Re: [Nfsen-discuss] Problems using old nfdump data

[Esben B. <es...@cs...>]

Now i had it succesfully examining the data (nowhere is it mentioned 
that the output should be named nfcapd.YYYYMMDDHH for the import to 
work...i guess thats implicit from the nfcapd naming scheme).

However it still won't show anything in the graphs, it complains that 
the data is malformed (allthough nfdump shows them just fine). Ohh well 
i have to work out another solution then.

--
Esben

Ivan A. Beveridge wrote:

>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>On 03/04/2006 21:09, Esben Bach wrote:
>  
>
>>Important configuration bits as follows:
>>
>><begin>
>>$BASEDIR= "/pack/nfsen-1.2.4";
>>$PROFILESTATDIR="/netanalysis/nfsen/profiles";
>>$PROFILEDATADIR="${BASEDIR}/profiles";
>>    
>>
>
>This looks like an odd setup, but we'll persevere with it for the moment ...
>
>  
>
>>%source = (
>>  'output'      => { 'port'   => '9997', 'col' => '#ff0000'},
>>);
>><end>
>>
>>The data from nfdump is placed in
>>/pack/nfsen-1.2.4/profiles/live/output/output
>>    
>>
>
>With your above setup, I believe you should put the datafiles in the
>directory:
>/pack/nfsen-1.2.4/profiles/live/output/
>
>.... so you would have files called nfcapd.YYYYMMDDHHmm where:
>
>YYYY = 4-digit year
>MM   = month
>DD   = date
>HH   = hour
>MM   = minute
>
>I assume ft2nfdump creates the filenames correctly :)
>
>This means that you should have files in locations like this:
>
>/pack/nfsen-1.2.4/profiles/live/output/nfcapd.200604032115
>/pack/nfsen-1.2.4/profiles/live/output/nfcapd.200604032120
>/pack/nfsen-1.2.4/profiles/live/output/nfcapd.200604032125
>
>
>This is the relevant/changed part of mine:
>
>=========================
>$BASEDIR = "/opt/nfsen";
>$HTMLDIR    = "/var/www/localhost/htdocs/nfsen/";
>$PROFILESTATDIR="${BASEDIR}/profiles";
>$PROFILEDATADIR="/opt/data/nfsen/profiles";
>$PREFIX  = '/usr/local/bin';
>$USER    = "netflow";
>$WWWUSER  = "apache";
>$WWWGROUP = "apache";
>
>
>%sources = (
>    'switch02'      => { 'port'    => '9402', 'col' => '#00ff00' },
>    'switch20'      => { 'port'    => '9420', 'col' => '#0000ff' },
>);
>=========================
>
>- From default, many of the directories are within the heirarchy of
>$BASEDIR ... where $BASEDIR is where nfsen will be installed. $HTMLDIR
>is obviously in apache's webroot.
>
>You will notice I have specified $PROFILEDATADIR to be outside of the
>$BASEDIR - this is to a separate partition, so filling up the data dir
>will not cause corruption to the actual profiles.
>
>NOTE: You are expected to unpack the nfsen tarball somewhere (let's say
>/tmp/nfsen) and install it to somewhere different (let's say /opt/nfsen
>as in my case). The install script does this ... this could be what you
>are misunderstanding.
>
>I would recommend, to get it working, you use the KISS principle (keep
>it simple stupid) and then fiddle more when you have it working. It's
>always a good principle to start with, trust me :)
>
>What I mean by this is that the only directory variables in nfsen.conf I
>would change are BASEDIR and HTMLDIR. Don't unpack the tarball in
>$BASEDIR - unpack it somewhere else.
>
>I hope that makes sense :)
>
>
>Ivan
>- --
>Ivan Beveridge
><iv...@li...>		http://www.linx.net/
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.4.1 (MingW32)
>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
>iD8DBQFEMZYnQQZN5jq7vncRAqxyAKCjEfJYovzQJmKx3krYE9n451IJcgCghVd0
>YwQli4UusSdmPDjznQ7nGPo=
>=otb+
>-----END PGP SIGNATURE-----
>
>
>-------------------------------------------------------
>This SF.Net email is sponsored by xPML, a groundbreaking scripting language
>that extends applications into web and mobile media. Attend the live webcast
>and join the prime developer group breaking into this new coding territory!
>http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
>_______________________________________________
>Nfsen-discuss mailing list
>Nfs...@li...
>https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
>  
>