Nagios Support Forum

I have set NetFlow from my switch to nagiosna for 72h, I am able see that source data increase, however nagiosna does not show anything (few months already). Version upgrades did not helped, Netflow tested with local computer is fine. Nagiosna is working on the same machine as Nagiosna.

cat /etc/sudoers.d/nna_conf
Defaults:%nnacmd !requiretty

Host_Alias HOST = localhost

Cmnd_Alias LIST = /sbin/iptables --list
Cmnd_Alias SAVE = /etc/init.d/iptables save
Cmnd_Alias UPDATE = /sbin/iptables -I INPUT -p udp -j ACCEPT --dport *
Cmnd_Alias DAEMON = /usr/local/nagiosna/bin/nagiosna *

%nnacmd ALL=(ALL) NOPASSWD:LIST
%nnacmd ALL=(ALL) NOPASSWD:SAVE
%nnacmd ALL=(ALL) NOPASSWD:UPDATE
%nnacmd ALL=(ALL) NOPASSWD:/bin/kill *
%nnacmd ALL=(ALL) NOPASSWD:DAEMON

Any idea what is wrong.

Can you run the following commands on the Nagios NA server and show us the output?
Check the time on the sending device and your workstation.

Run the following command:
wait for a while until you get some output, copy & paste the output, so that we can review it.

Also, show us the output of the following command:

#date
Fri Jun 5 10:39:30 EDT 2015

#file /etc/localtime
/etc/localtime: symbolic link to `/usr/share/zoneinfo/US/Eastern'

#grep "date.timezone =" /etc/php.ini
date.timezone = US/Eastern

#tcpdump src 192.168.100.3 and port 9991
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
10:41:37.841647 IP 192.168.100.3.57511 > tor-nagios-01.osm-oev: UDP, length 1416
10:41:37.842934 IP 192.168.100.3.57511 > tor-nagios-01.osm-oev: UDP, length 1416
10:41:38.841580 IP 192.168.100.3.57511 > tor-nagios-01.osm-oev: UDP, length 1416
...

#ll -d /var/www/html/nagiosna/www/media/js
drwxrwxr-x 4 root apache 4096 May 28 14:19 /var/www/html/nagiosna/www/media/js

Inside /usr/local/nagiosna/var/backend.log I see error:
2015-06-05 10:40:01 ERROR : Error reaping file: unknown option '--no-overwrite': Traceback (most recent call last):
File "/usr/local/nagiosna/bin/reap_files.py", line 141, in <module>
main()
File "/usr/local/nagiosna/bin/reap_files.py", line 135, in main
update_views(directory, flowfile, sid, ABS_FLOWFILE)
File "/usr/local/nagiosna/bin/reap_files.py", line 111, in update_views
initialize_source.create_bandwidth_db(ABS_VIEWPATH, '%s-bandwidth.rrd' % name)
File "/usr/local/nagiosna/bin/initialize_source.py", line 60, in create_bandwidth_db
'RRA:HWPREDICT0.1:0.0035:288' )
error: unknown option '--no-overwrite'

What is the make and manufacturer of your switch and what version of Neflow is it using?
Can you run the following command from a shell on the NA system and post back the output?

#rrdtool -v
RRDtool 1.4.8 Copyright 1997-2013 by Tobias Oetiker <[email protected]>
Compiled May 28 2015 14:14:01

Netflow ver. 9, we already tried 5 with the same issue

Switch:
Cisco 3750, running on OS Version 12.2(44)SE5

I would like you to try recompiling nfdump on the Nagios Network Analyzer server in question.
After the compilation is finished, let us know if events start populating in the Web GUI properly.

Still nothing.
When I trying to run report for view other than default I am getting now:

There was an error running nfdump command: /usr/local/bin/nfdump -M '/usr/local/nagiosna/var/3745Corporate/views/192.168.100.3/' -R . -t '2015/06/04.15:07:02-2015/06/05.15:07:01' -N -n '5' -s 'srcip/bytes' -o 'csv' 2> /dev/null

Try restarting the Nagios NA services and checking for those errors once more. Let us know if data doesn't appear within about 30 minutes.

It did not helped.

[image]na2.png[/image]
[image]na1.png[/image]

Where are you seeing that error?

Just to make sure that nfdump was upgraded, please run these commands and post the output: