Hi Mark,
On 05/09/14 21:10, Mark Jones wrote:
> Recently installed nfsen. Had to drop back to an earlier version as our OS
> didn’t support the current version. Everything seems to work fine except for
> profiles. I’ve seen this issue discussed on the mailing list, but can’t find
> a clear answer to the problem
"OS did not support current version" what do you mean by that? Can you please
give the details about OS and tool versions?
>
> Our live profile works fine, displays the graphs for our sources with no
> problem.
>
> In trying to create profiles and alerts, though, we can’t get graphs to
> display. If I create a continuous/shadow profile, even though the graphs
> don’t display, I can still run the process at the bottom of the page and get
> results from nfdump.
>
> Ex: A profile with a filter built to monitor http traffic:
>
> ** nfdump -M /flows/live/centurylink:iron -T -r
> 2014/09/04/nfcapd.201409040415 -n 10 -s ip/flows
> nfdump filter:
> (( ident centurylink or ident iron) and (
> port 80
> ))
>
> So, the profile can see the flow repositories, but the graph isn’t processing
> them for some reason. I’m not sure what to look for in the logs, if there’s
> any info in there that can help troubleshoot this. And I’m at a loss when it
> comes to RRD, as I’ve never used it before.
>
> I have noted that a Continuous profile will not display even the nfdump
> process at the bottom, giving a stat() error: File not found. Which, I assume
> is because the files aren’t being copied over to profile’s data repository.
>
> Any help on getting graphs to work would be appreciated.
In the port 80 profile - do you see flows, if you simply list flows from the
profile?
When you moved/up/dowgraded tools/OSes - is the new setup identical?
Specifically the namee of the sources need to be the same all over.
The source names are reflected in the filer ident strings - so they must match
with your previous installation.
If you run the command above on the command line - is there any avlid output?
Regards
- Peter
>
>
> System stats follow:
> OS: RHEL 6
>
> nfsen: 1.3.6p1 $Id: nfsen 53 2012-01-23 16:36:02Z peter $
>
> nfdump: Version: 1.6.9 $Date: 2013-03-02 16:19:58 +0100 (Sat, 02 Mar 2013) $
> Compiled with --enable-nfprofile
>
> RRDtool 1.4.8
>
>
> --jonesy
> Mark Jones
> Idaho State University ITS, ISOS
> IT Programmer Analyst, Associate
>
>
>
> ------------------------------------------------------------------------------
> Slashdot TV.
> Video for Nerds. Stuff that matters.
> http://tv.slashdot.org/
> _______________________________________________
> Nfsen-discuss mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
>
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Nfsen-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
