Interested in seeing if I can get FlowViewer working with Cisco ASA using v9 netflow.
Can anyone suggest a place to start in terms of linux flavor to install on (Centos, Ubuntu), and perhaps a decent howto guide?
Thanks in advance!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I was following the steps provided in the link you have provided. https://wiki.polaire.nl/doku.php?id=flowviewer_centos7
Instead of netsa-python-1.4.3, I am trying to install its latest version i.e. netsa-python-1.5
But unfortunately, its ended up giving an below error:
[root@localhost netsa-python-1.5]# python setup.py build
Traceback (most recent call last):
File "/tmp/netsa-python-1.5/setup.py", line 9, in <module>
if not sys.version_info >= "2.6":
TypeError: '>=' not supported between instances of 'sys.version_info' and 'str' [root@localhost netsa-python-1.5]#</module>
Pleasehelpinthisregards.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Looks like you may be following the basic instructions in the README file. If you're not already looking at it, the FlowViewer User's Guide also on the SourceForge site has expanded installation instructions.
Also - please continue to post difficulties you might be hitting. I'll try to help out, and also try to clarify the User's Guide.
Thanks,
Joe
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I assume the FlowViewer.pdf is the FlowViewer User's Guide...I'll go back and review.
Is there way to determine if my FlowViewer machine is receiving Netflow V9 data from my CiscoASA?
Thanks!
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
You can use the script "analyze_netflow_packets" in the /tools directory. Instructions are in the comments section at the top.
I recall at one point there were some non-IPFIX standard issues between the ASA and SilK but that SiLK had a work around. This may now be all fixed, but you may want to check out the SiLK web-site.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Interested in seeing if I can get FlowViewer working with Cisco ASA using v9 netflow.
Can anyone suggest a place to start in terms of linux flavor to install on (Centos, Ubuntu), and perhaps a decent howto guide?
Thanks in advance!
I did find this, https://wiki.polaire.nl/doku.php?id=flowviewer_centos7, nicely done, but still no joy.
Stuck on the last part under"Install FlowViewer", wish there were more details in the setup process.
Stuck:
Create all necessary directories with proper permissions. - what directories / permissions to set?
Copy FlowViewer.css, FlowViewer.png to $reports_directory. - Ok its: "/var/www/html/FlowViewer_4.6"
Start FlowMonitor_Collector, FlowMonitor_Grapher in background - How?.
Point browser to FV.cgi - Correct URL to FV.cgi?
Anyone else have a good working tutoral for a FlowViewer installation?
Thanks
I was following the steps provided in the link you have provided.
https://wiki.polaire.nl/doku.php?id=flowviewer_centos7
Instead of netsa-python-1.4.3, I am trying to install its latest version i.e. netsa-python-1.5
But unfortunately, its ended up giving an below error:
[root@localhost netsa-python-1.5]# python setup.py build
Traceback (most recent call last):
File "/tmp/netsa-python-1.5/setup.py", line 9, in <module>
if not sys.version_info >= "2.6":
TypeError: '>=' not supported between instances of 'sys.version_info' and 'str'
[root@localhost netsa-python-1.5]#</module>
This seems to have fixed some of the directory permission issues:
chown -R apache:apache /var/www/cgi-bin/
chown -R apache:apache /var/www/html/
chmod -R 0755 /var/www/cgi-bin/
chmod -R 0755 /var/www/html/
Finally found the Url
http://10.10.0.131/cgi-bin/FlowViewer_4.6/FV.cgi
Now to see if any data is being sent via my ASA5505.
Hi,
Looks like you may be following the basic instructions in the README file. If you're not already looking at it, the FlowViewer User's Guide also on the SourceForge site has expanded installation instructions.
Also - please continue to post difficulties you might be hitting. I'll try to help out, and also try to clarify the User's Guide.
Thanks,
Joe
I assume the FlowViewer.pdf is the FlowViewer User's Guide...I'll go back and review.
Is there way to determine if my FlowViewer machine is receiving Netflow V9 data from my CiscoASA?
Thanks!
You can use the script "analyze_netflow_packets" in the /tools directory. Instructions are in the comments section at the top.
I recall at one point there were some non-IPFIX standard issues between the ASA and SilK but that SiLK had a work around. This may now be all fixed, but you may want to check out the SiLK web-site.