Traffic Flows Solution Pack not displaying report data
Article ID: 332815
Updated On:
Products
Issue/Introduction
Traffic Flows Solution Pack not displaying report data
Traffic Flows collecting logs show the following error :
SEVERE -- [2014-05-28 13:05:47 MSK] -- FlowListener$i::run(): com.watch4net.apg.v2.flow.UnsupportedFlowException: Unsupported flow type or version coming from xxx.xxx.xxx.xxx
Environment
Watch4Net/M&R 7.x
Cause
Unsupported version of flow data being received by the Watch4Net Traffic Flows Collector. Only flow versions 5 and 9 are supported by the Traffic Flows Solution Pack.
Resolution
Ensure that the devices are sending the supported versions of flow data. Flow versions 5 and 9 only are supported. You can verify the version being sent to Watch4Net by capturing packet data between the flow data enabled device(s) and the Watch4Net Traffic Flows Collector server.
You can capture packet data by using a utility such as "tcpdump" which can output a cap file for analysis. Below example for tcpdump commands:
tcpdump -i <interface> udp dst port <no> -w /tmp/tcpdump.cap
(captures dump received on Interface <interface> and port <no> and writes to the specified cap file)
Once you have a cap file, then you can use a utility such as Wireshark to decode and analyze the cap file data.
Using Wireshark, in the instance below we can see that Version 1 Flow data is being sent from the device:
Feedback
