Cacti Users

fejker · New User Joined: 28 Apr 2008 Posts: 4

I've installed CactEZ v0.4 and netflow support is not working. Process flow-capture is not running (on boot it's started). When I look in /var/netflow/flows/completed, every hour is created one folder YYYY-MM-DD-HH but it is allways empty.

Try to run /usr/bin/flow-capture -w /var/netflow/flows/completed 0/0/2055 and then I can see flow files, so router is configured properly.

Can someone tell me why flow-capture isn't starting automatically, is there any stetting I must enter or run some script. From the posts below I understand that everything should be preconfigured or ?

jimmy · Site Admin Joined: 11 Nov 2004 Posts: 1495

Not sure what the issue is, as I don't seem to have the issue on my production servers which are running it. If you would like, you can try the latest SVN (from today) which contains lots of fixes and great new features.

http://svn.cacti.net/cgi-bin/viewvc.cgi/flowview/trunk/?root=Plugins

Take the flow-capture file from there, and throw it in /etc/init.d/ and then fixed the permissions to be the same as the other files.

beno · New User Joined: 29 Apr 2008 Posts: 7

Hi,

This is proabably a newbie question. I have installed cactiez 0.4 on a DL380 box. However, I do not see the flow-capture get started upon bootup. On reading a post, I manually started the flow capture as well as replace the flow-capture script found on the svn posted by Jimmy (Site Admin) and retry again. It is still not started.

To further my understanding, I could find directories created, but there is no files underneath it
drwxr-xr-x 2 root root 4096 Apr 30 04:00 2008-04-30-4
drwxr-xr-x 2 root root 4096 Apr 30 05:00 2008-04-30-5
drwxr-xr-x 2 root root 4096 Apr 30 06:00 2008-04-30-6
drwxr-xr-x 2 root root 4096 Apr 30 07:00 2008-04-30-7
drwxr-xr-x 2 root root 4096 Apr 30 08:00 2008-04-30-8
drwxr-xr-x 2 root root 4096 Apr 30 09:00 2008-04-30-9

I only found some files under this directory (/var/netflow/flows/completed/2008/2008-04/2008-04-30) :
[root@localhost 2008-04-30]# ls
ft-v05.2008-04-30.000001-0500 ft-v05.2008-04-30.050001-0500
ft-v05.2008-04-30.001501-0500 ft-v05.2008-04-30.051501-0500
ft-v05.2008-04-30.003001-0500 ft-v05.2008-04-30.053001-0500
ft-v05.2008-04-30.004501-0500 ft-v05.2008-04-30.054501-0500
ft-v05.2008-04-30.010001-0500 ft-v05.2008-04-30.060001-0500
ft-v05.2008-04-30.011501-0500 ft-v05.2008-04-30.061501-0500
ft-v05.2008-04-30.013001-0500 ft-v05.2008-04-30.063001-0500
ft-v05.2008-04-30.014501-0500 ft-v05.2008-04-30.064501-0500
ft-v05.2008-04-30.020001-0500 ft-v05.2008-04-30.070001-0500
ft-v05.2008-04-30.021501-0500 ft-v05.2008-04-30.071501-0500
ft-v05.2008-04-30.023001-0500 ft-v05.2008-04-30.073001-0500
ft-v05.2008-04-30.024501-0500 ft-v05.2008-04-30.074501-0500
ft-v05.2008-04-30.030001-0500 ft-v05.2008-04-30.080001-0500
ft-v05.2008-04-30.031501-0500 ft-v05.2008-04-30.081501-0500
ft-v05.2008-04-30.033001-0500 ft-v05.2008-04-30.083001-0500
ft-v05.2008-04-30.034501-0500 ft-v05.2008-04-30.084500-0500
ft-v05.2008-04-30.040001-0500 ft-v05.2008-04-30.090001-0500
ft-v05.2008-04-30.041501-0500 ft-v05.2008-04-30.091501-0500
ft-v05.2008-04-30.043001-0500 ft-v05.2008-04-30.093001-0500
ft-v05.2008-04-30.044501-0500 tmp-v05.2008-04-30.094501-0500

I went through the crontab and found 2 entries:

* * * * * /var/netflow/flow.pl > /dev/null 2>&1
1 1 * * * find /var/netflow/flows/completed/* -type d -mtime +5 -exec rm -fr {} \; > /dev/null 2>&1

I would like to understand on this whole setup, e.g when are the flow processed, where are the data files, log files to troubleshoot. Pse help. The version installed is:
flow-tools-0.68-12.fc3

fejker · New User Joined: 28 Apr 2008 Posts: 4

Heloo

Jimmy THX for help. I tried with SVN flowtools but result is still same, will try one more time with clean installation. Currently I'm using CactiEZ on Vmware. To reslovle time isue I installed vmware tools and kernel-2.6.9-55.0.2.EL.100HZ.i686.

jimmy · Site Admin Joined: 11 Nov 2004 Posts: 1495

The new version requires you to add a device, and the startup script uses that information to determine which settings to use on the flow-capture binary. So goto flowviewer, and click on Devices, and then click the Add button.

beno · New User Joined: 29 Apr 2008 Posts: 7

Dear Jimmy,

Thanks. I have downloaded all files from the repositry and now the flowview is version 0.6. However, after the page refresh, the flowview tab is not available anymore. I have checked /var/www/html/include/global.php, and flowview is listed as one of the plugins.

