Forgive me, I know this isn't a flowscan list, but I'm hoping someone
has experience with it.
New problem, different system. Flowscan is dying on me now. If I feed it
the <routerIP>.flows.0 file, it errors with something like flow-export
version 5 required...and I did find a reference to that on the list, but
there was no ultimate resolution.
Anyways, now flowscan is segfaulting after it completes reading the file.
I've determined that it dies doing:
sub report {
foreach (@objects) {
next unless ($_->can('report'));
$_->report; # We die here on the first obj.
}
}
In my graphs/ dir I get a 0:0.rrd file, and that is all. I haven't been
able to determine where the reporting stuff is actually implemented.
Any help is appreciated.
-- Example output from flowscan --
Loading "bin/Napster_subnets.boulder" ...
Loading "bin/local_nets.boulder" ...
2001/05/25 03:48:29 working on file xxxxxxxxxx.flows.1...
2001/05/25 03:48:29 %CampusIO::FTPSession -> 0
2001/05/25 03:48:29 %CampusIO::FTPSession -> 0
2001/05/25 03:48:29 %CampusIO::NapServer -> 0 %CampusIO::NapUser -> 0
2001/05/25 03:48:29 %CampusIO::NapServer -> 0 %CampusIO::NapUser -> 0
2001/05/25 03:48:44 flowscan-1.020 CampusIO: Cflow::find took 15 wallclock
secs (14.79 usr + 0.04 sys = 14.83 CPU) for 1000000 flow file bytes, flow
hit ratio: 67/18181
Next
Adam Maloney
Systems Administrator
Sihope Communications
Ask me about Sihope's great new referral offer!
-- cflowd mailing list cflowd@caida.org
This archive was generated by hypermail 2b29 : Fri May 25 2001 - 17:20:26 PDT