Hello,
I am trying to setup nprobe with ntop ng in a simple case scenario,
Cisco 6500 Netflow V5/V9 ->> nprobe ->> ntopng
My problem is that at the moment I don't get any application in ntopng,
no HTTP detection even if that is most of my traffic.
I'm launching nprobe like that :
nprobe --zmq "tcp://127.0.0.1:5556" -i none -n none --collector-port
2055:16 -V10 -T "%IPV4_SRC_ADDR %IPV4_DST_ADDR %IPV4_NEXT_HOP
%INPUT_SNMP %OUTPUT_SNMP %IN_PKTS %L4_DST_PORT %L4_SRC_PORT %IN_BYTES
%FIRST_SWITCHED %LAST_SWITCHED %PROTOCOL %IPV4_SRC_MASK %IPV4_DST_MASK
%IN_SRC_MAC %OUT_DST_MAC %L7_PROTO %L7_PROTONAME"
and ntopng ( same box ) :
-m="192.168.1.0/24,0.0.0.0/32,224.0.0.0/8,239.0.0.0/8,255.255.255.255/32,127.0.0.0/8,194.XXXXXX.0/23,194.XXXXXX/22"
-G=/tmp/ntopng.pid
-n=1
-i=tcp://127.0.0.1:5556
-x=2000000
-X=2000000
if someone could share a similar working setup, that would be really
appreciated,
Best Regards
CP
_______________________________________________
Ntop-misc mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-misc
