Ajit, ntopng and nProbe can work without any additional component. Depending on your goals, you may need n2disk, pfring etc
You cannot replace redis with MySQL. Simone On Tue, Mar 15, 2016 at 12:26 AM, Ajit Sarnaik <[email protected]> wrote: > Hello Simone, > > Now that you mention that we need nProbe, will nProbe with ntopng be > enough or I need to have other components, such as n2disk, nbox, npfring > ntopng-data as well please. We mysql for other purposes, can we use that > instead redis please. > > Regards, > > Ajit > > On Tue, Mar 8, 2016 at 4:23 AM, Simone Mainardi <[email protected]> wrote: > >> Ajit, you need nProbe to decode GRE tunneled traffic: >> http://www.ntop.org/products/netflow/nprobe/ >> >> On Tue, Mar 8, 2016 at 1:12 PM, Ajit Sarnaik <[email protected]> >> wrote: >> >>> Hell Simone, >>> >>> This issue does not address the GRE question though. >>> >>> Regards, >>> >>> Ajit >>> >>> On Tue, Mar 8, 2016 at 4:03 AM, Simone Mainardi <[email protected]> >>> wrote: >>> >>>> Ajit, please refer to the following issue: >>>> https://github.com/ntop/ntopng/issues/432 >>>> >>>> On Tue, Mar 8, 2016 at 12:42 PM, Ajit Sarnaik <[email protected]> >>>> wrote: >>>> >>>>> Hello Luca, >>>>> >>>>> Are GRE tunnels supported by NTOPNG please. Will file the issue >>>>> request. >>>>> >>>>> Regards, >>>>> >>>>> Ajit >>>>> >>>>> On Tue, Mar 8, 2016 at 3:35 AM, Luca Deri <[email protected]> wrote: >>>>> >>>>>> Hi Ajit, >>>>>> please file an issue request >>>>>> >>>>>> Luca >>>>>> >>>>>> On 03/08/2016 12:28 PM, Ajit Sarnaik wrote: >>>>>> >>>>>> Hello Simone, >>>>>> >>>>>> Is there support for GRE tunnels in ntopng please. >>>>>> >>>>>> Regards, >>>>>> >>>>>> Ajit >>>>>> >>>>>> On Tue, Mar 8, 2016 at 3:27 AM, Ajit Sarnaik <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Hello Simone, >>>>>>> >>>>>>> Thanks for the quick response. By host statistics, you mean native, >>>>>>> right? We have checked that and also did a tcpdump to verify that we are >>>>>>> getting responses. Below is the json that is returned from one of the >>>>>>> runs, >>>>>>> >>>>>>> hbase-metadata-devjson: >>>>>>> { >>>>>>> u'ip': {u'ipVersion': 4, u'ip': u'172.25.3.132', u'localHost': >>>>>>> False}, >>>>>>> u'icmp_rcvd': {u'bytes': 0, u'packets': 0}, >>>>>>> u'pktStats.recv': {}, >>>>>>> u'contacts': { >>>>>>> u'client': { u'192.168.254.1': u'62', u'239.255.255.250': u'1'}, >>>>>>> u'server': {} >>>>>>> }, >>>>>>> u'tcp_sent': {u'bytes': 117789898, u'packets': 86207}, >>>>>>> u'symbolic_name': u'172.25.3.132', >>>>>>> u'throughput_trend_pps': u'Stable', >>>>>>> u'ndpiStats': { >>>>>>> u'Unknown': {u'packets': {u'rcvd': 0, u'sent': 347}, u'bytes': >>>>>>> {u'rcvd': 0, u'sent': 69306}}, >>>>>>> u'SSDP': {u'packets': {u'rcvd': 0, u'sent': 1}, u'bytes': >>>>>>> {u'rcvd': 0, u'sent': 180}}, >>>>>>> u'RTSP': {u'packets': {u'rcvd': 0, u'sent': 85860}, u'bytes': >>>>>>> {u'rcvd': 0, u'sent': 117720592}} >>>>>>> }, >>>>>>> u'pktStats.sent': { >>>>>>> u'upTo6500': 678, >>>>>>> u'upTo1024': 2201, >>>>>>> u'upTo2500': 836, >>>>>>> u'upTo128': 1082, >>>>>>> u'upTo1518': 73338, >>>>>>> u'upTo512': 1346, >>>>>>> u'upTo256': 6695, >>>>>>> u'upTo9000': 65 >>>>>>> }, >>>>>>> u'dns': {u'rcvd': {u'stats': {}}, u'sent': {u'stats': {}}}, >>>>>>> u'mac_address': u'02:C4:92:CA:3F:FD', >>>>>>> u'throughput_bps': 0.0, >>>>>>> u'throughput_pps': 0.0, >>>>>>> u'other_ip_rcvd': {u'bytes': 0, u'packets': 0}, >>>>>>> u'sent': {u'bytes': 117790078, u'packets': 