FlowViewer Activity
FlowViewer is a web-based netflow data analysis tool.
Brought to you by:
jloiacon
Activity for FlowViewer
-
FlowViewer released /SiLK instalations steps.txt
-
Joe Loiacono posted a comment on discussion General Discussion
Very nice. Thanks, Nick. I'll add it to SourceForge and http://flowviewer.net
-
kuzma posted a comment on discussion General Discussion
Here is my installation steps. SiLK and FlowViewer. Perhaps it will help somebody.
-
It looks like you've set it up well. I remember a little bit of strangeness with the location of the sensor.config files with multiple exporters and I think I did it like you have it. I think the SiLK and my documentation could be better there. How are the results? Can you access by device like you want to? I have run rwflowpack with the --packinterfaces option. According to SiLK: "When this switch is present, rwflowpack writes additional information into the packed files: the router's SNMP input...
-
I continue to configure SiLK. 1) If it is possible, I want to show you my results. As I understand, for comfortable display devices in FlowViewer, I need SiLK to store files from each device in a separate (his own) directory. I achieved this only by launching several instances of rwflowpack pointing different root directories for storing each device dirs and files. In each of these directories I put a sensor.conf file with sensor and sensor settings only for this device. If I make one sensor.conf...
-
I continue to configure SiLK. If it is possible, I want to show you my results. As I understand, for comfortable display devices in FlowViewer, I need SiLK to store files from each device in a separate (his own) directory. I achieved this only by launching several instances of rwflowpack pointing different root directories for storing each device dirs and files. In each of these directories I put a sensor.conf file with sensor and sensor settings only for this device. If I make one sensor.conf file...
-
I continue to configure SiLK. 1. If it is possible, I want to show you my results. As I understand, for comfortable display devices in FlowViewer, I need SiLK to store files from each device in a separate (his own) directory. I achieved this only by launching several instances of rwflowpack pointing different root directories for storing each device dirs and files. In each of these directories I put a sensor.conf file with sensor and sensor settings only for this device. If I make one sensor.conf...
-
I continue to configure SiLK. 1. If it is possible, I want to show you my results. As I understand, for comfortable display devices in FlowViewer, I need SiLK to store files from each device in a separate (his own) directory. I achieved this only by launching several instances of rwflowpack pointing different root directories for storing each device dirs and files. In each of these directories I put a sensor.conf file with sensor and sensor settings only for this device. If I make one sensor.conf...
-
I continue to configure SiLK. 1. If it is possible, I want to show you my results. As I understand, for comfortable display devices in FlowViewer, I need SiLK to store files from each device in a separate (his own) directory. I achieved this only by launching several instances of rwflowpack pointing different root directories for storing each device dirs and files. In each of these directories I put a sensor.conf file with sensor and sensor settings only for this device. If I make one sensor.conf...
-
I continue to configure SiLK. 1. If it is possible, I want to show you my results. As I understand, for comfortable display devices in FlowViewer, I need SiLK to store files from each device in a separate (his own) directory. I achieved this only by launching several instances of rwflowpack pointing different root directories for storing each device dirs and files. In each of these directories I put a sensor.conf file with sensor and sensor settings only for this device. If I make one sensor.conf...
-
I continue to configure SiLK. 1. If it is possible, I want to show you my results. As I understand, for comfortable display devices in FlowViewer, I need SiLK to store files from each device in a separate (his own) directory. I achieved this only by launching several instances of rwflowpack pointing different root directories for storing each device dirs and files. In each of these directories I put a sensor.conf file with sensor and sensor settings only for this device. If I make one sensor.conf...
-
Hi Nick, Yes, you can treat SiLK devices just like flow-tools ones from the input screen perspective. Just make sure your SiLK directory structure looks like that in the attached image. Then make sure your FlowViewer_Configuration.pm file has entries like these below, they will put the SiLK devices in the Netflow Source pulldown. There's more explanation in the User Guide starting at page 15. I also wanted to mention that SiLK can handle 'sflow' data in case you come across it (some devices only...
