Re: [Ntop] NTOPNG: is there a way to import a configuration JSON via command line

Please, see https://www.ntop.org/guides/ntopng/web_gui/import_export.html > On 1 Jul 2021, at 23:47, Christina Phillips wrote: > > I would like to be able to import the configuration from a “master” 4.2.2 > (stable) ntopng instance (it’s the reference) into other ntopng instances. I > am

Re: [Ntop] programmatic configuration of ntopng

Hi, Yes, you can export/import the whole ntopng configuration (or just the endpoint and recipients which is what you need). These functions are available from System->Settings->Manage Configuration. Functions are also available via REST API. See the API docs for:

Re: [Ntop] ghost network devices

Hi, If ntopng only have access to tunneled traffic, there is no much that can be done. OpenVPN traffic is encrypted. But if you have access to the machine running OpenVPN - Sec.Bridge.Dev I guess - then the traffic can be before it enters the tunnel. I believe Sec.Bridge.Dev will have a tunXXX

Re: [Ntop] Large alerts DB

Unused space used occupied by alerts_v*.db files is reclaimed every day at midnight localtime. This should shrink the file automatically. The reason for a huge size of the file can be: - Very large number of alerts - Old ntopng version which is not reclaiming space - ntopng not running at

Re: [Ntop] Upgraded to Mojave specifically for new ntopng version - but brew install ntopng, then attempt to run => no go

Stefan, By the way, note that our official Mac package is available at http://packages.ntop.org/ Simone > On 10 Aug 2020, at 00:32, Stefan wrote: > > Answering to myself - original search for the specific error did not lead > anywhere, but a search on github has

Re: [Ntop] ntopng GUI doesn't show plugin options

Harish, Netflow/IPFIX are part of nProbe. You have to use nProbe in combination with ntopng to collect Netflow/IPFIX. See: https://www.ntop.org/guides/ntopng/using_with_other_tools/nprobe.html Simone > On 14 Jul 2020, at

Re: [Ntop] top destination ports?

ay be? If you want to create your own protocols with port mappings you can do it: see https://www.ntop.org/guides/ntopng/web_gui/categories.html Simone > > On Thu, Jul 9, 2020 at 1:35 AM Simone Mainardi <mailto:maina...@ntop.org>> wrote: > Munroe, > > ntopng does not create p

Re: [Ntop] Slow alter

Kaiser, Alert shown was suspicious: it was about hash table idle entries for an host. This is not possible, hash table entries are only a per-interface concept. I have pushed a fix. Wait for new builds to be generated and update. In general, hash table idle entries alerts occur when there are

Re: [Ntop] top destination ports?

> I must be missing something, I don't see it anywhere. Is it something I have > to enable? > > On Tue, Jul 7, 2020 at 5:32 AM Simone Mainardi <mailto:maina...@ntop.org>> wrote: > Munroe, > > You have top-ports by traffic for both local hosts and network interfaces.

Re: [Ntop] top destination ports?

Munroe, You have top-ports by traffic for both local hosts and network interfaces. Just check the 'Ports' tab of the host and interface pages. Simone > On 6 Jul 2020, at 15:53, Munroe Sollog wrote: > > Is there a way to show top traffic by destination port? > > -- > Munroe Sollog > Senior

Re: [Ntop] Alter event on ZMQ interface

Kaiser, SYN flood alert is also available over ZMQ when nProbe is used in probe mode (no collector). I would expect some differences in seeing alerts, though. This is because over ZMQ data is summarized in flows so triggering conditions can slightly differ. Simone > On 5 Jul 2020, at 17:44,

Re: [Ntop] Interface -- flow only mode

Kaiser, It has not been removed. Is present in 4.1.200703. Simone > On 2 Jul 2020, at 17:02, Kaiser Cheng wrote: > > Dear sir, > > > We have upgrade our ntopng to latestm then we found “flow only” mode setting > for interface has removed. > Is it normal? > > Br, > Kaiser >

Re: [Ntop] Grafana dashboard

ory > profile:traffic > redis:hits > redis:keys > redis:memory > subnet:broadcast_traffic > subnet:engaged_alerts > subnet:tcp_keep_alive > subnet:tcp_lost > subnet:tcp_out_of_order > subnet:tcp_retransmissions > subnet:traffic > system:cpu_load > system:cpu_s

