Open tobberharley opened 2 years ago
I get this error when collecting IPFIX data from Mikrotik router: [collect.c:3150] WARNING: Unrecognized version [0D][0A]
Does anyone know what that means?
nprobe -n none -i none --collector-port 2055 --zmq-probe-mode --zmq "tcp://ntopng-service:5556" –-disable-cache --bind-export-interface eth0 -T "@NTOPNG@" -b 2 -W --debug
ntopng -i "tcp://*:5556c" --community --disable-login 1 --local-networks="10.0.0.0/8, 192.168.0.0/16"
07/Apr/2022 08:09:05 [nprobe.c:5137] Reading configuration file /etc/nprobe/nprobe-none.conf 07/Apr/2022 08:09:05 [plugin.c:180] No plugins found in ./plugins 07/Apr/2022 08:09:05 [plugin.c:188] Loading 23 plugins [.so] from /usr/lib/nprobe/plugins 07/Apr/2022 08:09:05 [nprobe.c:4914] WARNING: Invalid license (/etc/nprobe.license) [Missing license file. Plese read https://www.ntop.org/support/faq/license-inside-a-container] 07/Apr/2022 08:09:05 [nprobe.c:4924] WARNING: ** 07/Apr/2022 08:09:05 [nprobe.c:4925] WARNING: 07/Apr/2022 08:09:05 [nprobe.c:4926] WARNING: Switching to DEMO MODE 07/Apr/2022 08:09:05 [nprobe.c:4927] WARNING: - Missing license file. Plese read https://www.ntop.org/support/faq/license-inside-a-container 07/Apr/2022 08:09:05 [nprobe.c:4928] WARNING: 07/Apr/2022 08:09:05 [nprobe.c:4930] WARNING: Purchase your license at 07/Apr/2022 08:09:05 [nprobe.c:4931] WARNING: https://shop.ntop.org/ 07/Apr/2022 08:09:05 [nprobe.c:4932] WARNING: 07/Apr/2022 08:09:05 [nprobe.c:4934] WARNING: ** 07/Apr/2022 08:09:05 [nprobe.c:6845] WARNING: The output interfaceId is set to 0: did you forget to use -Q perhaps ? 07/Apr/2022 08:09:05 [nprobe.c:6848] WARNING: The input interfaceId is set to 0: did you forget to use -u perhaps ? 07/Apr/2022 08:09:05 [nprobe.c:6939] Flow cache is disabled in flow collection mode 07/Apr/2022 08:09:05 [nprobe.c:6942] Welcome to nProbe v.9.6.220326 for x86_64-pc-linux-gnu with native PF_RING acceleration 07/Apr/2022 08:09:05 [nprobe.c:6954] Pro Edition running on Ubuntu 20.04.4 LTS 07/Apr/2022 08:09:05 [nprobe.c:6955] Current limits [4 ZMQ exporters][4 collector devices] 07/Apr/2022 08:09:05 [nprobe.c:6967] SystemId: L2444CEE100800F1F--U2444CEE108A217DC--OL 07/Apr/2022 08:09:05 [nprobe.c:6971] Tracing enabled 07/Apr/2022 08:09:05 [nprobe.c:7037] Sample rate [packet: 1][flow collection/export: 1/1] 07/Apr/2022 08:09:05 [nprobe.c:10086] WARNING: 07/Apr/2022 08:09:05 [nprobe.c:10087] WARNING: NOTE: This is a DEMO version limited to: 07/Apr/2022 08:09:05 [nprobe.c:10088] WARNING: - flows export: 5000 (live), 512 (pcap). 07/Apr/2022 08:09:05 [nprobe.c:10089] WARNING: - 300 seconds. 07/Apr/2022 08:09:05 [nprobe.c:10090] WARNING: 07/Apr/2022 08:09:05 [plugin.c:256] Initializing BGP Update Listener 07/Apr/2022 08:09:05 [bgpPlugin.c:320] BGP plugin is disabled (--bgp-port has not been specified) 07/Apr/2022 08:09:05 [plugin.c:256] Initializing Custom Fields 07/Apr/2022 08:09:05 [customPlugin.c:98] Initialized Custom plugin 07/Apr/2022 08:09:05 [plugin.c:256] Initializing MySQL DB 07/Apr/2022 08:09:05 [dbPlugin.c:146] Initializing DB plugin 07/Apr/2022 08:09:05 [plugin.c:256] Initializing Export Plugin 07/Apr/2022 08:09:05 [exportPlugin.c:665] Initializing Export plugin 07/Apr/2022 08:09:05 [plugin.c:256] Initializing Netflow-Lite Plugin 07/Apr/2022 08:09:05 [nflitePlugin.c:943] [NFLite] Initialized NetFlow-Lite plugin 07/Apr/2022 08:09:05 [plugin.c:267] 23 plugin(s) loaded [3 delete][2 packet]. 07/Apr/2022 08:09:05 [nprobe.c:8911] Compiling flow templates... 07/Apr/2022 08:09:05 [nprobe.c:8966] Using template @NTOPNG@ 07/Apr/2022 08:09:05 [nprobe.c:8968] Using NetFlow Packet Payload Len: 1472 07/Apr/2022 08:09:05 [nprobe.c:8886] @NTOPNG@ expanded to " %IN_SRC_MAC %OUT_DST_MAC %INPUT_SNMP %OUTPUT_SNMP %SRC_VLAN %IPV4_SRC_ADDR %IPV4_DST_ADDR %L4_SRC_PORT %L4_DST_PORT %IPV6_SRC_ADDR %IPV6_DST_ADDR %IP_PROTOCOL_VERSION %PROTOCOL %L7_PROTO %IN_BYTES %IN_PKTS %OUT_BYTES %OUT_PKTS %FIRST_SWITCHED %LAST_SWITCHED %CLIENT_TCP_FLAGS %SERVER_TCP_FLAGS %L7_PROTO_RISK %L7_RISK_SCORE %EXPORTER_IPV4_ADDRESS %DIRECTION " 07/Apr/2022 08:09:05 [nprobe.c:9001] Flow export type (-T): bidirectional flows 07/Apr/2022 08:09:05 [template.c:2721] Processing %IN_SRC_MAC %OUT_DST_MAC %INPUT_SNMP %OUTPUT_SNMP %SRC_VLAN %IPV4_SRC_ADDR %IPV4_DST_ADDR %L4_SRC_PORT %L4_DST_PORT %IPV6_SRC_ADDR %IPV6_DST_ADDR %IP_PROTOCOL_VERSION %PROTOCOL %L7_PROTO %IN_BYTES %IN_PKTS %OUT_BYTES %OUT_PKTS %FIRST_SWITCHED %LAST_SWITCHED %CLIENT_TCP_FLAGS %SERVER_TCP_FLAGS %L7_PROTO_RISK %L7_RISK_SCORE %EXPORTER_IPV4_ADDRESS %DIRECTION 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_SRC_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_DST_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [INPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUTPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SRC_VLAN][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV4_SRC_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV4_DST_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_SRC_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_DST_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV6_SRC_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV6_DST_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IP_PROTOCOL_VERSION][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [PROTOCOL][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [FIRST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [LAST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [CLIENT_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SERVER_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO_RISK][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_RISK_SCORE][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [EXPORTER_IPV4_ADDRESS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [DIRECTION][found=1] 07/Apr/2022 08:09:05 [template.c:2721] Processing %IN_SRC_MAC %OUT_DST_MAC %INPUT_SNMP %OUTPUT_SNMP %SRC_VLAN %IPV4_SRC_ADDR %IPV4_DST_ADDR %L4_SRC_PORT %L4_DST_PORT %IPV4_SRC_ADDR %IPV4_DST_ADDR %IP_PROTOCOL_VERSION %PROTOCOL %L7_PROTO %IN_BYTES %IN_PKTS %OUT_BYTES %OUT_PKTS %FIRST_SWITCHED %LAST_SWITCHED %CLIENT_TCP_FLAGS %SERVER_TCP_FLAGS %L7_PROTO_RISK %L7_RISK_SCORE %EXPORTER_IPV4_ADDRESS %DIRECTION 