Gary, my comment was based on differences between the hostname displayed
by ntop and what a reverse lookup generated. I found a post by Burton
Strauss (http://lists.ntop.org/pipermail/ntop/2004-March/007684.html) that
matches what you describe (about a third of the way down).
> What is "ntop host name"? Ntop "sniffs" name res requests, but I don't
think it looks in http headers for url connects, does it?
I just got the rrdPlugin 'Arbitrary Graphs' working - I had originally
left the host IP address blank to generate a 'per-interface graph' but got
errors ('unknown RRD file'). The 'table' output gave me the format of the
'rrdtool fetch' command. I should be able to develop much better data
extraction code if I can figure out how to extract the IP/hostname mapping
from dnsCache.db.
> If you have the right detail enabled in the rrd plugin, there's a basic
gui graph function in ntop to get at said data.
Based on my reading of the mailing list, the SQL support is only for
Netflow records.
> Perhaps if you compile with sql it will give you more options?
Thanks for your help! The pieces are starting to fall into place. _______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