Re: [Ntop] Grafana dashboard

Munroe, > On 26 Jun 2020, at 19:46, Munroe Sollog wrote: > > We are investigating a way to expose high-level summary data to a larger set > of users than would have access to ntopng's gui. We are starting to go down > the path of connecting grafana to the influxdb instance ntopng is running

Re: [Ntop] nProbe modes

> Montréal QC > H3A 2A5 > Canada > [ intact ] Corporation financière > Téléphone : (866) 440-8300 x61257 > > > robert.raciopp...@intact.net <mailto:robert.raciopp...@intact.net> > > > De : ntop-boun...@listgateway.unipi.it > <mailto:ntop-boun.

Re: [Ntop] nProbe modes

t; Robert Racioppoli > > Conseiller Technique Senior en Télécommunications - Surveillance Réseau > Senior Technical Advisor - Telecommunications - Network Monitoring > 2020 Robert Bourassa > Montréal QC > H3A 2A5 > Canada > [ intact ] Corporation financière > Téléphone :

Re: [Ntop] nProbe modes

Robert, Yes, nProbe can be on the receiving end of an alternative Flow Collector - provided that the alternative Flow Collector is exporting NetFlow v5/v9/IPFIX/sFlow or any other format which is interoperable with them. Regards, Simone > On 17 Jun 2020, at 19:18, Robert Racioppoli > wrote:

Re: [Ntop] top talker in flow only interface

Yes, it's normal because Flows-Only means ntopng keeps only track of Flows (no hosts, no ASes, nothing else but flows). So you should not use that toggle if you want to see the top. Regards, Simone > On 3 Jun 2020, at 05:27, Kaiser Cheng wrote: > > Dear sir, > > If we use ZMQ as data

Re: [Ntop] IP flow filtering

Kaiser, Thanks for reporting. There was an issue with a parameter passed in that page. Everything is fixed now. Simone > On 1 Jun 2020, at 10:07, Kaiser Cheng wrote: > > Dear sir, > > In Ntopng, we could have flow output via host assignment, for example, we > hope to see the host =

Re: [Ntop] Problem after upgrade to ntopng 4.0.200511 and nprobe v.9.0.200511

Hi Lara, Make sure your stable are updated. Then add options -d 30 -t 30 to nProbe. Restart and report the behavior. Having the top chart updated every 30 seconds is fine. You're dealing with NetFlow, so you can't be realtime. In case you still have trouble after tying the suggestions, please

Re: [Ntop] Duplicate flow entries

Hi, > On 21 May 2020, at 14:55, David van Ginneken wrote: > > Hi everyone, > > Starting with ntopng, I have a small issue initially setting it up. > > I use port mirroring on a switch to replicate all ports to port 5 where a > dedicated ntopng interface 'listens' (Official package on

Re: [Ntop] Grafana Interface not available

Hello, Support and development for the ntopng Grafana datasource have been discontinued in favor of the InfluxDB Grafana datasource plugin https://grafana.com/docs/features/datasources/influxdb/ . Please see

Re: [Ntop] Upgrade issue with ntopng v4.0.200428

Hi, Prior to 4.0 the chart was (somehow misleadingly) show local-to-remote and remote-to-local traffic, not interface TX and RX. This behavior has been changed in 4.0 so now you get interface TX and RX. The fact that you are seeing one side always at zero, suggest me that your interfaces are

Re: [Ntop] Client/Server hostname/IP Mismatch

Thanks for pointing this out, The highlighted flow is TLS. For TLS flows, to improve the readability of the peers, the server name is set to be the requested certificate Common Name (CN). Indeed, you can check that the CN shown after the "Client Requested:" equals the name chosen for the

Re: [Ntop] Nprobe flow export number

Il giorno 21 gen 2020, alle ore 19:20,21/01/2020, Simone Mainardi >> ha scritto: >> >> [ 42][Len 4] %TOTAL_FLOWS_EXP%exportedFlowRecordTotalCount >> Total number of exported flows > > I added the template %TOTAL_FLOWS_EXP and dumped the collected flo

Re: [Ntop] Client/Server hostname/IP Mismatch

Please, Explain how to reproduce and how you are delivering traffic to ntopng. It could be that the first SYN packet of the flow hasn't been seen - indeed, I don't see any SYN in the server -> client TCP flags - so ntopng has been tricked into thinking the server (who actually responded with a

