Announcement

Collapse
No announcement yet.

Dashboard Graphs Disappear

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Dashboard Graphs Disappear

    Hi

    I have tried everything, and searched everything i can possibly find,
    I have re installed everything on Windows 2019 (twice), and now Ubuntu 20,
    I have used Chrome and Edge on 2019 to access the webserver.
    The charts simply disappear on the dashboard after about 15-30 minutes of operation,
    initially when installed on 2019 even the whitelists stopped working
    i think it has somehting to do with java but have not found any logs to prove it
    i tried to initialise the alternative webgui but that didnt even come up, but it upon reverting to original the charts came back for about 15 minutes.

    please help, i have spent 3 full days on this
    Tags: None
  • #2
    Are you sure that it's working? What if you try this on CMD?


    Code:
    nslookup block.nxfilter.org
nslookup google.com
    Show me the output.

    You also can show me your log file that is c:/nxfilter/log/nxfilter.log.

    And when you reinstall it, did you delete c:/nxfilter? You could have some your old databases remained. If it's from a broken database, you could have the same problem before you rebuild it.
    Last edited by support200; 12-20-2021, 07:07 AM.

    Comment

    • #3
      Hi yes it is working fine, have heaps of blocked and allowed results in the log, but no charts/graphs showing in reports or dashboard.

      nslookup block.nxfilter.org
      Server: UnKnown
      Address: 172.29.28.222

      Non-authoritative answer:
      Name: block.nxfilter.org
      Addresses: 172.29.28.222
      172.29.28.222

      nslookup google.com
      Server: UnKnown
      Address: 172.29.28.222

      Non-authoritative answer:
      Name: google.com
      Addresses: 172.29.28.222
      172.29.28.222[/CODE][/CODE]

      Comment

      • #4
        some logs for you to ponder...
        they look ok to me as i am blocking all and only allowing a very specific whitelist.

