Hello, I am having difficulty with getting the flows to be picked up correctly by ntop + netflow. I am sending them from an ASA5510. I see in the statistics that it's received v9 templates and valid flows. The problem is that it's a 1:1 ratio of valid flows received to Flows with zero byte count. Thinking there may be a hiccup with the ASA, I tried using nfcapd + nfdump and was successful in receiving and digesting the flows.
I'm not using any aggregation, session handling isn't enabled, debug has been turned on or off to no avail. Logs don't point to any hiccups. I've tried increasing the -t log level and didn't see anything that corresponds. The rrd files do get created as NF_numFlowPkts, NF_numFlows, etc... but doing an rrdtool info on them doesn't look like anything is being submitted to them. Also, I initially tried the ntop version from sourceforge. Then I just recently compiled the svn version on a CentOS 5.5 box. Thoughts? Pointers? Thanks, AH
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
