Re: help getting started - no data...

From: Brendan White (bmwt@ipn.caida.org)
Date: Fri Nov 03 2000 - 09:00:19 PST

Next message: Dave Plonka: "Re: help getting started - no data..."

Previous message: R. Drew Davis: "Re: Getting Started"
In reply to: Sheryl Zimmermann: "Re: help getting started - no data..."
Next in thread: Zimmerman, Sheryl Ms.: "RE: help getting started - no data..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

That was a mailing list error- should be all set now.

-b

> > Please forgive my presumption - I am getting the following dead.letter
> > errors, and I could really use some help!
>
> ----- The following addresses had permanent fatal errors -----
> "|/home/petidomo/bin/hermes cflowd"
> (expanded from: <cflowd@caida.org>)
>
> ----- Transcript of session follows -----
> or... User unknown
> /no/such/directory/dead.letter... cannot open
> /no/such/directory/dead.letter: No such file or directory
>
> > Really hope someone can help!
> >
> > Everything appears to have compile ok.
> > I'm running 12.01 (11) on a 3600 router. I am exporting to my host
> > using port 2055. When I do a
> > "sh ip flow export", everything looks good.
> > when I run snoop on my sun host (running 2.7) where both cfdcollect
> > and cflowd are running, it shows a large number of udp packets coming
> > in on port 2055.
> > I have flow files being created as per my specs in cflowd.conf. But no
> > arts files.
> > And when I use the sample perl script that Dave Plonka gave Cflow.pm
> > (changed to TCP and port 80), I get the following results:
> > XXXX.flows.0: Invalid index in flow data file: 0! Version 5
> > flow-export is required with *all* data being saved using the COLLECT
> > field of the CISCOEXPORTER stanza(s)!
> >
> > My CISCOEXPORTER stanza reads:
> > CISCOEXPORTER {
> > HOST: XXX.XXX.XXX.XXX # IP address of Cisco sending
> > data.
> > ADDRESSES: {XXX.XXX.XXX.XXX , # Addresses of interfaces on
> > Cisco
> > XXX.XXX.XXX.XXX,
> > XXX.XXX.XXX.XXX} # sending data.
> > CFDATAPORT: 2055 # Port on which to listen for
> > data.
> > SNMPCOMM: 'PUBLIC' # SNMP community name.
> > COLLECT: { flows }
> > }
> >
> > (excuse the XXX's, but need to protect the innocent!)
> >
> > I am receiving no messages from the syslog.
>
> Also, the shared memory and semaphores appear correct when we do an ipsc
> -a, as well as the ports looking as they should (netstat -an,
> snoop). This router WAS configured prior to this for exporting Protocol
> and DetailHostMatrix data in binary to an NFC. Would that have any
> effect on how cflowd goes to gather data now?
>
> >
> >
> > Can someone please point me to what might be going wrong??
> >
> >
> >
> > --
> >
> > Shery Zimmerman - Litton PRC
> > 5th Signal TNOC - Design and Performance
> > DSN 380-4034
> >
> >
>
> --
>
> Shery Zimmerman - Litton PRC
> 5th Signal TNOC - Design and Performance
> DSN 380-4034
>
>
>

-- If my words did glow with the gold of sunshine, and my tunes were played on the harp unstrung- would you hear my voice come through the music- would you hold it near as it were your own? If I knew the way, I would take you home. (Garcia/Hunter)

-- cflowd mailing list cflowd@caida.org

Next message: Dave Plonka: "Re: help getting started - no data..."
Previous message: R. Drew Davis: "Re: Getting Started"
In reply to: Sheryl Zimmermann: "Re: help getting started - no data..."
Next in thread: Zimmerman, Sheryl Ms.: "RE: help getting started - no data..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Nov 03 2000 - 09:20:34 PST