-
Here's the directory structure:
-
Hi Nick, Yes, you can treat SiLK devices just like flow-tools ones from the input screen perspective. Just make sure your SiLK directory structure looks like that in the attached image. Then make sure your FlowViewer_Configuration.pm file has entries like these below. There's more explanation in the User Guide starting at page 15. @devices = ("ft_rtr1","ft_rtr2"); # or @devices=(); if not using flowtools @ipfix_devices = ("silk_rtr1","silk_rtr2a","silk_rtr3","silk_rtr4","Site"); The configuration...
-
Hello, Joe. Installed SiLK. Everything seems to be working fine. However, here's the question: When I used flow-tools, I could select the device from a dropdown menu (Netflow Source). When I use SiLK, I must enter sensor name manually and "Site" in the Netflow Source menu. There are many devices. It is not comfortable. Is there any other way, using SiLK, to see the flows from the specific device?
-
Great promotion :). Yes, I am planing to try SiLK. if I can do it.
-
-
Will do. The instructions are great. Have you considered using SiLK as your flow collector? It is great code, very powerful, robust, still supported (Carnegie Mellon University) and free! It permits the collection of IPFIX data (where flow-tools is limited to netflow version 5.) Also, it will permit the viewing and analysis of IPv6 (As I recall, flow-tools doesn't do this.)
-
-
If so, you may add this file to my instruction. I hope, I collected all the packages that I downloaded.
-
-
Great, Nick! By the way, nice install work. I know it gets harder with time as some of the dependencies get a little old. I'll add your install process to the SourceForge web site.
-
Hello Joe. I think that I solved the problem. It was the wrong configured device. There was custom net flow record there. So net flow files format was wrong. Flow tools couldn't understand some fields. So result was unpredictable. When I changed record to default - all became look nice. If sombody wants, I can send instruction, how install FlowViewer on Ubuntu. Greate thanks for help. Regards. Nick (aka kuzma)
-
Yes, a little puzzling! I'm starting to focus on time handling. See attached pic of the process. If I have the correct files, the times in the Filter are not matching the flow-cat times**. See if you can: Verify that flow-tools is OK by working only from the command line with flow-tools only and modifying your Filter file by hand A couple more FlowViewer runs, saving off the filter file, so that we can see if the Filter times are indeed being mis-calculated for some reason. Just for reference, it...
-
Yes, a little puzzling! I'm starting to focus on time handling. See attached pic of the process. If I have the correct files, the times in the Filter are not matching the flow-cat times*. See if you can: Verify that flow-tools is OK by working only from the command line with flow-tools only and modifying your Filter file by hand A couple more FlowViewer runs, saving off the filter file, so that we can see if the Filter times are indeed being mis-calculated for some reason. Just for reference, it...
-
2 commands. First with nfilter, second without nfilter First /usr/local/flow-tools/bin/flow-cat -a -t "01/23/2024 14:58:59" -T "01/23/2024 15:05:01" /var/flows/C6509/2024/2024-01/2024-01-23 | /usr/local/flow-tools/bin/flow-nfilter -f /var/www/cgi-bin/FlowViewer_4.6/Flow_Working/FlowViewer_filter_172953 -FFlow_Filter | /usr/local/flow-tools/bin/flow-stat -f10 -S2 >/var/www/cgi-bin/FlowViewer_4.6/Flow_Working/FlowViewer_output_172953 2>>/var/www/cgi-bin/FlowViewer_4.6/Flow_Working/FlowViewer_output_172953...
-
In attachment my FlowViewer instalation steps. Maybe it will help. Regards.
-
Hello, Joe. Yesterday's net-flow files were overwritten. I am sending new ones, plus the result of the command.