86208}, >>>>>>> u'http': {}, >>>>>>> u'other_ip_sent': {u'bytes': 0, u'packets': 0}, >>>>>>> u'throughput_trend_bps': u'Stable', >>>>>>> u'flows.as_client': 63, >>>>>>> u'activityStats': {u'1456688976': 60, u'1456689036': 48, >>>>>>> u'1456688916': 60, u'1456688856': 60}, >>>>>>> u'rcvd': {u'bytes': 0, u'packets': 0}, >>>>>>> u'flows.as_server': 0, >>>>>>> u'asn': 14138, >>>>>>> u'localHost': True, >>>>>>> u'udp_rcvd': {u'bytes': 0, u'packets': 0}, >>>>>>> u'udp_sent': {u'bytes': 180, u'packets': 1}, >>>>>>> u'num_alerts': 0, >>>>>>> u'epp': {u'rcvd': {}, u'sent': {}}, >>>>>>> u'systemHost': False, >>>>>>> u'asname': u'AS14138', >>>>>>> u'icmp_sent': {u'bytes': 0, u'packets': 0}, >>>>>>> u'tcp_rcvd': {u'bytes': 0, u'packets': 0} >>>>>>> } >>>>>>> >>>>>>> >>>>>>> Notice the tcp_sent, which does have data. Let me know if I can >>>>>>> provide any other information that can help. >>>>>>> >>>>>>> Regards, >>>>>>> >>>>>>> Ajit >>>>>>> >>>>>>> On Mon, Mar 7, 2016 at 7:55 AM, Simone Mainardi < >>>>>>> <[email protected]>[email protected]> wrote: >>>>>>> >>>>>>>> ifnum is not recognized as valid param. Since it's unknown, I guess >>>>>>>> ntopng is replying with host statistics related to the currently active >>>>>>>> interface. Check hosts statistics against the active interface. >>>>>>>> >>>>>>>> Simone >>>>>>>> >>>>>>>> On Mon, Mar 7, 2016 at 4:46 PM, Ajit Sarnaik < >>>>>>>> <[email protected]>[email protected]> wrote: >>>>>>>> >>>>>>>>> Hello Simone, >>>>>>>>> >>>>>>>>> Here is the request, >>>>>>>>> >>>>>>>>> " >>>>>>>>> http://localhost:6398/lua/host_get_json.lua?ifnum=4&host=172.25.3.130 >>>>>>>>> " >>>>>>>>> >>>>>>>>> We do get the Tx stats, but Rx (response from server) is 0. >>>>>>>>> >>>>>>>>> Regards, >>>>>>>>> >>>>>>>>> Ajit >>>>>>>>> >>>>>>>>> On Mon, Mar 7, 2016 at 7:05 AM, Simone Mainardi < >>>>>>>>> <[email protected]>[email protected]> wrote: >>>>>>>>> >>>>>>>>>> Ajit, are you calling the http "host_get_json.lua" endpoint >>>>>>>>>> directly? Could you please post the full http request you make? >>>>>>>>>> >>>>>>>>>> simone >>>>>>>>>> >>>>>>>>>> On Mon, Mar 7, 2016 at 3:51 AM, Ajit Sarnaik < >>>>>>>>>> <[email protected]>[email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> Hello Folks, >>>>>>>>>>> >>>>>>>>>>> Just starting using ntop. We would like to capture network >>>>>>>>>>> statistics for bidirectional traffic and we are using >>>>>>>>>>> "host_get_json.lua" >>>>>>>>>>> script to accomplish this. What we are noticing is that the Tx >>>>>>>>>>> traffic >>>>>>>>>>> stats are appropriate, where as the Rx traffic stats are 0. We have >>>>>>>>>>> done a >>>>>>>>>>> tcpdump to determine if the response are being received on the >>>>>>>>>>> interface, >>>>>>>>>>> and they are coming in. Below is the snippet of he config file. >>>>>>>>>>> >>>>>>>>>>> # Specifies the network interface or collector >>>>>>>>>>> endpoint to be used by ntopng for network >>>>>>>>>>> # monitoring. On Unix you can specify both the interface >>>>>>>>>>> name (e.g. lo) or the numeric >>>>>>>>>>> # interface id as shown by ntopng -h. On Windows you must >>>>>>>>>>> use the interface number instead. >>>>>>>>>>> # Note that you can specify -i multiple times in order to >>>>>>>>>>> instruct ntopng to create multiā >>>>>>>>>>> # ple interfaces. >>>>>>>>>>> # >>>>>>>>>>> --interface eth0 >>>>>>>>>>> --interface eth1 >>>>>>>>>>> # >>>>>>>>>>> # -w|--http-port >>>>>>>>>>> # Sets the HTTP port of the embedded web server. >>>>>>>>>>> # >>>>>>>>>>> --http-port 6398 >>>>>>>>>>> # >>>>>>>>>>> # -m|--local-networks >>>>>>>>>>> # ntopng determines the ip addresses and netmasks for >>>>>>>>>>> each active interface. Any traffic on >>>>>>>>>>> # those networks is considered local. This parameter >>>>>>>>>>> allows the user to define additional >>>>>>>>>>> # networks and subnetworks whose traffic is also >>>>>>>>>>> considered local in ntopng reports. All >>>>>>>>>>> # other hosts are considered remote. If not specified the >>>>>>>>>>> default is set to 192.168.1.0/24. >>>>>>>>>>> # >>>>>>>>>>> # Commas separate multiple network values. Both >>>>>>>>>>> netmask and CIDR notation may be used, >>>>>>>>>>> # even mixed together, for instance " >>>>>>>>>>> 131.114.21.0/24,10.0.0.0/255.0.0.0". >>>>>>>>>>> # >>>>>>>>>>> --local-networks "172.25.1.0/24,172.25.2.0/24,172.25.3.128/25" >>>>>>>>>>> # >>>>>>>>>>> # -n|--dns-mode >>>>>>>>>>> # Sets the DNS address resolution mode: 0 - Decode DNS >>>>>>>>>>> responses and resolve only local >>>>>>>>>>> # (-m) numeric IPs 1 - Decode DNS responses and >>>>>>>>>>> resolve all numeric IPs 2 - Decode DNS >>>>>>>>>>> # responses and don't resolve numeric IPs 3 - Don't >>>>>>>>>>> decode DNS responses and don't resolve >>>>>>>>>>> # >>>>>>>>>>> -n=3 >>>>>>>>>>> >>>>>>>>>>> Have any of you seen this behavior. Would appreciate any help in >>>>>>>>>>> this regards. Any pointers to FAQs would also be helpful. >>>>>>>>>>> >>>>>>>>>>> Regards, >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> Ajit Sarnaik >>>>>>>>>>> >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> Ntop mailing list >>>>>>>>>>> <[email protected]>[email protected] >>>>>>>>>>> <http://listgateway.unipi.it/mailman/listinfo/ntop> >>>>>>>>>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> _______________________________________________ >>>>>>>>>> Ntop mailing list >>>>>>>>>> [email protected] >>>>>>>>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Ajit Sarnaik >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> Ntop mailing list >>>>>>>>> [email protected] >>>>>>>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Ntop mailing list >>>>>>>> [email protected] >>>>>>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Ajit Sarnaik >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Ajit Sarnaik >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Ntop mailing >>>>>> [email protected]http://listgateway.unipi.it/mailman/listinfo/ntop >>>>>> >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Ntop mailing list >>>>>> [email protected] >>>>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Ajit Sarnaik >>>>> >>>>> _______________________________________________ >>>>> Ntop mailing list >>>>> [email protected] >>>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>>> >>>> >>>> >>>> _______________________________________________ >>>> Ntop mailing list >>>> [email protected] >>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>> >>> >>> >>> >>> -- >>> Ajit Sarnaik >>> >>> _______________________________________________ >>> Ntop mailing list >>> [email protected] >>> http://listgateway.unipi.it/mailman/listinfo/ntop >>> >> >> >> _______________________________________________ >> Ntop mailing list >> [email protected] >> http://listgateway.unipi.it/mailman/listinfo/ntop >> > > > > -- > Ajit Sarnaik > > _______________________________________________ > Ntop mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop >
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
