Jason
the format is slightly different
[--dump-flows|-F] <mode> | Dump expired flows. Mode:
| db - Dump in SQLite DB
| es - Dump in Redis ntopng.es queue
| Format:
| es;<idx type>;<idx name>;<es
URL>;<es pwd>
| Example:
|
es;flows;ntopng-%Y.%m.%d;http://localhost:9200/_bulk;
| Note: the <idx name> accepts the
strftime() format.
Regards Luca
> On 13 Mar 2015, at 00:29, Jason Calhoun <[email protected]> wrote:
>
> Hi,
>
> I'm trying to get ntopng to export flows to elasticsearch, my config file is
> as follows:
>
> -------------
> -G=/var/tmp/ntopng.pid
> -U root
> -F 'es;flows;ntopng;http://localhost:9200/_bulk'
> -d /home/ntopng
> -e
> -w 8080
> -n 2
> -i ens33
> ---------------
>
> When I start ntopng, I get the following in the logs:
>
> ntopng[19245]: [Prefs.cpp:601] WARNING: Discarding -F
> 'es;flows;ntopng;http://localhost:9200/_bulk': value out of range
>
> What did I miss?
>
> Also, the end goal here is to keep historical traffic data so that we can
> review the activity of any given IP for a specified time period, such as a
> log that shows all the web sites they visited between 8 and 3 days ago. The
> historical data in ntopng would seem to be the solution, but we've found it
> too slow. It can take several hours to load data for just a day or two.
> Does anyone have any suggestions for a tool that can do what we're looking
> for? I haven't gotten Kibana running yet, but everything else I have found
> so far seems to focus on aggregate data, which is not what we need.
>
>
> Thanks,
> Jason
> _______________________________________________
> Ntop mailing list
> [email protected]
> http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
