Page 2 of 5
Re: Error No data found
Posted: Thu Dec 04, 2014 4:45 am
by zeenmc
I think, maybe switch 3850 is the problem ????? a turn off apache, an nagios, and start with nfdump...and this is output...
root@localhost 3850]# nfdump -r nfcapd.201412041035
Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows
1970-01-01 01:00:00.000 0.000 UDP 10.145.192.18:123 -> 10.250.72.44:123 1 100 1
1970-01-01 01:00:00.000 0.000 TCP 10.193.1.230:80 -> 10.250.72.36:57205 1 50 1
1970-01-01 01:00:00.000 0.000 TCP 10.250.68.46:445 -> 10.250.72.31:52423 317 67461 1
1970-01-01 01:00:00.000 0.000 TCP 10.145.192.19:445 -> 10.250.72.71:59686 9 1835 1
1970-01-01 01:00:00.000 0.000 TCP 145.47.112.221:5061 -> 10.250.72.33:63912 3 548 1
1970-01-01 01:00:00.000 0.000 TCP 173.194.113.65:80 -> 10.250.72.41:62692 6 330 1
1970-01-01 01:00:00.000 0.000 UDP 10.250.70.253:33749 -> 10.250.74.43:1058 19 10277 1
1970-01-01 01:00:00.000 0.000 TCP 10.145.192.18:49155 -> 10.250.72.48:39130 6 1072 1
1970-01-01 01:00:00.000 0.000 TCP 10.250.68.46:445 -> 10.250.72.31:52423 290 61758 1
1970-01-01 01:00:00.000 0.000 UDP 10.250.70.253:57106 -> 10.250.74.43:1058 1 523 1
1970-01-01 01:00:00.000 0.000 TCP 173.194.113.65:443 -> 10.250.72.41:62709 3 220 1
Re: Error No data found
Posted: Thu Dec 04, 2014 8:36 am
by zeenmc
This is log from a wireshark, from switch 3850, time is right
.
Re: Error No data found
Posted: Thu Dec 04, 2014 5:05 pm
by lmiltchev
Run the following commands and show us the output:
Code: Select all
ll -d /var/www/html/nagiosna/www/media/js
ll /var/www/html/nagiosna/www/media/js
cat /etc/sudoers.d/nna_conf
cat /etc/sysconfig/clock
Didn't you get any output after running this?
Re: Error No data found
Posted: Fri Dec 05, 2014 3:58 am
by zeenmc
Did you thought grep zone /etc/php.ini ?????
[root@localhost ~]# grep zone /etc/php/ini
grep: /etc/php/ini: No such file or directory
[root@localhost ~]#
Code: Select all
[root@localhost ~]# ll -d /var/www/html/nagiosna/www/media/js
drwxrwxr-x. 4 root apache 4096 2014-09-30 20:23 /var/www/html/nagiosna/www/media/js
[root@localhost ~]# ll /var/www/html/nagiosna/www/media/js
total 804
-rw-rwxr--. 1 root apache 28756 2014-09-30 20:23 bootstrap.min.js
-rw-rwxr--. 1 root apache 1424 2014-09-30 20:23 d3 LICENSE
-rw-rwxr--. 1 root apache 143320 2014-09-30 20:23 d3.v3.min.js
-rw-rwxr--. 1 root apache 5917 2014-09-30 20:23 helpers.js
-rw-rwxr--. 1 root apache 152257 2014-09-30 20:23 highcharts-4.0.1.js
-rw-rwxr--. 1 root apache 22889 2014-09-30 20:23 highcharts-more.js
-rw-rwxr--. 1 root apache 93021 2014-09-30 20:23 jquery-1.10.1.min.js
-rw-rwxr--. 1 root apache 228137 2014-09-30 20:23 jquery-ui-1.10.3.custom.min.js
-rw-rwxr--. 1 root apache 74018 2014-09-30 20:23 jquery-ui-timepicker-addon.js
drwxrwxr-x. 2 root apache 4096 2014-09-30 20:23 modules
-rw-rwxr--. 1 root apache 8764 2014-09-30 20:23 queries.js
-rw-rwxr--. 1 root apache 2171 2014-09-30 20:23 reports.js
-rw-rwxr--. 1 root apache 11779 2014-09-30 20:23 summary.js
drwxrwxr-x. 2 root apache 4096 2014-09-30 20:23 themes
-rw-rwxr--. 1 root apache 15643 2014-09-30 20:23 vizhelpers.js
[root@localhost ~]#
[root@localhost ~]# cat /etc/sudoers.d/nna_conf
Defaults:%nnacmd !requiretty
Cmnd_Alias LIST = /sbin/iptables --list
Cmnd_Alias SAVE = /etc/init.d/iptables save
Cmnd_Alias UPDATE = /sbin/iptables -I INPUT -p udp -j ACCEPT --dport *
Cmnd_Alias DAEMON = /usr/local/nagiosna/bin/nagiosna *
%nnacmd ALL=(ALL) NOPASSWD:LIST
%nnacmd ALL=(ALL) NOPASSWD:SAVE
%nnacmd ALL=(ALL) NOPASSWD:UPDATE
%nnacmd ALL=(ALL) NOPASSWD:/bin/kill *
%nnacmd ALL=(ALL) NOPASSWD:DAEMON
[root@localhost ~]#
[root@localhost ~]# cat /etc/sysconfig/clock
ZONE="US/Eastern"
UTC=False
[root@localhost ~]#
Re: Error No data found
Posted: Fri Dec 05, 2014 3:38 pm
by tmcdonald
Apologies, the proper command is:
Re: Error No data found
Posted: Fri Dec 05, 2014 5:47 pm
by zeenmc
Code: Select all
[root@localhost ~]# less /etc/php.ini | grep zone
; Defines the default timezone used by the date functions
; http://www.php.net/manual/en/datetime.configuration.php#ini.date.timezone
date.timezone = Europe/Belgrade
[root@localhost ~]#
Re: Error No data found
Posted: Sun Dec 07, 2014 5:21 pm
by zeenmc
Any help ?????
Re: Error No data found
Posted: Mon Dec 08, 2014 4:56 pm
by networkeng
I also could not get this working on a Cisco 3850. For some reason nfdump couldn't read the timestamp. I did get it working with 4500 series switches, but they use slightly different timestamp commands (see example below):
3850 Flexible Netflow
flow record r1
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect counter bytes long
collect counter packets long
collect timestamp absolute first
collect timestamp absolute last
4500
flow record r1
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect counter bytes long
collect counter packets long
collect timestamp sys-uptime first
collect timestamp sys-uptime last
Re: Error No data found
Posted: Mon Dec 08, 2014 5:44 pm
by sreinhardt
It looks like your PHP time has you in belgrade, but the localtime has you in Eastern time(-5). Let's correct the local system time, and give your system a reboot to make sure all daemons come back with correct references to localtime.
Code: Select all
rm -f /etc/localtime
ln -s /usr/share/zoneinfo/Europe/Belgrade /etc/localtime
reboot
This is presuming you are supposed to be in belgrade, since php default would also be Eastern last I checked.
Re: Error No data found
Posted: Mon Dec 08, 2014 5:45 pm
by abrist
Could you post a few of the caps from wireshark from the 3850?