Re: [Ntop-misc] distributed nprobe

2018-09-07 Thread Alfredo Cardigliano
Hi Felix you can use the standard pf_ring kernel clustering in nProbe adding the --cluster-id option (you need to specify the same id for all nProbe instances in the group in order to distribute the traffic). You can use a bpf filter (--bpf-filter|-f ) to filter traffic. Regards Alfredo > On 7

Re: [Ntop] enabling more detailed logs from UI bring ntopng to panic

2018-09-07 Thread Luca Deri
Luca please file a ticket on github and attach an url containing a tar fie of ntopng binary (just the binary) and the core dump. Thanks Luca > On 7 Sep 2018, at 14:55, Luca Domenella wrote: > > hi folks, > to get an higher level of logging from Preferences menu of ntopng i enabled > more

[Ntop-misc] distributed nprobe

2018-09-07 Thread erlacher
Dear ntop people, I use nprobe to aggregate ip packets to IPFIX flows (and then analyze them on another machine). Because I also aggregate http fields I had to use multiple nprobe instances to keep up with high throughput rates. Until now I used zbalance_ipc -m 1 to distribute packets according

[Ntop] enabling more detailed logs from UI bring ntopng to panic

2018-09-07 Thread Luca Domenella
hi folks, to get an higher level of logging from Preferences menu of ntopng i enabled more log files. after that i restarted ntopng and it keeps crashing. This is an extract of the messages: Sep 7 14:54:08 bigbrother dbus[757]: [system] Successfully activated service 'org.freedesktop.problems'

Re: [Ntop] Any idea who maintains the macos homebrew version?

2018-09-07 Thread Simone Mainardi
Follow up at https://github.com/ntop/ntopng/issues/1934 > On 14 Aug 2018, at 15:35, Stefan wrote: > > Presently macos homebrew provides 3.2.180608, while - I think - the latest > version is 3.4.x ?!? ... > > Thank you, > ***Stefan >

Re: [Ntop] nprobe to ntop missing flows

2018-09-07 Thread Simone Mainardi
Also make sure your Cisco is exporting a steady rate. You can check this by monitoring the output of nprobe with -b 2. In particular, look at 04/Sep/2018 11:15:39 [nprobe.c:3118] Flow collection stats: [collected pkts: 871] You should see it increasing continuously. Simone > On 7 Sep

Re: [Ntop] nprobe to ntop missing flows

2018-09-07 Thread Emanuele Faranda
Hi David, Please try to add also --zmq-disable-buffering to the nprobe options. Emanuele On 9/4/18 5:31 PM, David Larson wrote: Hello! I am trying to collect netflow from a cisco 3850 and view it in ntopng. I am able to see some data, but it appears intermittent. When I view nprobe with -b