Hello Chuck,
pfSense only integrates the community version of ntopng. Most of the
features you are interested in are available in the pro and enterprise
versions. Basically you need the "Historical Explorer". Please check out
the following links for more details.
http://www.ntop.org/ntopng/exploring-historical-data-using-ntopng/
http://www.ntop.org/ntopng/exploring-historical-data-using-ntopng-part-2/
http://www.ntop.org/products/traffic-analysis/ntop/
With the community version, in order to resolve your problem, you could
enable the mysql export and manually perform the queries on the mysql
database.
Regards,
Emanuele
On 05/11/2018 04:06 PM, Chuck Mariotti wrote:
We have a pfSense firewall running ntopNG 3.2.180413 (pfSense package)
with a number of webservers behind it (HTTPS). Ntop only has about 1
month of data collected.
Our datacenter charges for additional bandwidth utilization and over
the last ~3 months we’ve gotten hit with three large bills for overage.
There is one specific website that would be the likely culprit but I
need to provide some proof of utilization (can’t do that with the data
collected but maybe I can point to specific utilizations over the last
month). Google analytics doesn’t indicate much difference in users for
that site (+3%) but there are other things going on with the site
(automated exports/imports/etc… scrapers, etc…) that aren’t something
that analytics would pickup on. We need to prove that traffic has
increased significantly and it would be nice to point to specific
peers as culprits (we think it’s likely that a half dozen peers
connected to the one web server are causing the data utilization spike
but have to prove it).
Most ntopng reports seem to want to be real-time or 1 day level rather
than historical (I understand this). I can get historical data at the
interface level and host level in a graph (I can’t seem to select
specific date ranges), but I’d like a listing of peers based on
traffic volume over a period of time. Everything seems to be driven
from realtime reporting (lists peers at the moment, so you can only
drive down into those specific peers)… would like to see a listing of
peers who used up bandwidth over the last week or month or specific
date range… am I not looking in the right place to do this?
Regards,
Chuck
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
