Re: [Ntop] Historical Data Issue's

Simon, On Thu, Mar 30, 2017 at 5:36 PM, Simon Bell wrote: > Hi All, > > > > Running version > > *Version* > > 2.4.170215 > > - Pro Small Business Edition > > > > ntopng --user "root" --pid

Re: [Ntop-misc] NProbe as "probe+proxy" mode

Hi Marco, On Thu, Mar 16, 2017 at 2:06 PM, Marco Teixeira wrote: > Hi all, > > Running nprobe.x86_64 7.4.161108-5334 on CentOS 7, i already have it > working as probe mode, but need to be able to convert from cisco asa flows > to standard v9 netflows, and export to the

Re: [Ntop] Historical IP and/or protocol reports

ness Edition] v.2.4.170215 > > and I get it from http://www.nmon.net/apt-stable/14.04 > > I'm running Ubuntu 14.04 LTS. > > Thanks, > > Warren > > On 08/03/17 05:28, Simone Mainardi wrote: > > Warren, > > are you using the latest dev version? > > On Tue,

Re: [Ntop] asa netflow vs switch flexible netflow

Hi, On Wed, Mar 8, 2017 at 12:10 PM, Warren Daly (OPUS) wrote: > Hi Matt, > I run several ASA5510 and ASA5505 Firewalls running 9.1.7+ and they're all > sending V9 Netflow streams to several NProbe collectors on 1 server (they > listen on different ports) NTOPNG is running

Re: [Ntop] ntopng+nprobe+cisco asa netflow - now all times = asa reboot time.

stgateway.unipi.it [mailto:ntop-bounces@ > listgateway.unipi.it] *On Behalf Of *Simone Mainardi > *Sent:* Tuesday, March 07, 2017 4:45 PM > *To:* n...@unipi.it > *Cc:* ntop@listgateway.unipi.it > *Subject:* Re: [Ntop] ntopng+nprobe+cisco asa netflow - now all times = > asa reboot time. > > >

Re: [Ntop] ntopng+nprobe+cisco asa netflow - now all times = asa reboot time.

6a3abf16e7dda27306b64177c7:20170304 > Pro rev: r975 > > The hosts issue is not resolved. > > Perhaps I should tear-down my install and set up using the repo from > apt-ntop-stable.deb instead of apt-ntop.deb. I did not realize the > un-tagged version was a development branch wh

Re: [Ntop] ntopng+nprobe+cisco asa netflow - no hosts..

stable > versions in it? > > > It seems like the existing repositories at http://packages.ntop.org/ > apt/16.04/​ are nightly builds, not stable releases. > > > > -- > *From:* ntop-boun...@listgateway.unipi.it <ntop-bounces@listgatew

Re: [Ntop] ntopng+nprobe+cisco asa netflow - no hosts..

t; /usr/share/ntopng/httpdocs/inc/hosts_stats_bottom.inc > > > > Not sure if the “null interface” and “no allowed interface” bits are the > issue. > > > > My browser-inspect isn’t showing any obvious errors. > > > > *From:* ntop-boun...@listgateway.unipi.it [mai

Re: [Ntop] ntopng+nprobe+cisco asa netflow - no hosts..

of 44 seconds suggests they're being exported > often. > Please, start ntopng in foreground and inspect the console for any error that may occur when visiting the hosts page. Also use your browser to search for any possible JS errors (right-click and inspect element before visiting the em

Re: [Ntop] ntopng+nprobe+cisco asa netflow - no hosts..

Hi, Is the clock of the ASA set properly? How often flows are exported? My guess is that timestamps of received flows are not in sync with the ntopng clock and thus hosts are considered idle and not shown in the web UI. You may also want to increase idle timeouts from the ntopng preferences web

Re: [Ntop] question about nprobe/ntopng sampling rate/scaling factor

Hi, You should use use option --sample-rate with '@' as you want nprobe to rescale statistics from sampled packets but not to sample itself. In your case this should work: --sample-rate @10:1 See the help: [--sample-rate|-S] : | Packet capture sampling rate

Re: [Ntop] Cento round robin or full flow to multiple destinations

lows to each collector. I see nprobe has the > option to send full flows by using the “-a” flag. Is there, or will > there be, such an option for Cento? > > > > Kind regards, > > > > Jesse > > > > > > *From:* ntop-boun...@listgateway.unipi.it [mailto:nt

