I'm seeing corrupted flow time in the status log. |
|
|
The reason is that time in exported flows is different then local Linux time.
If Cisco and/or Linux time are not synchronized netflow collector drops flows with bad time value. The problem might be in Time Zone set up (information about which time zone you are located in). Please log into Linux environment. In order to set up time zone you have to use the following command: tzsetup -g This command will display recent time zone and ask if you want to change this time zone. If YES, press Y and applications will offer you various continents, cities or countries that you can choose from. (E.g. for United States type in 3, and then type in your time zone). Changes in this setting are saved automatically. When your changes are completed you have to restart your collector using the following command: /etc/init.d/nfcd restart or better, restart your computer via <Ctrl>+<Alt>+<Del>. To set correct time in the Linux environment you can use date program or you can use the SETUP utility when your computer starts up. If you use date program type the following command: date MMDDhhmmYYYY Where MM is the month number, DD is the day, hh is current hour, mm is current minute and YYYY is the current year. (e.g. date 030415062005 set up system date is the 4th of March 2005 15:06.) We recommend use NTP protocol (ntpdate utility or ntpd service) instead of manually configured date. On the Cisco device you can configure NTP service via the following commands: ntp update-calendar ntp server <ip_address/hostname> i.e.: ntp update-calendar ntp server 0.pool.ntp.org ntp server 1.pool.ntp.org |
|
