tag:blogger.com,1999:blog-6752900.post7526823097136113236..comments2024-02-11T01:25:25.701-05:00Comments on Rolfsa's Weblog: NTOP on CentOS 5.3 for Netflow MonitoringUnknownnoreply@blogger.comBlogger16125tag:blogger.com,1999:blog-6752900.post-22843006809402680572021-04-19T15:42:53.163-04:002021-04-19T15:42:53.163-04:00The Community version is free to use as I'm us...The Community version is free to use as I'm using it for a while. Other versions could be used for SMEs and they can't ignore using it.Eleanorhttps://www.minutefob.ca/key-fob-copy-new-yorknoreply@blogger.comtag:blogger.com,1999:blog-6752900.post-73003755876334446742021-03-03T07:29:38.844-05:002021-03-03T07:29:38.844-05:00nice blog.nice blog.it supporthttps://allsafeit.com/it-consulting-in-los-angelesnoreply@blogger.comtag:blogger.com,1999:blog-6752900.post-78181288325433469432013-06-12T09:00:59.047-04:002013-06-12T09:00:59.047-04:00Does anyone know how to read .flow files generated...Does anyone know how to read .flow files generated by nTop NetFlow plugin? I have found flow-export but it doesn't work:<br /><br />flow-export -f2 -mSRCADDR < 1366966129.flow <br />flow-export: ftiheader_read(): Warning, bad magic number<br />flow-export: ftiheader_read(): failed<br />flow-export: ftio_init(): failed<br /><br />Bartekhttps://www.blogger.com/profile/07889669114235895444noreply@blogger.comtag:blogger.com,1999:blog-6752900.post-51233629042702012942011-08-11T03:50:28.826-04:002011-08-11T03:50:28.826-04:00thankx, after upgrading it worked..thankx, after upgrading it worked..zeekerhttp://www.blogger.com/profile/02783021807611082928noreply@blogger.comtag:blogger.com,1999:blog-6752900.post-67195868170024590562011-08-03T07:25:08.009-04:002011-08-03T07:25:08.009-04:00If it doesn't identify the command, then it...If it doesn't identify the command, then it's not supported in that IOS release. Upgrade (and unfortunately pay) for an upgrade to IOS that supports netflow.Rolfsahttps://www.blogger.com/profile/13858608485246552980noreply@blogger.comtag:blogger.com,1999:blog-6752900.post-44488041479716768272011-08-02T22:51:58.315-04:002011-08-02T22:51:58.315-04:00Thanks for quick reply. Then what could be the pro...Thanks for quick reply. Then what could be the problem. It doesn't identify the command ip flow-export source .....zeekerhttps://www.blogger.com/profile/02783021807611082928noreply@blogger.comtag:blogger.com,1999:blog-6752900.post-950913566484145782011-08-02T08:13:02.911-04:002011-08-02T08:13:02.911-04:00zeeker....I'd check your version of IOS an ver...zeeker....I'd check your version of IOS an verify that it supports netflow. Not all versions do.Rolfsahttps://www.blogger.com/profile/13858608485246552980noreply@blogger.comtag:blogger.com,1999:blog-6752900.post-64817390351777171312011-08-02T00:22:18.928-04:002011-08-02T00:22:18.928-04:00Hi, I'm new to this field. I'm tring to us...Hi, I'm new to this field. I'm tring to use a cisco 805 router. I gives me an error message saying "% Invalid input detected at '^' marker." in (config)#ip flowexport eth0. this may be totally different problem. but can someone help me. (doesn't this router support for this )zeekerhttps://www.blogger.com/profile/02783021807611082928noreply@blogger.comtag:blogger.com,1999:blog-6752900.post-58335635705961720472011-06-14T16:54:10.038-04:002011-06-14T16:54:10.038-04:00runs at command line but not as a service.