Re: [Ntop] Cento round robin or full flow to multiple destinations

Hi Jesse, In cento you should specify multiple collectors by repeating the option (e.g., --v9) multiple times to have flows delivered to each collector in round robin. Regards, Simone On Tue, Feb 28, 2017 at 6:41 PM, Jesse Alexander wrote: > Hello, > > We are using

Re: [Ntop] Traffic Amount of Host Summary

Hi Daniel, Just put the subnet "192.168.55.0/24" in "Historical Data Explorer" host field. We have added search support by subnet recently. This feature is available in the dev version. Regards, Simone On Mon, Feb 20, 2017 at 5:59 AM, Daniel Weeber wrote: > Hi Luca, >

Re: [Ntop] Historical Data Explorer sometimes is not present

If ntopng starts inPro mode for the first ten minutes, the icon will show up during this time interval. Once the demo mode is expired and ntopng goes back to the community edition, the icon will disappear as it is a pro-only feature. If you want to start ntopng right in community mode, use flag

Re: [Ntop] Reset Interface Stats

gt; > thanks for the response. I can't see the buttons you mention anywhere on > the interface page. I am running version 2.4.170202 - Pro Small Business > Edition. > > Thanks, > Chris. > > On 15 February 2017 at 20:40, Simone Mainardi <maina...@ntop.org> wrote: > >

Re: [Ntop] Historical IP and/or protocol reports

Hi, that is definitely possible. You can have this kind of reports in the Professional version. You can generate historical reports (e.g., top applications / ip / AS / etc) as well as obtain detailed per-host reports. The latter requires MySQL flow export to be enabled. See

Re: [Ntop] Reset Interface Stats

Hi, Presently, you have buttons to reset bytes and drops from the interface page (if_stats). We have an enhancement open https://github.com/ntop/ntopng/issues/914 to extend the counters that can be reset. Regards, Simone On Wed, Feb 15, 2017 at 9:35 AM, It Manager

Re: [Ntop] Historical Data Update please?

16? > > Regards, > > Warren > > On 18/05/16 14:57, Warren Daly (OPUS) wrote: > > Thanks Simone, this is fantastic news. More great features to an already > top product. > Thanks. > > > On 18/05/16 14:36, Simone Mainardi wrote: > > Hello Warren, > > Th

Re: [Ntop] automated reports

Not yet, but it's on our todos. Regards, Simone On Thu, Feb 9, 2017 at 3:46 PM, Nicolas Valera wrote: > Hi there! > Is there an automatic way to mail daily reports? > Thanks in advance... > Nicolás. > ___ > Ntop mailing list >

Re: [Ntop-misc] Ubuntu 16 Install Help

John, Dependencies are not pulled in automatically with dpkg -i so this is why you receive errors. Moreover, installing from .deb packages is not an officially supported procedure. You should add the ntop repositories and then install packages via 'apt-get install' as explained here:

Re: [Ntop] TX/RX display always identical.

Hi, If all the hosts seen fall in local networks, then you will see identical counters local2remote and remote2local. Indeed, the same amount of traffic is counted as egress (i.e., from a local network) and as ingress (i.e., to a local network). Can you please verify if flow src and dst are

Re: [Ntop-misc] Combining ntopng with third party sflow collector

Hi, you need nProbe to collect sflow and to transmit it to ntopng: see http://www.ntop.org/nprobe/why-nprobejsonzmq-instead-of-native-sflownetflow-support-in-ntopng/ Simone On Mon, Feb 6, 2017 at 4:52 PM, Kamel MANAI wrote: > Hello, > > > I have a third party

Re: [Ntop] Sampling factor for Flows

Marat, Typically Cisco ASA emits flows on the basis of an event such as, for example, "a Flow is deleted" or "a Flow is denied". You have to configure your ASA in order to get proper flow exports for the events you care. This is the Cisco ASA NetFlow implementation that explains in detail:

Re: [Ntop-misc] How to get separate traffic statistic by collector interface

Hi, On Thu, Jan 26, 2017 at 4:15 PM, Frederic Hermann wrote: > Hi Simone, > > > >> However, is there any way to get a global report, in addition to the > report by > >> interface ? That would make sense for the Top Remote Hosts and Top > ASNs, for > >> exemple, to have both

