У меня есть проблема, решение которой мне, может быть, кто-нибудь подскажет.
Настроил экспорт netflow с центрального шлюза, просто от нечего делать
На внутреннем хосте настроил коллектор и пытаюсь настроить flowscan. Пока безуспешно.
Код: Выделить всё
[root@flanker ~]# uname -a
FreeBSD flanker.pskk.ru 7.0-RELEASE-p5 FreeBSD 7.0-RELEASE-p5 #0: Tue Dec 23 18:58:54 MSK 2008 root@flanker.pskk.ru:/usr/obj/usr/src/sys/FLANKER-MAIN-2008-12-23 i386
[root@flanker ~]# pkg_info | grep flow
bsdpan-Cflow-1.051 Cflow::find - find "interesting" flows in raw IP flow files
cflowd-2.1.b1_10,1 Flow analysis tool used for analyzing Cisco's NetFlow switc
flow-tools-0.68_7 Suite of tools and library to work with netflow data
flowscan-1.006_9 Processes IP flows recorded in cflowd-format raw flow files
Flowscan я тоже настроил, он мониторит папку /var/log/netflows на наличие файлов по заданной маске. Всё на этом этапе работает.
В логах flowscan следующая картина:
Код: Выделить всё
2009/04/03 12:47:58 flowscan-1.020 CUFlow: Cflow::find took 4 wallclock secs ( 3.95 usr + 0.00 sys = 3.95 CPU) for 363679 flow file bytes, flow hit ratio: 41538/41539
2009/04/03 12:47:58 flowscan-1.020 CUFlow: report took 0 wallclock secs ( 0.00 usr 0.00 sys + 0.18 cusr 0.12 csys = 0.30 CPU)
sleep 300...
Use of uninitialized value in numeric gt (>) at /usr/local/lib/perl5/site_perl/5.8.8/HTML/Table.pm line 2685.
Use of uninitialized value in numeric gt (>) at /usr/local/lib/perl5/site_perl/5.8.8/HTML/Table.pm line 2685.
Use of uninitialized value in numeric gt (>) at /usr/local/lib/perl5/site_perl/5.8.8/HTML/Table.pm line 2685.
Use of uninitialized value in numeric gt (>) at /usr/local/lib/perl5/site_perl/5.8.8/HTML/Table.pm line 2685.
Use of uninitialized value in numeric gt (>) at /usr/local/lib/perl5/site_perl/5.8.8/HTML/Table.pm line 2685.
Use of uninitialized value in numeric gt (>) at /usr/local/lib/perl5/site_perl/5.8.8/HTML/Table.pm line 2685.
Use of uninitialized value in numeric gt (>) at /usr/local/lib/perl5/site_perl/5.8.8/HTML/Table.pm line 2685.
Use of uninitialized value in numeric gt (>) at /usr/local/lib/perl5/site_perl/5.8.8/HTML/Table.pm line 2685.
Use of uninitialized value in numeric gt (>) at /usr/local/lib/perl5/site_perl/5.8.8/HTML/Table.pm line 2685.
Use of uninitialized value in numeric gt (>) at /usr/local/lib/perl5/site_perl/5.8.8/HTML/Table.pm line 2685.
Use of uninitialized value in numeric gt (>) at /usr/local/lib/perl5/site_perl/5.8.8/HTML/Table.pm line 2685.
Use of uninitialized value in numeric gt (>) at /usr/local/lib/perl5/site_perl/5.8.8/HTML/Table.pm line 2685.
Код: Выделить всё
<!-- 2009-04-03 11:15:00 MSD / 1238742900 --> <row><v> 4.0236994333e+05 </v><v> 3.7403212333e+05 </v><v> 9.1890000000e+02 </v><v> 9.2
582666667e+02 </v><v> 7.7853333333e+01 </v><v> 7.0256666667e+01 </v></row>
<!-- 2009-04-03 11:20:00 MSD / 1238743200 --> <row><v> NaN </v><v> NaN </v><v> NaN </v><v> NaN </v><v> NaN </v><v> NaN </v></row>
<!-- 2009-04-03 11:25:00 MSD / 1238743500 --> <row><v> NaN </v><v> NaN </v><v> NaN </v><v> NaN </v><v> NaN </v><v> NaN </v></row>
<!-- 2009-04-03 11:30:00 MSD / 1238743800 --> <row><v> NaN </v><v> NaN </v><v> NaN </v><v> NaN </v><v> NaN </v><v> NaN </v></row>
<!-- 2009-04-03 11:35:00 MSD / 1238744100 --> <row><v> NaN </v><v> NaN </v><v> NaN </v><v> NaN </v><v> NaN </v><v> NaN </v></row>
