tips:netflow_troubleshooting
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| tips:netflow_troubleshooting [2020/03/18 18:49] – [2. Check if the Nodes are turned up] navaneeth | tips:netflow_troubleshooting [2020/03/20 15:29] (current) – [8. Analyse the captured flows] navaneeth | ||
|---|---|---|---|
| Line 3: | Line 3: | ||
| This article explains how you can troubleshoot the following problem. | This article explains how you can troubleshoot the following problem. | ||
| + | ** | ||
| + | No data on the dashboard after enabling Netflow in Trisul Network Analytics. | ||
| + | ** | ||
| - | <note warning> | + | {{: |
| - | No data on the dashboard after enabling Netflow in Trisul Network Analytics. | + | |
| - | </ | + | |
| ===== Precondition ===== | ===== Precondition ===== | ||
| Line 35: | Line 36: | ||
| Do you see netflow packets on the screen ? | Do you see netflow packets on the screen ? | ||
| + | |||
| + | {{: | ||
| **Yes**. Move to next | **Yes**. Move to next | ||
| Line 49: | Line 52: | ||
| Check if all the probes and hubs are in the Started position. | Check if all the probes and hubs are in the Started position. | ||
| - | {{: | + | {{: |
| **Yes**. Move to next. | **Yes**. Move to next. | ||
| Line 58: | Line 61: | ||
| ==== 3. Check if the Network Interface is correct.==== | ==== 3. Check if the Network Interface is correct.==== | ||
| - | You can view the network interface by using Admin> | + | You can view the network interface by using //Admin> |
| - | Say suppose | + | Say you have a network interface eth0. |
| Is it Enabled? | Is it Enabled? | ||
| Line 69: | Line 72: | ||
| If any other interface.Click " | If any other interface.Click " | ||
| - | Please ensure that u have Restarted Trisul after this step. | + | {{: |
| + | <note important> | ||
| + | </ | ||
| ==== 4. Check if the NETFLOW_TAP mode is enabled==== | ==== 4. Check if the NETFLOW_TAP mode is enabled==== | ||
| Line 81: | Line 86: | ||
| **No**. Change it from TAP mode to NETFLOW_TAP mode. | **No**. Change it from TAP mode to NETFLOW_TAP mode. | ||
| - | Do not forget to restart | + | <note important> |
| + | </ | ||
| ==== 5. Check if the Netflow ports are interpreted correctly ==== | ==== 5. Check if the Netflow ports are interpreted correctly ==== | ||
| By default, | By default, | ||
| Line 92: | Line 97: | ||
| **No**. Add the specific port number to Netflow using Context: default → profile0 → Netflow Wizard. | **No**. Add the specific port number to Netflow using Context: default → profile0 → Netflow Wizard. | ||
| - | You need to restart trisul after this step. | + | {{: |
| + | <note important> | ||
| + | </ | ||
| ==== 6. Check whether templates are visible ==== | ==== 6. Check whether templates are visible ==== | ||
| Check whether the Netflow template is displayed. This can be done by using Context: | Check whether the Netflow template is displayed. This can be done by using Context: | ||
| Are the templates visible? | Are the templates visible? | ||
| + | |||
| + | {{: | ||
| **Yes**. Move to next step. | **Yes**. Move to next step. | ||
| Line 117: | Line 126: | ||
| - Click on Save. | - Click on Save. | ||
| - | You need to restart trisul | + | <note important> |
| + | </ | ||
| ==== 8. Analyse the captured flows ==== | ==== 8. Analyse the captured flows ==== | ||
| You can analyse the captured flows using Wireshark tool.This can be done by, | You can analyse the captured flows using Wireshark tool.This can be done by, | ||
| Line 126: | Line 135: | ||
| </ | </ | ||
| + | {{: | ||
| + | |||
| + | - Check if you have mentioned the port number correctly. | ||
| + | - If not,then choose ' | ||
| + | - Change the port number(for eg.5111) and set to CFLOW. | ||
| + | |||
| + | {{: | ||
tips/netflow_troubleshooting.1584537587.txt.gz · Last modified: 2020/03/18 18:49 by navaneeth