Skip to content
This repository has been archived by the owner. It is now read-only.

CapMe should check for active pcap_agent #475

Closed
GoogleCodeExporter opened this issue Mar 24, 2015 · 3 comments
Closed

CapMe should check for active pcap_agent #475

GoogleCodeExporter opened this issue Mar 24, 2015 · 3 comments

Comments

@GoogleCodeExporter
Copy link

@GoogleCodeExporter GoogleCodeExporter commented Mar 24, 2015

CapMe should check for active pcap_agent

Original issue reported on code.google.com by doug.bu...@gmail.com on 3 Feb 2014 at 1:56

@GoogleCodeExporter
Copy link
Author

@GoogleCodeExporter GoogleCodeExporter commented Mar 24, 2015

[deleted comment]

@GoogleCodeExporter
Copy link
Author

@GoogleCodeExporter GoogleCodeExporter commented Mar 24, 2015

--- securityonion-capme-20121213.orig/capme/.inc/callback.php
+++ securityonion-capme-20121213/capme/.inc/callback.php
@@ -129,6 +129,10 @@ if (!$response) {
     $err = 1;
     $debug = $queries[$sidsrc];
     $errMsg = "Failed to find a matching sid, please try again in a few seconds";
+    $response = mysql_query("select * from sensor where agent_type='pcap' and 
active='Y';");
+    if (mysql_num_rows($response) == 0) {
+    $errMsg = "Error: No pcap_agent found";
+    }
 } else {
     $row = mysql_fetch_assoc($response);
     // If using ELSA, we already set $st and $sensor above so don't overwrite that here

Original comment by doug.bu...@gmail.com on 17 Feb 2014 at 1:56

  • Added labels: ****
  • Removed labels: ****

@GoogleCodeExporter
Copy link
Author

@GoogleCodeExporter GoogleCodeExporter commented Mar 24, 2015

Published:
http://blog.securityonion.net/2014/02/new-securityonion-capme-package-checks.htm
l

Original comment by doug.bu...@gmail.com on 20 Feb 2014 at 1:46

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

1 participant