Re: [Ntop-misc] How to get separate traffic statistic by collector interface

1) . However, views aren't available for dynamically created interfaces. Regards, Simone > > > Regards > > > > De: "Simone Mainardi" <maina...@ntop.org> > > À: ntop-misc@listgateway.unipi.it, "Frederic Hermann" < > fhe-n...@neptune.fr> &g

Re: [Ntop-misc] nProbe's nDPI application layer protocol detection

Hi, Detection is done by nDPI. nDPI is a library that is shared by ntopng and nProbe and is actively under development. So, if ntopng correctly detects the protocol but nProbe doesn't, I guess you are using a version of nProbe that hasn't the proper heuristics to detect the protocols you're

Re: [Ntop-misc] How to get separate traffic statistic by collector interface

Hi, I tried to reproduce but everything works as expected. Full reply is on the issue page. I encourage you to update both ntopng and nprobe to their latest versions On Thu, Jan 19, 2017 at 2:30 PM, Frederic Hermann wrote: > > > > > Hi Frederic, > > The latest ntopng dev

Re: [Ntop] usage report

Dear Dave, The Professional version of ntopng contains a report module that allows you to print reports that include top hosts and all the information you mentioned. ntopng, by default, starts in professional mode and stays in that mode for the first 10 minutes of execution. This should enable

Re: [Ntop] Excluding hosts or a subnet from being monitored

168.2.227" -i none -n none --zmq > tcp://*:5556 -b 2 -3 6343 > --as-list=/usr/share/ntopng/httpdocs/geoip/GeoIPASNum.dat > --city-list=/usr/share/ntopng/httpdocs/geoip/GeoLiteCity.dat -G > --pid-file /var/run/nprobe/nprobe.pid > > Gerhard, > > > On Jan 18, 2017, at 4:01

Re: [Ntop] Excluding hosts or a subnet from being monitored

17/Jan/2017 14:05:57 [util.c:2278] INIT: Parent process is exiting (this > is normal) > 17/Jan/2017 14:05:57 [util.c:2271] INIT: Bye bye: I'm becoming a daemon... > 17/Jan/2017 14:05:57 [util.c:4036] Initializing ZMQ as server > 17/Jan/2017 14:05:57 [util.c:4079] Succesfully created ZMQ endpoint &

Re: [Ntop] Excluding hosts or a subnet from being monitored

al.ca> wrote: > Simone, > > > > BPF is not supported for collector interfaces. If you want to use it > then specify it on the nProbe. > > Can you show me an example, because I'm not able to do it on nprobe with > the -f option. > > > Gerhard Mourani >

Re: [Ntop] Excluding hosts or a subnet from being monitored

> tcp://127.0.0.1:5556 [ntopng->nprobe] > 13/Jan/2017 15:20:16 [NetworkInterface.cpp:1058] Invalid packet received > [len: 2934][MTU: 1518]. > 13/Jan/2017 15:20:16 [NetworkInterface.cpp:1059] WARNING: If you have > TSO/GRO enabled, please disable it > 13/Jan/2017 15:20:16 [

Re: [Ntop] ntopng zmq format reference

Dear Marat, The quickest thing you can do to figure out the message format is jumping directly to the source code of ntopng. Specifically, look at class CollectorInterface for the ZMQ communication logic, and at class ParserInterface for the actual parsing of data sent through ZMQ. Presently,

Re: [Ntop-misc] How to get separate traffic statistic by collector interface

Hi Frederic, The latest ntopng dev build allows you to create virtual interfaces on the basis of the ingress flow interface. You just have to visit the preferences page (Expert View), tab "Network Interfaces", and enable "Ingress Flow Interfaces". This should do the trick. Regards, Simone On

Re: [Ntop] Excluding hosts or a subnet from being monitored

rote: > Simone, > > Did you run ntopng with the filter directly from the command line or via > the configuration file? I think the problem happens when the filter is in > the configuration file and you run ntopng to read it in this file. > > Gerhard, > > > On Jan 1

Re: [Ntop] Excluding hosts or a subnet from being monitored

6:22:02 [RuntimePrefs.cpp:34] Dumping alerts into syslog > 10/Jan/2017 16:22:02 [Ntop.cpp:531] Adding 169.254.0.0/16 as IPv4 local > network for eth3 > 10/Jan/2017 16:22:02 [Ntop.cpp:561] Adding fe80::250:56ff:fe90:7661/64 as > IPv6 local network for eth3 > 10/Jan/2017 16:22:02 [Networ

