Hi

I had the Netflow tool up and running and it was working great and coming back with useful data. About 12 hours after in the small hours of the morning the data stopped. I refreshed, tried amending the time flow update interval and template timeout time but nada. I have used the Netflow tester and receive all template ID's of 285-256.

Nothing had been changed on the ASA since setting up NetFlow.

Article Comments

Hi,

Thank you for the Kb-Post! Please share the results from the Netflow Tester, as well as the following screenshots of the affected sensor (out of the PRTG AJAX Webinterface):

  • the "Overview" tab,
  • the "Log" tab,
  • the "Settings" tab (multiple screenshots if necessary to cover all options).

Please make sure the screenshots show the entire user interface, and aren't cropped. This should help to start debugging the issue.

best regards.


Jun, 2018 - Permalink

Okay I have went through the Netflow sensor and captured the images.

The port in use is 2055. I paused the sensor when using the tester to verify templates are received.

Overview https://pasteboard.co/HpyulDR.png

Log https://pasteboard.co/Hpyu3Yo.png

Settings1 https://pasteboard.co/HpyuEtP.png

Settings2 https://pasteboard.co/HpyuPlh.png

Settings3 https://pasteboard.co/HpyuYSn.png

Settings 4 https://pasteboard.co/Hpyv7Yl.png

NetFlow Test https://pasteboard.co/Hpyuvl1.png


Jun, 2018 - Permalink

Thank you for the screenshots. While the settings of the sensor look correct, the flow data in the tester does not look good. It did receive template files, but no actual payload with traffic data (the empty "Decoded"-field). I can only recommend to check with Cisco then here.


Jun, 2018 - Permalink