-
Notifications
You must be signed in to change notification settings - Fork 654
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Failure in alerts query and download: ntop_push_redis expected string, got nil #7542
Comments
Hi @deepCrysis could you share your ntopng configuration file? |
Sure! # The configuration file is similar to the command line, with the exception that an equal
# sign '=' must be used between key and value. Example: -i=p1p2 or --interface=p1p2 For
# options with no value (e.g. -v) the equal is also necessary. Example: "-v=" must be used.
#
#
# -G|--pid-path
# Specifies the path where the PID (process ID) is saved. This option is ignored when
# ntopng is controlled with systemd (e.g., service ntopng start).
#
-G=/var/run/ntopng.pid
#
# -e|--daemon
# This parameter causes ntop to become a daemon, i.e. a task which runs in the background
# without connection to a specific terminal. To use ntop other than as a casual monitoring
# tool, you probably will want to use this option. This option is ignored when ntopng is
# controlled with systemd (e.g., service ntopng start)
#
# -e=
#
# -i|--interface
# Specifies the network interface or collector endpoint to be used by ntopng for network
# monitoring. On Unix you can specify both the interface name (e.g. lo) or the numeric
# interface id as shown by ntopng -h. On Windows you must use the interface number instead.
# Note that you can specify -i multiple times in order to instruct ntopng to create multi-
# ple interfaces.
#
# -i=eth1
-i=eno2
#
# -w|--http-port
# Sets the HTTP port of the embedded web server.
-w=3000
#
# -m|--local-networks
# ntopng determines the ip addresses and netmasks for each active interface. Any traffic on
# those networks is considered local. This parameter allows the user to define additional
# networks and subnetworks whose traffic is also considered local in ntopng reports. All
# other hosts are considered remote. If not specified the default is set to 192.168.1.0/24.
#
# Commas separate multiple network values. Both netmask and CIDR notation may be used,
# even mixed together, for instance "131.114.21.0/24,10.0.0.0/255.0.0.0".
#
# -m=10.10.123.0/24,10.10.124.0/24
-m="This value was changed to publish the configuration file"
#
# -n|--dns-mode
# Sets the DNS address resolution mode: 0 - Decode DNS responses and resolve only local
# (-m) numeric IPs 1 - Decode DNS responses and resolve all numeric IPs 2 - Decode DNS
# responses and don't resolve numeric IPs 3 - Don't decode DNS responses and don't resolve
#
# -n=1
#
# -S|--sticky-hosts
# ntopng periodically purges idle hosts. With this option you can modify this behaviour by
# telling ntopng not to purge the hosts specified by -S. This parameter requires an argu-
# ment that can be "all" (Keep all hosts in memory), "local" (Keep only local hosts),
# "remote" (Keep only remote hosts), "none" (Flush hosts when idle).
#
# -S=
#
# -d|--data-dir
# Specifies the data directory (it must be writable by the user that is executing ntopng).
#
# -d=/var/lib/ntopng
#
# -q|--disable-autologout
# Disable web interface logout for inactivity.
#
# -q=
#
# Set max number of active flows (default: 131072)
-X=5000000
#
# -x|--max-num-hosts
# Set max number of active hosts (default: 131072)
#
-x=200000 In addition, we detected that by disabling the "HTTP Suspicious URL" alert, the reported problems disappear for alerts classified as "Error" |
Hi @deepCrysis, What alerts are you planning to download when ntopng prints that log? |
Hi @deepCrysis sorry but i was totally unable to reproduce the issue in our lab. So please update and let me know if the problem persists. |
closing for inactivity, please reopen if needed |
Environment:
What happened:
point 1: periodically, the log service reports: ntop ntopng[167991] [LuaEngineNtop.ccp:45] ERROR: ntop_push_redis: expected string[@pop 2], got nil.
Then, the alert query works with performance degradation or unavailability
point 2: Trying download records of alerts, the web interfaces responds with: /usr/share/ntop/scripts/lua/modules/i18n/interpolate.lua:62: bad argument #2 to 'format' (no value)
How did you reproduce it?
just let the service run and at some indeterminable time, the service starts crashing with the two points mentioned.
It is believed that the problem is one of the enabled alerts, this is the list of alerts that we have enabled:
Debug Information:
point 1:
Point 2:
The text was updated successfully, but these errors were encountered: