Flowview Plugin - v0.3 Released

[cigamit]

Flowview Plugin
Version 0.3
Released 07/31/06 16:05:20

This plugin a viewer, used to generate reports based on the flat files that flow-capture creates (its a part of flow-tools). Flow-capture must already be setup and creating files, and your Cisco routers must already be sending Net-Flow data to your server for it to work. The plugin does not handle anything beyond the display of the data. The plugin makes use of flow-cat, flow-filter and a few other of the binaries provided by flow-tools.

This plugin is largely a rewrite of the Perl based Flow Viewer written by Joe Loiacono.

Documentation
Download

[lex8009]

Would anyone know of a freeware flow collector that works on Windows?

[georger_br]

http://www.ntop.org/overview.html. Windows binaries aren't publicly available, but you can get my MinGW-ready sources at the following URL: [url]rapidshare.de/files/30699784/ntop-20060824.zip.html[/url]
Unzip and read ntop-3.2.2\ntop\docs\BUILD-MinGW.txt. Regards,

Georger

[lex8009]

thanks

[aspie]

Hey,

Can`t get it to work.
It comes up with alot of errors in my httpd error log with bad magic number:

low-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(summary.out.1): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, short read while loading header top.
flow-cat: ftiheader_read(summary.old): Failed, ignoring file.
flow-nfilter: ftiheader_read(): Warning, short read while loading header top.
flow-nfilter: ftiheader_read(): failed
flow-nfilter: ftio_init(): failed
flow-print: ftiheader_read(): Warning, short read while loading header top.
flow-print: ftiheader_read(): failed
flow-print: ftio_init(): failed
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(current): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(data.0): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(data.1): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(data.2): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(data.3): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(data.4): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(data.5): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(data.6): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(peer_traffic.out): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(peer_traffic.out.0): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(cust_traffic.out): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(cust_traffic.out.0): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(summary.out): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(summary.out.0): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, bad magic number
flow-cat: ftiheader_read(summary.out.1): Failed, ignoring file.
flow-cat: ftiheader_read(): Warning, short read while loading header top.
flow-cat: ftiheader_read(summary.old): Failed, ignoring file.
flow-nfilter: ftiheader_read(): Warning, short read while loading header top.
flow-nfilter: ftiheader_read(): failed
flow-nfilter: ftio_init(): failed
flow-print: ftiheader_read(): Warning, short read while loading header top.
flow-print: ftiheader_read(): failed
flow-print: ftio_init(): failed

Any idea`s?

Thanks

[cromac]

Hi,

I am trying to set up Flowviewer on Windows, but I am unable to compile it in Cygwin. Is here anywone who made this to work on his environment?

Cheers

Cromac

[elpiako]

[elpiako]

Help !!!

[elpiako]

I really need help
Which steps are needed to use Flowviewer ??

I think :
1-configuration of the router (easy, that's ok)
2-configuration of flow-capture on the Cacti server (i think we have to install flow-capture on the cacti server because in the cacti settings, we have to submit the flow files path !!)
3-another step ???
4-how to use flowviewer, there's no doc anywhere

On my Cacti server, in the Settings page, then "Paths" section, I've got no textbox in front of "Flow Tools Binary Path", "Flow Tools Work Directory" and "Flows Directory". What's the matter ?? (check my Server1 configuration below)

[elpiako]

Up ?

[cigamit]

"flow-tools" is a free collector.

[cccchheekkiiee]

hi all,

i am triying to configure flowview on my cacti server!!!!
Anyone can show me step by step how it works???????

Thank you.

[m00tpoint]

Very briefly:

1) Install flow-tools.
2) Configure one or more flows in /etc/flow-tools/flow-capture.conf. Use the docs.
3) chmod your netflow directory 777, unless you can figure out which user on the box the flow plugin is trying to read files as. 666 isn't good enough.
4) Configure the plugin on the cacti web interface, and you should be golden.

[crazy72]

Hi all


Good plugin this, but do you know how is possibile to show the flows with these details :

source IP, source port - destination IP, destination port - traffic

Because all data are in the flow but are showed in two different sections, while I'm interested in top talkers but also the application they are using.

Thanks
Crazy