Hi, I try to install nfsen 1.3.5 on my Fedora 13 and I all get this error: Nfdump tools installation error: 'nfprofile' not found in '/usr/local/bin' at ./install.pl line 199, <STDIN> line 1.
All the prerequisites are installed without any error. Nfcapd is running and capturing live netflow data. Nfdump 1.6.2 in installed in /usr/local/bin Netflow data is in /var/NetFlow Can someone help me...? Thanks Marquis -----Message d'origine----- De : [email protected] [mailto:[email protected]] Envoyé : 28 septembre 2010 04:43 À : [email protected] Objet : Nfsen-discuss Digest, Vol 52, Issue 4 Send Nfsen-discuss mailing list submissions to [email protected] To subscribe or unsubscribe via the World Wide Web, visit https://lists.sourceforge.net/lists/listinfo/nfsen-discuss or, via email, send a message with subject or body 'help' to [email protected] You can reach the person managing the list at [email protected] When replying, please edit your Subject line so it is more specific than "Re: Contents of Nfsen-discuss digest..." Today's Topics: 1. nfsen Logging (SOLOMON, STEVEN J (ATTLABS)) 2. Profile Graphs Empty (SOLOMON, STEVEN J (ATTLABS)) 3. Re: Profile Graphs Empty (Peter Haag) ---------------------------------------------------------------------- Message: 1 Date: Wed, 22 Sep 2010 10:13:09 -0400 From: "SOLOMON, STEVEN J (ATTLABS)" <[email protected]> Subject: [Nfsen-discuss] nfsen Logging To: <[email protected]> Message-ID: <d49e53ab17596a4a81510dd13a6a337301983...@gaalpa1msgusr72.itservices.sbc.com > Content-Type: text/plain; charset="us-ascii" I'm running nfsen on Solaris 10. I'm trying to diagnose why all graphs are empty for a new profile I set up. I can't find how to generate any logs In nfsen.conf: $syslog_facility = 'local3'; In syslog.conf (as a test): local3.* /tmp/nfsen_debug.log I tried some variations and so far no logs are getting written. Please let me know if you have any suggestion. Thanks. Steve Solomon Content Applications Architect AT&T Labs Office (732) 420-8755 "This e-mail and any files transmitted with it are AT&T property, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient's) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited." -------------- next part -------------- An HTML attachment was scrubbed... ------------------------------ Message: 2 Date: Mon, 27 Sep 2010 17:18:10 -0400 From: "SOLOMON, STEVEN J (ATTLABS)" <[email protected]> Subject: [Nfsen-discuss] Profile Graphs Empty To: <[email protected]> Message-ID: <d49e53ab17596a4a81510dd13a6a337301983...@gaalpa1msgusr72.itservices.sbc.com > Content-Type: text/plain; charset="us-ascii" I am hoping you can offer me some clues since I am stuck with the issue of empty profile graphs. In our installation we have netflow data stored in /data/nfdump, organized by date, for example lznsun02-836# pwd /data/nfdump/2010-09-27 -rw-r--r-- 1 netman webservd 2290 Sep 27 20:40 nfcapd.201009272035 -rw-r--r-- 1 netman webservd 2322 Sep 27 20:45 nfcapd.201009272040 -rw-r--r-- 1 netman webservd 2312 Sep 27 20:50 nfcapd.201009272045 -rw-r--r-- 1 netman webservd 2438 Sep 27 20:55 nfcapd.201009272050 -rw-r--r-- 1 netman webservd 2337 Sep 27 21:00 nfcapd.201009272055 -rw-r--r-- 1 netman webservd 2345 Sep 27 21:05 nfcapd.201009272100 We configured Nfsen to run without a collector, but with its live data source set to point to the /data/nfdump location, as follows: lznsun02-859# pwd /data/nfsen/profiles-data/live lznsun02-860# ls -l total 4 lrwxrwxrwx 1 root other 12 Sep 27 21:10 cce -> /data/nfdump This works fine , for the live configuration, I see the graphs created by NFsen represent the flows under /data/nfdump, and are updated regularly. The problem is with profiles. When I create a profile of anytime, and specify a time duration for which flows exist in the nfdump data, the data directory created when I set up the profile only contains nfcapd files that contain no flows. For example: lznsun02-872# pwd /data/nfsen/profiles-data/test3/cce/2009-11-09 lznsun02-869# ls -l total 576 -rw-r--r-- 1 netman webservd 276 Sep 27 20:59 nfcapd.200911090000 -rw-r--r-- 1 netman webservd 276 Sep 27 20:59 nfcapd.200911090005 -rw-r--r-- 1 netman webservd 276 Sep 27 20:59 nfcapd.200911090010 -rw-r--r-- 1 netman webservd 276 Sep 27 20:59 nfcapd.200911090015 -rw-r--r-- 1 netman webservd 276 Sep 27 20:59 nfcapd.200911090020 ... -rw-r--r-- 1 netman webservd 323 Sep 27 20:59 nfcapd.200911092350 -rw-r--r-- 1 netman webservd 323 Sep 27 20:59 nfcapd.200911092355 The graphs are created for the profile, but they are all empty. I cannot figure out why it doesn't take the same nfcapd data that the live data gets from the pointer /data/nfdump location. I have tried rebuilding and reinstalling everything on my system: nfdump (and configured