[Flow-tools] Netflow produces no graphs.

[Bogdan Ghita]

Hello everybody   I do apologise if the subject was discussed before, but I didn’t manage to find a similar problem/solution described in the archives.   I have installed the netflow ‘suite’, according to the guide from http://www.netflowguide.com and everything seems to be working. Flowscan produces the expected output:   … sleep 30... sleep 30... sleep 30... 2005/04/28 08:35:19 working on file /var/netflow/ft/ft-v05.2005-04-28.083000+0100... 2005/04/28 08:35:39 flowscan-1.020 CUFlow: Cflow::find took 20 wallclock secs ( 3.63 usr +  1.02 sys =  4.65 CPU) for 385915 flow file bytes, flow hit ratio: 12760/27769 2005/04/28 08:35:40 flowscan-1.020 CUFlow: report took  1 wallclock secs ( 0.00 usr  0.01 sys +  0.08 cusr  0.14 csys =  0.23 CPU) sleep 30... sleep 30... sleep 30... sleep 30... sleep 30... sleep 30... sleep 30... sleep 30... sleep 30... 2005/04/28 08:40:11 working on file /var/netflow/ft/ft-v05.2005-04-28.083500+0100... 2005/04/28 08:40:34 flowscan-1.020 CUFlow: Cflow::find took 23 wallclock secs ( 3.60 usr +  1.36 sys =  4.96 CPU) for 364687 flow file bytes, flow hit ratio: 13061/26563 2005/04/28 08:40:34 flowscan-1.020 CUFlow: report took  0 wallclock secs ( 0.00 usr  0.00 sys +  0.07 cusr  0.15 csys =  0.22 CPU) sleep 30... sleep 30... sleep 30... …   I’ve also installed the netflowguid.tar.gz apache ‘presentation’ part, which loads fine and I can see the overall.php and toptalkers.php statistics (and they update regularly). However, I cannot generate any graphs, whatever data I’m selecting for plotting (the page gives me the choice of several top talkers, which makes me believe that it receives some data).   The only odd things within the installation are: -        the setup J - I am not exporting data from a Cisco router/switch, but using softflowd running on the same machine (I’ve checked with tcpdump, the data is pumped properly, fact confirmed by the updates in overall and toptalkers statistics) and collecting data from the local network -         the saved files – I am running flow-capture as: /usr/local/netflow/bin/flow-capture -w /var/netflow/ft xxx.xxx.xxx.xxx/xxx.xxx.xxx.xxx/2000 -S5 -V5 -E1G -n 287 -N 0 -R/usr/local/netflow/bin/linkme but, under /var/netflow/, I’ve got a (rather long now, as it’s been running for a few days) list of dead symlinks: … ft-v05.2005-04-28.083500+0100 ft-v05.2005-04-28.084000+0100 ft-v05.2005-04-28.084500+0100   while, under /var/netflow/ft, I’ve only got one file: tmp-v05.2005-04-28.085000+0100 (checked several times; the tmp file is deleted – which is fine I guess – but no ft-v file is created – which I don’t know if it is good…). Further, just to clarify, the /var/netflow/rrds directory is populated, as well as /var/netflow/scoreboard   Is it any obvious error that I’ve made in my setup? In case you need further output from any of the config files/scripts, please let me know.   Thank you very much for your time.   Best regards Bogdan

_______________________________________________
Flow-tools mailing list
[EMAIL PROTECTED]
http://mailman.splintered.net/mailman/listinfo/flow-tools