Hi List,
Very recently i have installed nfsen-1.3 on my CentOS Box -5.6 with
nfdump-1.5.7 and rrdtool-1.2.27/rrdtool-1.34. I have overall few queries
after working on this for a while. No doubt its a great product and very
useful in analyzing netflow traffic and the features it provides now and i
believe it will evolve more in the future. Its a wonderful open source tool
because even though there are n number of proprietary tools for NetFlow
Analyzer in the market with very sophisticated UI, but all those comes at a
high cost. I have a good plan with nfsen as i am going to monitor netflow
traffic from WAN links of the routers as above 250 links.
1) I have written above rrdtool-1.2.27/rrdtool-1.3.4, the reason behind is,
I faced much problem while installing nfsen. I have configured nfdump-1.5.7
with many versions of rrdtool. But lastly i have first configured with
rrdtool-1.34 and then again configured with rrdtool-1.2.7. Because every
time at the last when i was going to run install.pl in nfsen some errors
used to come. Sometimes some perl modules missing and sometimes others like
librrd.so.* problem. But this trick worked. I also installed perl-5.12 in
this process because at a time i thought its the perl version problem. Ok
now the question is still i am not aware of which version of rrdtool my
nfsen is running with, how to find out this. Also which version of perl i am
using for running nfsen.
2) Are there any proper presentation/document/video to understand nfsen UI
and configuration using UI & nfsen.conf. Because i am not able to understand
many things in the UI like profiles, groups, stat , alerts configuration
etc. What is there meaning and how to configure. Already i have read
the sourceforge page but its not very useful.
3) What are other plugins available other than porttracker, are there any
export to pdf reports plugins or any other plugins or plan for plugins like
these ahead.
4) I am bit new so i have a generic question w.r.t NetFlow configuration on
the routers, we have begin testing by configuring netfow v5 export on WAN
link of a router, so what type of traffic details i will get from this
like,
(a) Just need to confirm am i getting the average link utilization of the
interface almost near real time and the type of traffic or traffic
distribution passing through that interface of the router.
(b) What will be the traffic & information difference if instead of enabling
the floe from WAN interface we enable export from LAN GW Interface of the
router. Isn't it the same traffic information.
--
Thanks
Manish Kumar
http://in.linkedin.com/in/manishkumar85
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2d-oct
_______________________________________________
Nfsen-discuss mailing list
Nfsen-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
