Error No data found

zeenmc · Post by **zeenmc** » Thu Dec 04, 2014 4:45 am

I think, maybe switch 3850 is the problem ????? a turn off apache, an nagios, and start with nfdump...and this is output...

root@localhost 3850]# nfdump -r nfcapd.201412041035
Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows
1970-01-01 01:00:00.000 0.000 UDP 10.145.192.18:123 -> 10.250.72.44:123 1 100 1
1970-01-01 01:00:00.000 0.000 TCP 10.193.1.230:80 -> 10.250.72.36:57205 1 50 1
1970-01-01 01:00:00.000 0.000 TCP 10.250.68.46:445 -> 10.250.72.31:52423 317 67461 1
1970-01-01 01:00:00.000 0.000 TCP 10.145.192.19:445 -> 10.250.72.71:59686 9 1835 1
1970-01-01 01:00:00.000 0.000 TCP 145.47.112.221:5061 -> 10.250.72.33:63912 3 548 1
1970-01-01 01:00:00.000 0.000 TCP 173.194.113.65:80 -> 10.250.72.41:62692 6 330 1
1970-01-01 01:00:00.000 0.000 UDP 10.250.70.253:33749 -> 10.250.74.43:1058 19 10277 1
1970-01-01 01:00:00.000 0.000 TCP 10.145.192.18:49155 -> 10.250.72.48:39130 6 1072 1
1970-01-01 01:00:00.000 0.000 TCP 10.250.68.46:445 -> 10.250.72.31:52423 290 61758 1
1970-01-01 01:00:00.000 0.000 UDP 10.250.70.253:57106 -> 10.250.74.43:1058 1 523 1
1970-01-01 01:00:00.000 0.000 TCP 173.194.113.65:443 -> 10.250.72.41:62709 3 220 1

zeenmc · Post by **zeenmc** » Thu Dec 04, 2014 8:36 am

This is log from a wireshark, from switch 3850, time is right

.

Post by **lmiltchev** » Thu Dec 04, 2014 5:05 pm

Run the following commands and show us the output:

Code: Select all

ll -d /var/www/html/nagiosna/www/media/js
ll /var/www/html/nagiosna/www/media/js
cat /etc/sudoers.d/nna_conf
cat /etc/sysconfig/clock

Didn't you get any output after running this?

Code: Select all

grep zone /etc/php/ini

zeenmc · Post by **zeenmc** » Fri Dec 05, 2014 3:58 am

Did you thought grep zone /etc/php.ini ?????

[root@localhost ~]# grep zone /etc/php/ini
grep: /etc/php/ini: No such file or directory
[root@localhost ~]#

Code: Select all

[root@localhost ~]# ll -d /var/www/html/nagiosna/www/media/js
drwxrwxr-x. 4 root apache 4096 2014-09-30 20:23 /var/www/html/nagiosna/www/media/js


[root@localhost ~]# ll /var/www/html/nagiosna/www/media/js
total 804
-rw-rwxr--. 1 root apache  28756 2014-09-30 20:23 bootstrap.min.js
-rw-rwxr--. 1 root apache   1424 2014-09-30 20:23 d3 LICENSE
-rw-rwxr--. 1 root apache 143320 2014-09-30 20:23 d3.v3.min.js
-rw-rwxr--. 1 root apache   5917 2014-09-30 20:23 helpers.js
-rw-rwxr--. 1 root apache 152257 2014-09-30 20:23 highcharts-4.0.1.js
-rw-rwxr--. 1 root apache  22889 2014-09-30 20:23 highcharts-more.js
-rw-rwxr--. 1 root apache  93021 2014-09-30 20:23 jquery-1.10.1.min.js
-rw-rwxr--. 1 root apache 228137 2014-09-30 20:23 jquery-ui-1.10.3.custom.min.js
-rw-rwxr--. 1 root apache  74018 2014-09-30 20:23 jquery-ui-timepicker-addon.js
drwxrwxr-x. 2 root apache   4096 2014-09-30 20:23 modules
-rw-rwxr--. 1 root apache   8764 2014-09-30 20:23 queries.js
-rw-rwxr--. 1 root apache   2171 2014-09-30 20:23 reports.js
-rw-rwxr--. 1 root apache  11779 2014-09-30 20:23 summary.js
drwxrwxr-x. 2 root apache   4096 2014-09-30 20:23 themes
-rw-rwxr--. 1 root apache  15643 2014-09-30 20:23 vizhelpers.js
[root@localhost ~]# 

[root@localhost ~]# cat /etc/sudoers.d/nna_conf
Defaults:%nnacmd !requiretty

Cmnd_Alias LIST	= /sbin/iptables --list
Cmnd_Alias SAVE = /etc/init.d/iptables save
Cmnd_Alias UPDATE = /sbin/iptables -I INPUT -p udp -j ACCEPT --dport * 
Cmnd_Alias DAEMON = /usr/local/nagiosna/bin/nagiosna *

%nnacmd ALL=(ALL) NOPASSWD:LIST
%nnacmd ALL=(ALL) NOPASSWD:SAVE
%nnacmd ALL=(ALL) NOPASSWD:UPDATE
%nnacmd ALL=(ALL) NOPASSWD:/bin/kill *
%nnacmd ALL=(ALL) NOPASSWD:DAEMON
[root@localhost ~]# 

[root@localhost ~]# cat /etc/sysconfig/clock
ZONE="US/Eastern"
UTC=False
[root@localhost ~]#

tmcdonald · Post by **tmcdonald** » Fri Dec 05, 2014 3:38 pm

Apologies, the proper command is:

Code: Select all

grep zone /etc/php.ini

zeenmc · Post by **zeenmc** » Fri Dec 05, 2014 5:47 pm

Code: Select all

[root@localhost ~]# less /etc/php.ini | grep  zone
; Defines the default timezone used by the date functions
; http://www.php.net/manual/en/datetime.configuration.php#ini.date.timezone
date.timezone = Europe/Belgrade
[root@localhost ~]#

zeenmc · Post by **zeenmc** » Sun Dec 07, 2014 5:21 pm

Any help ?????

networkeng · Post by **networkeng** » Mon Dec 08, 2014 4:56 pm

I also could not get this working on a Cisco 3850. For some reason nfdump couldn't read the timestamp. I did get it working with 4500 series switches, but they use slightly different timestamp commands (see example below):

3850 Flexible Netflow
flow record r1
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect counter bytes long
collect counter packets long
collect timestamp absolute first
collect timestamp absolute last

4500
flow record r1
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect counter bytes long
collect counter packets long
collect timestamp sys-uptime first
collect timestamp sys-uptime last

sreinhardt · Post by **sreinhardt** » Mon Dec 08, 2014 5:44 pm

It looks like your PHP time has you in belgrade, but the localtime has you in Eastern time(-5). Let's correct the local system time, and give your system a reboot to make sure all daemons come back with correct references to localtime.

Code: Select all

rm -f /etc/localtime
ln -s /usr/share/zoneinfo/Europe/Belgrade /etc/localtime
reboot

This is presuming you are supposed to be in belgrade, since php default would also be Eastern last I checked.

abrist · Post by **abrist** » Mon Dec 08, 2014 5:45 pm

Could you post a few of the caps from wireshark from the 3850?

Nagios Support Forum

Error No data found

Re: Error No data found

Re: Error No data found

Re: Error No data found

Re: Error No data found

Re: Error No data found

Re: Error No data found

Re: Error No data found

Re: Error No data found

Re: Error No data found

Re: Error No data found