search

brianhaddock / enterprise-log-search-and-archive

Automatically exported from code.google.com/p/enterprise-log-search-and-archive
0 stars 0 forks source link

Cannot access ELSA web interface with logs hosted on NAS #110

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1.Install Security Onion
2.Connect one NIC directly to NAS via private network, the other NIC to public 
network
3.Copy /nsm contents to NAS and mount NAS to /nsm directory on Security Onion 
to allow everything to be written to NAS

What is the expected output? What do you see instead?

I expected to see all logs being written to the NAS and to be able to access 
ELSA via other workstations by connecting to the IP address.

Instead I get a "500 Internal Server Error" saying the server encountered an 
internal error or misconfiguration. If I don't hookup the NAS and all the logs 
are locally based, the web interface works just fine.

What version of the product are you using? On what operating system?

Running the latest version of ELSA on Security Onion 12.04.

Please provide any additional information below.

Original issue reported on code.google.com by mrfixit...@gmail.com on 20 Mar 2013 at 6:07

Attachments:

GoogleCodeExporter commented 9 years ago 
Can you please attach the /nsm/elsa/data/elsa/log/web.log to the ticket?

Original comment by mchol...@gmail.com on 21 Mar 2013 at 10:55

GoogleCodeExporter commented 9 years ago 
Hey thanks for the reply, I could attach the log but it's empty, it's almost as 
if ELSA server isn't even up and running, any way to check, I ran top and 
didn't see it.

Original comment by mrfixit...@gmail.com on 22 Mar 2013 at 2:31

GoogleCodeExporter commented 9 years ago 
*update* Elsa is up and running, and port 3154 is listening

Original comment by mrfixit...@gmail.com on 22 Mar 2013 at 2:59

GoogleCodeExporter commented 9 years ago 
This would be a good one to post over on the SecurityOnion mailing list, as I'm 
not an expert in how they have things setup.  Did the file exist and was empty, 
or was there no file?  If there was no file, my path may be incorrect (you can 
find with "find /nsm -name web.log).  

The basic services you should see that ELSA uses would be syslog-ng, Apache, 
Sphinx search (searchd in the process list), and MySQL.

Original comment by mchol...@gmail.com on 22 Mar 2013 at 4:21