On 29/01/2015 00:17, barnaby cockcroft wrote:
I am having a hard time getting any historical data out of ntopng.
Hi Barnaby,
I think I’m collecting data: [[email protected] tmp]# du -sh /var/tmp/0/* 1.6G /var/tmp/0/flows 882M /var/tmp/0/rrd 25M /var/tmp/0/top_talkers The flows directory has a sqlite db for each 5 minute period, eg: ls -l 0/flows/2015/01/22/11/ total 15800 -rw-r--r-- 1 nobody nobody 1418240 Jan 22 11:05 00.sqlite -rw-r--r-- 1 nobody nobody 1333248 Jan 22 11:10 05.sqlite -rw-r--r-- 1 nobody nobody 1362944 Jan 22 11:15 10.sqlite -rw-r--r-- 1 nobody nobody 1313792 Jan 22 11:20 15.sqlite -rw-r--r-- 1 nobody nobody 1283072 Jan 22 11:25 20.sqlite -rw-r--r-- 1 nobody nobody 1417216 Jan 22 11:30 25.sqlite -rw-r--r-- 1 nobody nobody 1336320 Jan 22 11:35 30.sqlite -rw-r--r-- 1 nobody nobody 1294336 Jan 22 11:40 35.sqlite -rw-r--r-- 1 nobody nobody 1395712 Jan 22 11:45 40.sqlite -rw-r--r-- 1 nobody nobody 1328128 Jan 22 11:50 45.sqlite -rw-r--r-- 1 nobody nobody 1349632 Jan 22 11:55 50.sqlite -rw-r--r-- 1 nobody nobody 1321984 Jan 22 12:00 55.sqlite The rrd directory has rrd files for individual protocols, and for each host on the network a directory of similar protocol rrd files. My configuration file is as follows: [[email protected] tmp]# cat /etc/ntopng.conf -i=tcp://127.0.0.1:5556 -d=/var/tmp -w=3000 -m=“XXXXXXXXX" -e= -F=db -p=/etc/ntopng/protos.txt -A=2 -C= -D=all -E=all -S=all -G=/var/run/ntopng/ntopng.pid When I choose “historical” from interfaces rather than “tcp://127.0.0.1:5556”, I am redirected to specify a time period. When I do, it tells me “Well done! Data loading process started successfully”. However, the overview tab says I have no data, and any tab where I’d imagine I’d be able to see flows or hosts I get “No results found” in a light red bar across the screen. Even in regular mode, I notice I never have more than an hour’s worth of data in the “activity map”. I assume I’m making some rookie mistake here, but I haven’t been able to figure out what.
Which ntopng version are you using? Thank you, Arianna
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
-- /* * Arianna Avanzini * [email protected] * http://ava.webhop.me */ _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
