Hi,
I've recently started collecting NetFlow data sent from a Cisco ASA
into nprobe v.6.15.131114 ($Revision: 3788 $) and over ZMQ to ntopng x86_32
v.1.1 (r6806) and it seems to be basically working. However, I'm having
trouble making sense of the times shown by ntopng. The "first seen" for just
about all flows is 08/11/2013 04:59:25 [52 days, 12 hours, 12 min, 8 sec ago]
and "last seen" times are almost all 27/12/2013 21:59:46 [2 days, 19 hours, 12
min, 11 sec ago], although the throughput rates on the collector interface seem
approximately correct.
How does ntopng determine the "First Seen" and "Last Seen" times ?
Thanks,
Aaron
Domicilium (IOM) Limited | The Isle of Man Datacentre
Ronaldsway Industrial Estate | Ballasalla | Isle of Man |IM9 2AW
Tel +44 (0) 1624 825278
www.domicilium.com
www.ipv6.domicilium.com
This e-mail is confidential and may be privileged. It may be read, copied and
used only by the intended recipient. If you have received it in error, please
contact the sender immediately by return e-mail. Please then delete the e-mail
and do not disclose its contents to any person.
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
