Activity for kuzma
-
kuzma posted a comment on discussion General Discussion
Here is my installation steps. SiLK and FlowViewer. Perhaps it will help somebody.
-
I continue to configure SiLK. 1) If it is possible, I want to show you my results. As I understand, for comfortable display devices in FlowViewer, I need SiLK to store files from each device in a separate (his own) directory. I achieved this only by launching several instances of rwflowpack pointing different root directories for storing each device dirs and files. In each of these directories I put a sensor.conf file with sensor and sensor settings only for this device. If I make one sensor.conf...
-
I continue to configure SiLK. If it is possible, I want to show you my results. As I understand, for comfortable display devices in FlowViewer, I need SiLK to store files from each device in a separate (his own) directory. I achieved this only by launching several instances of rwflowpack pointing different root directories for storing each device dirs and files. In each of these directories I put a sensor.conf file with sensor and sensor settings only for this device. If I make one sensor.conf file...
-
I continue to configure SiLK. 1. If it is possible, I want to show you my results. As I understand, for comfortable display devices in FlowViewer, I need SiLK to store files from each device in a separate (his own) directory. I achieved this only by launching several instances of rwflowpack pointing different root directories for storing each device dirs and files. In each of these directories I put a sensor.conf file with sensor and sensor settings only for this device. If I make one sensor.conf...
-
I continue to configure SiLK. 1. If it is possible, I want to show you my results. As I understand, for comfortable display devices in FlowViewer, I need SiLK to store files from each device in a separate (his own) directory. I achieved this only by launching several instances of rwflowpack pointing different root directories for storing each device dirs and files. In each of these directories I put a sensor.conf file with sensor and sensor settings only for this device. If I make one sensor.conf...
-
I continue to configure SiLK. 1. If it is possible, I want to show you my results. As I understand, for comfortable display devices in FlowViewer, I need SiLK to store files from each device in a separate (his own) directory. I achieved this only by launching several instances of rwflowpack pointing different root directories for storing each device dirs and files. In each of these directories I put a sensor.conf file with sensor and sensor settings only for this device. If I make one sensor.conf...
-
I continue to configure SiLK. 1. If it is possible, I want to show you my results. As I understand, for comfortable display devices in FlowViewer, I need SiLK to store files from each device in a separate (his own) directory. I achieved this only by launching several instances of rwflowpack pointing different root directories for storing each device dirs and files. In each of these directories I put a sensor.conf file with sensor and sensor settings only for this device. If I make one sensor.conf...
-
I continue to configure SiLK. 1. If it is possible, I want to show you my results. As I understand, for comfortable display devices in FlowViewer, I need SiLK to store files from each device in a separate (his own) directory. I achieved this only by launching several instances of rwflowpack pointing different root directories for storing each device dirs and files. In each of these directories I put a sensor.conf file with sensor and sensor settings only for this device. If I make one sensor.conf...
-
Hello, Joe. Installed SiLK. Everything seems to be working fine. However, here's the question: When I used flow-tools, I could select the device from a dropdown menu (Netflow Source). When I use SiLK, I must enter sensor name manually and "Site" in the Netflow Source menu. There are many devices. It is not comfortable. Is there any other way, using SiLK, to see the flows from the specific device?
-
Great promotion :). Yes, I am planing to try SiLK. if I can do it.
-
If so, you may add this file to my instruction. I hope, I collected all the packages that I downloaded.
-
Hello Joe. I think that I solved the problem. It was the wrong configured device. There was custom net flow record there. So net flow files format was wrong. Flow tools couldn't understand some fields. So result was unpredictable. When I changed record to default - all became look nice. If sombody wants, I can send instruction, how install FlowViewer on Ubuntu. Greate thanks for help. Regards. Nick (aka kuzma)
-
2 commands. First with nfilter, second without nfilter First /usr/local/flow-tools/bin/flow-cat -a -t "01/23/2024 14:58:59" -T "01/23/2024 15:05:01" /var/flows/C6509/2024/2024-01/2024-01-23 | /usr/local/flow-tools/bin/flow-nfilter -f /var/www/cgi-bin/FlowViewer_4.6/Flow_Working/FlowViewer_filter_172953 -FFlow_Filter | /usr/local/flow-tools/bin/flow-stat -f10 -S2 >/var/www/cgi-bin/FlowViewer_4.6/Flow_Working/FlowViewer_output_172953 2>>/var/www/cgi-bin/FlowViewer_4.6/Flow_Working/FlowViewer_output_172953...
-
In attachment my FlowViewer instalation steps. Maybe it will help. Regards.
-
Hello, Joe. Yesterday's net-flow files were overwritten. I am sending new ones, plus the result of the command.
-
Done!
-
Thanks for quick answer. DEBUG_VIEWER and DEBUG_GRAPHER in attachment. Regards, Kuzma
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. [ [img src=1.jpg alt=" attached image 1.jpg"] ] If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. [-img src = 1.jpg alt=foobar: missing =-] If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. ![(https://disk.yandex.ru/i/TuKVABxWnqJO6Q)] If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit...
-
I Installed flow-tools and FlowViewer. All installations were without errors. I installed it on Ubuntu-22.04. I don't see any errors in the logs. If I run FlowViewer like this, I get this. If I run FlowGrapher with the same settings, they get something like this. Only outputs streams with IP address 191.168.7.218 If in /etc/perl/FlowViewer_Utilities.pm here print FILTER "filter-primitive start_flows\n"; print FILTER "type time-date\n"; print FILTER "permit ge $flows_start\n"; print FILTER "default...
1