with -enable-nfprofile option), rrdtool, and nfsen. I enabled debug logging and see the log messages from my profile creation but there are not any clues about what is going wrong. Your advice or suggestions on what I should try next would be greatly appreciated! This is a Solaris 10 server. Thank you, Steve -------------- next part -------------- An HTML attachment was scrubbed... ------------------------------ Message: 3 Date: Tue, 28 Sep 2010 09:57:18 +0200 From: Peter Haag <[email protected]> Subject: Re: [Nfsen-discuss] Profile Graphs Empty To: "SOLOMON, STEVEN J (ATTLABS)" <[email protected]> Cc: [email protected] Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1 Hi Steve, Profiles are filtered according the flow source. Each flow file contains an ident string, which identifies the source ( see nfdump -I <file> ). This strings is also used to filter the flows for profiling. If you rename the flow source later on ( e.g. by renaming the directory ), this ident string points to the old name. Therefore you would need to change this string too. ( nfdump -i <newident> -f <file> ) - Peter On 9/27/10 23:18, SOLOMON, STEVEN J (ATTLABS) wrote: > > > I am hoping you can offer me some clues since I am stuck with the issue > of empty profile graphs. > > In our installation we have netflow data stored in /data/nfdump, > organized by date, for example > > lznsun02-836# pwd > > /data/nfdump/2010-09-27 > > -rw-r--r-- 1 netman webservd 2290 Sep 27 20:40 > nfcapd.201009272035 > > -rw-r--r-- 1 netman webservd 2322 Sep 27 20:45 > nfcapd.201009272040 > > -rw-r--r-- 1 netman webservd 2312 Sep 27 20:50 > nfcapd.201009272045 > > -rw-r--r-- 1 netman webservd 2438 Sep 27 20:55 > nfcapd.201009272050 > > -rw-r--r-- 1 netman webservd 2337 Sep 27 21:00 > nfcapd.201009272055 > > -rw-r--r-- 1 netman webservd 2345 Sep 27 21:05 > nfcapd.201009272100 > > > > We configured Nfsen to run without a collector, but with its live data > source set to point to the /data/nfdump location, as follows: > > lznsun02-859# pwd > > /data/nfsen/profiles-data/live > > lznsun02-860# ls -l > > total 4 > > lrwxrwxrwx 1 root other 12 Sep 27 21:10 cce -> > /data/nfdump > > > > > > This works fine , for the live configuration, I see the graphs created > by NFsen represent the flows under /data/nfdump, and are updated > regularly. > > > > The problem is with profiles. When I create a profile of anytime, and > specify a time duration for which flows exist in the nfdump data, the > data directory created when I set up the profile only contains nfcapd > files that contain no flows. For example: > > > > lznsun02-872# pwd > > /data/nfsen/profiles-data/test3/cce/2009-11-09 > > lznsun02-869# ls -l > > total 576 > > -rw-r--r-- 1 netman webservd 276 Sep 27 20:59 > nfcapd.200911090000 > > -rw-r--r-- 1 netman webservd 276 Sep 27 20:59 > nfcapd.200911090005 > > -rw-r--r-- 1 netman webservd 276 Sep 27 20:59 > nfcapd.200911090010 > > -rw-r--r-- 1 netman webservd 276 Sep 27 20:59 > nfcapd.200911090015 > > -rw-r--r-- 1 netman webservd 276 Sep 27 20:59 > nfcapd.200911090020 > > ... > > -rw-r--r-- 1 netman webservd 323 Sep 27 20:59 > nfcapd.200911092350 > > -rw-r--r-- 1 netman webservd 323 Sep 27 20:59 > nfcapd.200911092355 > > > > > > The graphs are created for the profile, but they are all empty. > > > > I cannot figure out why it doesn't take the same nfcapd data that the > live data gets from the pointer /data/nfdump location. > > > > I have tried rebuilding and reinstalling everything on my system: nfdump > (and configured with -enable-nfprofile option), rrdtool, and nfsen. > I enabled debug logging and see the log messages from my profile > creation but there are not any clues about what is going wrong. Your > advice or suggestions on what I should try next would be greatly > appreciated! This is a Solaris 10 server. > > > > Thank you, > > Steve > > > > > > > > ---------------------------------------------------------------------------- -- > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > > > > _______________________________________________ > Nfsen-discuss mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/nfsen-discuss -- -- Be nice to your netflow data ------------------------------ ---------------------------------------------------------------------------- -- Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev ------------------------------ _______________________________________________ Nfsen-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nfsen-discuss End of Nfsen-discuss Digest, Vol 52, Issue 4 ******************************************** ------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev _______________________________________________ Nfsen-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
