flowscan & SubNetIO.pm

From: Alexander Serkin (als@cell.ru)
Date: Wed Aug 15 2001 - 08:28:41 PDT

Next message: Alexander Serkin: "Re: flowscan & SubNetIO.pm"

Previous message: Solomon Sokolovsky: "cflowd exporting to MySQL"
Next in thread: Alexander Serkin: "Re: flowscan & SubNetIO.pm"
Reply: Alexander Serkin: "Re: flowscan & SubNetIO.pm"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello gurus,
I'm currently having trouble with building subnet
stats using SubNetIO ReportClass.
The problem is that there is no incoming traffic on my graph.
I wonder if there is an ability to look in the rrd database
for the in_bytes counter.
And why this may occour?

Below are my flowscan.cf:

FlowFileGlob /cfd/flows/flows.*:*[0-9]
ReportClasses SubNetIO
WaitSeconds 30
Verbose 1

CampusIO.cf:

OutputIfIndexes 1,2,3,4,5,6,28,29,30,31,32,33,34,35,36,37,38,39,40,41
LocalSubnetFiles /cfd/flows/bin/local_nets.boulder
OutputDir /www/mccinet/flows/docs/graphs
Verbose 1
Protocols icmp, tcp, udp
TCPServices citrix, ftp-data, ftp, http, imap, netshow, notes, pop3, 7070, 554,
secure-http, secure-pop3, smtp, socks, sqlnet, sqlserver, ssh, telnet, 8100,
8101, 8102, 8103, 8104, 3128
UDPServices domain, snmp, snmp-trap
NapsterSubnetFiles /cfd/flows/bin/Napster_subnets.boulder
NapsterSeconds 1800
NapsterPorts 6699, 8875, 8888, 7777, 6700, 6666, 6677, 6688, 4444, 5555

and SubNetIO.cf:

SubnetFiles /cfd/flows/bin/subnets
OutputDir /www/mccinet/flows/docs/graphs
Verbose 1

I've looked through raw flows and seen the traffic for
that subnet (input and output), but it does not appear
in my graph built with this makefile:

...
common staff skipped
...
DEF_TT_out_bytes =
DEF:xTT_out_bytes=$(rrddir)/212.119.101.128_27.rrd:out_bytes:AVERAGE
DEF_TT_in_bytes =
DEF:xTT_in_bytes=$(rrddir)/212.119.101.128_27.rrd:in_bytes:AVERAGE
CDEF_TT_in_bps = CDEF:TT_in_bps=xTT_in_bytes,8,*,-1,*
CDEF_TT_out_bps = CDEF:TT_out_bps=xTT_out_bytes,8,*

rdtex$(tag).$(filetype): 212.119.101.128_27.rrd total.rrd unknown.rrd MCAST.rrd
        $(rrdtool) graph \
        $@ \
        --imgformat $(IMGFORMAT) \
        --width $(width) \
        --height $(height) \
        --alt-autoscale \
        -v 'bits/s' \
        -t 'Traffic Statistics for 212.119.101.128/27 Network (bits/s)' \
        -s $(totals_past_hours) \
        $(DEF_TT_out_bytes) \
        $(DEF_TT_in_bytes) \
        $(CDEF_TT_in_bps) \
        $(CDEF_TT_out_bps) \
        LINE1:TT_in_bps#00ff00:'TT In' \
        LINE1:TT_out_bps#0000ff:'TT Out (212.119.101.128/27)' \
        GPRINT:TT_in_bps:LAST:' %4.0lf' \
        GPRINT:TT_out_bps:LAST:' %4.0lf\n' \
        HRULE:0#000000

cflowd-2-1-b1 is patched for flowscan.
flowscan is 1.006.
And finally all this lives on Intel Solaris 2.8.

-- 
Alexander
--
cflowd mailing list
cflowd@caida.org

Next message: Alexander Serkin: "Re: flowscan & SubNetIO.pm"
Previous message: Solomon Sokolovsky: "cflowd exporting to MySQL"
Next in thread: Alexander Serkin: "Re: flowscan & SubNetIO.pm"
Reply: Alexander Serkin: "Re: flowscan & SubNetIO.pm"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Aug 15 2001 - 08:51:26 PDT