Difference of traffic graphs
Hello Guys, I'm using NetFlow Analyzer for monitoring a cisco router. Everything is working fine, no problem at all. But .... i have noticed a slight difference on traffic graph generated by NFA and other one generated using normal SNMP monitoring tools. In my case, i'm using cacti for monitoring the same router and graphing Serial traffic. I know there's a basic difference between generic SNMP monitoring tools and NFA. Most all generic SNMP monitoring tools, just like cacti i use and mrtg and several
Adding devices to Google maps
I am evaluating the Netflow Analyzer 6 Professional edition and I am trying to add devices to the Google maps. I created a key from google the other day so the maps work. It defaults to a world map. It states that no devices are assigned to any locations and to click the hyperlink to assign a location. I select teh hyperlink and it lists my devices and an option to assign the device to a location. I select the assign link and it is asking for a location name. I have tried the address, the device
Netflow on bridging interfaces
Hello Guys, I need some help on an advanced cisco configuration .... i got a new 1841 which supports netflow, nbar and everything else. 1841 has 2 FastEthernet interfaces. I was wondering if it would be possible to setup a bridge on 2 FastEthernet interfaces and have NetFlow activated on that bridged interface. My idea is to phisically segment a network with the router but keep all the logical configuration. 1841 would be 'in the middle' of the traffic but as a bridge and not as a router. Well ....
Strange encounter pls help
Hi All, Netflow reported of "kazaa, skinny,nessus, soulseek" application in the network. I have also trace the IP address to the host but found no such application running. I did a check on AssetExplorer for all software installed in workstations and also did not found such p2p/security application listed. Can somebody please advise me. Or how I can confirm that this is a false alarm from Netflow. Thanks!
5.502 Install Error - Unable to unpack jar files
I'm trying to install the latest demo, 5.502 I think. I get all the way through the install, but the program fails on the step of unpacking the jar files. The only thing left in the Netflow directory is a text file saying that "C:\DOCUM~\john.holmes\Local" is an invalid path or not an executable. I don't have the exact error, but hopefully you get the idea. Any ideas why this is happening? Is it a corrupted download (I burned it to a CD)... Thanks. ---John Holmes...
Cannot connect to MySQL Server for Netflow
The Netflow app will not accept the password to login. When I try resetting the password by following the printed instructions I cannot connect to the MySQL database. ERROR 2003: Can't Connect to MySQL Server on Localhost (10061) Any help would be appreciated. Thanks Ben
False Alerting Reporting
I am having an issue with the Alert Profiles. I have configured Inbound traffic with no criteria to email me when traffic utilization exceeds 70%, 80%, and 90% on a DS3. I have yet to see my traffic get over 50% yet I am getting pages stating that my traffic has exceeded. Could this be broke and its looking at an application instead of the whole group? I run one application which is 80% of my traffic. Could this be triggering my alarms? I attached my pdf file showing that I received a Warning alert.
Deleting devices
has anyone had an issue adding a Cisco 3745 router. I have added it and enabled NBAR on the device and the router crashed after about 10 minutes. I have the crashdump which may be a bug in the code but before I enable NBAR on any other devices I want to confirm that it wont crash everything. I am also trying to remove the device from the dashboard and I cannot seem to do it. I thought that once I disabled IP flow on the device it would disapear. It doesnt and I cant get rid of it.
not showing all traffic
I have a cisco 2800 router with 3 multilinked T1 lines which gives me 4.5MB of bandwidth. When looking at the netflow analyzer 6 pro it only shows 20% out traffic just under 1MB and no in traffic but when I look at MRTG for that router it shows that the router is being maxed out both the incoming and outgoing. Why is it not showing the incoming traffic ?
Netflow fails to capture data - Critical issue
We restarted our monitoring server and while both OpManager and Netflow Anaylzer both appears to start and where accessable via the web client. On further investigation netflow is NOT collecting any data. We can see historic data but no current information since the reboot. Please advise ASAP. Regards Mark
Getting NetFlow Analyer to pass data through a firewall.
Hello, I have just setup NetFlow Analyzer on my internet router and when I take a look at my Dashboard it says that "No device is currently exporting NetFlow / sFlow packets to NetFlow Analyzer. Click here for instructions to enable NetFlow / sFlow Exports on the router / switch." I have a firewall that is between the internet router and the PC with NetFlow Analyzer 6 installed on it. I used the basic configuration that NetFlow shows. I have created a NAT through the Firewall to pass traffic through
netflow server data drive full
I am monitoring 100 interfaces and my netflow server out of space, The server details are; Intel Xeon CPU 3.20GHz, 3.50 GB Ram, Microsoft Windows Server 2003. the total space in C: drive is 273 GB sis, filled with 251 GB of ibdata1 file. my question is how can I unload these data's to make room. What are my options. Thanks, Girish Kumar :D
Web Services access to netflow graphs
Is there anyway to call your software in a web services way to grab a graph from the database? We are looking to intergrate this into our portal but do not want to give access directly to the netflow interface but rather allow users to do reporting from our portal and we grab the data through your software. Is there anyway to currently do this? Thanks, Jeremy
Netflow and NAT
Hi! I have a question regarding netflow and nat. Right now i enabled netflow export in our cisco router, and i can see the data in NFA fine. But the router is doing NAT (or rather, PAT) so if i check the incoming data on the outside interface i can only see one destination IP address, the router's outside ip. This is perfectly normal because of the nat. But, is there an option to see the translated inside ip addresses as the destination ips? Thanks.