Re: [Ntop] Excluding hosts or a subnet from being monitored

1061] WARNING: Use: sudo > ethtool -K eth0 gro off gso off tso off > > Seem that the filter passed but still can see IP 192.168.2.227 on my list! > > Gerhard, > > > On Jan 10, 2017, at 4:04 PM, Simone Mainardi <maina...@ntop.org> wrote: > > Gerhard, > > From

Re: [Ntop] Excluding hosts or a subnet from being monitored

Dumping alerts into syslog > 09/Jan/2017 14:43:49 [NetworkInterface.cpp:1538] Started packet polling on > interface tcp://127.0.0.1:5556 [id: 1]... > 09/Jan/2017 14:43:50 [CollectorInterface.cpp:104] Collecting flows on > tcp://127.0.0.1:5556 [ntopng->nprobe] > > Gerhar

Re: [Ntop] Excluding hosts or a subnet from being monitored

907-8356 | Ottawa 613 689-1539 | Toronto 416 645-5626 > facebook.com/Prival-230867980323343 > linkedin.com/company/prival > > > On Jan 8, 2017, at 5:36 AM, Simone Mainardi <maina...@ntop.org> wrote: > > Gerhard, > > The filter is correct and properly parsed by ntopng

Re: [Ntop] 2.5.17xxxx - No flows shown, when used with nprobe

Martin, On Sun, Jan 8, 2017 at 5:32 PM, Martin List-Petersen wrote: > After upgrading to 2.5.170108-2130 I have no flows in the flows view .. at > all. > > I have tried to downgrade to 2.5.170106 as I had a copy of that lying > around on a host, that listens on a different

Re: [Ntop] Excluding hosts or a subnet from being monitored

t; Thank you Simone. > > I will try that tomorrow morning. > > Much appreciated. > > > > On January 5, 2017 6:40:25 PM GMT+02:00, Simone Mainardi < > maina...@ntop.org> wrote: > > Brett, the filter is not complete. If you want to exclude 10.0.50.246 > set: &

Re: [Ntop] Excluding hosts or a subnet from being monitored

t; > -G=/var/run/ntopng.pid > --daemon= > --local-networks="10.0.50.0/25,10.0.50.128/26,10.0.50.193/30" > --packet-filter 10.0.50.246 > -m "10.0.50.0/25,10.0.50.128/26,10.0.50.193/30" > --track-local-hosts > > Regards, > > Brett > > From: Simone

Re: [Ntop] Excluding hosts or a subnet from being monitored

> --packet-filter 10.0.50.246 > > -m "10.0.50.0/25,10.0.50.128/26,10.0.50.193/30" > > --track-local-hosts > > > > Regards, > > > > Brett > > > > *From:* Simone Mainardi [mailto:maina...@ntop.org] > *Sent:* Thursday, January 05,

Re: [Ntop] libntapi.so and libntos.so have recently gone missing from the Ubuntu 14.04 pfring deb

to seek a more permanent solution. > > Thanks, > Kevin > > On Thu, Dec 22, 2016 at 12:53 PM, Simone Mainardi <maina...@ntop.org> > wrote: > >> Kevin, that should already been fixed: https://github.com/ntop >> /PF_RING/commit/f8ec4e582eea852bacc836e

Re: [Ntop] libntapi.so and libntos.so have recently gone missing from the Ubuntu 14.04 pfring deb

Kevin, that should already been fixed: https://github.com/ntop/PF_RING/commit/f8ec4e582eea852bacc836eb16abd995143080c6 Regards, Simone On Thu, Dec 22, 2016 at 6:50 PM, Kevin Branch wrote: > The pfring deb used to put those libs into /usr/local/lib. > >

Re: [Ntop] Ntop package for arch linux

Dear Chris, Presently that is not on our roadmap. If you are interested in leading this integration, please see https://github.com/ntop/ntopng/tree/dev/packages and add arch linux package creation for the opensource version. We will be happy to review and test a pull request. If it works then we

Re: [Ntop] ntop pro reporting on pcap interface

Chris, Reports are generated by crunching statistics collected over time and thus are not supported for pcap files. Traffic traces contained in pcaps are fully processed immediately, hence no historical timeseries (and reports) are available. Regards, Simone On Fri, Dec 9, 2016 at 4:09 AM,