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_SRC_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_DST_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [INPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUTPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SRC_VLAN][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV4_SRC_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV4_DST_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_SRC_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_DST_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2818] Duplicate template element found IPV4_SRC_ADDR: skipping 07/Apr/2022 08:09:05 [template.c:2818] Duplicate template element found IPV4_DST_ADDR: skipping 07/Apr/2022 08:09:05 [template.c:2848] Checking [IP_PROTOCOL_VERSION][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [PROTOCOL][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [FIRST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [LAST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [CLIENT_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SERVER_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO_RISK][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_RISK_SCORE][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [EXPORTER_IPV4_ADDRESS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [DIRECTION][found=1] 07/Apr/2022 08:09:05 [template.c:2721] Processing %IN_SRC_MAC %OUT_DST_MAC %INPUT_SNMP %OUTPUT_SNMP %SRC_VLAN %IPV6_SRC_ADDR %IPV6_DST_ADDR %L4_SRC_PORT %L4_DST_PORT %IPV6_SRC_ADDR %IPV6_DST_ADDR %IP_PROTOCOL_VERSION %PROTOCOL %L7_PROTO %IN_BYTES %IN_PKTS %OUT_BYTES %OUT_PKTS %FIRST_SWITCHED %LAST_SWITCHED %CLIENT_TCP_FLAGS %SERVER_TCP_FLAGS %L7_PROTO_RISK %L7_RISK_SCORE %EXPORTER_IPV6_ADDRESS %DIRECTION 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_SRC_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_DST_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [INPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUTPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SRC_VLAN][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV6_SRC_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV6_DST_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_SRC_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_DST_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2818] Duplicate template element found IPV6_SRC_ADDR: skipping 07/Apr/2022 08:09:05 [template.c:2818] Duplicate template element found IPV6_DST_ADDR: skipping 07/Apr/2022 08:09:05 [template.c:2848] Checking [IP_PROTOCOL_VERSION][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [PROTOCOL][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [FIRST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [LAST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [CLIENT_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SERVER_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO_RISK][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_RISK_SCORE][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [EXPORTER_IPV6_ADDRESS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [DIRECTION][found=1] 07/Apr/2022 08:09:05 [template.c:2721] Processing %IN_SRC_MAC %OUT_DST_MAC %INPUT_SNMP %OUTPUT_SNMP %SRC_VLAN %IPV6_SRC_ADDR %IPV6_DST_ADDR %L4_SRC_PORT %L4_DST_PORT %IPV6_SRC_ADDR %IPV6_DST_ADDR %IP_PROTOCOL_VERSION %PROTOCOL %L7_PROTO %IN_BYTES %IN_PKTS %OUT_BYTES %OUT_PKTS %FIRST_SWITCHED %LAST_SWITCHED %CLIENT_TCP_FLAGS %SERVER_TCP_FLAGS %L7_PROTO_RISK %L7_RISK_SCORE %EXPORTER_IPV6_ADDRESS %DIRECTION 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_SRC_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_DST_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [INPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUTPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SRC_VLAN][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV6_SRC_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV6_DST_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_SRC_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_DST_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2818] Duplicate template element found IPV6_SRC_ADDR: skipping 07/Apr/2022 08:09:05 [template.c:2818] Duplicate template element found IPV6_DST_ADDR: skipping 07/Apr/2022 08:09:05 [template.c:2848] Checking [IP_PROTOCOL_VERSION][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [PROTOCOL][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [FIRST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [LAST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [CLIENT_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SERVER_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO_RISK][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_RISK_SCORE][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [EXPORTER_IPV6_ADDRESS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [DIRECTION][found=1] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin BGP Update Listener [bgp] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin Custom Fields [custom] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin MySQL DB [db] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin DHCP Protocol [dhcp] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin Diameter Protocol [diameter] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin DNS/LLMNR Protocol [dns] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin Export Plugin [export] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin FTP Protocol [ftp] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin GTPv0 Signaling Protocol [gtpv0] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin GTPv1 Signaling Protocol [gtpv1] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin GTPv2 Signaling Protocol [gtpv2] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin HTTP Protocol [http] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin IMAP Protocol [imap] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin Modbus Plugin [modbus] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin MySQL Plugin [mysql] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin NETBIOS Protocol [netbios] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin Netflow-Lite Plugin [nflite] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin