Jon We fixed this bug last week. What version of nProbe are you using? Luca
Sent from my iPad (sorry for typos) > On 03/feb/2014, at 23:06, Jon Bayless <[email protected]> wrote: > > > OK Great! That has made a big difference. I am now getting flows into ntopng > this way. > > One strange thing I have encountered. If I start nprobe and give it the > daemonize option, it no longer works. > This command on the command line works: > > /usr/local/bin/nprobe --zmq tcp://*:5556 -i none -n none -b 2 -3 2055 > > This doesn't: > > /usr/local/bin/nprobe --zmq tcp://*:5556 -i none -n none -b 2 -3 2055 -G > > When I give the -G flag, it says it is becoming a daemon. Then I start ntopng > with this command: > > /usr/local/bin/ntopng -i tcp://127.0.0.1:5556 -e > > Ntopng starts and the web interface loads but it always says 'no packet has > been received yet'. Does the -G imply some other change in the functionality > besides just running as a daemon? > > Thanks > > >> On 2/3/2014 12:53 PM, Luca Deri wrote: >> >>> On 03 Feb 2014, at 19:27, Jon Bayless <[email protected]> wrote: >>> >>> If I change the nprobe syntax to: >>> >>> nprobe --zmq "tcp://*:5556" -i eth0 -n none -b 2’ >> >> This command is good for turning packets into flows. If you want to collect >> flows (let’s say on port 2055) and forward them to ntopng do >> >> nprobe --zmq "tcp://*:5556" -i none -n none -b 2 -3 2055 >> >> Cheers Luca >> >>> >>> I start receiving a lot of command line output about New Flow and Emmiting >>> Flow but still don't see the actual netflow data from the routers being >>> processed. I can see it coming into the nprobe software though. >>> >>>> On 2/1/2014 8:28 AM, Luca Deri wrote: >>>> Jon, >>>> the correct syntax is describe here >>>> https://svn.ntop.org/svn/ntop/trunk/ntopng/README.ntopng >>>> >>>> - collector >>>> ntopng -i tcp://127.0.0.1:5556 >>>> >>>> - probe (nProbe) >>>> nprobe --zmq "tcp://*:5556" -i ~/pcap/http.pcap -n none -b 2 >>>> Luca >>>> >>>>> On 31 Jan 2014, at 18:15, Jon Bayless <[email protected]> wrote: >>>>> >>>>> Hi! I've successfully installed Ntopng on a Centos 6.5 x86_64 server and >>>>> the new web interface is very nice. It looks very impressive so far. I am >>>>> hoping to use the software to display and analyze netflow data >>>>> exported/sent by Cisco Catalyst 6500 series layer 3 switches. Currently >>>>> we have flows sent from those switches going into jkflow/flowscan on >>>>> other linux servers and it works nicely but there is no interface beyond >>>>> the manual RRDtool graphs we build from the data to show basic in and out >>>>> byte counts. >>>>> >>>>> I understand that nprobe must be used as the netflow collector running on >>>>> the server with ntopng and I have tried to find good documentation on >>>>> what settings to use to do so. The best I have been able to do is see a >>>>> number of packets and connections from the switches in question in the >>>>> hosts display and flows. It shows it has received roughly 1.5GB of data >>>>> from each of the 2 routers I have sending to it but the data itself >>>>> doesn't seem to be processed by nprobe or ntopng. >>>>> >>>>> The command I have used to start nprobe currently is: >>>>> >>>>> nprobe --zmq "tcp://127.0.0.1:5556" -i none -n none -V 5 --collector-port >>>>> 2055 >>>>> >>>>> But I have tried a few other suggestions on other websites. What command >>>>> should I use if I just want the server to accept inbound netflow flows >>>>> from the routers I point at it and then put the flow data into ntopng? >>>>> >>>>> Thanks >>>>> >>>>> Jon >>>>> _______________________________________________ >>>>> Ntop-misc mailing list >>>>> [email protected] >>>>> http://listgateway.unipi.it/mailman/listinfo/ntop-misc >>>> >>>> >>>> >>>> _______________________________________________ >>>> Ntop-misc mailing list >>>> [email protected] >>>> http://listgateway.unipi.it/mailman/listinfo/ntop-misc >>> >>> _______________________________________________ >>> Ntop-misc mailing list >>> [email protected] >>> http://listgateway.unipi.it/mailman/listinfo/ntop-misc >> >> >> >> _______________________________________________ >> Ntop-misc mailing list >> [email protected] >> http://listgateway.unipi.it/mailman/listinfo/ntop-misc > > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