[root@...runs at command line but not as a service.<br /><br />[root@commodore ~]# service ntop start<br />Starting ntop: Processing file /etc/ntop.conf for parameters...<br />Tue Jun 14 16:53:03 2011 NOTE: Interface merge enabled by default<br />Tue Jun 14 16:53:03 2011 Initializing gdbm databases<br />FATAL ERROR: Unrecognized/unprocessed ntop options...<br /> , --user ntop, , --db-file-path /var/ntop, , , , --use-syslog, , , , , , , <br /><br />run ntop --help for usage information<br /><br /> Common problems:<br /> -B "filter expressions" (quotes are required)<br /> --use-syslog=facilty (the = is required)Martinhttps://www.blogger.com/profile/04112721332114124618noreply@blogger.comtag:blogger.com,1999:blog-6752900.post-33135551781463683662010-06-11T04:26:05.702-04:002010-06-11T04:26:05.702-04:00Hi,
This is great tutorial. I am running NTOP for...Hi,<br /><br />This is great tutorial. I am running NTOP for some few days now.<br /><br />I enable netFlow dump and I can see the .flow files being generated every dump interval.<br /><br />I am puzzled whether or not NTOP actually makes use of these files to re-build and show the graphs after NTOP restart or server restart itself.<br /><br />And also the RRD dump, i'm wondering whether it also dumps netFlow data as the option only has ff.<br /><br />Data to Dump:<br />Domains<br />Flows<br />Hosts<br />Interfaces<br />ASs<br />Matrix<br /><br /><br />Thanks very much,<br />NasAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-6752900.post-63287299103099325872009-07-24T10:45:01.683-04:002009-07-24T10:45:01.683-04:00That sounds like a network problem. I'd probab...That sounds like a network problem. I'd probably begin by seeing if you could just web browse http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS. At least that way you can verify connectivity to the site. From there you should be able to click and download the rpm. Then you can install it locally. <br /><br />Good luck!Rolfsahttps://www.blogger.com/profile/13858608485246552980noreply@blogger.comtag:blogger.com,1999:blog-6752900.post-48139712887388761372009-07-24T10:38:58.464-04:002009-07-24T10:38:58.464-04:00Hi,
Thanks for the quick reply. I followed your ...Hi,<br /><br />Thanks for the quick reply. I followed your suggestion by typing manually (a pain!) and I typed carefully but still didnt' work. <br /><br />What worked though was spacing out the switches individually as in "rpm -U -v -h ...". However, now i'm getting a different error message below:<br /><br />"Retrieving http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm<br />error: skipping http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm - transfer failed - Unknown or unexpected error "Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6752900.post-49185192184087541452009-07-24T10:29:57.497-04:002009-07-24T10:29:57.497-04:00I've seen it where the minus sign gets replace...I've seen it where the minus sign gets replaced by some other characeter when cutting and posting from blogs. Remove the - from -Uhv and retype it in manually. See if that solves the problem.Rolfsahttps://www.blogger.com/profile/13858608485246552980noreply@blogger.comtag:blogger.com,1999:blog-6752900.post-28756273857180617062009-07-24T10:15:34.640-04:002009-07-24T10:15:34.640-04:00I copied and pasted your "rpm -Uvh ..." ...I copied and pasted your "rpm -Uvh ..." command into my centos 5.3 but it didn't run. I'm not getting an error message, just something wrong with the syntax or missing a switch. <br /><br />Please help.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6752900.post-58113968468504151752009-05-29T11:47:41.665-04:002009-05-29T11:47:41.665-04:00ah...but ntop for centos is free for all interface...ah...but ntop for centos is free for all interfaces. :) No licenses no restrictions.Rolfsahttps://www.blogger.com/profile/13858608485246552980noreply@blogger.comtag:blogger.com,1999:blog-6752900.post-70460813906116585202009-04-14T23:34:00.000-04:002009-04-14T23:34:00.000-04:00Hi,
Can you try www.netflowanalyzer.com. It is...Hi,<br /><br /> Can you try www.netflowanalyzer.com. It is free for 2 interfaces. It is completely web based and hassle free. Please find the online demo in http://demo.netflowanalyzer.comRajhttp://www.netflowanalyzer.comnoreply@blogger.com