What steps will reproduce the problem?
1. I think Moloch integration is missing in one location in Controller.pm. I
think it's causing the Moloch plug-in to not be enabled when acting upon a log
without source and/or destination ports.
What version of the product are you using? On what operating system?
r1173
Please provide any additional information below.
In elsa/web/lib/Controller.pm, line 1933:
if ($self->conf->get('pcap_url') or $self->conf->get('streamdb_url') or
$self->conf->get('streamdb_urls')){
I believe it should be changed to:
if ($self->conf->get('pcap_url') or $self->conf->get('streamdb_url') or
$self->conf->get('streamdb_urls') or $self->conf->get('moloch_urls')){
See posts 4 and 5 of this thread for reference:
https://groups.google.com/d/topic/enterprise-log-search-and-archive/WQ3t1H3JDMM/
discussion
Original issue reported on code.google.com by kebut...@gmail.com on 25 Feb 2014 at 4:48
Original issue reported on code.google.com by
kebut...@gmail.comon 25 Feb 2014 at 4:48