Hi,
I'm seeing an inbound traffic spike at our hosting facility early every
morning at roughly the same time through our MRTG and Cacti graphs. We
recently installed NTOP to try and pin down the source and destination
as well as port/protocol of the traffic, but I haven't been able to do
this as effectively as I thought. I know through Cacti which host the
traffic is going to, but it has ~10 virtual IP's and due to a limitation
of the SNMP protocol I can't limit it to which IP exactly.
But a more general question, is there a good way to get this information
with NTOP? Taking a certain time period and identifying the association
of a traffic spike; where the data is going to and where it is coming
from, and on which port? I really want to drill down during the time
period in question but the more detailed stats seem more cumulative.
Should I just be sampling output to a file during the period in
question? Are there other useful plugins for this?
Thanks for any help,
James
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