$plugins = array();
$plugins[] = 'settings';
$plugins[] = 'thold';
$plugins[] = 'boost';
$plugins[] = 'monitor';
$plugins[] = 'discovery';
$plugins[] = 'tools';
$plugins[] = 'syslog';
$plugins[] = 'mactrack';
$plugins[] = 'rrdclean';
$plugins[] = 'update';
$plugins[] = 'flowview';
$plugins[] = 'hostinfo';
$plugins[] = 'errorimage';
$plugins[] = 'weathermap';
$plugins[] = 'aggregate';
$plugins[] = 'docs';
$plugins[] = 'reportit';
//$plugins[] = 'ntop';
//$plugins[] = 'ssl';

I tried to force to browse the page:http://172.16.225.8/plugins/flowview/flowview.php
And the response is:
Access Denied
You are not permitted to access this section of Cacti. If you feel that you need access to this particular section, please contact the Cacti administrator.
( Return | Login )

beno · New User Joined: 29 Apr 2008 Posts: 7

I have managed to isolate it to the setup.php. If I copy back the old setup.php, I could see the flowview inside the webpage, but it does not allow me to add device, or should I say, I added the device, but it was not shown.

jimmy · Site Admin Joined: 11 Nov 2004 Posts: 1495

Sorry, actually that version I pointed you to is actually 0.6, which is only PA 2.0 compatible, so you have to enable it from the Plugin Management interface. The one that works the old way is downloadable from the download section, v0.5.1, just give it a try and see if it works for you.

beno · New User Joined: 29 Apr 2008 Posts: 7

Dear Jimmy,

No worries. Smile

And thanks for the fast response.
I have downloaded version 0.5 and copy the php files over to /var/www/html/plugins/flowview.

However, when I attempt to add a device, it was not shown. Any way to check where is the error, or which parameter is wrong. Pse see attached and let me know, thanks.

Beno

jimmy · Site Admin Joined: 11 Nov 2004 Posts: 1495

The database tables may be wrong, as the 2 different versions have a slightly different database. Drop the plugin_flowview_* tables from your database, and then re-import the flowview.sql file to see if that helps.

fejker · New User Joined: 28 Apr 2008 Posts: 4

Jimmy you are genius...

Following your tips I manage to get the flow-capture, and flowview SVN working. I'll just repeat procedure that I used...

1. remove old version of flowview
2. copy new files of flowview SVN, install it through plugin management and overwrite flow-capture (/etc/init.d/)
3. drop plugin_flowview_devices table,
drop plugin_flowview_queries table,
drop plugin_flowview_dnscache table from cacti database
4. import new flowview.sql (source /var/html/plugins/flowview/flowview.sql)
5. delete Default device from flowview
6. enable flowview from plugin management
7. create new device
8. restart Cacti machine

Razz

jimmy · Site Admin Joined: 11 Nov 2004 Posts: 1495

Instead of this
restart Cacti machine
you could instead just restart the flow-capture service
service flow-capture stop
service flow-capture start

fejker · New User Joined: 28 Apr 2008 Posts: 4

Jimmy,

One more question if you dont mind. I noticed that folders YYYY-MM-DD-HH are still created every hour in /var/netflow/flows/completed/ (is flow.pl script doing that?). For flow-capture I selected YYYY-MM-DD and that is working fine. Folders YYYY-MM-DD-HH are empty, do they have something with flow forwarding to ntop. I set ntop netflow collector to listen on port 2056 but It's not working. Do I need to change something in flow.pl script or should I use flowfanout?

THX for help!

jimmy · Site Admin Joined: 11 Nov 2004 Posts: 1495

Actually, there are 2 scripts running as a cron job which you will want to remove.

One of them is this one
find /var/netflow/flows/completed/* -type d -mtime +5 -exec rm -fr {} \; > /dev/null 2>&1'
and the other is
/var/netflow/flow.pl > /dev/null 2>&1

gster · New User Joined: 06 May 2008 Posts: 7

Hi, I a bit stuck here. I had a basic CactiEZ install and I upgraded to PA 2.1 then follwed the instructions here (http://cactiusers.org/forums/viewtopic.php?t=1496&highlight=netflow+support) to get flowview 0.6 installed.

It is now installed from cacti's point of view but not still not collecting data, checked the processes that are running and it seems that flow-capture doesn't start with the updated /etc/init.d/flow-capture script.

When I do

[root@localhost log]# service flow-capture stop
/usr/bin/flow-capture: no process killed
[root@localhost log]# service flow-capture start

The start doesn't give any errors but no data is getting collected. I'm sure that the firewall is not blocking the netflow packets, so am pretty confused.

Any assistance would be greatly appreciated

	CactiUsers.org Forum Index -> General	All times are GMT - 5 Hours Goto page 1, 2 Next
Page 1 of 2