POP3 Protocol [pop3] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin Radius Protocol [radius] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin RTP Plugin [rtp] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin SIP Plugin [sip] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin SMTP Protocol [smtp] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin SSDP Protocol [ssdp] 07/Apr/2022 08:09:05 [plugin.c:1185] 0 plugin(s) enabled 07/Apr/2022 08:09:05 [template.c:2721] Processing %IN_BYTES %IN_PKTS %PROTOCOL %L4_SRC_PORT %IPV4_SRC_ADDR %INPUT_SNMP %L4_DST_PORT %IPV4_DST_ADDR %OUTPUT_SNMP %LAST_SWITCHED %FIRST_SWITCHED %OUT_BYTES %OUT_PKTS %SRC_VLAN %IN_SRC_MAC %OUT_DST_MAC %IP_PROTOCOL_VERSION %DIRECTION %EXPORTER_IPV4_ADDRESS %CLIENT_TCP_FLAGS %SERVER_TCP_FLAGS %L7_PROTO %L7_PROTO_RISK %L7_RISK_SCORE 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [PROTOCOL][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_SRC_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV4_SRC_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [INPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_DST_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV4_DST_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUTPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [LAST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [FIRST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SRC_VLAN][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_SRC_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_DST_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IP_PROTOCOL_VERSION][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [DIRECTION][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [EXPORTER_IPV4_ADDRESS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [CLIENT_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SERVER_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO_RISK][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_RISK_SCORE][found=1] 07/Apr/2022 08:09:05 [template.c:2690] [IN_BYTES][numElements=1] 07/Apr/2022 08:09:05 [template.c:2690] [IN_PKTS][numElements=2] 07/Apr/2022 08:09:05 [template.c:2690] [PROTOCOL][numElements=3] 07/Apr/2022 08:09:05 [template.c:2690] [L4_SRC_PORT][numElements=4] 07/Apr/2022 08:09:05 [template.c:2690] [IPV4_SRC_ADDR][numElements=5] 07/Apr/2022 08:09:05 [template.c:2690] [INPUT_SNMP][numElements=6] 07/Apr/2022 08:09:05 [template.c:2690] [L4_DST_PORT][numElements=7] 07/Apr/2022 08:09:05 [template.c:2690] [IPV4_DST_ADDR][numElements=8] 07/Apr/2022 08:09:05 [template.c:2690] [OUTPUT_SNMP][numElements=9] 07/Apr/2022 08:09:05 [template.c:2690] [LAST_SWITCHED][numElements=10] 07/Apr/2022 08:09:05 [template.c:2690] [FIRST_SWITCHED][numElements=11] 07/Apr/2022 08:09:05 [template.c:2690] [OUT_BYTES][numElements=12] 07/Apr/2022 08:09:05 [template.c:2690] [OUT_PKTS][numElements=13] 07/Apr/2022 08:09:05 [template.c:2690] [SRC_VLAN][numElements=14] 07/Apr/2022 08:09:05 [template.c:2690] [IN_SRC_MAC][numElements=15] 07/Apr/2022 08:09:05 [template.c:2690] [OUT_DST_MAC][numElements=16] 07/Apr/2022 08:09:05 [template.c:2690] [IP_PROTOCOL_VERSION][numElements=17] 07/Apr/2022 08:09:05 [template.c:2690] [DIRECTION][numElements=18] 07/Apr/2022 08:09:05 [template.c:2690] [EXPORTER_IPV4_ADDRESS][numElements=19] 07/Apr/2022 08:09:05 [template.c:2690] [CLIENT_TCP_FLAGS][numElements=20] 07/Apr/2022 08:09:05 [template.c:2690] [SERVER_TCP_FLAGS][numElements=21] 07/Apr/2022 08:09:05 [template.c:2690] [L7_PROTO][numElements=22] 07/Apr/2022 08:09:05 [template.c:2690] [L7_PROTO_RISK][numElements=23] 07/Apr/2022 08:09:05 [template.c:2690] [L7_RISK_SCORE][numElements=24] 07/Apr/2022 08:09:05 [template.c:2721] Processing %TOTAL_FLOWS_EXP %TOTAL_PKTS_EXP 07/Apr/2022 08:09:05 [template.c:2848] Checking [TOTAL_FLOWS_EXP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [TOTAL_PKTS_EXP][found=1] 07/Apr/2022 08:09:05 [template.c:2690] [TOTAL_FLOWS_EXP][numElements=1] 07/Apr/2022 08:09:05 [template.c:2690] [TOTAL_PKTS_EXP][numElements=2] 07/Apr/2022 08:09:05 [nprobe.c:9396] Scanning flow template... 07/Apr/2022 08:09:05 [nprobe.c:9406] Template [id=257] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found IN_BYTES [num 1][id 1][8 bytes][total 8 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found IN_PKTS [num 2][id 2][4 bytes][total 12 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found PROTOCOL [num 3][id 4][1 bytes][total 13 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found L4_SRC_PORT [num 4][id 7][2 bytes][total 15 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found IPV4_SRC_ADDR [num 5][id 8][4 bytes][total 19 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found INPUT_SNMP [num 6][id 10][4 bytes][total 23 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found L4_DST_PORT [num 7][id 11][2 bytes][total 25 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found IPV4_DST_ADDR [num 8][id 12][4 bytes][total 29 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found OUTPUT_SNMP [num 9][id 14][4 bytes][total 33 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found LAST_SWITCHED [num 10][id 21][4 bytes][total 37 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found FIRST_SWITCHED [num 11][id 22][4 bytes][total 41 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found OUT_BYTES [num 12][id 23][8 bytes][total 49 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found OUT_PKTS [num 13][id 24][4 bytes][total 53 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found SRC_VLAN [num 14][id 58][2 bytes][total 55 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found IN_SRC_MAC [num 15][id 56][6 bytes][total 61 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found OUT_DST_MAC [num 16][id 57][6 bytes][total 67 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found IP_PROTOCOL_VERSION [num 17][id 60][1 bytes][total 68 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found DIRECTION [num 18][id 61][1 bytes][total 69 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found EXPORTER_IPV4_ADDRESS [num 19][id 130][4 bytes][total 73 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found CLIENT_TCP_FLAGS [num 20][id 78][1 bytes][total 74 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found SERVER_TCP_FLAGS [num 21][id 79][1 bytes][total 75 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found L7_PROTO [num 22][id 118][2 bytes][total 77 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found L7_PROTO_RISK [num 23][id 509][4 bytes][total 81 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found L7_RISK_SCORE [num 24][id 527][2 bytes][total 83 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9436] Scanning option template... 