On Oct 10, 2014 2:16 PM, "Steven Surdock" <ssurd...@engineered-net.com> wrote: > > > -----Original Message----- > > From: Josh Grosse [mailto:j...@jggimi.homeip.net] > > > > On Fri, Oct 10, 2014 at 05:46:40PM +0000, Steven Surdock wrote: > > > > > Not chrooted. Flow records are being updated and stored correctly. > > > The RRD and associated PNGs aren't being updated. I can still use the > > > rrd generated images to look at flows. I've never gotten PortTracker > > > working as it says it segfault in the log. > > > > I've never used PortTracker, as I do not have sufficient capacity on the > > nfsen collector. It is described as experimental, also. > > > > I am running a very simple configuration, collecting flows from two > > firewalls. The webserver is chrooted nginx, so my database is inside > > /var/www with a symbolic link in /var/db, as directed by the nfsen pkg- > > readme. > > > > Here's my nfsen.conf, with comments removed > > > > > > $BASEDIR = "/usr/local"; > > $BINDIR="${BASEDIR}/bin"; > > $LIBEXECDIR="${BASEDIR}/libdata/perl5/site_perl/NfSen"; > > $CONFDIR="/etc"; > > $HTMLDIR = "/var/www/htdocs/nfsen"; > > $DOCDIR="${BASEDIR}/share/doc/nfsen"; > > $VARDIR="/var/db/nfsen"; > > $PROFILESTATDIR="${VARDIR}/profiles-stat"; > > $PROFILEDATADIR="${VARDIR}/profiles-data"; > > $BACKEND_PLUGINDIR="${BASEDIR}/lib/nfsen/plugins"; > > $FRONTEND_PLUGINDIR="${HTMLDIR}/plugins"; > > $PREFIX = '/usr/local/bin'; > > $USER = "_nfcapd"; > > $WWWUSER = "www"; > > $WWWGROUP = "www"; > > $BUFFLEN = 200000; > > $SUBDIRLAYOUT = 1; > > $ZIPcollected = 1; > > $ZIPprofiles = 1; > > $PROFILERS = 2; > > $DISKLIMIT = 98; > > $PROFILERS = 6; > > %sources = ( > > > > ); > > $low_water = 90; > > $syslog_facility = 'local3'; > > @plugins = ( > > ); > > %PluginConf = ( > > demoplugin => { > > param2 => 42, > > param1 => { 'key' => 'value' }, > > }, > > otherplugin => [ > > 'mary had a little lamb' > > ], > > ); > > $MAIL_FROM = 'nf...@jggimi.homeip.net'; > > $SMTP_SERVER = 'localhost'; > > $MAIL_BODY = q{ > > Alert '@alert@' triggered at timeslot @timeslot@ }; 1; > > Mine is nearly identical... > > $BASEDIR = "/usr/local"; > $BINDIR="${BASEDIR}/bin"; > $LIBEXECDIR="${BASEDIR}/libdata/perl5/site_perl/NfSen"; > $CONFDIR="/etc"; > $HTMLDIR = "/var/www/htdocs/nfsen"; > $DOCDIR="${BASEDIR}/share/doc/nfsen"; > $VARDIR="/var/db/nfsen"; > $PROFILESTATDIR="${VARDIR}/profiles-stat"; > $PROFILEDATADIR="${VARDIR}/profiles-data"; > $BACKEND_PLUGINDIR="${BASEDIR}/lib/nfsen/plugins"; > $FRONTEND_PLUGINDIR="${HTMLDIR}/plugins"; > $PREFIX = '/usr/local/bin'; > $USER = "_nfcapd"; > $WWWUSER = "www"; > $WWWGROUP = "www"; > $BUFFLEN = 200000; > $SUBDIRLAYOUT = 1; > $ZIPcollected = 1; > $ZIPprofiles = 1; > $PROFILERS = 2; > $DISKLIMIT = 95; > $PROFILERS = 6; > %sources = ( > ); > $low_water = 90; > $syslog_facility = 'local3'; > @plugins = ( > ); > %PluginConf = ( > ); > $MAIL_FROM = 'ssud...@engineered-net.com'; > $SMTP_SERVER = 'localhost'; > $MAIL_BODY = q{ > Alert '@alert@' triggered at timeslot @timeslot@ > }; > 1; >
I see you don't have anything in %sources ( ); My /etc/nfsen.conf has the default entries. Maybe that's part of my problem. Stan