Argus & Cisco Netflow
Schilling, Timo
Timo.Schilling at danet.de
Mon Mar 5 09:03:56 EST 2007
Hi there,
I tried to read Cisco-NetFlow-Data from port 9995 with the ra-tool. On first server we have nProbe- respective fprobe-daemon.
With ra I get nothing. Either an error-message nor the data I search for. When I start tcpdump, the packets arrive at port 9995, it seems that the daemon works correctly.
I tried to start listening with the following commands:
server> /usr/sbin/fprobe -ieth1 -fip -n5 10.10.10.2:9995
client> ra -CP 10.10.10.1:9995
I also tried radium with the same options, but this command only sets up a binary-file with the size of 4kb, always.
We use argus in version: 3.0.0.rc.34
After reading the mailinglist I tried to get some more information with "-D 12" but ra was as quiet as ever....
Hope someone could help me,
bye
Timo Schilling
------------------------------------
Danet GmbH, Gutenbergstraße 10, 64331 Weiterstadt, Germany
Phone: +49 6151 868-610, Fax: +49 6151 868-980
eMail: timo.schilling at danet.de, URL: www.danet.com
Managing Board: Dr. Reiner Nickel (CEO), Dr. Burkhard Austermühl (CFO)
Chairman of the Supervisory Board: Jaques Bentz Address of Record: Weiterstadt
Commercial Register: Amtsgericht Darmstadt HRB 6450 - Tax Number: DE 172 993 071
More information about the argus
mailing list