Nagios Support Forum

Integration of both log server as well as network analyzer was done properly but I get below error on status information

“UNKNOWN - Error occurred while running the plugin"

as a result when i go to a specific host and perform Netwok analysis i get nothing "No data",please assis what might be the problem.

Can you post the configuration settings for the check that is generating the UNKNOWN error so we can check to see if the settings are correct?

Usually, when you see the "No Data" message for a specific host, that means that the host is not in the flow data stored on the Network Analyser server.
Can you login it the NNA server and verify that you can find that hosts address in the source you have setup in the XI integration?

sorry for a delay,do i need to add the nagios xi as a source on the network analyser after intergration ? i have logged in on the nna but i dont see any host, i have tried to manually add the nagios xi on nna as a source now when viewing host network status on xi "There is no data in your Network Analyzer instance for this Host/Service."

Do i need to add each host on nna ? i thought the integration would autoadd all the hosts from nagisos xi.

No, you shouldn't have to add the XI server as a source on the NNA server.

When you click on the Network Analysis Tab in the XI GUI, it runs a query on the NNA server looking for any traffic that was captured in the Flow data for that host.
If that host transmitted or received IP data and it was captured by the device and that device sent the flow data to the NNA server, then it should show up in the report.
Take a look at this document for integrating NNA in to XI as it has more details on this subject.
https://assets.nagios.com/downloads/nag ... ios_XI.pdf

What I suspect is that the hosts are not sending traffic through the device that is capturing the Flow data and without knowing how your network is setup, I can only guess.

To test out the basic functionality of the XI to NNA integration, in the XI interface, click on the Reports > Network report. It should display the top 5 talkers report from the NNA server if everything is setup correctly.

Please assit to elaborate, i beleive the devices should be sending the flows to nna via nagios xi (once intargration is done)? is there any other configuration need to be done for the devices to be able to send the flows to nna?

i followed the same guide on that link.

below is the output of logs on the nna

[root@localhost ~]# tail -f /usr/local/nagiosna/var/backend.log
2017-08-21 23:40:10 DEBUG : Checks found: ()
2017-08-21 23:40:10 INFO : Ran checks successfully
2017-08-21 23:40:10 INFO : Successfully reaped nfcapd file.
2017-08-21 23:44:25 INFO : Parsing data for the source id: 1
2017-08-21 23:44:25 DEBUG : Arguments: /usr/local/nagiosna/var/Nagiosxi/flows, nfcapd.201708212340, 1
2017-08-21 23:44:25 DEBUG : Running checks...
2017-08-21 23:44:25 DEBUG : Getting relevant checks for source id: 1
2017-08-21 23:44:25 DEBUG : Checks found: ()
2017-08-21 23:44:25 INFO : Ran checks successfully
2017-08-21 23:44:25 INFO : Successfully reaped nfcapd file.

Having NNA integrated in XI has nothing to do with setting up the NNA server to receive flows from that Host.
What the integration does is to allow you to run a report or query in the XI interface from the data on the NNA server.
If the data is not on the NNA server for that host, you will get the No Data Found. And by Host, I do not mean the Nagios XI server itself, I mean the host that you are monitoring in XI
Take a look as the screen shot for the host that is highlighted in yellow. What devices do you have currently setup to send flow data to the NNA server?

Are the hosts on your network, passing data through those devices that are configured to send flow data to the NNA server?

Are you trying to setup fprobe on the Nagios XI server?

Thanks for below answer,it is working now after understanding the technicality behind

What devices do you have currently setup to send flow data to the NNA server? Cisco routers,switches and Linux servers

Are the hosts on your network, passing data through those devices that are configured to send flow data to the NNA server? Yes they are

Are you trying to setup fprobe on the Nagios XI server? No i have setup fprobe on linux servers to send flows to nna,i managed for two servers but suprisingly failed when adding new servers,i only see them on the nna but i cant get anything on nagios xi

is it possible to see protocols running as a part of the flows ?

bozra wrote: is it possible to see protocols running as a part of the flows ?

The flow data does not include any protocol data, each flows contains: