We do have the source, but the only reason we purchased the binary to begin with is because we had so much trouble trying to compile from source. MySQL seems to be mysteriously working now that I tried running ntop from the command line. Our environment is about 120 computers. I’ve been watching the RAM usage closely and it hasn’t hit 70 MiB yet.
Perhaps you can just tell me what to use if I shouldn’t use sticky hosts. Basically, if it’s say 5 PM right now, I need to be able to see if someone went to a site at 7 AM, if only just once. From: [email protected] [mailto:[email protected]] On Behalf Of Gary Gatten Sent: Wednesday, May 25, 2011 9:50 AM To: '[email protected]' Subject: Re: [Ntop] NTop 4.0.3 Windows questions Do you have the source and binary? If source, are you willing to recompile as necessary? I'm not familiar with the windows version, but the *nix version has numerous helpful tweaks, but most require changes to "globals-defines.h" and a recompile. In the mean time, have you read the docs for all available run time options, such as sticky hosts? You mentioned you have sticky hosts enabled, does it seem to be working or are hosts still aging out? I recall a fairly recent post from someone where it "appeared" sticky hosts wasn't working. I don't recall the details here. But, if you're tracking "sessions"... Those will eventually always age out, but you can tweak the timers. For data retention perhaps start with the rrd plugin. You can tweak the level of detail stored and for how long. This may or may not meet your needs; historically some info has been memory resident only, not exported to rrd at all. There are other methods as well, such as sql, saving every packet to a file, netflow dumps, custom scripts, etc. Unfortunately I can't help much with those. How large and dynamic is your environment? Sticky hosts is usually a bad idea unless you're only tracking local hosts. Else, regardless how much RAM you have you'll eventually exhaust it and need to reboot. From: Abel, Jacob [mailto:[email protected]] Sent: Wednesday, May 25, 2011 07:19 AM To: [email protected] <[email protected]> Subject: [Ntop] NTop 4.0.3 Windows questions Hello all, Our company just purchased NTop for Windows and I have a few questions. 1. Is there a way to keep all data received? This morning we caught someone on a naughty site but then the info page for that IP address disappeared because the person hadn’t visited it in a while. I do have the sticky hosts setting enabled, but things are still disappearing. We don’t have any care about the amount of RAM it takes or the hard drive space, we want to save everything, at least for a month or so. 2. MySQL support. I installed MySQL on the same machine and put the username/pass into the settings page in NTop, and enabled saving of sessions and data. NTop apparently created an “ntop” database and two tables, but the tables are empty after having NTop on for a while… 3. DNS resolution. I noticed that NTop takes quite a while to resolve names, is there a way to speed this up? Thanks in advance for your help. Jacob Abel ms consultants, inc. "This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system."
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
