[bstrauss@tigger cvs]$ less ntop.txt
NTOP(8) NTOP(8)
NAME
ntop - display top network users
SYNOPSIS
ntop [-a|--access-log-path <path>] [-c|--sticky-hosts]
[-f|--traffic-dump-file file>] [-g|--cisco-netflow-host
<host:port>] [-h|--help] [-j|--border-sniffer-mode]
[-k|--filter-expression-in-extra-frame] [-l|--pcap-log
<path>] [-m|--local-subnets <addresses>] [-n|--numeric-ip-
addresses] [-p|--protocols <list>] [-q|--create-suspi-
cious-packets] [-r|--refresh-time <number>] [-s|--no-
promiscuous] [-t|--trace-level <number>] [-w|--http-server
<port>] [-B|--filter-expression expression] [-D|--domain
<name>] [-F|--flow-spec <specs>] [-M|--no-interface-merge]
[-N|--no-nmap] [-O|----output-packet-path] [-P|--db-file-
path <path>] [-R|--filter-rule <file>] [-S|--store-mode
<number>] [-U|--mapper <URL>] [-V|--version] [-1|--no-
throughput-update] [-2|--no-idle-hosts] [--throughput-bar-
chart] [--no-admin-password-hint]
Not available on micro-ntop:
[-e|--max-table-rows <number>]
Unix options:
[-d|--daemon] [-i|--interface <name>] [-u|--user <user>]
[-E|--enable-external-tools] [-K|--enable-debug]
[-L|--enable-syslog]
...
Anyway, it uses syslog facilities. However you can redirect logging in your
environment is how you do it.
hint: man syslog.conf
hint: man 3 syslog
hint:
[bstrauss@tigger cvs]$ qg openlog
util.c: 2060 openlog("ntop", LOG_PID, LOG_DAEMON);
webInterface.c: 1186 openlog(DAEMONNAME,LOG_PID,SYSLOG_FACILITY);
[bstrauss@tigger cvs]$ qg SYSLOG_FACILITY
webInterface.c: 1186 openlog(DAEMONNAME,LOG_PID,SYSLOG_FACILITY);
ntop.h: 414 # ifndef SYSLOG_FACILITY
ntop.h: 415 # define SYSLOG_FACILITY LOG_DAEMON /*
default value, if not specifi
ed otherwise */
(I think that the line in util.c should be SYSLOG_FACILITY not LOG_DAEMON
and will be posting that to Luca as a bug, but... that should get you
started. Even better, the -L parameter should take a facility name)
-----Burton
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Devon
Harding - GTHLA
Sent: Wednesday, April 17, 2002 3:05 PM
To: [EMAIL PROTECTED]
Subject: RE: [Ntop] Ntop Dies
Ok, the -L did work for logging, but it's no where in either the man page or
the INSTALL file.
Is it possible to change the facility in which it logs to eg. /var/log/ntop
instead of /var/log/messags?
-Devon
-----Original Message-----
From: Burton M. Strauss III [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 17, 2002 2:00 PM
To: [EMAIL PROTECTED]
Cc: Devon Harding - GTHLA
Subject: RE: [Ntop] Ntop Dies
RTFM (I know it's there because I did the reformatting of it)
-L | --enable-syslog
Use this flag for using the syslog instead of stdout. Please
note that if ntop
(ever) forks a child, in any case the syslog will be used for this
child.
For the main thread (basic startup messages) it's either standard output or
syslog - child messages will be in syslog. That's something like
/var/log/system.log or similar on your system
Similarly, tracing is turned on by the -t 3 (--trace-level 3) parameter
-----Burton
-----Original Message-----
From: Devon Harding - GTHLA [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 17, 2002 12:32 PM
To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
Cc: Devon Harding - GTHLA; [EMAIL PROTECTED]
Subject: RE: [Ntop] Ntop Dies
How do I turn on logging and where is the log file created?
-Devon
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 17, 2002 10:53 AM
To: [EMAIL PROTECTED]
Cc: Devon Harding - GTHLA; 'Burton M. Strauss III'; [EMAIL PROTECTED]
Subject: RE: [Ntop] Ntop Dies
WHICH snapshot - a date perhaps... there were problems
in snapshots between 05Apr and 11Apr that were fixed in
the 12Apr snapshots.
If it's outside that window:
* What's in the log?
* Have you turned on debug?
* Set a higher trace-level?
Please provide ALL the information I've asked for in the
HOWTO...
-----Burton
If my cat allowed me to have an
opinion, it would be here...
> Ok, I'm running ntop on a RedHat Linux 7.2 system with 512MB and 10GB free
> space. It's listening on a 10/100 ethernet span port. This is how my
ntop
> is invoked:
>
> /usr/local/bin/ntop -S 1 -E -d -P /home/ntop
>
> While running, all 12 processes would then sporadically die (at different
> time periods) with no errors in /var/log/messages.
>
> Ntop was compiled from source (snapshot.ntop.org) with NO errors
>
> Hope this helps,
>
> -Devon
>
> -----Original Message-----
> From: Burton M. Strauss III [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, April 11, 2002 9:05 AM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: RE: [Ntop] Ntop Dies
>
> Well, you don't give us much information do you?
>
> Please see "HOWTO ask for help" in the FAQs at http://snapshot.ntop.org/
>
> -----Burton
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Devon
> Harding - GTHLA
> Sent: Thursday, April 11, 2002 7:14 AM
> To: [EMAIL PROTECTED]
> Subject: [Ntop] Ntop Dies
>
>
> What causes ntop processes to die periodically? I don't see any error in
> the log files.
>
> _______________________________________________
> Ntop mailing list
> [EMAIL PROTECTED]
> http://listmanager.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://listmanager.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://listgateway.unipi.it/mailman/listinfo/ntop
