Hi! I've successfully installed Ntopng on a Centos 6.5 x86_64 server and
the new web interface is very nice. It looks very impressive so far. I
am hoping to use the software to display and analyze netflow data
exported/sent by Cisco Catalyst 6500 series layer 3 switches. Currently
we have flows sent from those switches going into jkflow/flowscan on
other linux servers and it works nicely but there is no interface beyond
the manual RRDtool graphs we build from the data to show basic in and
out byte counts.
I understand that nprobe must be used as the netflow collector running
on the server with ntopng and I have tried to find good documentation on
what settings to use to do so. The best I have been able to do is see a
number of packets and connections from the switches in question in the
hosts display and flows. It shows it has received roughly 1.5GB of data
from each of the 2 routers I have sending to it but the data itself
doesn't seem to be processed by nprobe or ntopng.
The command I have used to start nprobe currently is:
nprobe --zmq "tcp://127.0.0.1:5556" -i none -n none -V 5
--collector-port 2055
But I have tried a few other suggestions on other websites. What command
should I use if I just want the server to accept inbound netflow flows
from the routers I point at it and then put the flow data into ntopng?
Thanks
Jon
_______________________________________________
Ntop-misc mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-misc