Re: [Ntop] Nprobe flow export number

Hi, Use the following template element (see option -T) [ 42][Len 4] %TOTAL_FLOWS_EXP%exportedFlowRecordTotalCount Total number of exported flows Simone > On 21 Jan 2020, at 12:55, Laragio wrote: > > Hi, > I have installed nprobe and successfully get a Netflow flow. > > Where

Re: [Ntop] syslog integration (Suricon 2019) throws an error

Hi, > On 18 Nov 2019, at 15:05, Muenz, Michael wrote: > > Hi, > > I viewed the recording of Suricon 2019 and tried to add syslog interface to > ntopng, but it always fails: > > [...] > > Nov 18 14:23:17 collector ntopng[5983]: 18/Nov/2019 14:23:17 [Ntop.cpp:1994] > Registered interface

Re: [Ntop] Hiding DHCP flows

ple --collection-filter options. | Filter examples: !as12345, 192.168.0.0/24, !10.0.0.0/8 Simone > On Thursday, November 7, 2019, 09:12:45 AM EST, Simone Mainardi > wrote: > > > Hi, > > You can use a BPF filter: > > -B "not port bootps" > > &g

Re: [Ntop] ntopng LDAPS/RADIUS Auth

Hi, > On 9 Nov 2019, at 22:10, Ken Kirchner wrote: > > Hello, > > I am trying to setup ntopng to use LDAPS on my Pro licensed version. I have > put in all the parameters, but it does not work. Since I am using LDAPS and > not LDAP, do I need to load certificates on the ntopng server

Re: [Ntop] Hiding DHCP flows

Hi, You can use a BPF filter: -B "not port bootps" Simone > On 7 Nov 2019, at 12:31, Michael wrote: > > Is there a way to hide flows for DHCP traffic? I keep seeing the flows > between 0.0.0.0 and 255.255.255.255 for clients looking for an IP address. >

Re: [Ntop] ntpng expired flows to MySQL

Hi Christina, Sure. We can guide you to achieve this and then, if you want, you can also send us a pull request for the inclusion of the change in the mail dev branch. Basically, you should work on MySQLDB.cpp file. Specifically: - Extend MySQLDB::createDBSchema and add an ALERT TABLE statement

Re: [Ntop] Traffic mismatch.

s/timeseries/ts_common.lua#L30> for the algorithm. > > Regards, > Leandro. > > > > <https://www.avast.com/sig-email?utm_medium=email_source=link_campaign=sig-email_content=webmail> > Libre de virus. www.avast.com > <https://www.avast.com/sig-email?

Re: [Ntop] Traffic mismatch.

Leandro, > On 21 Oct 2019, at 21:20, Leandro Roggerone wrote: > > Hi guys, im testing ntopng + nprobe (30 days licence created). > I config exporting router to point to ntopng server. > I can see top talkers on dashboard screen but: > > Traffic graph shown at interface->traffic is not ok. > I

Re: [Ntop] Help configuring nProbe with ntopng

Srijan, You can use nProbe to dump to text files (see options -P and -D t). nProbe will generate text files with as many columns as the elements specified in the template option -T. Then use FileBeat to read those text files and do the necessary downstream processing. Alternatively, you can

Re: [Ntop] Understanding nprobe

Hi Andreas, > On 28 Jun 2019, at 10:50, Andreas Brück wrote: > > Hello everybody, > > i have build up a virtual test environment to get familiar with flow > monitoring. I installed ntop on a server and nprobe on a gateway (provides > access to the internet). I hoped that nprobe is

Re: [Ntop] Ntopng stop collecting flows

Hi > On 26 Jun 2019, at 12:43, b...@todoo.biz wrote: > > Hello, > > We have installed ntopng and nrpobe > > The selected config is the following : > > 1FW device (softflowd) --> export to --> port 2055 (nprobe) --> > zmq="tcp://*:2056" --> ntopng tcp://127.0.0.1:2056 > > > I have couple

Re: [Ntop] No Chart Data

Have they been enabled from the ntopng preferences? Check under page Preferences->SNMP to enable time series data for you SNMP devices. Check under page Preferences->Timeseries to enable time series for the other flow devices Simone > On 17 Jun 2019, at 14:57, Kenneth Ryan wrote: > > I

