There is obviously a memory shortage on your machine. Some
processes are eating up your memory.
Just doing a stat query does not need much RAM, so you seem
to have processes other than nfdump, consuming a lot of RAM.
The same can be true of you do extensive statistic processing
- lots
My question is this: Soon I'll have to add new netflow
sources on new ports. How do I do this? Just by modifying
etc/nfsen.conf and adding another entry in the sources hash?
Will nfsen do all the work by itself?
I did this the other day with 1.2.4 (manual argg... - but it worked
CoocheyCc:
nfsen-discuss@lists.sourceforge.netSubject: Re: [Nfsen-discuss]
Adding new data sources
Thank you. I had seen your mail, but I wanted to upgrade,
to be safe...Giles Coochey wrote:
My question is this: Soon I'll have to add new netflow
sources on new ports. How do I do
Hello,
I've managed to install the Port tracker plugin, but I'm
getting empty graphs. I've tried compiling rrdtool from
source with these arguments:
./configure --prefix=/usr --mandir=/usr/share/man
--infodir=/usr/share/info --datadir=/usr/share
--sysconfdir=/etc
and this would be useful in my current environment.
Best regards
Giles Coochey
Technical Department
Sapphire Networks
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Maurizio Molina
Sent: 19 July 2007 19:07
To: nfsen-discuss ML
Subject: [Nfsen-discuss
PS: yes, the list is active (but PortTracker questions are already
answered many times -- ML archive ;)
The list is fairly low usage - maybe half to a dozen messages a week,
with the odd flurry of messages when Peter makes an appearance.
I used to use Nfsen/Nfdump, but have since moved to using a commercial
product.
I'm now thinking about whether running Nfsen Nfdump as well as the
commercial product, mostly because I've been playing around with
Holt-Winters prediction within RRDtool and Cacti and I would love to see
this with
Is there a Redhat Style startup script for nfsen?
I tried linking /opt/nfsen/bin/nfsen to /etc/init.d/nfsen
and issuing:
chkconfig nfsen on
But got the response:
service nfsen does not support chkconfig
--
Regards,
Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http
be appreciated.
Thanks
Scott
I'm not using them, but might find them useful... unfortunately the
links I have found for them are 404 when I try to find them. Where can
the scripts be found?
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
identifier string we use to identify remote
offices. It has no significance for the actual script.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME
a rrdtool type issue, and searching for that
might be fruitful.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7584 634135
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
filter with is the 3 most
significant bits, so a value between 0-7
0 = 000xx
1 = 001xx
2 = 010xx
3 = 011xx
4 = 100xx
5 = 101xx
6 = 110xx
7 = 111xx
So tos 1 filter matches your priority packets?
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0
On 07/10/2014 13:29, Giles Coochey wrote:
On 07/10/2014 13:14, Oliver Lagni wrote:
On my firewall I set DSCP to 101110 for real-time traffic and I
clearly see it on Nprobe server on both segments, as soon as I filter
with TCPDump:
I am not sure, but I think the tos value you filter
that is doing that
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7584 634135
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
and receive the following error when trying to restart
NFsen:
Insecure dependency in sysopen while running with -T switch at
/opt/nfsen/libexec/NfProfile.pm line 836
Any ideas?
--
Regards,
Giles Coochey
+44 (0) 7584 634 135
+44 (0) 1803 529 451
gi...@coochey.net
smime.p7s
Description: S
Hi,
I'm really liking the NSEL feature within nfdump, but I have a question:
I see that I can view "DENIED" flows from the Cisco ASA in nfdump.
Is there a way to filter for DENIED flows within the Netflow Processing
in Nfsen, for example list the flows that were denied from a certain
source
N. If most of your traffic is tunnelled
via OpenVPN you won't see the individual flows inside that VPN.
If you don't timeout flows every five minutes or so, this flow will only
show up in your graphs when the flow ends.
--
Giles Coochey
___
Nfsen-di
please:
Where should I configure the sampling time in nfsen? I mean the
frequency that nfsen writes the flow data in the graphs.
Thanks a lot again!!!
El mar., 21 abr. 2020 a las 10:37, Giles Coochey (<mailto:gi...@coochey.net>>) escribió:
On 21/04/2020 14:09, Roberto Ca
"flow monitor" look to
add "cache timeout active" to that section.
Best to check the documentation for your router, it should be documented
there.
--
Giles Coochey
___
Nfsen-discuss mailing list
Nfsen-discuss@lists.sourceforge
On 21/04/2020 15:45, Roberto Carna wrote:
Hi Giles, I'll read them right now.
But from nfsen side, is it possible to change 5 minutes cycle time to
a lower value, let's say 1 minute ??? I mean the interval that Nfsen
writes the data to the graphs.
Thanks again, regards !!!
It needs to
On 18/08/2021 09:45, Peter Haag via Nfsen-discuss wrote:
I could consider to give it a go again, but I am still uncertain if it would
still be used these days. Feedback would be appreciated.
Nfsen is the only open-source netflow analysis tool that I use. I know
it's old code, I know it's
On 11/12/2021 11:52, Salvatore Cuzzilla wrote:
Hi Everyone,
doas nfsen support *authenticated* SMTP servers to send alerts?
Salvatore.
You could send mail to localhost, and then install an MTA locally such
as postfix, to send authenticated mail to a SMTP smarthost.
22 matches
Mail list logo