IBM Support

QRadar Network Insights (QNI) Napatech3 service is not running



No flow data is being recieved by the QRadar Network Insights (QNI) appliance.


QRadar Network Activity tab is unable to show flow data from the QRadar Network Insights (QNI) appliance.


A possible race condition (systems not starting in proper sequence) where /opt/napatech3/config/ntservice.ini is corrupted after a service restart.

Diagnosing The Problem

  1. Use an SSH connection to the QNI host.
  2. Verify flow data is being NOT received by using the command: /opt/napatech3/bin/monitoring
    A message is displayed similar to: ntservice not running
  3. Using this command: grep -i bonding /opt/napatech3/config/ntservice.ini
    Search for a message similar to:
    BondingType = *Separate*
    BondingType = *Separate*

    Note: Any similar messages indicate this configuration file is corrupted and the napatech3 service is not going to start.

Resolving The Problem

  1. Log in to the QNI appliance by using an SSH session.
  2. Move this file for investigation later by using the command:  mv /opt/napatech3/config/ntservice.ini /root/yyyymmddntservice.ini and timestamp the copied file so we know when it is generated.
    Note: The ntservice.ini file is re-created when the service restarts.
  3. Restart the napatech3 service by using the command:
    systemctl restart napatech3
  4. Test to confirm the service is now working by using the command:  grep -i bonding /opt/napatech3/config/ntservice.ini:
    You should see messages similar to:
    BondingType = Master
    BondingType = Slave
  5. Rerun the command /opt/napatech3/bin/monitoring to verify the service is running.
The Napatech3 services are started and flow data is seen in QRadar Network Activity tab. If the service is still not running, open a case with QRadar Support.

Document Location


[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS6E69","label":"IBM QRadar Network Insights"},"Component":"","Platform":[{"code":"PF004","label":"Appliance"},{"code":"PF016","label":"Linux"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
21 July 2022