol krb5 is disabled 21/10/2022 -- 06:56:59 - <Notice> - JsonSNMPLog logger not enabled: protocol snmp is disabled 21/10/2022 -- 06:56:59 - <Notice> - JsonRFBLog logger not enabled: protocol rfb is disabled 21/10/2022 -- 06:56:59 - <Error> - [ERRCODE: SC_ERR_STATS_LOG_GENERIC(278)] - eve.stats: stats are disabled globally: set stats.enabled to true. See https://suricata.readthedocs.io/en/suricata-6.0.5/configuration/suricata-yaml.html#stats metlo.yaml: ============= Name: metlo-app Selector: name=metlo-app Node-Selector: <none> Labels: <none> Annotations: deprecated.daemonset.template.generation: 1 Desired Number of Nodes Scheduled: 6 Current Number of Nodes Scheduled: 6 Number of Nodes Scheduled with Up-to-date Pods: 6 Number of Nodes Scheduled with Available Pods: 6 Number of Nodes Misscheduled: 0 Pods Status: 6 Running / 0 Waiting / 0 Succeeded / 0 Failed Pod Template: Labels: name=metlo-app Containers: suricata-daemon: Image: metlo/suricata-daemon Port: <none> Host Port: <none> Environment: METLO_ADDR: http://34.100.152.6:8080/ METLO_KEY: ********* Mounts: <none> Volumes: <none> Events: <none>
ANSWERED

Can you create more AMI

Hi, Can you create more AMI in region eu-west-2? Regards,