Differences

This shows you the differences between two versions of the page.

--- tips:netflow_troubleshooting [2020/03/19 18:30] – navaneeth
+++ tips:netflow_troubleshooting [2020/03/20 15:29] (current) – [8. Analyse the captured flows] navaneeth
@@ Line 6: / Line 6: @@
 No data on the dashboard after enabling Netflow in Trisul Network Analytics.
 **
+{{:tips:netflowdashboard.png?400|}}
 ===== Precondition =====
@@ Line 83: / Line 86: @@
 **No**. Change it from TAP mode to NETFLOW_TAP mode.
-<note>Do not forget to restart Trisul after this step.
+<note important>Please ensure that you have Restarted Trisul after this step.
 </note>
 ==== 5. Check if the Netflow ports are interpreted correctly ====
@@ Line 96: / Line 99: @@
 {{:tips:port_number.png?600|}}
-<note tip>You need to restart trisul after this step.</note>
+<note important>Please ensure that you have Restarted Trisul after this step.
+</note>
 ==== 6. Check whether templates are visible ====
 Check whether the Netflow template is displayed. This can be done by using Context:default > Admin Tasks > Netflow Template DB.
@@ Line 122: / Line 126: @@
   - Click on Save.
-<note important>You need to restart trisul after this step.</note>
+<note important>Please ensure that you have Restarted Trisul after this step.
+</note>
 ==== 8. Analyse the captured flows ====
 You can analyse the captured flows using Wireshark tool.This can be done by,
@@ Line 131: / Line 135: @@
 </code>
+{{:tips:wireshark.png?600|}}
+  - Check if you have mentioned the port number correctly.
+  - If not,then choose 'decode as' option by right-clicking on any one of the listed entries in wireshark.
+  - Change the port number(for eg.5111) and set to CFLOW.
+{{:tips:wireshark1.png?600|}}