We're using ntopng in our network to log how much traffic goes to/from each
IP address on a specific subnet. I wrote a very basic ntopng lua script to
write out this information for each IP (i.e. 10.0.0.1, 10 down, 15 up) so
that other moving parts of our system can read/work with it. Right now we
want to extend our functionality a bit, and I have two very specific
questions to ask about the objects exposed to ntopng lua scripting (which
I'm largely unfamiliar with).
1) Right now I'm using host["bytes.sent"] and host["bytes.rcvd"] with host
= interface.getHostInfo(host_ip) to get the total bytes sent and received.
I'd like to be able to do some basic filtering on this info - for example,
in addition to total bytes sent/rcvd for a host, I'd like to see the amount
to/from a specific subnet.
2) If the host hasn't been active in a long enough time period,
returns nil. Right now I'm iterating over our entire set of IP addresses
and checking for this, but that feels like bad code. What I'd really like
to do is figure out a call that will just return the set of non-nil host
IPs, so that I can then just print out all of those.
3) If I'm totally barking up the wrong tree and there's a better way to
pipe this information out to another system, I'd love to hear about it :-)
Thanks for helping!!!
Ntop mailing list