arshadkhan20 10 Laps
I am using Linux based Netflow Analyzer build 9860 with embedded MYSQL. All was working fine but since few days i have observed that devices interface graphs are working fine and but APPLICATION HOURLY graph is not displaying while 6 Hours APPLICATION graph is displaying fine.

I also noted that huge incoming input / out traffic on NETFLOW ANALYZER Server loopback interface but when i shutdown netflow service said traffic will be claim. 

Kindly find the attached files of Hourly graph and 6 hours graphs for your reference.

Kindly advice me for the same.

Attachments

Replies (10)

Hi ,

Thank you for writing to us. Please follow the steps mentioned in the below link and check on the issue:

https://desk.zoho.com/portal/manageengine/kb/articles/steps-to-reduce-the-disc-space-for-netflow-analyzer-rawcleanup

Thanks & Regards,

Aravind Lenin
Technical Support Engg- Netflow Analyzer
arshadkhan20 10 Laps
Hi,

I have toned the Netflow Analyzer with 3GB setting provided in the links ( My netflow Machine have 5GB of RAM), now netflow showing 15 minutes of application graph but not of One hour graph. Also showing six hours application graph too and set the raw data setting up to 3 days.

Regards,
Arshad
arshadkhan20 10 Laps
Hello,

I am waiting for the reply so i will toned the machine accordingly.

Regards,
Arshad
Hi Arshad,

Please observe the product for a day and check on the issue.

Thanks & Regards,

Aravind Lenin
Technical Support Engg- Netflow Analyzer


arshadkhan20 10 Laps
HI,

2-3 days have already passed since changes have made.

Regards,

Arshad
Hi ,

Thank you for writing to us. Please send us the screenshot for the issue that you are facing, we will check and get back to you.

Thanks & Regards,

Aravind Lenin
Technical Support Engg- Netflow Analyzer
arshadkhan20 10 Laps
HI,

KIndly find the attached files for better understanding.

Regards,
Arshad

Attachments

Hi Arshad,

Please send us the log files, so that we can analyze the logs and assist you accordingly.

1. Navigate to <NetFlow_Home>/troubleshooting directory and execute LogZipUtil.bat/.sh.
2. This will create a zip file under <NetFlow_Home>/support directory.
3. Please send us the zip file for analysis, if the zip file is more than 2 MB please upload the log file in the following link.

http://bonitas.zohocorp.com/upload/index.jsp?to=netflowanalyzer-support@manageengine.com

Thanks & Regards,

Aravind Lenin
Technical Support Engg- Netflow Analyzer
arshadkhan20 10 Laps
Dear Concerns,

I tried to run the above command but disk space going to full when i execute that command, (GBs of space going to full when i execute said command). I have also noticed that now tmp folder is continuously increasing now a days as its size up to 30 40G. here i am putting the text from these logs file for reference.

-1,2886992933,2886740002,5000060,5000064,1725,6,30158,49261,52,2017-06-13 11:25:02,2017-06-13 11:25:02,2017-06-13 11:25:02,1,-1,-1,0,16,24,24,2886740002,-1
-1,2886740012,2886992923,5000064,5000060,1725,6,49278,36405,41,2017-06-13 11:25:02,2017-06-13 11:25:02,2017-06-13 11:25:02,1,-1,-1,0,16,24,24,3232235785,-1
-1,2886992923,2886740012,5000060,5000064,1725,6,36405,49278,52,2017-06-13 11:25:02,2017-06-13 11:25:02,2017-06-13 11:25:02,1,-1,-1,0,16,24,24,2886740012,-1
-1,2886992932,2886740260,5000060,5000062,1668,6,445,53412,1551,2017-06-13 11:24:47,2017-06-13 11:25:00,2017-06-13 11:24:47,8,-1,-1,0,26,24,24,2886740260,-1
-1,2886992932,2886740260,5000060,5000062,1668,6,445,53412,270,2017-06-13 11:25:00,2017-06-13 11:25:02,2017-06-13 11:25:02,2,-1,-1,0,26,24,24,2886740260,-1
-1,2886740000,2886992923,5000064,5000060,1725,6,50000,135,80,2017-06-13 11:25:16,2017-06-13 11:25:16,2017-06-13 11:25:16,2,-1,-1,0,17,24,24,3232235785,-1
 
I have also noticed the loopback interface of linux machine (in which netflow is installed) continuously operates on 10Mbps (both sending & receiving) and when i ran tcpdump -n -i lo so i receive the following output in very fast appearing, below are the some lines for reference.

10:29:26.417112 IP 127.0.0.1.58479 > 127.0.0.1.13310: Flags [P.], seq 199017:199091, ack 194460, win 386, options [nop,nop,TS val 2139228033 ecr 2139228033], length 74
10:29:26.417250 IP 127.0.0.1.13310 > 127.0.0.1.58479: Flags [P.], seq 194460:194530, ack 199091, win 386, options [nop,nop,TS val 2139228033 ecr 2139228033], length 70
10:29:26.417372 IP 127.0.0.1.58479 > 127.0.0.1.13310: Flags [P.], seq 199091:199164, ack 194530, win 386, options [nop,nop,TS val 2139228033 ecr 2139228033], length 73

Kindly guide me in this regard.

Regards,
Arshad

Hi Arshad,

We need the logs to analyze the issue. Please stop the NetFlow Analyzer service and zip and send us the folder named logs form location NetFlow_Home/bin.

If the capture file is more than 2 MB please upload the file in the following link.


Select product name as NetFlow Analyzer.


Thanks & Regards,

Aravind Lenin
Technical Support Engg- Netflow Analyzer