Hi everyone,
Using nfdump + nfsen to collect and analyze NetFlow data from a Cisco ASA
device.
The problem I'm facing is that after the server restart it sometimes fails to
monitor the flows and fills the logs with messages like:
Nov 12 12:33:53 mon /usr/local/bin/nfcapd[16843]: Process v9: [0] No table for
id 265 -> Skip record
Nov 12 12:33:53 mon /usr/local/bin/nfcapd[16843]: Process v9: [0] No table for
id 256 -> Skip record
Nov 12 12:33:53 mon /usr/local/bin/nfcapd[16843]: Process v9: [0] No table for
id 260 -> Skip record
Nov 12 12:33:53 mon /usr/local/bin/nfcapd[16843]: Process v9: [0] No table for
id 256 -> Skip record
Nov 12 12:33:53 mon /usr/local/bin/nfcapd[16843]: Process v9: [0] No table for
id 256 -> Skip record
Nov 12 12:33:53 mon /usr/local/bin/nfcapd[16843]: Process v9: [0] No table for
id 260 -> Skip record
Nov 12 12:33:53 mon /usr/local/bin/nfcapd[16843]: Process v9: [0] No table for
id 256 -> Skip record
Googling did not reveal anything about the cause of this error. I use
nfdump-1.5.8-2-NSEL + nfsen-1.3.6p1 on a CentOS 6 machine.
There is just one collector and one device sending logs currently. Everything
worked flawlessly for a few months, then this started to happen.
I did not upgrade nfdump the ASA. A few days ago it took me a few hours of
random service restarts to make nfdump work. Today it happened again.
Did anyone else experience similar problems? What can I try in order to fix
this?
Best regards,
Evgheni Dereveanchin
________________________________
The information in this email is confidential and may be legally privileged. It
is intended solely for the addressee. Any opinions expressed are mine and do
not necessarily represent the opinions of the Company. Emails are susceptible
to interference. If you are not the intended recipient, any disclosure,
copying, distribution or any action taken or omitted to be taken in reliance on
it, is strictly prohibited and may be unlawful. If you have received this
message in error, do not open any attachments but please notify the EndavaIT
Support Service Desk on (+44 (0)870 423 0187), and delete this message from
your system. The sender accepts no responsibility for information, errors or
omissions in this email, or for its use or misuse, or for any act committed or
omitted in connection with this communication. If in doubt, please verify the
authenticity of the contents with the sender. Please rely on your own virus
checkers as no responsibility is taken by the sender for any damage rising out
of any bug or virus infection.
Endava Limited is a company registered in England under company number 5722669
whose registered office is at 125 Old Broad Street, London, EC2N 1AR, United
Kingdom. Endava Limited is the Endava group holding company and does not
provide any services to clients. Each of Endava Limited and its subsidiaries is
a separate legal entity and has no liability for another such entity's acts or
omissions. Please refer to the "Legal" section on our website for a list of
legal entities.
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_d2d_nov
_______________________________________________
Nfdump-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nfdump-discuss