07/Apr/2022 08:09:05 [nprobe.c:9442] Found TOTAL_FLOWS_EXP [id 42][4 bytes][total 4 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9442] Found TOTAL_PKTS_EXP [id 41][4 bytes][total 8 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9474] Each flow is 83 bytes long 07/Apr/2022 08:09:05 [nprobe.c:9475] The # flows per packet has been set to 16 07/Apr/2022 08:09:05 [nprobe.c:9478] IP TOS is ignored 07/Apr/2022 08:09:05 [nprobe.c:10311] IPv6 traffic will NOT be exported/accounted by this probe 07/Apr/2022 08:09:05 [nprobe.c:10312] due to configuration options (e.g. use NetFlow v9) 07/Apr/2022 08:09:05 [nprobe.c:10313] Please use -V to set the version to other than NetFlow V5 07/Apr/2022 08:09:05 [nprobe.c:10316] The flows hash has 131072 buckets 07/Apr/2022 08:09:05 [nprobe.c:10318] Flows older than 120 seconds will be exported 07/Apr/2022 08:09:05 [nprobe.c:10321] Flows inactive for at least 30 seconds will be exported 07/Apr/2022 08:09:05 [nprobe.c:10324] Expired flows will not be queued for more than 30 seconds 07/Apr/2022 08:09:05 [nprobe.c:10331] Exported flows with engineType 0 and engineId 33 07/Apr/2022 08:09:05 [nprobe.c:10367] TCP TOS will be ignored and set to 0. 07/Apr/2022 08:09:05 [nprobe.c:10371] Flows ASs will not be computed (no GeoDB files loaded) 07/Apr/2022 08:09:05 [nprobe.c:10403] Flows will be emitted in IPFIX format 07/Apr/2022 08:09:05 [nprobe.c:10456] Flow input interface index is set to 0 07/Apr/2022 08:09:05 [nprobe.c:10462] Flow output interface index is set to 0 07/Apr/2022 08:09:05 [nprobe.c:10483] Not capturing packet from interface (collector mode) 07/Apr/2022 08:09:05 [util.c:5480] Initializing ZMQ as client 07/Apr/2022 08:09:05 [util.c:5553] Exporting flows towards ZMQ endpoint tcp://172.20.207.45:5556 07/Apr/2022 08:09:05 [util.c:5573] TCP keepalive set 07/Apr/2022 08:09:05 [util.c:5579] TCP keepalive idle set to 30 seconds 07/Apr/2022 08:09:05 [util.c:5585] TCP keepalive count set to 3 07/Apr/2022 08:09:05 [util.c:5591] TCP keepalive interval set to 3 seconds 07/Apr/2022 08:09:05 [util.c:4337] Enlarged socket buffer [echo 8388608 > /proc/sys/net/core/rmem_max] sh: 1: cannot create /proc/sys/net/core/rmem_max: Directory nonexistent 07/Apr/2022 08:09:05 [util.c:4386] nProbe changed user to 'nprobe' 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin BGP Update Listener (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin Custom Fields (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin MySQL DB (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin DHCP Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin Diameter Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin DNS/LLMNR Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin Export Plugin (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin FTP Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin GTPv0 Signaling Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin GTPv1 Signaling Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin GTPv2 Signaling Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin HTTP Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin IMAP Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin Modbus Plugin (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin MySQL Plugin (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin NETBIOS Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin Netflow-Lite Plugin (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin POP3 Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin Radius Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin RTP Plugin (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin SIP Plugin (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin SMTP Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin SSDP Protocol (no template is using it) 07/Apr/2022 08:09:05 [collect.c:145] Created UDP sockets 07/Apr/2022 08:09:05 [collect.c:214] Flow collector listening on port 2055 (IPv4/v6) 07/Apr/2022 08:09:05 [nprobe.c:10672] WARNING: 07/Apr/2022 08:09:05 [nprobe.c:10673] WARNING: You're running nProbe in DEBUG mode 07/Apr/2022 08:09:05 [nprobe.c:10674] WARNING: 07/Apr/2022 08:09:05 [nprobe.c:10700] Starting 1 packet fetch thread(s) 07/Apr/2022 08:09:05 [engine.c:4549] Starting bucket dequeue thread 07/Apr/2022 08:09:05 [export.c:548] Using TLV as serialization format 07/Apr/2022 08:09:05 [nprobe.c:10855] nProbe started successfully 07/Apr/2022 ... 07/Apr/2022 08:11:16 [util.c:5635] [ZMQ] [event] { "iface": { "name": "none", "speed": 1000, "ip": "" }, "probe": { "version": "9.6.220326", "osname": "Ubuntu 20.04.4 LTS", "license": "Time-limited license", "edition": "Pro", "maintenance": "Until Thu Jan 1 00:00:00 1970 [4294948207 days left]", "ip": "10.251.4.75", "public_ip": "" }, "time" : 1649319076.358, "bytes": 0, "packets": 0, "avg": { "bps": 0, "pps": 0 }, "sampling": { "pkt_rate": 1, "collection_rate": 1, "flow_export_rate": 1 }, "drops" : { "export_queue_too_long": 0, "too_many_flows": 0, "elk_flow_drops": 0, "sflow_pkt_sample_drops": 0, "flow_collection_drops": 0, "flow_collection_udp_socket_drops": 0 }, "timeout": { "lifetime": 120, "idle": 30, "collected_lifetime": 0 }, "flow_collection": { "nf_ipfix_flows": 0, "sflow_samples": 0 }, "zmq": { "num_flow_exports": 0, "num_exporters": 1 } } 07/Apr/2022 08:11:17 [collect.c:3254] NETFLOW_DEBUG: Received 1504 bytes flow 07/Apr/2022 08:11:17 [collect.c:3109] Collecting flows from 10.201.255.1 [total: 1/4] 07/Apr/2022 08:11:17 [collect.c:3150] WARNING: Unrecognized version [0D][0A]
and i have the same problem
ghadaashra
commented
2 years ago ghadaashra
commented
2 years ago
I get this error when collecting IPFIX data from Mikrotik router: [collect.c:3150] WARNING: Unrecognized version [0D][0A]
Does anyone know what that means?
