Running MALCOM with collection in containerized install #689
-
|
I am having issues seeing traffic which is not in my broadcast domain of my management interface. This is a pretty small lab network. So I am running traffic into a second network port on the Malcom instance instead of running a separate Hedgehog sensor. As such, it is difficult to get to the scripts to see what is going on. This is in a virtual environment, and I am able to capture the traffic off a separate machine on the virtual span switch. When I do that I see the traffic in question. The capture interface is set to "no IP" and shows up that way when I do an ip address command. I am seeing HMI/PLC traffic without issue in the same broadcast domain as the management interface, so I am definitely seeing span traffic as this traffic would not be present on the management interface. Is my best bet to fire up a hedgehog instance and see if that fixes my problem? Anybody seen anything like this before? I have been using this for weeks but all the traffic was local so I thought everything was working. Any ideas would be appreciated. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Embarassingly after a reboot it has started working. It appears when I made a configuration change some hours ago I guess I didn't reboot. My apologies. |
Beta Was this translation helpful? Give feedback.
-
|
No worries! Glad it has started working. Good luck on your presentation. |
Beta Was this translation helpful? Give feedback.
Embarassingly after a reboot it has started working. It appears when I made a configuration change some hours ago I guess I didn't reboot. My apologies.