Re: [Ntop] 60 Gbp traffic monitoring with sflow

od time to understand > and device to buy product? > > Is it possible to get little longer period license? Sure, Contact us at https://www.ntop.org/support/need-help-2/contact-us/ and request for a demo. > > On Mon, Mar 25, 2019 at 6:25 AM Simone Mainardi wrote: >> >

Re: [Ntop] Elasticsearch 6.6.2 and non-standard index names

the index is named > ntopng-* or a variant thereof. > > From: ntop-boun...@listgateway.unipi.it > On Behalf Of Simone Mainardi > Sent: Monday, March 25, 2019 1:01 PM > To: n...@unipi.it > Subject: Re: [Ntop] Elasticsearch 6.6.2 and non-standard index names > >

Re: [Ntop] Elasticsearch 6.6.2 and non-standard index names

The ntopng ES6 template is available at: https://github.com/ntop/ntopng/blob/dev/httpdocs/misc/ntopng_template_elk6.json ntopng automatically pushes it to ES when it detects it's version 6. Simone > On 25 Mar

Re: [Ntop] 60 Gbp traffic monitoring with sflow

document 1Gbps = 2000 sample rate so in my case I have 80Gbps link > speed and my traffic rate is 60Gbps so should I do 60x2000=12? > > Sent from my iPhone > >> On Mar 23, 2019, at 3:32 AM, Simone Mainardi wrote: >> >> Hello Satish, >> >> We h

Re: [Ntop] Is anyone feeding ntopng from VMware NSX?

Hi Ken, Sure you can enable VMware NSX IPFIX to gain visibility into your virtual overlay network. To collect this IPFIX you need nProbe and, for the visualization, you can use ntopng. See https://www.ntop.org/nprobe/best-practices-for-the-collection-of-flows-with-ntopng-and-nprobe/ Simone

Re: [Ntop] 60 Gbp traffic monitoring with sflow

Hello Satish, We have users doing 20+ Gbps with sFlow using the combination of nProbe + ntopng. sFlow is a sampling technology so, assuming sampling rates are configured opportunely, you won't have any issue. See https://blog.sflow.com/2009/06/sampling-rates.html for recommended sampling

Re: [Ntop] what is the maximum value for ntopng --max-num-host and --max-num-flow options

Hi, > On 19 Mar 2019, at 09:40, azeez razaq wrote: > > Hi. > > I am trying to increase the --max-num-host value. > > Each time i increase it to 500,000 ntopng serbice restarts every 20 seconds. > Increasing the --max-num-host has an impact on the RAM used. My guess is that if you bring it

Re: [Ntop] limit mysql storage

Dan, > On 12 Mar 2019, at 10:08, Dan Craciun wrote: > > On 12-Mar-19 10:47, Simone Mainardi wrote: >> It does the delete - you won't be able to find records older than the >> retention if you query the db - but deleting old records doesn't >> automatically translate

Re: [Ntop] limit mysql storage

l-purpose database nIndex. I would encourage you to try it out: https://www.ntop.org/ntopng/say-hello-to-nindex-personal-big-data-system-for-network-flows/ Simone > > Best regards, > Dan > > On 11-Mar-19 16:35, Simone Mainardi wrote: >> "You can use OPTIMIZE TABLE to

Re: [Ntop] limit mysql storage

"You can use OPTIMIZE TABLE to reclaim the unused space and to defragment the data file. " https://dev.mysql.com/doc/refman/8.0/en/optimize-table.html Simone > On 8 Mar 2019, at 20:50, Dan Craciun wrote: > > Hi, > > I've setup

Re: [Ntop] nprobe not opening --bgp-port

ces the following error every second: > > Couldn't connect to :4096 : IO::Socket::INET: connect: Connection refused > >> On Feb 24, 2019, at 5:38 PM, Simone Mainardi wrote: >> >> Jason, >> >> You need an auxiliary script that speaks BGP. Then nProbe will conne

Re: [Ntop] nprobe not opening --bgp-port

Jason, You need an auxiliary script that speaks BGP. Then nProbe will connect to it over the specified --bgp-port. See https://www.ntop.org/guides/nProbe/plugins/bgp.html?highlight=bgp Regards, Simone > On 22 Feb 2019, at

