Article:
  Visualizing Network Traffic with Netflow and FlowScan
Subject:   Broken
Date:   2005-09-19 16:27:58
From:   jasontaylor1

2005/09/20 00:25:28 working on file /var/log/netflows/ft-v05.2005-09-20.002331+0100...
/var/log/netflows/ft-v05.2005-09-20.002331+0100: Invalid index in cflowd flow file: 0xCF100103! Version 5 flow-export is required with *all* fields being saved.
2005/09/20 00:25:28 flowscan-1.020 CUFlow: Cflow::find took 0 wallclock secs ( 0.00 usr + 0.00 sys = 0.00 CPU) for 2761 flow file bytes, flow hit ratio: 0/0
2005/09/20 00:25:28 flowscan-1.020 CUFlow: report took 0 wallclock secs ( 0.00 usr + 0.00 sys = 0.00 CPU)
sleep 300...


Version of FlowScan.pm:



# $Id: FlowScan.pm,v 1.6 2001/03/27 20:48:01 dplonka Exp $
# Dave Plonka <plonka@doit.wisc.edu>


flowdumper doesn't work for me either.


A google search on these problems, reveals lots of other people experiencing similar problems with no solutions.


There seems to be something seriously wrong with these tools, are there any solid alternatives?


Jason

Full Threads Oldest First

Showing messages 1 through 3 of 3.

  • Broken
    2005-09-20 15:10:07  jasontaylor1 [View]

    Never mind, it's now working.

    Jason
    • Broken
      2005-09-20 16:22:58  agshekeloh [View]

      Glad it works for you now!

      For the archives:

      It's really, really important to follow the instructions in the previous article exactly.

      If cflow.pm doesn't work, nothing else will work. And I mean *nothing*. :-)

      ==ml
      • Broken
        2006-07-06 21:31:20  Erk [View]

        I found that if you do a
        cd /usr/ports/net-mgmt/p5-Cflow

        and

        make WITH_FLOW_TOOLS=yes all install

        it tends to work, if you leave out the make WITH_FLOW_TOOLS=yes then flowdumper does not work.