nprobe -n none -i none --collector-port 2055 --zmq-probe-mode --zmq "tcp://ntopng-service:5556" –-disable-cache --bind-export-interface eth0 -T "@NTOPNG@" -b 2 -W --debug
ntopng -i "tcp://*:5556c" --community --disable-login 1 --local-networks="10.0.0.0/8, 192.168.0.0/16"
07/Apr/2022 08:09:05 [nprobe.c:5137] Reading configuration file /etc/nprobe/nprobe-none.conf 07/Apr/2022 08:09:05 [plugin.c:180] No plugins found in ./plugins 07/Apr/2022 08:09:05 [plugin.c:188] Loading 23 plugins [.so] from /usr/lib/nprobe/plugins 07/Apr/2022 08:09:05 [nprobe.c:4914] WARNING: Invalid license (/etc/nprobe.license) [Missing license file. Plese read https://www.ntop.org/support/faq/license-inside-a-container] 07/Apr/2022 08:09:05 [nprobe.c:4924] WARNING: ** 07/Apr/2022 08:09:05 [nprobe.c:4925] WARNING: 07/Apr/2022 08:09:05 [nprobe.c:4926] WARNING: Switching to DEMO MODE 07/Apr/2022 08:09:05 [nprobe.c:4927] WARNING: - Missing license file. Plese read https://www.ntop.org/support/faq/license-inside-a-container 07/Apr/2022 08:09:05 [nprobe.c:4928] WARNING: 07/Apr/2022 08:09:05 [nprobe.c:4930] WARNING: Purchase your license at 07/Apr/2022 08:09:05 [nprobe.c:4931] WARNING: https://shop.ntop.org/ 07/Apr/2022 08:09:05 [nprobe.c:4932] WARNING: 07/Apr/2022 08:09:05 [nprobe.c:4934] WARNING: ** 07/Apr/2022 08:09:05 [nprobe.c:6845] WARNING: The output interfaceId is set to 0: did you forget to use -Q perhaps ? 07/Apr/2022 08:09:05 [nprobe.c:6848] WARNING: The input interfaceId is set to 0: did you forget to use -u perhaps ? 07/Apr/2022 08:09:05 [nprobe.c:6939] Flow cache is disabled in flow collection mode 07/Apr/2022 08:09:05 [nprobe.c:6942] Welcome to nProbe v.9.6.220326 for x86_64-pc-linux-gnu with native PF_RING acceleration 07/Apr/2022 08:09:05 [nprobe.c:6954] Pro Edition running on Ubuntu 20.04.4 LTS 07/Apr/2022 08:09:05 [nprobe.c:6955] Current limits [4 ZMQ exporters][4 collector devices] 07/Apr/2022 08:09:05 [nprobe.c:6967] SystemId: L2444CEE100800F1F--U2444CEE108A217DC--OL 07/Apr/2022 08:09:05 [nprobe.c:6971] Tracing enabled 07/Apr/2022 08:09:05 [nprobe.c:7037] Sample rate [packet: 1][flow collection/export: 1/1] 07/Apr/2022 08:09:05 [nprobe.c:10086] WARNING: 07/Apr/2022 08:09:05 [nprobe.c:10087] WARNING: NOTE: This is a DEMO version limited to: 07/Apr/2022 08:09:05 [nprobe.c:10088] WARNING: - flows export: 5000 (live), 512 (pcap). 07/Apr/2022 08:09:05 [nprobe.c:10089] WARNING: - 300 seconds. 07/Apr/2022 08:09:05 [nprobe.c:10090] WARNING: 07/Apr/2022 08:09:05 [plugin.c:256] Initializing BGP Update Listener 07/Apr/2022 08:09:05 [bgpPlugin.c:320] BGP plugin is disabled (--bgp-port has not been specified) 07/Apr/2022 08:09:05 [plugin.c:256] Initializing Custom Fields 07/Apr/2022 08:09:05 [customPlugin.c:98] Initialized Custom plugin 07/Apr/2022 08:09:05 [plugin.c:256] Initializing MySQL DB 07/Apr/2022 08:09:05 [dbPlugin.c:146] Initializing DB plugin 07/Apr/2022 08:09:05 [plugin.c:256] Initializing Export Plugin 07/Apr/2022 08:09:05 [exportPlugin.c:665] Initializing Export plugin 07/Apr/2022 08:09:05 [plugin.c:256] Initializing Netflow-Lite Plugin 07/Apr/2022 08:09:05 [nflitePlugin.c:943] [NFLite] Initialized NetFlow-Lite plugin 07/Apr/2022 08:09:05 [plugin.c:267] 23 plugin(s) loaded [3 delete][2 packet]. 07/Apr/2022 08:09:05 [nprobe.c:8911] Compiling flow templates... 07/Apr/2022 08:09:05 [nprobe.c:8966] Using template @NTOPNG@ 07/Apr/2022 08:09:05 [nprobe.c:8968] Using NetFlow Packet Payload Len: 1472 07/Apr/2022 08:09:05 [nprobe.c:8886] @NTOPNG@ expanded to " %IN_SRC_MAC %OUT_DST_MAC %INPUT_SNMP %OUTPUT_SNMP %SRC_VLAN %IPV4_SRC_ADDR %IPV4_DST_ADDR %L4_SRC_PORT %L4_DST_PORT %IPV6_SRC_ADDR %IPV6_DST_ADDR %IP_PROTOCOL_VERSION %PROTOCOL %L7_PROTO %IN_BYTES %IN_PKTS %OUT_BYTES %OUT_PKTS %FIRST_SWITCHED %LAST_SWITCHED %CLIENT_TCP_FLAGS %SERVER_TCP_FLAGS %L7_PROTO_RISK %L7_RISK_SCORE %EXPORTER_IPV4_ADDRESS %DIRECTION " 07/Apr/2022 08:09:05 [nprobe.c:9001] Flow export type (-T): bidirectional flows 07/Apr/2022 08:09:05 [template.c:2721] Processing %IN_SRC_MAC %OUT_DST_MAC %INPUT_SNMP %OUTPUT_SNMP %SRC_VLAN %IPV4_SRC_ADDR %IPV4_DST_ADDR %L4_SRC_PORT %L4_DST_PORT %IPV6_SRC_ADDR %IPV6_DST_ADDR %IP_PROTOCOL_VERSION %PROTOCOL %L7_PROTO %IN_BYTES %IN_PKTS %OUT_BYTES %OUT_PKTS %FIRST_SWITCHED %LAST_SWITCHED %CLIENT_TCP_FLAGS %SERVER_TCP_FLAGS %L7_PROTO_RISK %L7_RISK_SCORE %EXPORTER_IPV4_ADDRESS %DIRECTION 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_SRC_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_DST_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [INPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUTPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SRC_VLAN][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV4_SRC_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV4_DST_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_SRC_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_DST_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV6_SRC_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV6_DST_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IP_PROTOCOL_VERSION][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [PROTOCOL][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [FIRST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [LAST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [CLIENT_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SERVER_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO_RISK][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_RISK_SCORE][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [EXPORTER_IPV4_ADDRESS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [DIRECTION][found=1] 07/Apr/2022 08:09:05 [template.c:2721] Processing %IN_SRC_MAC %OUT_DST_MAC %INPUT_SNMP %OUTPUT_SNMP %SRC_VLAN %IPV4_SRC_ADDR %IPV4_DST_ADDR %L4_SRC_PORT %L4_DST_PORT %IPV4_SRC_ADDR %IPV4_DST_ADDR %IP_PROTOCOL_VERSION %PROTOCOL %L7_PROTO %IN_BYTES %IN_PKTS %OUT_BYTES %OUT_PKTS %FIRST_SWITCHED %LAST_SWITCHED %CLIENT_TCP_FLAGS %SERVER_TCP_FLAGS %L7_PROTO_RISK %L7_RISK_SCORE %EXPORTER_IPV4_ADDRESS %DIRECTION 