fprobe Linux Kernel 2.4 & 2.6
Hello: I am using fprobe on Linux (2.4 & 2.6) to send netflow exports to NetFlow Analyzer. fprobe <ip>:<port> I havent seen any flows yet. My question is: [1] Does manage engine support fprobe? [2] if not, how else can I send flows from a Linux box to analyzer? Thanks, Jay
License question
If i buy a 10 interface license, is that the sum of the interfaces i can monitor or it is per device? So, can i monitor 3 devices with 10 interface each (in total 30), or i can only monitor 2 devices with 5-5 interfaces? Also, is this the same with the free edition? (2 device with 1-1 port or X device with 2 port?)
GRE_App?
Hey Guys, I was wondering if anyone knew what the hell GRE_App is? It came up as being an application which is using 12% of total traffic and there is no port number listed, just a *. Ive just started using netflow analyzer so im a glorified n00b... i couldnt find any google hits to GRE_App... Is there a central repository where all the applications listed in netflow analyzer can be viewed? Thanks in advance. -Ry
How many traffic can work up the Netflow Analyzer?
Hallo NA-Team, we reflect the Netflow Analyzer use additional in our LAN-Area. (@Raghu: Sorry, we are still in the decision-phase for our WAN.) But we have 4 Terrabyte (!!) LAN-traffic per day. How many traffic produce additional the Netflow Analyzer for this traffic-rate and can this work up the NA ? Thanks in advance Helko
not showing all traffic
I have a cisco 2800 router with 3 multilinked T1 lines which gives me 4.5MB of bandwidth. When looking at the netflow analyzer 6 pro it only shows 20% out traffic just under 1MB and no in traffic but when I look at MRTG for that router it shows that the router is being maxed out both the incoming and outgoing. Why is it not showing the incoming traffic ?
Charts too small & bug in troubleshoot!
Hello. Why traffic charts are so small? I have monitor with resolution 1280x1024, but charts maximum 640 ? And NF have a bug in troubleshoot page (version 5, 5.5, 6). If i set lage interval (From: To: 10-15 days) then NF in 90% display "No data available". but with same filters in small intervals (1-2 days) everythings good.
Japanese only
I have downloaded NFA6 twice now from different mirrors and both times it comes up with Japanese language web pages even though the config seems to have been set to English, at least according to configlang_log.txt: C:\WINDOWS\system32>echo on C:\WINDOWS\system32>set wdir=C:\WINDOWS\system32 C:\WINDOWS\system32>set PROD_HOME=C:\ADVENT~1\ME\NetFlow C:\WINDOWS\system32>set LANGUAGE=English C:\WINDOWS\system32>cd /D C:\ADVENT~1\ME\NetFlow\bin C:\ADVENT~1\ME\NetFlow\bin>call DBConnProp.bat English Mysql
Upgrade 5.5 to 6 and lost data
Hello ... I upgraded 5.5 to v 6001 and I lost all of my historical data ... how can I get access to my history???? When I select a time and date range prior tp the update I get a message that no data is present.
unable to load logon page
Netflow is not allowing me to logon - restarted the server - ten mins later it came back again but v slow - now can't access again. Please help.
unable to load logon page
unable to load netflow analyzer login page - rebooted the server - still couldn't . ten mins later i could load - but now it has stopped working again. Please help.
Enable NBAR
Hi, I have already configure my Cisco 2811 Router with both SNMP Community String �Public and private� and it�s confirmed enabled, my problem is whenever I tried to check All interfaces states from �NBAR configuration� it gave me error "SNMP Error :NBAR status of the interfaces not updated" !!! Can you pls help Tariq Al Alawi
Accessing the Raw Data/Exporting Raw Data
Hi, we have purchased NFA 5 and upgraded to NFA 6. Is theer any way that we can get access to the raw data in the database? We have an urgent requirement to use the NetFlow DATA on an open link in order to create firewall application rules, and doing this page at a time from a custom report is extremely time consuming. Are there any options for directly acessing the MySQL tables? Regards Bill.Anderson
netflow anlayzer pro 6
hi all, pls if the netflow analyzer pro va 6 support to detect the attack or detect the syn packet and can take action or not pls advise
Netflow export from Cisco 4948
Would you please help me in configuring my Cisco 4948 for netflow export? IP route-cache flow is not an option on the VLAN interface that I am trying to export from. The following are the available options. #ip route-cache ? cef Enable Cisco Express Forwarding policy Enable fast-switching policy cache for outgoing packets same-interface Enable fast-switching on the same interface <cr> Thanks...
