Radium not writing netflow records to file
Carter Bullard
carter at qosient.com
Tue Apr 19 19:38:40 EDT 2011
Radium's v6 support has been tested all that much as most of the netflow has been v5.
Does it look like we're missing some, a few, most of the records?
You can run "ra -r cisco-udp://address:port" and see if that is getting what you expect?
If you can provide some flow-tools files with v6 data, I can test to see what maybe happening with any of the tools.
Carter
On Apr 19, 2011, at 6:46 PM, Mike Iglesias <iglesias at uci.edu> wrote:
> I'm using radium to capture netflow v6 records from several routers on our
> campus (all the routers are sending to the argus system port 9996). Radium
> appears to not write all the netflow records it is getting to disk, at least
> from what I can see. I'm running this on a x86_64 Fedora 14 system.
>
> If I run the flow-tools "flow-capture" program, it writes a lot more records
> than radium does. While either program is running, I ssh from my system to
> another system on campus (which traverses at least one of the routers
> generating the netflow data), and see the flow records in the flow-capture
> data but not in the radium data.
>
> The only thing that has been changed from the default radium configuration is
> the RADIUM_OUTPUT_FILE parameter. I'm running radium like this: radium -C
> 9996. I'm using argus-clients 3.0.5.6.
>
>
> --
> Mike Iglesias Email: iglesias at uci.edu
> University of California, Irvine phone: 949-824-6926
> Office of Information Technology FAX: 949-824-2270
>
More information about the argus
mailing list