Re: [Ntop] Resolving an interface's ifAlias

Do you mean you want to read the ifAlias and show it in the ntopng GUI? Please, file an issue on GitHub and explain. By the way, if you want a demo longer than 10 minutes you can request it. Use the form https://www.ntop.org/support/need-help-2/contact-us/

Re: [Ntop] nprobe bgp plug-in with IPFIX/NetFlow 9

It provides the first 10 ASes in the path, for both the client and the server of the flow. Plugin BGP Update Listener templates: [NFv9 57762][IPFIX 35632.290][Len 4] %SRC_AS_PATH_1 Src AS path position 1 [NFv9 57763][IPFIX 35632.291][Len 4] %SRC_AS_PATH_2

Re: [Ntop] ntopng + nProbe and softflowd

168.224.0/24" > --community > > nprobe: > > -G=/var/run/nprobe.pid > -i=none > -n=none > -3=6363 > --zmq="tcp://*:5556" > > For example I want to see the bandwith used by Netflix or IPTV or something > like that. > > Matthias > > Am

Re: [Ntop] ntopng + nProbe and softflowd

Hi Matt, Please, show the nProbe and ntopng configurations used. Reported behavior can be normal as softflowd flow reports are periodic (eg. every minute) so it's normal if you see spiky traffic. > On 7 Feb 2019, at 09:28, Matthias Brumm wrote: > > Hi! > > At the moment I am trying to get

Re: [Ntop] 10G interfaces packet drops

the speed of > the view:zc:ens2 interfaces is 1 Gbit/s > > Marco > > - Il 4-feb-19, alle 17:19, Simone Mainardi maina...@ntop.org ha scritto: > >> Hi Marco, >> >> As you're using RSS with 4 queues, you are balancing the incoming traffic >> amon

Re: [Ntop] 10G interfaces packet drops

Hi Marco, As you're using RSS with 4 queues, you are balancing the incoming traffic among 4 queues. In order to monitor every single queue in ntopng, you have to explicitly tell it to monitor these 4 queues. So you should do -i="zc:ens2@0" -i="zc:ens2@1" -i="zc:ens2@2" -i="zc:ens2@3" Your

Re: [Ntop] How is --ignore-vlans supposed to work?

Hi, > On 16 Jan 2019, at 19:41, Gerard Beekmans wrote: > > Hi, > > In an attempt to fix the issues I mentioned a few days ago, I am trying to > validate the theory that nprobe and/or ntopng are doubling up flows due to > certain traffic (not all traffic) passes through our equipment twice

Re: [Ntop] Traffic rates shown are higher than physically possible

Gerard, When you say wildly inaccurate, are you referring to the realtime charts in the dashboard only? I would expect them to be somehow inaccurate due to the nature of NetFlow, but once you visit the historical pages then totals and speeds must be accurate. Try and visit the historical

Re: [Ntop] nprobe network aggregation

Hi, Currently you can use the BGP plugin (https://www.ntop.org/guides/nProbe/plugins/bgp.html ) to get the AS and the AS path associated to the client and the server. We do not support the export of the matched network in the BGP table. So

Re: [Ntop] How to Analyse MikroTik Traffic Using nprobe -> ntopng on Windows

> On 24 Dec 2018, at 22:32, techni...@mcw.org.za wrote: > > Update to prev mail: > > Starting ntopng with: > > ntopng /c -i tcp://*:5556c > > and nprobe with: > > nprobe /c --zmq "tcp://127.0.0.1:5556" --zmq-probe-mode -i none -n none > --collector-port 2055 -T "@NTOPNG@" > > Results in

Re: [Ntop-misc] Do Trunks multiplicate the seen data

Hi > On 4 Dec 2018, at 05:53, Torsten Becker wrote: > > Hello to All, > > I recently activated ntopng enterprise and nrpobe standard to monitor our > company network. > > Our network consists of some locations comunicating over a MPLS VPN network. > Ntopng and nprobe are installed on a

Re: [Ntop] nProbe / ntopNG config

it. Simone > On 24 Oct 2018, at 16:12, BASSAGET Cédric > wrote: > > Hello Simone, > If I have multiple exporters which send flows with different sampling rates > to ZMQ nprobe, do I have a solution ? > Regards > > Le lun. 22 oct. 2018 à 12:53, Simone Mainardi <mail

