Comments (7)
ottobackwards
commented on July 25, 2024
If you just run zeek -NN does it work?
from zeek-kafka.
clopmz
commented on July 25, 2024
Yes. Here it is:
......
Zeek::XMPP - XMPP analyzer (StartTLS only) (built-in)
[Analyzer] XMPP (ANALYZER_XMPP, enabled)
[Event] xmpp_starttls
Zeek::ZIP - Generic ZIP support analyzer (built-in)
[Analyzer] ZIP (enabled)
Corelight::CommunityID - "Community ID" flow hash support in the connection log (dynamic, version 3.2.0)
[Function] CommunityID::hash_conn
Seiso::Kafka - Writes logs to Kafka (dynamic, version 0.3.0)
[Writer] KafkaWriter (Log::WRITER_KAFKAWRITER)
[Constant] Kafka::kafka_conf
[Constant] Kafka::additional_message_values
[Constant] Kafka::topic_name
[Constant] Kafka::max_wait_on_shutdown
[Constant] Kafka::tag_json
[Constant] Kafka::json_timestamps
[Constant] Kafka::debug
[Constant] Kafka::mock
[Event] kafka_topic_resolved_event
Zeek::Netmap - Packet acquisition via Netmap (dynamic, version 1.0.0)
[Packet Source] NetmapReader (interface prefix "netmap"; supports live input)
[Packet Source] NetmapReader (interface prefix "vale"; supports live input)
Also installation goes well:
root@fbsdzeekmgmt:~ # zpkg install zeek/seisollc/zeek-kafka
The following packages will be INSTALLED:
zeek/seisollc/zeek-kafka (v1.0.0)
Verify the following REQUIRED external dependencies:
(Ensure their installation on all relevant systems before proceeding):
from zeek/seisollc/zeek-kafka (v1.0.0):
librdkafka ~1.4.2-RC1
Proceed? [Y/n] y
zeek/seisollc/zeek-kafka asks for LIBRDKAFKA_ROOT (Path to librdkafka installation tree root) ? [/usr/local]
Saved answers to config file: /opt/zeek/etc/zkg/config
Running unit tests for "zeek/seisollc/zeek-kafka"
Installing "zeek/seisollc/zeek-kafka"..............................
Installed "zeek/seisollc/zeek-kafka" (v1.0.0)
Loaded "zeek/seisollc/zeek-kafka"
from zeek-kafka.
ottobackwards
commented on July 25, 2024
I'm at a loss, I don't know, unless it is deployed incorrectly across the cluster I'm not sure why it would fail.
If you can zeek -NN on each of the cluster nodes, then it was deployed correctly. to all nodes.
I'm asking on Slack as you can see there
from zeek-kafka.
clopmz
commented on July 25, 2024
Good morning,
One thing: "zeek -NN" only works on the manager but not in the workers:
root@fbsdnsm01:/opt/zeek/lib/zeek/plugins/packages # /opt/zeek/bin/zeek -NN
internal error: Failed to find variable named: Kafka::kafka_conf
Abort
root@fbsdnsm01:/opt/zeek/lib/zeek/plugins/packages #
from zeek-kafka.
JonZeolla
commented on July 25, 2024
@clopmz it looks like you're running an old version of the package, can you attempt an update?
from zeek-kafka.
clopmz
commented on July 25, 2024
Hi @JonZeolla ,
Uhmm ... older? Release installed in all zeek workers and manager are 1.8.2 ... According to https://github.com/edenhill/librdkafka/releases, latest release is 1.9.0 released 6 days ago ...
I will try it .... but I have serious doubts that this is it.
from zeek-kafka.
clopmz
commented on July 25, 2024
Oops ... sorry ... My zeek-kafka package is release 1.0.0, and 1.1.0-rc1 was released 19 hours ago .....
from zeek-kafka.
Related Issues (20)
- Zeek-Kafka not work , error in tests HOT 10
- Support for zeek 4.2 HOT 1
- support for zeek 5.0
- Fix README instructions to not include sasl HOT 1
- Update MAINTAINERS.md release instructions
- Release automation doesn't wait for PR merge
- How to add Partition in local.zeek configuration HOT 2
- SEISO-KAFKA.linux-x86_64.so can not link librdkafka.so.1 HOT 13
- zeek log send to kafka with differnet topic per module HOT 1
- e2e should have a matrix for 5x zeek builds as well as 4.2
- [Requirements] zeek-kafka supports compression
- Update documentation to show log filtering configuration for Zeek 5.x
- Update copyright to fix linting errors
- Pipfile and lock do not work HOT 1
- I had installed zeek-kafka zeek-kafka-1.1.0,but I got (dynamic, version 0.3.0) when I show version HOT 3
- The build parameter for zeek-6.0.1 does not have --with-librdkafka, so how do I install the zeek-kafka plugin? HOT 4
- @load package/zeek-kafka canβt find
- @load packages/zeek-kafka can't find HOT 5
- zeek-kafka installation causes zeek startup failure HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from zeek-kafka.