Re: [Ntop] Info request (continued)

ntop-ow...@listgateway.unipi.it > > > > When replying, please edit your Subject line so it is more specific than > "Re: Contents of Ntop digest..." > > > > > > Today's Topics: > > > >1. info request (AIDOUN Mohamed) > >

Re: [Ntop] info request

Hi, Please see below, On Thu, Nov 24, 2016 at 2:32 PM, AIDOUN Mohamed wrote: > Hi, > > > > First of all sorry for my English… > > > > I’m a new user of Ntop. I’ve installed in on a Ubuntu server 16.04 via > “apt-get install ntopng”. So I do not have the last version. > >

Re: [Ntop] BigIP load balancer with ntopng question

sFlow is designed to only send samples of traffic. For this reason it is not possible to obtain accurate values in the 'realtime top application traffic' as only a fraction of all the packets is actually sent to the nProbe. To obtain accurate information you should use netflow or mirror/tap the

Re: [Ntop] Unknown L7 Protocols

quot;HTTP_URL": "crl.microsoft.com/pki/crl/ > products/MicCodSigPCA_08-31-2010.crl > <http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_08-31-2010.crl> > ", > - "HTTP_METHOD": "GET", > - "HTTP_HOST"

Re: [Ntop] Can't login with chrome browser

For the sake of completeness, these are the login-related issues that have already been solved: https://github.com/ntop/ntopng/issues/700 https://github.com/ntop/ntopng/issues/706 Regards, Simone On Sat, Oct 29, 2016 at 11:34 AM, Luca Deri wrote: > Hi all, > can you please open

Re: [Ntop] nprobe and snmp interface numbers

James, you are using an obsolete parameter for nProbe. See this issue: https://github.com/ntop/nProbe/issues/96 Please, use the new parameter --collector-port Regards, Simone On Mon, Oct 31, 2016 at 8:59 PM, James A. Klun wrote: > > I am currently working with nprobe -

Re: [Ntop] Unknown L7 Protocols

Hi, Please, explain how to reproduce. Enclose a pcap if you think it will help as well. Simone On Fri, Oct 28, 2016 at 10:46 AM, Lutfi Oduncuoglu < lutfioduncuo...@gmail.com> wrote: > Hello, > > I am trying to get L7_PROTO_NAME with nprobe. I am using the nprobe as > below > > nprobe -G -t

Re: [Ntop] Avoid to start ntopng automatically

; > if i put > > --community --local-network "mynetwork1/22, munetwork2/22" > > Starts in pro mode ¿?¿?¿? > > > Thanks for all the help. > > -- > *De:* ntop-boun...@listgateway.unipi.it <ntop-boun...@listgateway.unipi.it> >

Re: [Ntop] Avoid to start ntopng automatically

Hi, provided that you control ntopng start/stop with systemctl/service then you have to edit configuration file /etc/ntopng/ntopng.conf On Thu, Sep 22, 2016 at 11:19 AM, Juanjillo . wrote: > Thanks luca. > > > But, where? > > > Unitl now i have a manual script that do

Re: [Ntop] Make error

James, thanks for helping Alex. Alex, please follow James' instructions. ntop has been discontinued and replaced by the new generation ntopng. Simone On Thu, Sep 8, 2016 at 7:07 PM, James Lay wrote: > On 2016-09-08 11:00, Alex wrote: > >> Hi, these are the steps I

Re: [Ntop] does not works after finish license

lten haben, bitten wir Sie uns unter > off...@sanlucar.com über diesen Vorgang zu informieren, die E-Mail > ungelesen an uns zurückzusenden und aus Ihrem System zu löschen. > > > > *From:* ntop-boun...@listgateway.unipi.it [mailto:ntop-bounces@ > listgateway.unipi.it] *On Behal

Re: [Ntop] does not works after finish license

car.com über diesen Vorgang zu informieren, die E-Mail > ungelesen an uns zurückzusenden und aus Ihrem System zu löschen. > > > > *From:* ntop-boun...@listgateway.unipi.it [mailto:ntop-bounces@ > listgateway.unipi.it] *On Behalf Of *Simone Mainardi > *Sent:* martes, 06 de septie

