Hi Bruce, just to let you know - a newer ntopng version, the 1.2, should also be available.
On 13/02/2015 19:02, Bruce Griffis wrote:
I installed NTOPNG from the Ubuntu repositories. It' version 1.1. I have my local network defined and can see my flows. I wanted to see historical data. I installed SQLite and started NTOPNG with the -F option. Do I have to configure my SQLite database to receive NTOPNG data? Or configure NTOPNG to use a specific database?
No, if you specify the -F option with the "db" parameter ntopng will create its own sqlite databases in /var/top/ntopng/datadump.
My server has two network interfaces. I access my server using it's wlan0 port and have a SPAN port on my switch configured to mirror data to eth0 on my server. Since it is connected to a SPAN port, I don't have an IP address defined. How do I go about viewing historical data? I read the userguide but couldn't quite figure out how to define my historical interface or view my data.
Run ntopng with the -F option. Then login to the web interface and open the "Interfaces" menu. Click on the "Historical" menu entry. As soon as the Historical interface has been loaded and the dashboard has been presented again to you, select it again from the "Interfaces" menu. Then click on the "Load Data" tab. In the page that is now presented to you, you can choose the interface you want to load historical data for, and the time interval you want. Click on "Load Historical Data" and the load should progress (you should see it in the bottom right corner of the screen). As soon as load is complete select the "Overview" tab and you should see more tabs appearing (namely "Packets" and "Protocols") with the historical data you requested.
Also - would I need to run a second instance of ntopng if I want to pull current flows while viewing historic flows?
No, this should be done in the background even if you select the historical interface.
Thank you, Arianna
Here is the scenario: I noticed a large spike in traffic a few days ago. I was in ntopng at the time. I looked at top talkers and saw it was a PC sending 3.5 gigs of data over to Google. If I were not in ntopng at the time, I would not have noticed the flow. So I'd like to be able to look at a previous day's flows and find my top talkers of the day. _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
-- /* * Arianna Avanzini * [email protected] * http://ava.webhop.me */ _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