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_SRC_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_DST_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [INPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUTPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SRC_VLAN][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV4_SRC_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV4_DST_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_SRC_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_DST_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2818] Duplicate template element found IPV4_SRC_ADDR: skipping 07/Apr/2022 08:09:05 [template.c:2818] Duplicate template element found IPV4_DST_ADDR: skipping 07/Apr/2022 08:09:05 [template.c:2848] Checking [IP_PROTOCOL_VERSION][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [PROTOCOL][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [FIRST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [LAST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [CLIENT_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SERVER_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO_RISK][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_RISK_SCORE][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [EXPORTER_IPV4_ADDRESS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [DIRECTION][found=1] 07/Apr/2022 08:09:05 [template.c:2721] Processing %IN_SRC_MAC %OUT_DST_MAC %INPUT_SNMP %OUTPUT_SNMP %SRC_VLAN %IPV6_SRC_ADDR %IPV6_DST_ADDR %L4_SRC_PORT %L4_DST_PORT %IPV6_SRC_ADDR %IPV6_DST_ADDR %IP_PROTOCOL_VERSION %PROTOCOL %L7_PROTO %IN_BYTES %IN_PKTS %OUT_BYTES %OUT_PKTS %FIRST_SWITCHED %LAST_SWITCHED %CLIENT_TCP_FLAGS %SERVER_TCP_FLAGS %L7_PROTO_RISK %L7_RISK_SCORE %EXPORTER_IPV6_ADDRESS %DIRECTION 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_SRC_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_DST_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [INPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUTPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SRC_VLAN][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV6_SRC_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV6_DST_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_SRC_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_DST_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2818] Duplicate template element found IPV6_SRC_ADDR: skipping 07/Apr/2022 08:09:05 [template.c:2818] Duplicate template element found IPV6_DST_ADDR: skipping 07/Apr/2022 08:09:05 [template.c:2848] Checking [IP_PROTOCOL_VERSION][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [PROTOCOL][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [FIRST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [LAST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [CLIENT_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SERVER_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO_RISK][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_RISK_SCORE][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [EXPORTER_IPV6_ADDRESS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [DIRECTION][found=1] 07/Apr/2022 08:09:05 [template.c:2721] Processing %IN_SRC_MAC %OUT_DST_MAC %INPUT_SNMP %OUTPUT_SNMP %SRC_VLAN %IPV6_SRC_ADDR %IPV6_DST_ADDR %L4_SRC_PORT %L4_DST_PORT %IPV6_SRC_ADDR %IPV6_DST_ADDR %IP_PROTOCOL_VERSION %PROTOCOL %L7_PROTO %IN_BYTES %IN_PKTS %OUT_BYTES %OUT_PKTS %FIRST_SWITCHED %LAST_SWITCHED %CLIENT_TCP_FLAGS %SERVER_TCP_FLAGS %L7_PROTO_RISK %L7_RISK_SCORE %EXPORTER_IPV6_ADDRESS %DIRECTION 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_SRC_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_DST_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [INPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUTPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SRC_VLAN][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV6_SRC_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV6_DST_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_SRC_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_DST_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2818] Duplicate template element found IPV6_SRC_ADDR: skipping 07/Apr/2022 08:09:05 [template.c:2818] Duplicate template element found IPV6_DST_ADDR: skipping 07/Apr/2022 08:09:05 [template.c:2848] Checking [IP_PROTOCOL_VERSION][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [PROTOCOL][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [FIRST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [LAST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [CLIENT_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SERVER_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO_RISK][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_RISK_SCORE][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [EXPORTER_IPV6_ADDRESS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [DIRECTION][found=1] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin BGP Update Listener [bgp] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin Custom Fields [custom] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin MySQL DB [db] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin DHCP Protocol [dhcp] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin Diameter Protocol [diameter] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin DNS/LLMNR Protocol [dns] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin Export Plugin [export] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin FTP Protocol [ftp] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin GTPv0 Signaling Protocol [gtpv0] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin GTPv1 Signaling Protocol [gtpv1] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin GTPv2 Signaling Protocol [gtpv2] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin HTTP Protocol [http] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin IMAP Protocol [imap] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin Modbus Plugin [modbus] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin MySQL Plugin [mysql] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin NETBIOS Protocol [netbios] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin Netflow-Lite Plugin [nflite] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin POP3 Protocol [pop3] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin Radius Protocol [radius] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin RTP Plugin [rtp] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin SIP Plugin [sip] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin SMTP Protocol [smtp] 07/Apr/2022 08:09:05 [plugin.c:1012] Scanning plugin SSDP Protocol [ssdp] 07/Apr/2022 08:09:05 [plugin.c:1185] 0 plugin(s) enabled 07/Apr/2022 08:09:05 [template.c:2721] Processing %IN_BYTES %IN_PKTS %PROTOCOL %L4_SRC_PORT %IPV4_SRC_ADDR %INPUT_SNMP %L4_DST_PORT %IPV4_DST_ADDR %OUTPUT_SNMP %LAST_SWITCHED %FIRST_SWITCHED %OUT_BYTES %OUT_PKTS %SRC_VLAN %IN_SRC_MAC %OUT_DST_MAC %IP_PROTOCOL_VERSION %DIRECTION %EXPORTER_IPV4_ADDRESS %CLIENT_TCP_FLAGS %SERVER_TCP_FLAGS %L7_PROTO %L7_PROTO_RISK %L7_RISK_SCORE 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [PROTOCOL][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_SRC_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV4_SRC_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [INPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L4_DST_PORT][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IPV4_DST_ADDR][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUTPUT_SNMP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [LAST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [FIRST_SWITCHED][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_BYTES][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_PKTS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SRC_VLAN][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IN_SRC_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [OUT_DST_MAC][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [IP_PROTOCOL_VERSION][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [DIRECTION][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [EXPORTER_IPV4_ADDRESS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [CLIENT_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [SERVER_TCP_FLAGS][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_PROTO_RISK][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [L7_RISK_SCORE][found=1] 07/Apr/2022 08:09:05 [template.c:2690] [IN_BYTES][numElements=1] 07/Apr/2022 08:09:05 [template.c:2690] [IN_PKTS][numElements=2] 07/Apr/2022 08:09:05 [template.c:2690] [PROTOCOL][numElements=3] 07/Apr/2022 08:09:05 [template.c:2690] [L4_SRC_PORT][numElements=4] 07/Apr/2022 08:09:05 [template.c:2690] [IPV4_SRC_ADDR][numElements=5] 07/Apr/2022 08:09:05 [template.c:2690] [INPUT_SNMP][numElements=6] 07/Apr/2022 08:09:05 [template.c:2690] [L4_DST_PORT][numElements=7] 07/Apr/2022 08:09:05 [template.c:2690] [IPV4_DST_ADDR][numElements=8] 07/Apr/2022 08:09:05 [template.c:2690] [OUTPUT_SNMP][numElements=9] 07/Apr/2022 08:09:05 [template.c:2690] [LAST_SWITCHED][numElements=10] 07/Apr/2022 08:09:05 [template.c:2690] [FIRST_SWITCHED][numElements=11] 07/Apr/2022 08:09:05 [template.c:2690] [OUT_BYTES][numElements=12] 07/Apr/2022 08:09:05 [template.c:2690] [OUT_PKTS][numElements=13] 07/Apr/2022 08:09:05 [template.c:2690] [SRC_VLAN][numElements=14] 07/Apr/2022 08:09:05 [template.c:2690] [IN_SRC_MAC][numElements=15] 07/Apr/2022 08:09:05 [template.c:2690] [OUT_DST_MAC][numElements=16] 07/Apr/2022 08:09:05 [template.c:2690] [IP_PROTOCOL_VERSION][numElements=17] 07/Apr/2022 08:09:05 [template.c:2690] [DIRECTION][numElements=18] 07/Apr/2022 08:09:05 [template.c:2690] [EXPORTER_IPV4_ADDRESS][numElements=19] 07/Apr/2022 08:09:05 [template.c:2690] [CLIENT_TCP_FLAGS][numElements=20] 07/Apr/2022 08:09:05 [template.c:2690] [SERVER_TCP_FLAGS][numElements=21] 07/Apr/2022 08:09:05 [template.c:2690] [L7_PROTO][numElements=22] 07/Apr/2022 08:09:05 [template.c:2690] [L7_PROTO_RISK][numElements=23] 07/Apr/2022 08:09:05 [template.c:2690] [L7_RISK_SCORE][numElements=24] 07/Apr/2022 08:09:05 [template.c:2721] Processing %TOTAL_FLOWS_EXP %TOTAL_PKTS_EXP 07/Apr/2022 08:09:05 [template.c:2848] Checking [TOTAL_FLOWS_EXP][found=1] 07/Apr/2022 08:09:05 [template.c:2848] Checking [TOTAL_PKTS_EXP][found=1] 07/Apr/2022 08:09:05 [template.c:2690] [TOTAL_FLOWS_EXP][numElements=1] 07/Apr/2022 08:09:05 [template.c:2690] [TOTAL_PKTS_EXP][numElements=2] 07/Apr/2022 08:09:05 [nprobe.c:9396] Scanning flow template... 07/Apr/2022 08:09:05 [nprobe.c:9406] Template [id=257] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found IN_BYTES [num 1][id 1][8 bytes][total 8 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found IN_PKTS [num 2][id 2][4 bytes][total 12 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found PROTOCOL [num 3][id 4][1 bytes][total 13 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found L4_SRC_PORT [num 4][id 7][2 bytes][total 15 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found IPV4_SRC_ADDR [num 5][id 8][4 bytes][total 19 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found INPUT_SNMP [num 6][id 10][4 bytes][total 23 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found L4_DST_PORT [num 7][id 11][2 bytes][total 25 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found IPV4_DST_ADDR [num 8][id 12][4 bytes][total 29 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found OUTPUT_SNMP [num 9][id 14][4 bytes][total 33 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found LAST_SWITCHED [num 10][id 21][4 bytes][total 37 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found FIRST_SWITCHED [num 11][id 22][4 bytes][total 41 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found OUT_BYTES [num 12][id 23][8 bytes][total 49 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found OUT_PKTS [num 13][id 24][4 bytes][total 53 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found SRC_VLAN [num 14][id 58][2 bytes][total 55 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found IN_SRC_MAC [num 15][id 56][6 bytes][total 61 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found OUT_DST_MAC [num 16][id 57][6 bytes][total 67 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found IP_PROTOCOL_VERSION [num 17][id 60][1 bytes][total 68 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found DIRECTION [num 18][id 61][1 bytes][total 69 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found EXPORTER_IPV4_ADDRESS [num 19][id 130][4 bytes][total 73 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found CLIENT_TCP_FLAGS [num 20][id 78][1 bytes][total 74 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found SERVER_TCP_FLAGS [num 21][id 79][1 bytes][total 75 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found L7_PROTO [num 22][id 118][2 bytes][total 77 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found L7_PROTO_RISK [num 23][id 509][4 bytes][total 81 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9412] Found L7_RISK_SCORE [num 24][id 527][2 bytes][total 83 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9436] Scanning option template... 