Re: [Ntop] does not works after finish license

09:34:32 [nprobe.c:2718] Processed packets: 0 (max bucket > search: 1) > > 06/Sep/2016 09:34:32 [nprobe.c:2701] Fragment queue length: 0 > > 06/Sep/2016 09:34:32 [nprobe.c:2727] Flow export stats: [0 bytes/0 pkts][0 > flows/0 pkts sent] > > 06/Sep/2016 09:34:32 [nprobe.c:27

Re: [Ntop] does not works after finish license

Hi, If you just want to use the community edition, then start ntopng with option --community and it won't even start in professional mode for the first 10 minutes. If you are interested in evaluating the Professional version for more than 10 minutes, you should ask for a new trial or purchase a

Re: [Ntop] ntop 3.13.0 protocols

Robert, ntop has been discontinued. The new generation ntopng has taken its place. Please upgrade: http://www.ntop.org/products/traffic-analysis/ntop/ Simone On Mon, Aug 29, 2016 at 1:59 PM, Robert van Ommen wrote: > Hi, > > > > I have installed ntop on a debian server.

Re: [Ntop] ntopng v.2.4.160818 not changing to user when launching

Hi, As already suggested by James, using a single instance is recommended to monitor multiple interfaces on the same box. ntopng is also multi-tenant so you have the option to create users and associate interfaces and networks to them. In this way you can create non-privileged users that don't

Re: [Ntop] RRD data usage

Hi, Changing the retention policies from the 'On-Disk timeseries' preferences page affects only newly created RRDs. So if you change that policies and you want them to be applied to all the RRDs, then you have to wipe the existing RRDs so they will be re-created. Another thing that you can do is

Re: [Ntop] doubs space in disk

Andrés, One size doesn't fit all. It depends on the number of hosts you have and if you keep historical host L7 statistics. Anyway, RRDs that store this kind of information have a fixed size and don't grow with time. If you also use mysql to retain historical flows, then you'll need extra space

Re: [Ntop] won't start on boot in Ubuntu 14.04 - starts fine from command line

does not fix getting this msg on reboot. > > > > Dave > > > > > > > > > > From: ntop-boun...@listgateway.unipi.it [mailto: > ntop-boun...@listgateway.unipi.it] On Behalf Of Simone Mainardi > Sent: Wednesday, August 3, 2016 6:02 AM > To: n...@unipi.it > Cc: ntop mai

Re: [Ntop] won't start on boot in Ubuntu 14.04 - starts fine from command line

I've just tried and it works fine here on ubuntu 14. Package installation adds ntopng to the defaults runlevels on post install. >From the log messages you get, it looks like ntopng repeatedly tries to shutdown. When do you get those 'shutting down' messages? Simone On Wed, Aug 3, 2016 at 2:54

Re: [Ntop] Confusion on if nProbe is required

> > Is there any issue running nprobe in demo mode to achieve what we need? > the limitation is that is stops after 25000 exported flows > > > Thanks, > > CTSG > > > Quoting Simone Mainardi <maina...@ntop.org>: > > Hi, see below >> >>

Re: [Ntop] help with ipfix

Hi, Commands look wrong. You need to either use a wildcard or an ip address where you want to bind the nprobe. For example: nprobe --zmq tcp://***:5557 nprobe --zmq tcp://*127.0.0.1*:5557 Simone On Mon, Aug 1, 2016 at 5:02 PM, Andrés Salesa wrote: > Hi, > > > >

Re: [Ntop] Confusion on if nProbe is required

--zmq-encrypt-pwd at > the same time as the raspberry pi to encrypt the traffic it would cause the > ntopng process to crash on the windows laptop, is there a way to fix this? > zmq encryption is only supported by ntopng when receiving flows from the nprobe, not when exporting them. >

Re: [Ntop] Confusion on if nProbe is required

fsite ntopng updates it's > information to our ntopng install? > You don't have to tune this. Delays experienced are due to the fact that flows are exported once expired. > > > Thanks for the assistance. > > > CTSG > > > > Quoting Simone Mainardi <maina...@ntop.org

Re: [Ntop] Confusion on if nProbe is required

on the PI3 without nprobe if possible. Is the paid nprobe > required for the ability to use the PI3 in series between the modem and the > switch? > no it is not required, you can just use ntopng. > > Thank you! > > > CTSG > > > > Quoting Simone Mainardi

