Closed yalbertob closed 6 years ago
ThoZed
commented
6 years ago Hey There! - just back from enjoying a really long weekend :-) it seems that the expected lookup table isn't there - maybe it isnt' created because the lookup table file isn't in place. this is actually not explained in the docs.
Place the
https://github.com/ThoZed/graylog-cp-watchguard/blob/master/LookupTables/
Have a nice day :-)
yalbertob
commented
6 years ago Hello! I've tried to place the CSV files there but get back the same result. Attached to the email i've inserted the LOG and this are the permission over the CSV files. Thanks, Alberto
ubuntu@graylog:~ls -l /etc/graylog/ total 112 -rwxr-xr-x 1 graylog graylog 13836 May 7 07:58 countrycode_lookup_table.csv -rwxr-xr-x 1 graylog graylog 82846 May 7 07:58 fireware_msg_id_lookup_table.csv -rw------- 1 root root 330 Apr 13 11:38 graylog-secrets.json -rw-r--r-- 1 root root 211 Apr 13 11:38 graylog-services.json -rw-r--r-- 1 root root 603 Apr 13 11:38 graylog-settings.json
ThoZed
commented
6 years ago Hey,
Ran into the same problem:disappointed::sweat_smile:, i could solve it by splitting the content pack into two parts. i also had to remove all parts from the content pack manually(Lookup Table, Data Adapter, Cache Adapter and Input)
first apply the lookup table and then the input part. please have a try.
Regards Thomas
Btw: permissions are fine as they are:+1:
Importing the content pack after deleting the old one and the old input show an error. A deep digging on the graylog log report an error about lookups tables (please see attached log).
log.txt