-
Let's see what the underlying flow-tools command is producing. From the debug files (e.g., DEBUG_VIEWER) we can get the flow-tools command: /usr/local/flow-tools/bin/flow-cat -a -t "01/22/2024 07:58:59" -T "01/22/2024 09:35:00" /var/flows/C6509/2024/2024-01/2024-01-22 | /usr/local/flow-tools/bin/flow-nfilter -f /var/www/cgi-bin/FlowViewer_4.6/Flow_Working/FlowGrapher_filter_173835EW -FFlow_Filter > /var/www/cgi-bin/FlowViewer_4.6/Flow_Working/FG_buckets_cat_173835EW Try this command from the command...
-
Done!
-
Can you share these files: /var/www/cgi-bin/FlowViewer_4.6/Flow_Working/FlowViewer_filter_173805 /var/www/cgi-bin/FlowViewer_4.6/Flow_Working/FlowGrapher_filter_173835EW If they're not there, you may have to set to "Y": $debug_files = "Y"; ... and run again.
-
Thanks for quick answer. DEBUG_VIEWER and DEBUG_GRAPHER in attachment. Regards, Kuzma
-
Hi Kuzma, I don't really know why that is happening. Can you restore the FlowViewer_Utilities.pm file and we can start looking at the debug (DEBUG_VIEWER and DEBUG_GRAPHER)? I assume FlowViewer_Configuration.pm looks something like: $debug_viewer = "Y"; $debug_grapher = "Y"; $debug_monitor = "Y"; $debug_group = "Y"; $debug_files = "N"; From documentation: This parameter, if set to “Y”, will turn on debugging for FlowViewer. The debug output can be found in $flow_working/DEBUG_VIEWER.
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. [ [img src=1.jpg alt=" attached image 1.jpg"] ] If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. [-img src = 1.jpg alt=foobar: missing =-] If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. ![(https://disk.yandex.ru/i/TuKVABxWnqJO6Q)] If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
Did you use the 'rwflowpack_start' script in the /tools subdirectory? On 9/13/2023 10:38 AM, Tsepo wrote: FlowViewer_Configurion.pm silk section SiLK parameters $silk_data_directory = "/opt/silk/data"; $silk_bin_directory = "/opt/silk/bin"; $site_config_file = "/opt/data/silk.conf"; # If left blank, will look for silk.conf in specified Data Rootdir (see User's Guide) $sensor_config_file = "/opt/silk/sensor.conf"; $silk_compiled_localtime = ""; # Set to "Y" if you compiled SiLK with --enable-localtime...
-
Did you use the 'rwflowpack_start' script in the /tools subdirectory?
-
Are you getting any hints from your web server logs? Could be a permissions problem. On 9/13/2023 10:34 AM, Tsepo wrote: I need someone to help with the flowviewer installation, i have already configure the flow-tools and silk, i tested flow-tools through flow-capture scripts. I can capture but i can not graph it or render it on the flowviewer. Looking for anyone familiar enough to help get our install right. https://sourceforge.net/p/flowviewer/discussion/general/thread/ae107524cb/?limit=25#1d64...
-
Tsepo posted a comment on a wiki page
I need help from someone with a working Flowviewer and silk system i am struggling to graph the data but i can capture it though silk stores data in the root dir only
-
I need help from someone with a working Flowviewer and silk system i am struggling to graph the data but i can capture it though silk stores data in the root dir only
-
FlowViewer_Configurion.pm silk section SiLK parameters $silk_data_directory = "/opt/silk/data"; $silk_bin_directory = "/opt/silk/bin"; $site_config_file = "/opt/data/silk.conf"; # If left blank, will look for silk.conf in specified Data Rootdir (see User's Guide) $sensor_config_file = "/opt/silk/sensor.conf"; $silk_compiled_localtime = ""; # Set to "Y" if you compiled SiLK with --enable-localtime switch $silk_capture_buffer_pre = (125 * 60); # Start of SiLK file concatenation $silk_capture_buffer_post=...
-
I need someone to help with the flowviewer installation, i have already configure the flow-tools and silk, i tested flow-tools through flow-capture scripts. I can capture but i can not graph it or render it on the flowviewer.