Re: [Ntop] ntop w/MySQL - High CPU wait % and disk writes, slow webui

to only need a single license? > ntopng does not directly speak netflow. So you need at least one nprobe to collect netflow data and send that data to ntopng. > > Thanks! > > > > > > On 2016-03-11 19:00, Simone Mainardi wrote: > >> The traffic charts enclosed show peaks

Re: [Ntop] Confusion on if nProbe is required

planned and hardware selected what email > should i use to discuss license orders? you can use the contact form on the ntopng website. Your email will be routed properly. > > > Thank you > > CTSG > > > Quoting Simone Mainardi <maina...@ntop.org>: > > Hi,

Re: [Ntop] Confusion on if nProbe is required

o une hardware switch per license but this has to be decided on a case-by-case basis. > > We want to use ntop on cheap a laptop for now until looking at embedded > style devices. > that's fine. Did you know you can also run ntopng on embedded devices such as ARM (raspberry pi), MIPSEL,

Re: [Ntop] Confusion on if nProbe is required

ed in the manual. > Will only mainly be used off mirror ports on a single subnet with both > probe and ntopng on the same host. Rarely will we be looking at anything > more than a single switch and network when using ntopng. > > Thank you again > > CTSG > > > > >

Re: [Ntop] LDAP Auth debugging

Hi Munroe, We are aware there is no error propagation that may help diagnosing LDAP issues. Please, file a github request and we'll try to accomodate it. Simone On Tue, Jul 19, 2016 at 9:52 PM, Munroe Sollog wrote: > I have configured my ntop instance (2.4.160719-1448) to

Re: [Ntop] Confusion on if nProbe is required

Hi, please see below On Wed, Jul 20, 2016 at 7:05 AM, wrote: > Hi All, > > We would like to use ntopng installed on a windows laptop connected to a > mirror port on a network switch to monitor and report on network traffic to > determine issues across the network. > >

Re: [Ntop] ntopng and IP addresses leases

or sure. I have modified and added some features and I > would gladly share them if it can be useful. Github is a best place for > such things. > > 2016-07-13 10:28 GMT+02:00 Simone Mainardi <maina...@ntop.org>: > >> Mathieu, >> >> You already asked a simi

Re: [Ntop] ntopng and IP addresses leases

Mathieu, You already asked a similar question some time ago in the same mailing list. The behaviors you described are consistent with the present implementation. If you would like to handle dynamic IP-MAC associations, then please feel free to post a feature request on github and we'll try and

Re: [Ntop] ntopng -> elasticsearch - dropped flows

o write to. > > However, what seems puzzling, is that none of the metrics of the machine > indicate the machine is over-taxed. > > Thanks again! > > > >> -- >> >> Message: 2 >> Date: Tue, 5 Jul 2016 10:25:03 +0200 &g

Re: [Ntop] Increasing Historical Reporting Length

New settings only affect newly created statistics. So for old statistics, that is, for hosts that you have already seen, the only way to increase the data retention period is to wipe the ntopng data folder (usually /var/tmp/ntopng). Please, keep in mind that this wipes out all the history. Simone

Re: [Ntop] HTTP 500 Error after login screen

Richard, we are unable to reproduce the issue. Can you confirm you are still experiencing it using the latest dev version? On Mon, Jun 27, 2016 at 9:10 PM, Richard Troiano wrote: > >I went to access my ntop installation today and got the following >error: > > >

Re: [Ntop] ntopng -> elasticsearch - dropped flows

Hi, Could you please share ntopng configuration used? I think your setup doesn't allow ntopng to be quick enough. Remember that there is one thread per monitored interface and that thread has to 1. capture packets / receive flows 2. handle them 3. export to ES Simone On Wed, Jun 29, 2016 at

Re: [Ntop] Ntop Digest, Vol 145, Issue 16

e so it is more specific > than "Re: Contents of Ntop digest..." > > > Today's Topics: > > 1. Re: What ntopng files needs to be persisted for statistics? > (Simone Mainardi) > 2. Re: Poss

Re: [Ntop] ntopng updated and is now Pro Small Business Edition????

Richard, packaged ntopng versions comes with 10 free minutes of the small business version. It's just to allow people to try it. You don't have to worry about that. After 10 minutes ntopng will switch to the free version. By the way, the free version is also known as community. And actually it

Re: [Ntop] What ntopng files needs to be persisted for statistics?

