search

JustinAzoff / netflow-indexer

A program that uses xapian to index the flat file databases used by nfdump or flow-tools
http://justinazoff.github.com/netflow-indexer/
36 stars 4 forks source link

netflow search give error #5

Closed MrAliFu closed 10 years ago

MrAliFu commented 10 years ago

when i do netflow-index-search-all im getting this error

[root@netflow:~]# netflow-index-search-all /var/log/netflowindex/nfdump.ini 173.252.120.6 Traceback (most recent call last): File "/usr/local/python_env/bin/netflow-index-search-all", line 9, in load_entry_point('netflowindexer==0.1.38', 'console_scripts', 'netflow-index-search-all')() File "/usr/local/python_env/local/lib/python2.7/site-packages/netflowindexer/main.py", line 131, in search_all output_records(records, options.columns, options.dump) File "/usr/local/python_env/local/lib/python2.7/site-packages/netflowindexer/main.py", line 88, in output_records for r in records: File "/usr/local/python_env/local/lib/python2.7/site-packages/netflowindexer/main.py", line 74, in search_all for rec in self.search(db, ips, dump, filter, mode): File "/usr/local/python_env/local/lib/python2.7/site-packages/netflowindexer/main.py", line 68, in search for rec in s.search(ips, dump, filter, mode): File "/usr/local/python_env/local/lib/python2.7/site-packages/netflowindexer/nfdump/searcher.py", line 44, in search yield self.docid_to_searchresult(doc) File "/usr/local/python_env/local/lib/python2.7/site-packages/netflowindexer/base/searcher.py", line 90, in docid_to_searchresult path_info = self.cfg_data['pathregex'].search(fn).groupdict() AttributeError: 'NoneType' object has no attribute 'groupdict' [root@netflow:~]#

and my nfdump.ini [root@netflow:~]# cat /var/log/netflowindex/nfdump.ini [nfi] indexer = nfdump dbpath = /var/log/netflowindex flowpath = /var/log/netflowdata/mou-asr/%(year)s/%(month)s/%(day)s fileglob = %(flowpath)s/nfcapd.%(year)s%(month)s%(day)s allfileglob = %(flowpath)s/nfcapd. pathregex = /profiles/:profile/:source/nfcapd

What am i missing here?

JustinAzoff commented 10 years ago

That is caused by your pathregex option being incorrect. if your flow files are stored under

/var/log/netflowdata/mou-asr/year/month/day

you could use something like

pathregex = netflowdata/:source/

though it seems you do not have multiple sources and profiles so in your case I would just remove the pathregex option entirely.

MrAliFu commented 10 years ago

Hmm i see now.

I have multiple resources but i wanted to try first. Looks good thanks

I will remove pathregex and try

Thanks

From: Justin notifications@github.com Sent: Tuesday, October 7, 2014 6:42 PM To: JustinAzoff/netflow-indexer Cc: Kapucu, Ali Subject: Re: [netflow-indexer] netflow search give error (#5)

That is caused by your pathregex option being incorrect. if your flow files are stored under

/var/log/netflowdata/mou-asr/year/month/day

you could use something like

pathregex = netflowdata/:source/

though it seems you do not have multiple sources and profiles so in your case I would just remove the pathregex option entirely.

Reply to this email directly or view it on GitHubhttps://github.com/JustinAzoff/netflow-indexer/issues/5#issuecomment-58274969.