New to flow-tools. I'm running Ubuntu Server 12.02 with FlowViewer as a
collector/analyzer.
here is from flow-capture conf:
-w /var/data/flows/office -V5 -E300G -N3 xxx.xxx.0.135/xxx.xxx.0.145/2050
message from syslog:
Jun 11 10:29:13 myserver flow-capture[23263]: ftpdu_seq_check():
src_ip=xxx.xxx.0.145 dst_ip=xxx.xxx.0.135 d_version=5
expecting=1346771233 received=1346771263 lost=30
The Cisco router sending the flows and my server are configured to use
NTP for time, so they should be synced.
flow-cat is giving me this warning as well:
flow-cat: Warning, partial inflated record before EOF
_______________________________________________
Flow-tools mailing list
[email protected]
http://mailman.splintered.net/mailman/listinfo/flow-tools