Hi Steinar, everything you find under /var/tmp/ntopng has to be persisted to ensure proper functionality. Simone On Tue, Jun 21, 2016 at 4:53 PM, Steinar Bang wrote: > Hi, > > I'm planning to put /var/tmp/ntopng into tmpfs. > > I'm wondering what files under /var/tmp/ntopng that

Re: [Ntop] JSON Data Export from ntop

Hi Richard, JSON is just a standard way to output data. Many modern tools such as Solr, Kafka, ElasticSearch, MongoDB, etc. are designed to smoothly ingest JSON-formatted data. So if you plan to use one of the mentioned software -- or, more in general, tools you may find in a big data ecosystem

Re: [Ntop] ntop/nprobe not processing flows from arista switch

Hi, According to the information shown, it may be that ntopng is not able to fetch monitored flows from the nProbe. I would try to bind the nProbe to any address (--zmq tcp://*:5557) and see if ntopng can see the traffic. Simone On Mon, Jun 13, 2016 at 1:03 PM, Enrico Kern

Re: [Ntop] How deploy ntopng in lan enviroment

Hello Massimiliano, There is no 'default' positioning scheme. It depends on the network topology and device features. However, you should try and place ntopng in a strategic location where it can sees most traffic. Here are some options: - If you have a way to 'collect' switches traffic to a

Re: [Ntop] High cpu usage

atr...@derwael.be> wrote: > Hi Simone, > > The high cpu is permanent, no matter of thé web interface usage > Ntop runs on a Tor router on centos 7 > > Patrick DERWAEL > Rue de la Fontaine, 3 > 4210 Burdinne > 0479/80.50.79 > Le 31 mai 2016 11:44, "Simone Mainardi&qu

Re: [Ntop] Help with license.

On Thu, May 19, 2016 at 1:34 PM, Amit Agarwal <li...@amit-agarwal.co.in> wrote: > On 2016-05-19 15:33, Simone Mainardi wrote: > >> Hi, >> >> Yes, basically any tool has the check license / >> check maintenance option. Look at the help. >> > I was

Re: [Ntop] Help with license.

Hi, Yes, basically any tool has the check license / check maintenance option. Look at the help. Alternatively you can see the status of licenses graphically using the nBox software. Simone On Thursday, 19 May 2016, Amit Agarwal wrote: > Hi, > > I am new here and

Re: [Ntop] ntopng behind a proxy

op_hosts.lua" page and the search box which doesn’t seem to use the > proxy. > > Gerhard, > > On May 10, 2016, at 6:20 AM, Simone Mainardi <maina...@ntop.org> wrote: > > Hi, > > Please remove the trailing slash from the --http-prefix and it will work: > &g

Re: [Ntop] Any users here of the brew ntopng package - issue with "Page "/lua/login.lua" was not found"?

Hi, I've just tested with brew and El Capitan. Everything works OK. After a brew install, ntopng works out-of-the-box and uses the right directories under usr/local/Cellar See the output: Simones-MacBook-Pro:tmp simone$ /usr/local/Cellar/ntopng/2.2_1/bin/ntopng [...] 10/May/2016 10:23:59

Re: [Ntop] Ntop Digest, Vol 142, Issue 52

t; ntop-requ...@listgateway.unipi.it > > You can reach the person managing the list at > ntop-ow...@listgateway.unipi.it > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Ntop digest..." > > > Today's Topics: > > 1. Re: Ntop Dig

Re: [Ntop] Ntop Digest, Vol 142, Issue 47

ipi.it > > You can reach the person managing the list at > ntop-ow...@listgateway.unipi.it > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Ntop digest..." > > > Today's Topics: >

Re: [Ntop] Ntopng and ddwrt

Hi, if rflow is interoperable with netflow, then you can 1) use nProbe as a collector for rflow data and; 2) send data to ntopng via ZMQ http://www.ntop.org/ntopng/creating-a-hierarchical-cluster-of-ntopng-instances/ On Mon, Mar 28, 2016 at 7:03 PM, Ken Mandelberg

Re: [Ntop] Ntop Digest, Vol 142, Issue 41

> ntop@listgateway.unipi.it > > To subscribe or unsubscribe via the World Wide Web, visit > http://listgateway.unipi.it/mailman/listinfo/ntop > or, via email, send a message with subject or body 'help' to > ntop-requ...@listgateway.unipi.it > > You can reach the person managing t

<    1   2   3   4   >