Search found 83 matches

by JakeB
Mon Feb 23, 2015 2:34 pm
Forum: Scrutinizer
Topic: Alarm: Bad Packet Time
Replies: 2
Views: 1666

Re: Alarm: Bad Packet Time

Hello Elang -

That seems strange, Do you know if there were any changes to the time and are you still receiving these alerts?

Regards,
Jake
by JakeB
Mon Dec 22, 2014 10:03 am
Forum: Scrutinizer
Topic: Traffic mismatch from Cisco ASA
Replies: 1
Views: 834

Re: Traffic mismatch from Cisco ASA

Hello Thobb -

I sent you a PM on this issue since it may be easier to resolve over a meeting.

let me know when you get some time and we can take a look.

Regards,
Jake
by JakeB
Mon Dec 22, 2014 9:14 am
Forum: Scrutinizer
Topic: Exporting flows from nexus 5k
Replies: 1
Views: 1646

Re: Exporting flows from nexus 5k

Hello - What report are you trying to run to see TCP flags? The configuration looks okay but you may want to add some interface statements to it to make it a bit easier to understand in Scrutinizer. (edits below) flow record rr match interface input match ipv4 source address match ipv4 destination a...
by JakeB
Mon Dec 22, 2014 8:39 am
Forum: Scrutinizer
Topic: Inaccurate traffic with Sonicwall Interfaces
Replies: 5
Views: 9677

Re: Inaccurate traffic with Sonicwall Interfaces

Hello - Do you have any encrypted traffic going over that interface? by default Scrutinizer will exclude this traffic which could be account for the understating. To remove exclusions you can do the following: 1) Navigate to the Admin -> Definitions -> Manage Exporters tab 2) There should be a Blue ...
by JakeB
Fri Nov 14, 2014 9:07 am
Forum: Scrutinizer
Topic: Will not display conversion when double clicking on the link
Replies: 1
Views: 829

Re: Will not display conversion when double clicking on the link

Hello -

Since it is working locally on the server this would appear to be an issue with the workstation or the network. Do you have any plugins that could be blocking the request? Also, what browser are you using?

-Jake
by JakeB
Fri Nov 14, 2014 9:03 am
Forum: Scrutinizer
Topic: Scrutinizer 11.5.2.36022
Replies: 1
Views: 892

Re: Scrutinizer 11.5.2.36022

Hello -

I just tried testing this behavior using our SonicWALL and was unable to replicate this, What version of SonicOS are you running? and would it be possible to upgrade Scrutinizer to our latest (V12.0.3) release?

-Jake
by JakeB
Fri Oct 17, 2014 8:32 am
Forum: Scrutinizer
Topic: POODLE SSLv3 Vulnerability Fix
Replies: 1
Views: 4538

POODLE SSLv3 Vulnerability Fix

Hello Everyone - Due to the recent news about the SSLv3 vulnerability we are instructing customers to disable SSLv2/SSLv3 all together. Here are the instructions on how to do this. Windows: 1) First we will need to RDP to the Scrutinizer server 2) Next we will need to navigate to the ssl.conf a)Usua...
by JakeB
Wed May 14, 2014 7:45 am
Forum: Scrutinizer
Topic: Report by IP Address
Replies: 1
Views: 910

Re: Report by IP Address

Hello Chris - The easiest way to do this would be to use the search utility in the top right hand corner of the web interface, in here you can select "All Devices" and search for a specific IP. https://i.imgur.com/6gcyCFy.png * One thing to keep in mind when doing this is that if the conversation is...
by JakeB
Fri Mar 07, 2014 8:27 am
Forum: Scrutinizer
Topic: Flow Hopper
Replies: 1
Views: 1139

Re: Flow Hopper

Hello - You can access flow hopper by running a Pair -> Connections (by bytes or flows) report on a device and clicking the icon to the left of the conversation (see image below) this should pop open a new window with Flow Hopper (make sure you are running a report in 1min granularity). http://i.img...
by JakeB
Thu Feb 27, 2014 4:15 pm
Forum: Scrutinizer
Topic: Moving Scrutinizer v7 to new Hardware
Replies: 3
Views: 1838

Re: Moving Scrutinizer v7 to new Hardware

Hello - These would be the updated instructions for moving Scrutinizer: 1. Upgrade current install of Scrutinizer to latest released version. 2. Install latest released version of Scrutinizer on new server. 3. Stop plixer_mysql and dependent services on both servers. 4. Make a backup copy of the [ho...
by JakeB
Mon Feb 24, 2014 2:20 pm
Forum: Scrutinizer
Topic: How does netflow handle IP Fragmented packets?
Replies: 2
Views: 1000

Re: How does netflow handle IP Fragmented packets?

Hello -

Scrutinizer will reassemble any fragmented packets that come in assuming that the checksums are okay - you can view this in Wireshark by taking a packet capture and adding a filter for "cflow". If you are getting bad checksums that will cause some issues. Let me know if this helps.

-Jake
by JakeB
Fri Feb 21, 2014 4:55 pm
Forum: Scrutinizer
Topic: Virtual Appliance PDF converter problem
Replies: 2
Views: 4783

Re: Virtual Appliance PDF converter problem

Hello -

Under Admin -> Settings -> System Preferences -> "PDF Converter" did you specify the path to PDF binary usually located in:

/home/plixer/scrutinizer/files/wkhtmltopdf-amd64

let me know if this helps.

-Jake
by JakeB
Thu Feb 20, 2014 10:31 am
Forum: Scrutinizer
Topic: Enable SSL on Scrutinizer VM
Replies: 3
Views: 1502

Re: Enable SSL on Scrutinizer VM

Hello -

On our appliance you will need to run a perl script that we have designed - this script will automatically generate self-signed keys and the CSR if needed. I will send you an email with the instructions as well as the perl script. Feel free to respond back if you have any issues.

-Jake
by JakeB
Wed Feb 19, 2014 1:27 pm
Forum: Scrutinizer
Topic: Disk Full - Cannot run scrut_util.exe
Replies: 9
Views: 2617

Re: Disk Full - Cannot run scrut_util.exe

Hello -

The plixer/logalot database checks shouldn't take very long - the full database check could. To repair just that one table you can run the following;

cmd>mysql -u root # or mysql -u root -pPASSWORD
mysql>repair table logalot.bulletin_board_data;

-Jake
by JakeB
Wed Feb 19, 2014 1:19 pm
Forum: Scrutinizer
Topic: Disk Full - Cannot run scrut_util.exe
Replies: 9
Views: 2617

Re: Disk Full - Cannot run scrut_util.exe

Hello - It appears that there is some database corruption. You can run the following command to fix these issues: cmd>mysqlcheck -u root --auto-repair logalot cmd>mysqlcheck -u root --auto-repair plixer If you start getting errors in the web interface you may need to run a full database check (this ...