Hi,
Right now the field L7_PROTO is a number in the export to ElasticSearch. Is
there someway
it could be made a string, like SKYPE, NETBIOS, MYSQL, etc.
I haven't found an easy way using ES or Kibana to convert the number to its
matching
human understandable protocol.
Thanks,
Steve
On 03/24/2015 07:46 PM, Arianna Avanzini wrote:
On Tue, Mar 24, 2015 at 9:15 PM, Paul Murgatroyd <[email protected]> wrote:
thanks Ariana, so can you elaborate on what the ElasticSearch integration is
today with ntopng?
When the -F es option is specified, all the statistics that are also
saved on sqlite for the historical interface are also stored in
ElasticSearch. ntopng however still does not provide any way to view
the stats that are stored in ElasticSearch (coming soon).
Thanks,
Arianna
On 24 March 2015 at 17:30, Paul Murgatroyd <[email protected]> wrote:
Hi all,
I've been using ntopng for a while now, but just started playing with
Elasticsearch.. however I can't seem to get it working..
My ntopng.conf is below:
[root@localhost ~]# cat /etc/ntopng/ntopng.conf
--data-dir=/usr/local/ntopng
--local-networks="192.168.0.0/16,10.0.0.0/8"
-F es;flows;ntopng-%Y.%m.%d;http://localhost:9200/_bulk
--interface=ens192
--dns-mode=1
--packet-filter="ip and not proto ipv6 and not ether host
ff:ff:ff:ff:ff:ff and not net (224.0.0.0/8 or 23
9.0.0.0/8)"
--daemon
-G=/var/tmp/ntopng.pid
1. Apart from installing ElasticSearch, is there any extra configuration I
need to do? Do I need to create indexes myself?
2. When I run ntopng with the above configuration, it doesnt log that it
is sending data to ElasticSearch and the interface says I need to start
ntopng with the "-F" parameter - which I am doing!
help!
thanks
paul
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
--
Stephen Clark
*NetWolves Managed Services, LLC.*
Director of Technology
Phone: 813-579-3200
Fax: 813-882-0209
Email: [email protected]
http://www.netwolves.com
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