Re: [Ntop] nProbe / ntopNG config

/cli_options.html?highlight=sampling <https://www.ntop.org/guides/nProbe/cli_options.html?highlight=sampling> for a detailed description. Simone > On 15 Oct 2018, at 11:47, BASSAGET Cédric > wrote: > > Hi Simone, > > > Le ven. 12 oct. 2018 à 19:19, Sim

Re: [Ntop] nProbe / ntopNG config

Hello, > On 12 Oct 2018, at 10:52, BASSAGET Cédric > wrote: > > Hello, > I'm trying to make nprobe work with IPFIX and ntopng, but data displayed by > ntopng is inconsistent. > > Here's the path my netflow packets take : > router -> nprobe:6345 -> ntopNG:6445. > (nprobe and ntopng services

Re: [Ntop] ntop router interface alias

Hi, Interface ids are used by the router to uniquely identify its interfaces. Human-readable names (e.g., port7) can be associated to these ids. You can get id-to-name associations from the CLI of your router of via SNMP for example. Via SNMP you can walk the IF-MIB as follow:

Re: [Ntop] network discovery

Hi, See https://www.ntop.org/ntopng/network-device-discovery-part-1-active-discovery/ (source: google, first result with query "ntopng network discovery") > On 17 Sep 2018, at 14:53, Luca Domenella wrote: > >

Re: [Ntop] define custom applications

> On 13 Sep 2018, at 14:36, Luca Domenella wrote: > > Emanuele, > when i define my app/protcol using the IP format. > ip:a.b.c.d,ip:a.b.c.d@MYPROTO > > can the a.b.c.d IP address in the cidr format to use a class of ip addresses ? yes, that is going to work. example:

Re: [Ntop] sFlow question

> On 13 Sep 2018, at 11:35, Polossat, Arnaud [FR] > wrote: > > Hello, > > I would like to set up Ntopng as a sFlow collector to monitor a network of > virtual machines. I used VirtualBox to create the network (see attached image > “Network 2.png”). My goal is to display sFlow data

Re: [Ntop] NetFlow questions

Hi, > On 13 Sep 2018, at 11:31, Polossat, Arnaud [FR] > wrote: > > Hello, > > I would like to set up Ntopng as a NetFlow collector to monitor a network of > virtual machines. I used VirtualBox to create the network (see enclosed image > “Network 2.png”). My goal is to display NetFlow

Re: [Ntop] Any idea who maintains the macos homebrew version?

Follow up at https://github.com/ntop/ntopng/issues/1934 > On 14 Aug 2018, at 15:35, Stefan wrote: > > Presently macos homebrew provides 3.2.180608, while - I think - the latest > version is 3.4.x ?!? ... > > Thank you, > ***Stefan >

Re: [Ntop] nprobe to ntop missing flows

Also make sure your Cisco is exporting a steady rate. You can check this by monitoring the output of nprobe with -b 2. In particular, look at 04/Sep/2018 11:15:39 [nprobe.c:3118] Flow collection stats: [collected pkts: 871] You should see it increasing continuously. Simone > On 7 Sep

Re: [Ntop] geomap error

It turned out that that was just a 'quota exceeded error' as already discussed on GitHub. Here's the issue for the sake of completeness: https://github.com/ntop/ntopng/issues/1909 Next time please don't cut-and-paste the same question on two mailing

Re: [Ntop] Ntopng Edge - Can you prioritise traffic by any methods other than by user?

rioritize each VLAN independently Simone > > Regards, > Victor > > On Mon, Aug 13, 2018 at 5:21 PM Simone Mainardi <mailto:maina...@ntop.org>> wrote: > Victor, > > You can apply policies to IP addresses as well as IP subnets. Just create a > new user, click 'edit',

Re: [Ntop] Ntopng Edge - Can you prioritise traffic by any methods other than by user?

Victor, You can apply policies to IP addresses as well as IP subnets. Just create a new user, click 'edit', and then select tab 'Members'. You can specify IP addresses (both v4 and v4), valid subnets (e.g., 192.168.2.0/24) and MAC addresses. MAC addresses have priority over IP addresses. That

Re: [Ntop] Ntopng Edge and VLANs - limitations?