07/Apr/2022 08:09:05 [nprobe.c:9442] Found TOTAL_FLOWS_EXP [id 42][4 bytes][total 4 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9442] Found TOTAL_PKTS_EXP [id 41][4 bytes][total 8 bytes] 07/Apr/2022 08:09:05 [nprobe.c:9474] Each flow is 83 bytes long 07/Apr/2022 08:09:05 [nprobe.c:9475] The # flows per packet has been set to 16 07/Apr/2022 08:09:05 [nprobe.c:9478] IP TOS is ignored 07/Apr/2022 08:09:05 [nprobe.c:10311] IPv6 traffic will NOT be exported/accounted by this probe 07/Apr/2022 08:09:05 [nprobe.c:10312] due to configuration options (e.g. use NetFlow v9) 07/Apr/2022 08:09:05 [nprobe.c:10313] Please use -V to set the version to other than NetFlow V5 07/Apr/2022 08:09:05 [nprobe.c:10316] The flows hash has 131072 buckets 07/Apr/2022 08:09:05 [nprobe.c:10318] Flows older than 120 seconds will be exported 07/Apr/2022 08:09:05 [nprobe.c:10321] Flows inactive for at least 30 seconds will be exported 07/Apr/2022 08:09:05 [nprobe.c:10324] Expired flows will not be queued for more than 30 seconds 07/Apr/2022 08:09:05 [nprobe.c:10331] Exported flows with engineType 0 and engineId 33 07/Apr/2022 08:09:05 [nprobe.c:10367] TCP TOS will be ignored and set to 0. 07/Apr/2022 08:09:05 [nprobe.c:10371] Flows ASs will not be computed (no GeoDB files loaded) 07/Apr/2022 08:09:05 [nprobe.c:10403] Flows will be emitted in IPFIX format 07/Apr/2022 08:09:05 [nprobe.c:10456] Flow input interface index is set to 0 07/Apr/2022 08:09:05 [nprobe.c:10462] Flow output interface index is set to 0 07/Apr/2022 08:09:05 [nprobe.c:10483] Not capturing packet from interface (collector mode) 07/Apr/2022 08:09:05 [util.c:5480] Initializing ZMQ as client 07/Apr/2022 08:09:05 [util.c:5553] Exporting flows towards ZMQ endpoint tcp://172.20.207.45:5556 07/Apr/2022 08:09:05 [util.c:5573] TCP keepalive set 07/Apr/2022 08:09:05 [util.c:5579] TCP keepalive idle set to 30 seconds 07/Apr/2022 08:09:05 [util.c:5585] TCP keepalive count set to 3 07/Apr/2022 08:09:05 [util.c:5591] TCP keepalive interval set to 3 seconds 07/Apr/2022 08:09:05 [util.c:4337] Enlarged socket buffer [echo 8388608 > /proc/sys/net/core/rmem_max] sh: 1: cannot create /proc/sys/net/core/rmem_max: Directory nonexistent 07/Apr/2022 08:09:05 [util.c:4386] nProbe changed user to 'nprobe' 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin BGP Update Listener (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin Custom Fields (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin MySQL DB (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin DHCP Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin Diameter Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin DNS/LLMNR Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin Export Plugin (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin FTP Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin GTPv0 Signaling Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin GTPv1 Signaling Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin GTPv2 Signaling Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin HTTP Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin IMAP Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin Modbus Plugin (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin MySQL Plugin (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin NETBIOS Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin Netflow-Lite Plugin (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin POP3 Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin Radius Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin RTP Plugin (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin SIP Plugin (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin SMTP Protocol (no template is using it) 07/Apr/2022 08:09:05 [plugin.c:969] Disabling plugin SSDP Protocol (no template is using it) 07/Apr/2022 08:09:05 [collect.c:145] Created UDP sockets 07/Apr/2022 08:09:05 [collect.c:214] Flow collector listening on port 2055 (IPv4/v6) 07/Apr/2022 08:09:05 [nprobe.c:10672] WARNING: 07/Apr/2022 08:09:05 [nprobe.c:10673] WARNING: You're running nProbe in DEBUG mode 07/Apr/2022 08:09:05 [nprobe.c:10674] WARNING: 07/Apr/2022 08:09:05 [nprobe.c:10700] Starting 1 packet fetch thread(s) 07/Apr/2022 08:09:05 [engine.c:4549] Starting bucket dequeue thread 07/Apr/2022 08:09:05 [export.c:548] Using TLV as serialization format 07/Apr/2022 08:09:05 [nprobe.c:10855] nProbe started successfully 07/Apr/2022 ... 07/Apr/2022 08:11:16 [util.c:5635] [ZMQ] [event] { "iface": { "name": "none", "speed": 1000, "ip": "" }, "probe": { "version": "9.6.220326", "osname": "Ubuntu 20.04.4 LTS", "license": "Time-limited license", "edition": "Pro", "maintenance": "Until Thu Jan 1 00:00:00 1970 [4294948207 days left]", "ip": "10.251.4.75", "public_ip": "" }, "time" : 1649319076.358, "bytes": 0, "packets": 0, "avg": { "bps": 0, "pps": 0 }, "sampling": { "pkt_rate": 1, "collection_rate": 1, "flow_export_rate": 1 }, "drops" : { "export_queue_too_long": 0, "too_many_flows": 0, "elk_flow_drops": 0, "sflow_pkt_sample_drops": 0, "flow_collection_drops": 0, "flow_collection_udp_socket_drops": 0 }, "timeout": { "lifetime": 120, "idle": 30, "collected_lifetime": 0 }, "flow_collection": { "nf_ipfix_flows": 0, "sflow_samples": 0 }, "zmq": { "num_flow_exports": 0, "num_exporters": 1 } } 07/Apr/2022 08:11:17 [collect.c:3254] NETFLOW_DEBUG: Received 1504 bytes flow 07/Apr/2022 08:11:17 [collect.c:3109] Collecting flows from 10.201.255.1 [total: 1/4] 07/Apr/2022 08:11:17 [collect.c:3150] WARNING: Unrecognized version [0D][0A]