-
Patrick Van Horn posted a comment on discussion General Discussion
We attempted to get the silk and flowviewer installed correctly but it appears we have not. I pointed a flow to our server and appears it is not collecting or not sure where it is going. The flowviewer tell me it should be in /VAR/Flows but I do not even have this directory. I am looking for help now. Patrick Van Horn - Network Engineer 4025 Delridge Way SW, Suite 400; Seattle, WA 98106 (425)306-3370 [BTD_Logo_Tag_RGB]http://www.bartelldrugs.com/ Follow Us On: Facebookhttps://www.facebook.com/BartellDrugs...
-
Sure. You should have a device set to 'test', i.e., @ipfix_devices = ("test") I would be glad to look over the whole config file. My email is: jloiacon@gmail.com
-
Timur posted a comment on discussion General Discussion
Can I send the file to you personally?
-
I see you set something up called 'test'. Can you also provide your FlowViewer_Configuration.pm file as well?
-
It looks like you may have SiLK set up OK. Are you receiving data and are the files growing? What does your 'var/flows/...' (or similar) directory look like? I'm trying to find out what you've named your devices.
-
Maybe I don't setup a FLowMonitor, but how I can do it? I dont see any data in FlowViewer. I did all items from chapter 2-installation.
-
Maybe I don't setup a FLowMonitor, but how I can do it? I dont see any data in FlowViewer. I did all items from chapter 2-installation.
-
Looks like maybe you haven't set up a FlowMonitor? Can you successfully use FlowViewer and FlowGrapher? Thanks, Joe
-
Hi, I installed FlowViewer and Silk. Silk is working and I see flow-files in /var/flows, but I can't collect data via FlowMonitor Collector. In logs I see next: 0 Monitors had a zero value. 0 Monitors had a positive value. 0 IPFIX, 0 Flows Active, 0 Linear. If I run this: rwpackchecker --print-all /var/flows/test/int2int/2019/04/09/int2int-S0_20190409.23 Output: 0/228671 flows are bad or unusual 0 flows where BPP Calculation is incorrect 0 flows where Elapsed Time > 4096 0 flows where Byte/Packet...
-
OK good, Ricardas. If you see something where the software should be improved (e.g., a warning message, fix, etc.) please let me know. Best, Joe
-
Ricardas Daugela posted a comment on discussion General Discussion
Hi Joe, thanks for the care! After some more reading I found that there is kind of bug and I need to make some filter and then monitor will start showig graph. Best regards, Ricardas
-
Hi Ricardas, I'd be happy to help you. You are getting empty Flow_Monitor output, right? Can you provide the DEBUG_MONITOR_C (captures the data points) and DEBUG_MONITOR_G output (prints the graph)? Thanks, Joe
-
Hi Tim, I have the same situation like you had. Mabe you have soled it and remember how ? Thank you in advance! Ricardas
-
Sara posted a comment on discussion General Discussion
Hi, I downloaded the docker so I don't know how to use SiLK from command line and from wherever. Thanks for your time!
-
Sara, Sorry you're having those deifficulties. Are you able to use SiLK from the command line? Joe
-
Hi, I installed FlowViewer using a docker because I don't have knowledge enough to configure one by one every parameter of the list, so I follow the instructions from: https://github.com/richb-hanover/docker-silk-flowviewer When flowviewer is running, I can see a blank in the middle, nothing is showing up so I don't know how to "register" my flows. I want to measure my flow's latency (if it's not possible to measure this, please tell me) with FlowViewer and I don't know what I'm doing wrong. Also...
-
ofel posted a comment on discussion General Discussion
in case : 1 ip address can be resolve to dns donoharjo.idwebhost.com but ip 216.58.196.4 cant be resolve so im try 'dig' from command line and the answer from dig ;; ANSWER SECTION: 4.196.58.216.in-addr.arpa. 74451 IN PTR kul01s11-in-f4.1e100.net. 4.196.58.216.in-addr.arpa. 74451 IN PTR kul08s09-in-f4.1e100.net. i hope kul01s11-in-f4.1e100.net or kul08s09-in-f4.1e100.net can be display in flowviewer
-
Hello Ofel, Can you provide more details? Can you see if the IP address resolves correctly outside of FlowVIewer (i.e., using 'dig' from the command line)?