Hi, > On 1 Aug 2018, at 10:44, Victor Hooi wrote: > > Hi, > > Ntopng Edge looks really awesome! > > I'm reading through the documentation at https://www.ntop.org/guides/nedge/ > . > > Our plan is to use Ntopng Edge in bridge mode. > > We have a pfSense

Re: [Ntop] Using both nprobe and ntopng on the same box?

Hi, Sure you can do that on the same machine. This is a basic configuration of nProbe and ntopng is as follows: ./nprobe -i -n : -V --zmq tcp://127.0.0.1:5556 ./ntopng -i tcp://127.0.0.1:5556 -m : is where elastiflow is listening for incoming netflow is the netflow version elastiflow

Re: [Ntop-misc] linux and pf_ring upgrade. License Issue

You maintenance is expired. Please, see https://www.ntop.org/support/faq/how-can-i-renew-maintenance-for-commercial-products/ Simone > On 1 Aug 2018, at 12:49, Александр Андреев <2570...@mail.ru> wrote: >

Re: [Ntop-misc] collector-sample-rate unrecognized option

Thanks for pointing that out. I've updated the userguide with the new option format along with a quite detailed meaning and description of the option values. Simone > On 22 Jul 2018, at 19:18, Luca Deri wrote: > > Simone > Can you please update the guide? > > Luca > > On 22 Jul 2018, at

Re: [Ntop] Info VLAN Disaggregation NTOPNG

topng is installed and the nProbe interface of zmq, > the same that i see when i select none like disaggregation level > > > Simone Mainardi ha scritto: > >> Hi, >> >> Do you see VLAN values greater than zero within ntopng? Did you >> restart ntopng after se

Re: [Ntop] Info VLAN Disaggregation NTOPNG

Hi, Do you see VLAN values greater than zero within ntopng? Did you restart ntopng after setting VLAN-based disaggregation? Does any new interface come out from the Interfaces dropdown menu when the VLAN-based disaggregation i enabled? > On 28 Jun 2018, at 03:22, Flavio Baccaglini > wrote: >

Re: [Ntop] nProbe & Meraki

ote: > > Simone, > > Here the link to get the pcap, thanks. > > http://www.prival.ca/port6343.pcap <http://www.prival.ca/port6343.pcap> > > Gerhard, > >> On May 24, 2018, at 6:07 AM, Simone Mainardi > <mailto:maina...@ntop.org>> wrote: >>

Re: [Ntop-misc] Incorrect timestamp on emitted flows

Benjamin, I was wondering if you had the chance to try the latest nprobe. Please, let me know. > On 25 May 2018, at 17:53, Simone Mainardi wrote: > > Benjamin, > > Thanks for reporting. We've done some changes and fixes that should have > addressed the behavior you've repo

Re: [Ntop-misc] Incorrect timestamp on emitted flows

Benjamin, Thanks for reporting. We've done some changes and fixes that should have addressed the behavior you've reported. Please, hold on until tomorrow for the new build to be available, and then update to the latest 8.5 version. Simone > On 24 May 2018, at 12:14, Benjamin Weik

Re: [Ntop] nProbe & Meraki

by sFlow exporters. So maybe there's some other exporter and you are collecting its traffic rather than the one of meraki? > Also, if I'm correct here, nProbe use Netflow to send to ntopng, so how can > Netflow v9 to Netflow collector (nProbe) to ntopng become sFlow ? > > Gerhard,

Re: [Ntop] Total in out per ASN

Joni, Please file a feature request at https://github.com/ntop/ntopng/issues and we will try and implement it. Simone > On 19 May 2018, at 17:34, Joni Lee wrote: > > Hello, > > Graph information of ASN historical page isn't

Re: [Ntop] nProbe & Meraki

t 100% sent and when I check the > Protocol detail, it show that it's sFlow (Sent 100%) to my remote Meraki > device under the Peers tab! Are you sure you have selected interface tcp://127.0.0.1:5556 from the ntopng interfaces dropdown menu? > > Gerhard, > > >&

Re: [Ntop] Ntopng on Docker

Hi, > On 15 May 2018, at 21:33, moi wrote: > > Hi, > > I am trying to setup ntopng on a docker container using: > > docker run -d --net=host -t -p 3000:3000 lucaderi/ntopng-docker > > I set my network devices (Router and Firewall) to send netflow traffic to > port (UDP)

