Discussions

Ask a Question
Back to All

unable to find endpoint

HI Team,

We have configured metlo in GCP and daemonset in GKE. Data is not getting exported to application.
Here are the attached log of one of pod

21/10/2022 -- 06:56:59 - - [ERRCODE: SC_ERR_STATS_LOG_GENERIC(278)] - eve.stats: stats are disabled globally: set stats.enabled to true. See https://suricata.readthedocs.io/en/suricata-6.0.5/configuration/suricata-yaml.html#stats
21/10/2022 -- 06:56:59 - - Running in live mode, activating unix socket
21/10/2022 -- 06:56:59 - - 1 rule files processed. 1 rules successfully loaded, 0 rules failed
21/10/2022 -- 06:56:59 - - Threshold config parsed: 0 rule(s) found
21/10/2022 -- 06:56:59 - - 1 signatures processed. 0 are IP-only rules, 0 are inspecting packet payload, 1 inspect application layer, 0 are decoder event only
21/10/2022 -- 06:56:59 - - Going to use 1 thread(s)
21/10/2022 -- 06:56:59 - - Running in live mode, activating unix socket
21/10/2022 -- 06:56:59 - - Using unix socket file '/var/run/suricata/suricata-command.socket'
21/10/2022 -- 06:56:59 - - all 1 packet processing threads, 2 management threads initialized, engine started.
21/10/2022 -- 06:56:59 - - All AFP capture threads are running.
21/10/2022 -- 06:56:58 - - This is Suricata version 6.0.5 RELEASE running in SYSTEM mode
21/10/2022 -- 06:56:58 - - CPUs/cores online: 1
21/10/2022 -- 06:56:59 - - Found an MTU of 1460 for 'eth0'
21/10/2022 -- 06:56:59 - - Found an MTU of 1460 for 'eth0'
21/10/2022 -- 06:56:59 - - Setting logging socket of non-blocking in live mode.
21/10/2022 -- 06:56:59 - - eve-log output device (unix_stream) initialized: /etc/suricata-logs/eve.sock
21/10/2022 -- 06:56:59 - - JsonRdpLog logger not enabled: protocol rdp is disabled
21/10/2022 -- 06:56:59 - - JsonIKEv2Log logger not enabled: protocol ikev2 is disabled
21/10/2022 -- 06:56:59 - - JsonKRB5Log logger not enabled: protocol krb5 is disabled
21/10/2022 -- 06:56:59 - - JsonSNMPLog logger not enabled: protocol snmp is disabled
21/10/2022 -- 06:56:59 - - JsonRFBLog logger not enabled: protocol rfb is disabled
21/10/2022 -- 06:56:59 - - [ERRCODE: SC_ERR_STATS_LOG_GENERIC(278)] - eve.stats: stats are disabled globally: set stats.enabled to true. See https://suricata.readthedocs.io/en/suricata-6.0.5/configuration/suricata-yaml.html#stats

metlo.yaml:

Name: metlo-app
Selector: name=metlo-app
Node-Selector:
Labels:
Annotations: deprecated.daemonset.template.generation: 1
Desired Number of Nodes Scheduled: 6
Current Number of Nodes Scheduled: 6
Number of Nodes Scheduled with Up-to-date Pods: 6
Number of Nodes Scheduled with Available Pods: 6
Number of Nodes Misscheduled: 0
Pods Status: 6 Running / 0 Waiting / 0 Succeeded / 0 Failed
Pod Template:
Labels: name=metlo-app
Containers:
suricata-daemon:
Image: metlo/suricata-daemon
Port:
Host Port:
Environment:
METLO_ADDR: http://34.100.152.6:8080/
METLO_KEY: *
Mounts:
Volumes:
Events: