If you configure a sensor to send data to your collector but flow-capture isn't generating any log files within a few minutes, start troubleshooting. Either the sensor is not transmitting data, flow-capture is not writing the data to disk, or a firewall between the sensor and collector is blocking that port.

To begin troubleshooting, first verify that sensor data is reaching your collector with tcpdump in order to separate network problems from local software problems.

# tcpdump -p -n -i em0 udp and port 5678

The -p tells tcpdump to not put the interface into promiscuous mode. This means that the system will only sniff traffic that reaches the local interface. (A proper switch configuration should prevent promiscuous-mode ...