Re: [Ntop] cannot update ntopng due to incorrect version of pfring

lled packages depend on an older pfring version but they are not going to be updated. The following should work: apt-get update && apt-get upgrade Simone > > > Cheers, > Chris. > > On 12 May 2018 at 02:06, Simone Mainardi <maina...@ntop.org > <mailto:mai

Re: [Ntop] cannot update ntopng due to incorrect version of pfring

> On 10 May 2018, at 00:19, David Hansen wrote: > > I have the same problem on centos, can’t seem to get around it. what is the centos version you are using? are you using the stable rpms? can you please post the full command and output you are getting? > >

Re: [Ntop-misc] nprobe in proxy mode, changing sampling rate for different collectors

Hi George, > On 26 Apr 2018, at 19:48, Wise, George wrote: > > Is it possible to use nprobe in proxy mode to collect netflow data at one > sampling rate and send it to a collector at a different sampling rate? For > example, Cisco router sending at a 1:2000

Re: [Ntop] ntopng DPI Question

Terry, You sent 4 emails to the mailing list all with the same text as the one below. The mailing list is working, please don't do multiple transmissions. > On 11 Apr 2018, at 16:53, Terry Duchcherer wrote: > > We are a small ISP looking to get more insights into our network

Re: [Ntop] [nprobe] update to 8.4.180407

1708 (Core) > > M. > > On 09.04.2018 18:12, Simone Mainardi wrote: >> Hi, what OS/distro are you running? >> >>> On 9 Apr 2018, at 18:11, Matěj Grégr <igr...@fit.vutbr.cz> wrote: >>> >>> Hello, >>> after update to nprobe-8.4.180407, I re

Re: [Ntop] [nprobe] update to 8.4.180407

Hi, what OS/distro are you running? > On 9 Apr 2018, at 18:11, Matěj Grégr wrote: > > Hello, > after update to nprobe-8.4.180407, I receive the following error: > > nprobe -V > nprobe: error while loading shared libraries: librdkafka.so.1: cannot > open shared object

Re: [Ntop] Adding interfaces to already running instance of ntopng

Martin, > On 26 Mar 2018, at 17:11, Martin Drašar wrote: > > Hi, > > moving on with my scenario, I have decided to just prepare a bunch of > network interfaces before starting ntop and do not use virtual > interfaces at all. > > This worked well, but after some time I hit

Re: [Ntop] Disable Goodput

Hi, You can disable alerts from the ntopng preferences page. Simone > On 21 Mar 2018, at 23:19, Gary Ossewaarde wrote: > > Hello, > > I recently started using ntop. Is there a way to disable goodput stats and > alerts? For my usage, I don't really care about

Re: [Ntop] Disappearing ntopng menu items

ins the logout option (looks like a > power button) is gone from the top menu. The only way around it is to add > "logout.lua" to the URL. > >> -Original Message- >> From: ntop-boun...@listgateway.unipi.it [mailto:ntop- >> boun...@listgateway.unipi.it]

Re: [Ntop-misc] nProbe and Andrisoft compatibility

Benjamin, As you want to use nProbe as as flow filter-and-forward, you can try and add option --disable-cache to make sure every flow received is output as-is without any caching/aggregation. Also note that --collection-filter does not currently support IPV6 filters. In addition add option

Re: [Ntop] JSON output to disk

Hi > On 15 Feb 2018, at 18:58, Mahamudul Chowdhury > wrote: > > Hello All: > > I would like to know if the following is possible: > > > We are receiving netflow and other traffic from TAP aggregator to a server > NIC. > > I would like to run nprobe to collect

Re: [Ntop] Wrong Traffic Numbers after upgrade from 2.5 to 3.1

out and i give it a go. > > Am 19.02.2018 19:39 schrieb "Simone Mainardi" <maina...@ntop.org > <mailto:maina...@ntop.org>>: > Enrico, > > We have made some fixes. Can you please hold a couple of hours (a new build > is in progress) and test again? If

Re: [Ntop] Ntop and ERSPAN

> > 2018-03-02 21:21 GMT+01:00 Simone Mainardi <maina...@ntop.org > <mailto:maina...@ntop.org>>: > Thanks for providing the pcap. We have added GRE ERSPAN detunneling in > https://github.com/ntop/ntopng/commit/9d82df748f27da6bc7c51e7e726600b09670c

  1   2   3   4   >