        INFO [12-21 07:19:00] - LWf, logAll.logCnt = 4, logAll.signalCnt = 0, logAll.flowCnt = 0, logAll.recvFlow = 0.
        INFO [12-21 07:19:21] - RHiAD, Block all, chrome.cloudflare-dns.com.
        INFO [12-21 07:19:21] - RHiAD, Block all, chrome.cloudflare-dns.com.
        INFO [12-21 07:19:27] - RHiAD, Block all, sevillecloudgateway-eus-prd.trafficmanager.net.
        INFO [12-21 07:20:00] - LWf, logAll.logCnt = 3, logAll.signalCnt = 0, logAll.flowCnt = 0, logAll.recvFlow = 0.
        INFO [12-21 07:20:22] - RHiAD, Block all, chrome.cloudflare-dns.com.
        INFO [12-21 07:20:22] - RHiAD, Block all, chrome.cloudflare-dns.com.
        INFO [12-21 07:20:27] - RHiAD, Block all, dc.services.visualstudio.com.
        INFO [12-21 07:20:30] - RHiAD, Block all, us.events.data.trafficmanager.net.
        INFO [12-21 07:20:33] - RHiAD, Block all, wu-shim.trafficmanager.net.
        INFO [12-21 07:20:51] - RHiAD, Block all, az667904.vo.msecnd.net.
        INFO [12-21 07:20:57] - RHiAD, Block all, chrome.cloudflare-dns.com.
        INFO [12-21 07:20:57] - RHiAD, Block all, chrome.cloudflare-dns.com.
        INFO [12-21 07:21:00] - LWf, logAll.logCnt = 7, logAll.signalCnt = 0, logAll.flowCnt = 0, logAll.recvFlow = 0.
        INFO [12-21 07:21:04] - RHiAD, Block all, global.asimov.events.data.trafficmanager.net.
        INFO [12-21 07:21:22] - RHiAD, Block all, chrome.cloudflare-dns.com.
        INFO [12-21 07:21:22] - RHiAD, Block all, chrome.cloudflare-dns.com.
        INFO [12-21 07:21:32] - RHiAD, Block all, sevillecloudgateway-eus-prd.trafficmanager.net.
        INFO [12-21 07:21:33] - RHiAD, Block all, google.com.
        INFO [12-21 07:21:33] - RHiAD, Block all, google.com.
        INFO [12-21 07:21:57] - UdpServer.run, requestQueue.size = 2.
        INFO [12-21 07:21:57] - RHiAD, Block all, wd-prod-xplat-func-brokerfun.trafficmanager.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, crl.www.ms.akadns.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, settingsfd-geo.trafficmanager.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, wns.notify.trafficmanager.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, wd-prod-xplat-func-brokerfun.trafficmanager.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, crl.www.ms.akadns.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, settingsfd-geo.trafficmanager.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, fg.download.windowsupdate.com.c.footprint.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, wdatpprduxappgwprdtm.trafficmanager.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, csd-apt-sea-d-1.southeastasia.cloudapp.azure.com.
        INFO [12-21 07:21:57] - RHiAD, Block all, login.windows.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, google.com.
        INFO [12-21 07:21:57] - RHiAD, Block all, a1952.dspw65.akamai.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, adrs.privatelink.msidentity.com.
        INFO [12-21 07:21:57] - RHiAD, Block all, origin.mobile.ms.akadns.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, login.windows.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, wdatpprduxappgwprdtm.trafficmanager.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, google.com.
        INFO [12-21 07:21:57] - RHiAD, Block all, www.tm.ak.prd.aadg.trafficmanager.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, www.tm.a.prd.aadg.trafficmanager.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, a1952.dspw65.akamai.net.
        INFO [12-21 07:21:57] - RHiAD, Block all, adrs.privatelink.msidentity.com.
        INFO [12-21 07:21:57] - RHiAD, Block all, origin.mobile.ms.akadns.net.
        INFO [12-21 07:21:57] - RCa, cache not added, azure-automation.net , No answer record, queryType = 1.
        INFO [12-21 07:21:57] - RCa, cache not added, oms.opinsights.azure.com , No answer record, queryType = 1.
        INFO [12-21 07:21:57] - RHiAD, Block all, notify.windows.com.home.arpa.
        INFO [12-21 07:21:57] - RHiAD, Block all, azure-automation.net.home.arpa.
        INFO [12-21 07:21:57] - RCa, cache not added, blob.core.windows.net , No answer record, queryType = 1.
        INFO [12-21 07:21:57] - RHiAD, Block all, azure-automation.net.home.arpa.
        INFO [12-21 07:21:57] - RHiAD, Block all, notify.windows.com.home.arpa.
        INFO [12-21 07:21:57] - RCa, cache not added, ods.opinsights.azure.com , No answer record, queryType = 1.
        INFO [12-21 07:21:57] - RHiAD, Block all, blob.core.windows.net.home.arpa.
        INFO [12-21 07:21:57] - RHiAD, Block all, blob.core.windows.net.home.arpa.
        INFO [12-21 07:21:57] - RHiAD, Block all, oms.opinsights.azure.com.home.arpa.
        INFO [12-21 07:21:57] - RHiAD, Block all, ods.opinsights.azure.com.home.arpa.
        INFO [12-21 07:21:57] - RHiAD, Block all, oms.opinsights.azure.com.home.arpa.
        INFO [12-21 07:21:57] - RHiAD, Block all, ods.opinsights.azure.com.home.arpa.
        INFO [12-21 07:22:00] - LWf, logAll.logCnt = 54, logAll.signalCnt = 0, logAll.flowCnt = 0, logAll.recvFlow = 0.
        INFO [12-21 07:22:25] - RHiAD, Block all, sevillecloudgateway-eus-prd.trafficmanager.net.
        INFO [12-21 07:22:27] - RHiAD, Block all, dc.services.visualstudio.com.
        INFO [12-21 07:22:40] - RHiAD, Block all, v10-win.vortex.data.trafficmanager.net.
        INFO [12-21 07:22:41] - RHiAD, Block all, v10-win.vortex.data.trafficmanager.net.
        INFO [12-21 07:22:43] - RHiAD, Block all, v10-win.vortex.data.trafficmanager.net.
        INFO [12-21 07:22:51] - RHiAD, Block all, v10-win.vortex.data.trafficmanager.net.
        INFO [12-21 07:23:00] - LWf, logAll.logCnt = 5, logAll.signalCnt = 0, logAll.flowCnt = 0, logAll.recvFlow = 0.
        INFO [12-21 07:23:26] - RHiAD, Block all, chrome.cloudflare-dns.com.
        INFO [12-21 07:23:26] - RHiAD, Block all, chrome.cloudflare-dns.com.
        INFO [12-21 07:23:27] - RHiAD, Block all, dc.services.visualstudio.com.
        INFO [12-21 07:23:29] - RHiAD, Block all, sevillecloudgateway-eus-prd.trafficmanager.net.
        INFO [12-21 07:24:00] - LWf, logAll.logCnt = 4, logAll.signalCnt = 0, logAll.flowCnt = 0, logAll.recvFlow = 0.
        INFO [12-21 07:24:12] - RHiAD, Block all, chrome.cloudflare-dns.com.
        INFO [12-21 07:24:12] - RHiAD, Block all, chrome.cloudflare-dns.com.
        INFO [12-21 07:24:27] - RHiAD, Block all, sevillecloudgateway-eus-prd.trafficmanager.net.
        INFO [12-21 07:24:27] - RHiAD, Block all, sevillecloudgateway-eus-prd.trafficmanager.net.
        INFO [12-21 07:25:00] - LWf, logAll.logCnt = 4, logAll.signalCnt = 0, logAll.flowCnt = 0, logAll.recvFlow = 0.
        INFO [12-21 07:25:28] - RHiAD, Block all, dc.services.visualstudio.com.
        INFO [12-21 07:25:51] - RHiAD, Block all, az667904.vo.msecnd.net.
        INFO [12-21 07:26:00] - LWf, logAll.logCnt = 4, logAll.signalCnt = 0, logAll.flowCnt = 0, logAll.recvFlow = 0.

        Comment

        • #5
          So, 172.29.28.222 is your NxFilter and you blocked all? Do you see any .trace file in c:/nxfilter/db? If you have any send it to 'support @ nxfilter.org'.

          Comment

          • #6
            found the issue I think, for some completely weird and possibly crazy reason you use https://www.google.com/jsapi for the graphing and it was getting blocked.
            WHY would you use a call to an outside provider for a DNS sinkhole application?
            additionally, assuming the above to be correct, why does it take so long to start blocking after initial setup?

            Is it possible to export the reports, graphs and all, in pdf format for my reporting to C Suite ?
            Last edited by rumplestiltskin; 12-21-2021, 09:49 PM.

            Comment

            • #7
              So, you filter NxFilter by NxFilter? You are not supposed to that. This is for network filtering not a personal filter. We use Google charts for dashboard and we also use other domains for various internal reasons. Don't filter NxFilter by itself.

              We don't support PDF format. If you need such kind of thing try Syslog and Graylog. It may provide such features. https://nxfilter.org/tutorial/h-gray...te-logging.php

              Comment

              Previous template Next
              Working...
              X