![]() ![]() ![]() |
For the latest list of Frequently Asked Questions on NetFlow Analyzer, visit the FAQ on the website or the public user forums.
When I try to access the web interface, another web server comes up. How does this happen?
How can I change the MySQL port in NetFlow Analyzer from 13310 to another port?
During installation, NetFlow Analyzer checks if the selected port is in
use by another application. If at that time, the other web server was down,
it will not get detected. Either disable the other web server, change its
server port, or change the
NetFlow Analyzer web server port.
Edit the mysql-ds.xml file in the <NetFlowAnalyzer_Home>/server/default/deploy directory. Change the port number in the line
<connection-url>jdbc:mysql://localhost:13310/netflow</connection-url>
to the desired port number, save the file, and restart the server.
NetFlow Analyzer can be installed and started as a root user, but all file permissions will be modified and later you cannot start the server as any other user.
NetFlow Analyzer does not choose which routers or interfaces to monitor. Devices are auto-discovered. All you need to do is set up your interfaces to send NetFlow data to the specified port on NetFlow Analyzer. Once NetFlow Analyzer starts receiving NetFlow data, you can see the device and its interfaces listed on the Dashboard.
There are a number of things you can check here:
If you get this message on the user interface, it means that NetFlow packets with versions other than version 5, are being received by NetFlow Analyzer. Check your router settings to make sure that only version 5 NetFlow exports are being sent to NetFlow Analyzer. This is because NetFlow Analyzer supports only NetFlow version 5 exports.
This happens because NetFlow packets are still being received from that router. Unless you configure the router itself to stop exporting NetFlow data to NetFlow Analyzer it will reappear on the Dashboard.
If you need to temporarily stop monitoring a router/interface, unmanage it from License Management. In this case, the router/interface is still shown under License Management.If you need to permanently stop monitoring a router/interface, disable NetFlow exports from the interface/router and then delete it from License Management.In this case, the router/interface is not displayed on any of the client screens unless new flows are sent from it.
Graphs will be empty if there is no data available. If you have just installed NetFlow Analyzer, wait for at least ten minutes to start seeing graphs. If you still see an empty graph, it means no data has been received by NetFlow Analyzer. Check your router settings in that case.
If an application is labelled as "TCP_App" or something similar, it means that NetFlow Analyzer has not recognized this application (i.e.) the combination of port and protocol is not mapped as any application. Once you add these applications under Application Mapping they will be recognized.
NetFlow Analyzer shows the top 10 results in all reports by default. You can see up to 100 results in each report by changing the Record Count value in the Runtime Administration page.
Check if you have enabled NetFlow on all interfaces through which traffic flows. Since NetFlow traffic accounting is ingress by default, only IN traffic across an interface is accounted for. To see both IN and OUT traffic graphs for an interface, you need to enable NetFlow on all the interfaces through which traffic flows.
The interfaces may not have responded to the SNMP request sent by NetFlow Analyzer when it sent NetFlow exports for the first time. Check the SNMP settings of the interface or manually edit the interface name from the Dashboard.
![]() ![]() ![]() |