search

corelight / suricata_exporter

A Prometheus Exporter for Suricata
BSD 3-Clause "New" or "Revised" License
15 stars 11 forks source link

Error logs with Suricata 7.0.0 #7

Closed spinenkoia closed 1 year ago

spinenkoia commented 1 year ago

With the new version of suricata, errors began to appear

2023/07/21 15:56:42 ERROR: Field no_flow missing for Desc{fqName: "suricata_tcp_no_flow_total", help: "", constLabels: {}, variableLabels: [thread]}
2023/07/21 15:56:42 ERROR: Field insert_list_fail missing for Desc{fqName: "suricata_tcp_insert_list_fail_total", help: "", constLabels: {}, variableLabels: [thread]}
2023/07/21 15:56:42 ERROR: Field timeouts missing for Desc{fqName: "suricata_defrag_ipv4_timeouts_total", help: "", constLabels: {}, variableLabels: [thread]}
2023/07/21 15:56:42 ERROR: Field timeouts missing for Desc{fqName: "suricata_defrag_ipv6_timeouts_total", help: "", constLabels: {}, variableLabels: [thread]}
2023/07/21 15:56:42 ERROR: Field no_flow missing for Desc{fqName: "suricata_tcp_no_flow_total", help: "", constLabels: {}, variableLabels: [thread]}
2023/07/21 15:56:42 ERROR: Field insert_list_fail missing for Desc{fqName: "suricata_tcp_insert_list_fail_total", help: "", constLabels: {}, variableLabels: [thread]}
2023/07/21 15:56:42 ERROR: Field timeouts missing for Desc{fqName: "suricata_defrag_ipv4_timeouts_total", help: "", constLabels: {}, variableLabels: [thread]}
2023/07/21 15:56:42 ERROR: Field timeouts missing for Desc{fqName: "suricata_defrag_ipv6_timeouts_total", help: "", constLabels: {}, variableLabels: [thread]}
2023/07/21 15:56:42 ERROR: Field closed_pruned missing for Desc{fqName: "suricata_flow_mgr_closed_pruned_total", help: "", constLabels: {}, variableLabels: [thread]}
2023/07/21 15:56:42 ERROR: Field new_pruned missing for Desc{fqName: "suricata_flow_mgr_new_pruned_total", help: "", constLabels: {}, variableLabels: [thread]}
2023/07/21 15:56:42 ERROR: Field est_pruned missing for Desc{fqName: "suricata_flow_mgr_est_pruned_total", help: "", constLabels: {}, variableLabels: [thread]}
2023/07/21 15:56:42 ERROR: Field bypassed_pruned missing for Desc{fqName: "suricata_flow_mgr_bypassed_pruned_total", help: "", constLabels: {}, variableLabels: [thread]}
2023/07/21 15:56:42 ERROR: Field flows_timeout_inuse missing for Desc{fqName: "suricata_flow_mgr_flow_timeout_inuse", help: "", constLabels: {}, variableLabels: [thread]}
2023/07/21 15:56:42 WARN: Unhandled thread: FR#01
awelzel commented 1 year ago

@spinenkoia - thanks for reporting. Could you try with the 0.2.0 release and see if things work as expected? If you're missing any new metrics as produced by Suricata 7.0.0 but not parsed by suricata_exporter, feel free to open a new ticket.

Thanks!

spinenkoia commented 1 year ago

thank you so much, everything is fine now