Re: compiling Cflowd on amd64

Date view	Thread view	Subject view	Author view

Subject: Re: compiling Cflowd on amd64
From: Affan Basalamah (affanzbasalamah@gmail.com)
Date: Tue Sep 27 2005 - 10:54:04 CDT

Next message: Joseph Nuara: "Unknow option errors"
Previous message: Michael W. Lucas: "Re: compiling Cflowd on amd64"
In reply to: Michael W. Lucas: "Re: compiling Cflowd on amd64"
Reply: Affan Basalamah: "Re: compiling Cflowd on amd64"

On 9/27/05, Michael W. Lucas <mwlucas@blackhelicopters.org> wrote:
>
> On Tue, Sep 27, 2005 at 04:43:16PM +0700, Affan Basalamah wrote:
> > Hi,
> >
> > thanks for the suggestion!
> >
> > I've managed to install flow-tools, and tried to use Flowscan together with it.
> > Then I want to know, is Cflow modules in FreeBSD Ports Collection can
> > recognize flow-tools instead of Cflowd ? If it cannot recognize, how
> > can I make it work with flow-tools ? I've tried the documentation in
> > http://www.dynamicnetworks.us/netflow/ , but configuring Cflow to work
> > together with flow-tools seems not working for me.
> >
>
>
> Depends on which cflow modules you're talking about.  Cflow.pm is a
> pain with flow-tools, but it can be done (at least on i386, not sure
> about amd64, haven't had a chance to try yet).  I just wrote an
> article about this:
>
> http://www.onlamp.com/pub/a/bsd/2005/08/18/Big_Scary_Daemons.html
>

Hi there Mr. Lucas,

I've followed your instruction on the Onlamp, and it just works! Right
now flowdumper can read my flow files.

And there goes another question (or I think this question will be
answered on your next articles on Onlamp ;)). This is my flowscan.cf
config :

packetscanner # more bin/flowscan.cf

# flowscan Configuration Directives ############################################

# FlowFileGlob (REQUIRED)
# use this glob (file pattern match) when looking for raw flow files to be
# processed, e.g.:
# FlowFileGlob /var/local/flows/flows.*:*[0-9]
FlowFileGlob /usr/netflow-data/ft-v05.*:*[0-9]

# ReportClasses (REQUIRED)
# a comma-seperated list of FlowScan report classes, e.g.:
# ReportClasses CampusIO
ReportClasses CUFlow

# WaitSeconds (OPTIONAL)
# This should be <= the "-s" value passed on the command-line to cflowd, e.g.:
# WaitSeconds 300
WaitSeconds 30

# Verbose (OPTIONAL, non-zero = true)
Verbose 1

And after I run flowscan in my flow files firectory, unfortunately
flowscan still cannot process my flow files, it just run sleep 30
without end.

Any suggestions ?
Many thanks!

-affan

--
Help        mailto:majordomo@net.doit.wisc.edu and say "help" in message body
Unsubscribe mailto:majordomo@net.doit.wisc.edu and say
"unsubscribe flowscan" in message body
Archive     http://net.doit.wisc.edu/~plonka/list/flowscan/archive/

Next message: Joseph Nuara: "Unknow option errors"
Previous message: Michael W. Lucas: "Re: compiling Cflowd on amd64"
In reply to: Michael W. Lucas: "Re: compiling Cflowd on amd64"
Reply: Affan Basalamah: "Re: compiling Cflowd on amd64"

Date view	Thread view	Subject view	Author view

This archive was generated by hypermail 2b25 : Tue Sep 27 2005 - 10:56:10 CDT