Hi,
I have been given the task of investigating what a host was doing
between a time range today.
On another system this host was flagged as sending traffic.
I am struggling to use ntopng to assist me with this task. Please help.
So I visit this URL
/lua/host_details.lua?ifname=37&host=192.168.1.1&page=historical
This page displays a nice graph of send/received. A good start.
I can also break it down to TCP, UDP and ICMP. Also a good start.
If I hover over the graph I can see which hosts in that 1 min were
talking to this host 192.168.1.1
* it would be nice to see all hosts for a range of time not just 1 minute.
So it shows me a host that it was talking to, I click on it, and I am
brought the remote host
/lua/host_details.lua?host=192.168.10.1
the over view page....
At no stage can I see a breakdown of protocols by host AND host.
Right now I can see 192.168.1.1 talked to 192.168.10.1
But what kind of protocols? I can see it's TCP... but not if it was SMB
traffic, or RDP etc...
What am I doing wrong?
Regards,
Warren
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
