Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Netflow in PandoraFMS - No data found
#11
(06-03-2019, 08:49 AM)srichards Wrote:
(06-03-2019, 08:03 AM)eduardo.corral Wrote:
(05-30-2019, 03:09 PM)srichards Wrote: I'm not sure how to proceed,

I am collecting Netflow data and storing it but cannot see anything in Pandora.

I've tried multiple versions of NFDUMP but always not thing shows up in PandoraConsole

My HTTPD log shows this when i try to search netflow in Pandora:


Quote:[Thu May 30 17:02:32.554151 2019] [mpm_prefork:notice] [pid 4433] AH00163: Apache/2.4.6 (CentOS) PHP/7.2.19 configured -- resuming normal operations
[Thu May 30 17:02:32.554168 2019] [core:notice] [pid 4433] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
Empty file list. No files to process

Empty file list. No files to process

Empty file list. No files to process

Empty file list. No files to process

Empty file list. No files to process

Empty file list. No files to process

Empty file list. No files to process

Of course i can see the files and the path is correct in the Pandora config

Greetings, srichards

Can you please send us the result of executing a grep command of the process to see if its running with the right parameters?

It would be extremely helpful too if you can send us a screenshot of the Netflow configuration screen in your Pandora FMS console. 

Kind regards, 

Eduardo.

Hi Eduardo,

No problem, please find below:

Best

Simon

Code:
[email protected]:~# sudo /etc/init.d/pandora_server start
Pandora FMS Server 7.0NG.734 Build 190429 Copyright (c) 2004-2018 Artica ST
This program is OpenSource, licensed under the terms of GPL License version 2.
You can download latest versions and documentation at official web page.
 
[*]Backgrounding Pandora FMS Server process.

Pandora FMS Server is now running with PID 3829
[email protected]:~#  ps aux | grep -i nfcapd
root      3848  0.2  0.0  35000  1152 ?        S    09:53   0:00 /usr/bin/nfcapd -D -T all -w -t 1500 -P /var/run/pandora_nfcapd.pid -l /var/spool/pandora/data_in/netflow/
root      3887  0.0  0.0 113176  1532 pts/0    Ss   09:53   0:00 bash -c cd "/root" && bash -i -c " ps aux | grep -i nfcapd"
root      3898  0.0  0.0 115432  1836 pts/0    S    09:53   0:00 bash -i -c  ps aux | grep -i nfcapd
root      3912  0.0  0.0 112708   964 pts/0    S+   09:53   0:00 grep --color=auto -i nfcapd
[*]

Greetings, Simon

As I can see, the configuration is right. There is one thing that escaped our eye the last time we checked your Netflow problem, though. Take a look to the data found in /var/spool/pandora/data_in/netflow/, as you can see the date displayed is 1970/01/01. You need to change that in the server or in the machine that sends the data. 

When you try to display Netflow info in the console, the start date is 2019. It can't show any data because the flow you have is dated as of 1970. 

Let's see if changing the date fixes your problem. 

Kind regards, 

Eduardo.
 Reply


Users browsing this thread: 1 Guest(s)


(c) 2006-2018 Artica Soluciones Tecnológicas. Contents of this wiki are under Create Common Attribution v3 licence. | pandorafms.com | pandorafms.org

Theme © MyBB Themes