Log Collection Netflow: Troubleshoot Netflow Collection

Document created by RSA Information Design and Development on Jul 29, 2016
Version 1Show Document
  • View in full screen mode
 

This topic highlights possible problems that you may encounter with Netflow Collection and provides suggested solutions to these problems.

Troubleshoot Netflow Collection Issues

In general, you receive more robust log messages by disabling SSL.

                 
Log Message/
Problem
Log Collector is not receiving Netflow traffic.
Possible CauseConfigured the wrong port.
SolutionMake sure that you configured the correct firewall port (that is, 2055, 4739, 6343, or 9995).

 

                 
Log Message/
Problem
Log Collector issues log messages that tell you there was an incompatible or mismatched header or version number.
Possible CauseNetflow v10 event information was sent to log collector.
SolutionIgnore - Netflow v10 is not supported in Security Analytics 10.4. Netflow Collection only accepts events from Netflow v5 and Netflow v9.
You are here: Netflow Collection Configuration Guide > Troubleshoot Netflow Collection

Attachments

    Outcomes