Can NFA do this ...??
Guys, Please be gentle but this is my first post, so here goes... We have been tasked to monitor our network and generate reports. However, after using NFA 5 we have discovered that it meets most of our requirements but lacks just a couple of items. This is a quick description of our network: It consists of 90 serial devices, connections shared between 180 users utilising 3 x 3700 Cisco Routers. Users connect randomly to the cisco ports to send and receive their data. What we need to log are as follows:
NFA Enterprise Edition 5.4 - Available now!
We are glad to announce the availability of NetFlow Analyzer Enterprise Edition 5.4(Build number 5400). This edition has got the following new features, 1. Supports Cisco� NBAR, J-Flow�, IPFIX� and NetStream� . 2. Advanced application recognition based on IP address in addition to port and protocol. 3. Major performance improvements on the IP group classification engine. 4. Alerting when a link is down or when no flows are being received for more than 10 minutes. For more information please visit
Can i create a sub-group for a device-group?
Hallo NA-Team, can i create one or more sub-group for a device-group? for example: I will create a device-group for our LAN (name is LAN-DEVICES, is layer 1 in the group-hierarchy). But our LAN have many different Subareas. Our engineers want to report separate Subareas-groups (layer 2) to locate problems, not the whole LAN. Second, i need a main-group for our WAN (layer 1) and sub-group (layer 2) for the countries (also may be location-groups within the country-groups). Can i create one or more
Differnet statistic in IP Group
Netflow displays different statistic in IP Group, between Global View and All Groups from left panel. Why these happen? (see attacheted file for sample)
Netflow with a Huawey R2630E
Dear folks, I�m trying to use Netflow on a Huawey R2630E. I search in this forum and found a awnser to use ip netstream export host {hostname|ip_address} 9996, but does not have this command in it. Would someone help me please? TIA Iassa
NFA6 (6001) Interface Utilizationnot shown
Hello,after the update to 6001 (from 5505) I am no longer able to use the Utilization view on my interfaces... Bye Rainer
NetFlow Analyzer on NetBSD
Hello, We have recently adquired a NetFlow Analyzer licence which we are planning to use on our production server which currently runs NetBSD on it. I was wondering if someone could help me iron out the following issues. - Do I need to install either KDE or GNOME in order to install the software? - Do you guys know wether it will run on NetBSD or heard of *anyone* running it on a NetBSD system? Help on this matter wont be forgotten. Thanks
Event Viewer Error after uninstall
So I'm getting the Service Desk software, and thought I'd look at the NetFlow Analyzer while I was here... I installed it, then removed it as I decided I would need a better time to really look at this software. Since that point, I get an event error every one minute on my server. Unable to collect the FTP performance statistics. The error code returned by the service is data DWORD 0. And ideas as to how to stop this? Is it my PC hitting the server? With something that was not uninstalled during
NetFlow from Juniper WXC devices
Hi, I am evaluating NFA and I am collecting Netflow data from two Juniper WXC devices. When comparing IN-traffic from one device it does not match OUT-traffic on the remote device. I am running a troubleshooting report analyzing traffic between two IP addresses for one specific application. OUT-traffic on the datacenter side shows 380MB transferred, and IN-traffic on the remote side shows 580MB received. However, I would expect IN and OUT traffic to be the same. Am I missing anything? Any advice
Frustrated with searching data
We are still having the same problem on trying to search for results from the past e.g. previous week / month for any node on any application (on drilling down on a protocol e.g. http) i'm receiving 'no data available'. Is this happening to anybody else? :?
Cisco IP SLA Inegration into Netflow Analyzer
Do you have any plans to incorporate Cisco IP SLA data collection into Netflow Analyzer? I hope you do as this would make a good tool even better. Jim
Need some help: NFA working incorrectly
Hi, guys! I use NFA6 to monitore my vpn-router Cisco 831. Here's commands used to configure router: Conf t interface Ethernet 0 ip route-cache flow exit ip flow-export destination 192.168.45.3 9996 ip flow-export source Ethernet 0 ip flow-export version 5 ip flow-cache timeout active 5 ip flow-cache timeout inactive 15 snmp-server ifindex persist do write where: 192.168.45.3 is NFA6-host on Windows XP Pro SP2 Ethernet0 is INTERNAL interface of router After 2 weeks of working I've got results: NFA6:
Next Page