-
hello, in my case ip addr only partally can be resolve, need help
-
Pieter Smit posted a comment on discussion General Discussion
Hi, I enabled FlowViewer, with flowtools data. The data is split in directories for 8 routers i collect flows from. Is there a way to select all the routers when i graph or report ? Currently i have to first figure out where i expect to see the traffic and then select a specific router as the Netflow Source to graph/report on.
-
Tim S. posted a comment on discussion General Discussion
Hi Joe - Thanks for your reply! Here's the output of DEBUG_MONITOR_C. It seems to be doing "something" but not sure what it 'should' look like... Thanks, Tim tstevens@tstevens-silk:~/FV/Flow_Working$ cat DEBUG_MONITOR_C from: end this_filter to: start next_filter elapsed seconds: 299.019954 running: 59100.176836 /var/www/cgi-bin/FlowMonitor_Files/FlowMonitor_Filters/f2e_fp_testbed.fil from: start next_filter to: start SiLK_processing elapsed seconds: 0.003708 running: 59100.180544 rwfilter_command:...
-
As my flows all land under /var/flow/routerName1/../.../etc Would the following work $exporter_directory = "/var/flow"; $no_devices_or_exporters = "Y";
-
(Hm, I replied to this but it doesn't seem to have posted, trying again...) Hi Joe, Thanks for the reply! Here's the output of DEBUG_MONITOR_C, looks like it's doing something but not sure what this is supposed to look like when working. Thanks, Tim tstevens@tstevens-silk:~/FV/Flow_Working$ cat DEBUG_MONITOR_C from: end this_filter to: start next_filter elapsed seconds: 299.019954 running: 59100.176836 /var/www/cgi-bin/FlowMonitor_Files/FlowMonitor_Filters/f2e_fp_testbed.fil from: start next_filter...
-
Dol Meun posted a comment on discussion General Discussion
Dear Joe, Thanks for you help. I have already fixed my problem it caused of I missed install GD::Graph. After I install it it is working fine. Thanks again. Best Regards, Dol
-
Hi Dol, It may well be a permissions problem. To begin, set all directories that you identify in FlowViewer_Configuration.pm to 'chmod 0777 ...'. Also can you post the Apache access.log and error.log file information? Best, Joe
-
Hello, I have got the same problem. and my Debug file: Flow_Working]# cat DEBUG_VIEWER In FlowViewer_Main.cgi Using GDBM Using GDBM Could anyone please help on this. Best Regards, Dol
-
Many thanks, Eric.
-
Eric van Wiltenburg modified a comment on discussion General Discussion
Hi Joe, The default SiLK path-format value in the silk.conf file is "%T/%Y/%m/%d/%x"....
-
Hi Joe, The default SiLK path-format value in the silk.conf file is "%T/%Y/%m/%d/%x"....
-
Hi Domagoj, I think the difference is due to the way FlowViewer looks at the notion...
-
Domagoj modified a comment on discussion General Discussion
Hy Joe, When I calculated average value for 5 minute period for 'Flows-Initiated...
-
P.S Im using --load-scheme=5 in my SiLK query. In my FlowViewer_Configuration.pm...
-
P.S Im using --load-scheme=5 in my SiLK query. In my FlowViewer_Configuration.pm...
-
Hy Joe, When I calculated average value for 5 minute period for 'Flows-Initiated...
-
Hi Domagoj Sorry for the delay. It is a good question you have. In general, FlowMonitor_Collector...
-
Hy Joe, Can you please explain how FlowMonitor caclulates "flows active/second" and...
-
Hy Joe, Can you please explain how FlowMonitor caclulates "Monitor Types"? When I...
1 >