It’s: -T %EXPORTER_IPV4_ADDRESS %IPV4_SRC_ADDR %IPV4_DST_ADDR %PROTOCOL %L4_SRC_PORT %L4_DST_PORT %IN_PKTS %IN_BYTES %FIRST_SWITCHED %LAST_SWITCHED” %TCP_FLAGS %PROTOCOL %L7_PROTO %IPV4_XXX_ADDR %IPV6_XXX_ADDR
[cid:[email protected]] On Dec 10, 2014, at 1:27 AM, Luca Deri <[email protected]<mailto:[email protected]>> wrote: Gerhard what is the whole -T value you have used? Luca On 08 Dec 2014, at 20:54, Gerhard Mourani <[email protected]<mailto:[email protected]>> wrote: I’ve made what you’ve recommended but I see now the following warnings during nprobe startup: 08/Dec/2014 11:59:09 [nprobe.c:5459] WARNING: Your template lacks some important fields 08/Dec/2014 11:59:09 [nprobe.c:5460] WARNING: Unless you know what you are doing, make sure 08/Dec/2014 11:59:09 [nprobe.c:5461] WARNING: your template (-T) contains at least 08/Dec/2014 11:59:09 [nprobe.c:5462] WARNING: %IPV4_SRC_ADDR %IPV4_DST_ADDR %PROTOCOL 08/Dec/2014 11:59:09 [nprobe.c:5463] WARNING: %L4_SRC_PORT %L4_DST_PORT 08/Dec/2014 11:59:09 [nprobe.c:5491] WARNING: IPv4/v6 addresses will be ignored (your template lacks %IPV4_XXX_ADDR/%IPV6_XXX_ADDR) 08/Dec/2014 11:59:09 [nprobe.c:5498] WARNING: L4 ports will be ignored (your template lacks %L4_SRC_PORT/%L4_DST_PORT) 08/Dec/2014 11:59:09 [nprobe.c:5515] WARNING: Protocol will be ignored (your template lacks %PROTOCOL) So, I’ve added -> -T %EXPORTER_IPV4_ADDRESS %IPV4_SRC_ADDR %IPV4_DST_ADDR %PROTOCOL %L4_SRC_PORT %L4_DST_PORT %IPV4_XXX_ADDR %IPV6_XXX_ADDR But this does’t seem to make the warnings to disappear. Gerhard, On Dec 2, 2014, at 4:08 PM, Luca Deri <[email protected]<mailto:[email protected]>> wrote: Gerhard, in ntopng flows are converted by nprobe. Please make sure that you add in the template with -T the %EXPORTER_IPV4_ADDRESS information element, so that this source IP is propagated to ntopng. Done this a new lua report for depicting this information needs to be implemented Luca On 28 Oct 2014, at 19:42, Gerhard Mourani <[email protected]<mailto:[email protected]>> wrote: Hello, I’ve configured my switches and firewalls to send sflow to ntopng and it’s working. Now I would like to know where in ntopng I can see which device is sending sflow and the numbers for each one as we have it in the old ntop version? Gerhard, _______________________________________________ Ntop mailing list [email protected]<mailto:[email protected]> http://listgateway.unipi.it/mailman/listinfo/ntop _______________________________________________ Ntop mailing list [email protected]<mailto:[email protected]> http://listgateway.unipi.it/mailman/listinfo/ntop _______________________________________________ Ntop mailing list [email protected]<mailto:[email protected]> http://listgateway.unipi.it/mailman/listinfo/ntop _______________________________________________ Ntop mailing list [email protected]<mailto:[email protected]> http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
