[Zeek] capstats
Scot Harris
SHARRIS at hollywoodfl.org
Wed Dec 4 14:31:22 PST 2019
Noticed this while running zeekctl
Ran the capstats command with this result:
[ZeekControl] > capstats
Interface kpps mbps (10s average)
----------------------------------------
worker-1-1: capstats failed (error: eno1: You don't have permission to capture on that device (socket: Operation not permitted))
worker-3-1: capstats failed (error: eno1: You don't have permission to capture on that device (socket: Operation not permitted))
Run status:
[ZeekControl] > status
Name Type Host Status Pid Started
logger logger 10.1.1.15 running 5656 03 Dec 11:24:51
manager manager 10.1.1.15 running 5783 03 Dec 11:24:53
proxy-1 proxy 10.1.1.15 running 5834 03 Dec 11:24:54
worker-1-1 worker 10.1.1.15 running 6026 03 Dec 11:24:55
worker-1-2 worker 10.1.1.15 running 6027 03 Dec 11:24:55
worker-2-1 worker 10.1.1.15 running 6031 03 Dec 11:24:55
worker-2-2 worker 10.1.1.15 running 6030 03 Dec 11:24:55
worker-3-1 worker 10.1.7.186 running 9937 04 Dec 17:16:56
worker-3-2 worker 10.1.7.186 running 9995 04 Dec 17:17:23
worker-4-1 worker 10.1.7.186 running 10040 04 Dec 17:17:29
worker-4-2 worker 10.1.7.186 running 10085 04 Dec 17:17:32
Seems like the capstats command is incorrect.
They system is collecting data.
The workers that are listed are the first ones on each device.
This is zeek 3.0.
__________________________________________
Scot Harris
Network Engineer
City of Hollywood
Information Technology
P.O. Box 229045
Hollywood, FL 33022-9045
Office: 954-921-3304
E-mail: SHARRIS at hollywoodfl.org
[www.hollywoodfl.org]
Notice: Florida has a broad public records law. All correspondence sent to the City of Hollywood via e-mail may be subject to disclosure as a matter of public record.
__________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20191204/08d74ca4/attachment.html
More information about the Zeek
mailing list