Hi Emanuele, Thanks for your reply, after upgrade my install to the devel version and remove the data directory and the mysql tables, now ntopng don't shows traffic :(
Now in nprobe, I need to specify the flow version? nprobe start log: 10/Apr/2017 09:22:02 [nprobe.c:3615] Valid nProbe license found 10/Apr/2017 09:22:02 [nprobe.c:5489] WARNING: The output interfaceId is set to 0: did you forget to use -Q perhaps ? 10/Apr/2017 09:22:02 [nprobe.c:5492] WARNING: The input interfaceId is set to 0: did you forget to use -u perhaps ? 10/Apr/2017 09:22:02 [nprobe.c:5591] Welcome to nProbe v.7.5.170410 ($Revision: 5721 $) for x86_64-unknown-linux-gnu with native PF_RING acceleration 10/Apr/2017 09:22:02 [nprobe.c:5601] Running on Debian GNU/Linux 8.2 (jessie) 10/Apr/2017 09:22:02 [nprobe.c:5612] [LICENSE] nProbe SystemId: 10/Apr/2017 09:22:02 [nprobe.c:5726] Sample rate [packet: 1][flow: 1] 10/Apr/2017 09:22:02 [nprobe.c:8048] Welcome to nProbe v.7.5.170410 for x86_64-unknown-linux-gnu 10/Apr/2017 09:22:02 [nprobe.c:7046] WARNING: Adding %EXPORTER_IPV4_ADDRESS to the template as nProbe is working as collector 10/Apr/2017 09:22:02 [plugin.c:1068] 0 plugin(s) enabled 10/Apr/2017 09:22:02 [nprobe.c:7575] Non IPv4/v6 traffic is discarded according to the template 10/Apr/2017 09:22:02 [util.c:430] GeoIP: loaded AS config file /usr/share/ntopng/httpdocs/geoip/GeoIPASNum.dat 10/Apr/2017 09:22:02 [util.c:441] GeoIP: loaded AS IPv6 config file /usr/share/ntopng/httpdocs/geoip/GeoIPASNumv6.dat 10/Apr/2017 09:22:02 [nprobe.c:8224] IPv6 traffic will NOT be exported/accounted by this probe 10/Apr/2017 09:22:02 [nprobe.c:8225] due to configuration options (e.g. use NetFlow v9) 10/Apr/2017 09:22:02 [nprobe.c:8226] Please use -V to set the version to other than NetFlow V5 10/Apr/2017 09:22:02 [nprobe.c:8379] Not capturing packet from interface (collector mode) 10/Apr/2017 09:22:02 [util.c:4127] Initializing ZMQ as server 10/Apr/2017 09:22:02 [util.c:4170] Succesfully created ZMQ endpoint tcp://127.0.0.1:5556 10/Apr/2017 09:22:02 [util.c:3216] nProbe changed user to 'nobody' 10/Apr/2017 09:22:02 [collect.c:143] Flow collector listening on port 2055 (IPv4/v6) 10/Apr/2017 09:22:02 [nprobe.c:8605] nProbe started successfully Ok, the same but with -V 9 for netflowv9 and ipfix: 10/Apr/2017 09:26:26 [nprobe.c:5591] Welcome to nProbe v.7.5.170410 ($Revision: 5721 $) for x86_64-unknown-linux-gnu with native PF_RING acceleration 10/Apr/2017 09:26:26 [nprobe.c:5601] Running on Debian GNU/Linux 8.2 (jessie) 10/Apr/2017 09:26:26 [nprobe.c:5612] [LICENSE] nProbe SystemId: 10/Apr/2017 09:26:26 [nprobe.c:5726] Sample rate [packet: 1][flow: 1] 10/Apr/2017 09:26:26 [nprobe.c:8048] Welcome to nProbe v.7.5.170410 for x86_64-unknown-linux-gnu 10/Apr/2017 09:26:26 [nprobe.c:7118] You selected v9/IPFIX without specifying a template (-T). 10/Apr/2017 09:26:26 [nprobe.c:7119] The default template will be used 10/Apr/2017 09:26:26 [nprobe.c:7124] Using NetFlow Packet Payload Len: 1472 10/Apr/2017 09:26:26 [nprobe.c:7046] WARNING: Adding %EXPORTER_IPV4_ADDRESS to the template as nProbe is working as collector 10/Apr/2017 09:26:26 [plugin.c:1068] 0 plugin(s) enabled 10/Apr/2017 09:26:26 [nprobe.c:7545] Each flow is 105 bytes long 10/Apr/2017 09:26:26 [nprobe.c:7546] The # flows per packet has been set to 13 10/Apr/2017 09:26:26 [nprobe.c:7549] IP TOS is accounted 10/Apr/2017 09:26:26 [nprobe.c:7575] Non IPv4/v6 traffic is discarded according to the template 10/Apr/2017 09:26:26 [util.c:430] GeoIP: loaded AS config file /usr/share/ntopng/httpdocs/geoip/GeoIPASNum.dat 10/Apr/2017 09:26:26 [util.c:441] GeoIP: loaded AS IPv6 config file /usr/share/ntopng/httpdocs/geoip/GeoIPASNumv6.dat 10/Apr/2017 09:26:26 [nprobe.c:8379] Not capturing packet from interface (collector mode) 10/Apr/2017 09:26:26 [util.c:4127] Initializing ZMQ as server 10/Apr/2017 09:26:26 [util.c:4170] Succesfully created ZMQ endpoint tcp://127.0.0.1:5556 10/Apr/2017 09:26:26 [util.c:3216] nProbe changed user to 'nobody' 10/Apr/2017 09:26:26 [collect.c:143] Flow collector listening on port 2055 (IPv4/v6) 10/Apr/2017 09:26:26 [nprobe.c:8605] nProbe started successfully ntopng dashboard… nothing: https://i.dmtinc.cl/image/4uv <https://i.dmtinc.cl/image/4uv> Version 2.5.170410 - Pro Small Business Edition Platform Debian 8.2 [x86_64][Debian GNU/Linux 8.2 (jessie)] - 64 bit Startup Line ntopng --pid "/var/tmp/ntopng.pid" --daemon "" --interface "tcp://127.0.0.1:5556" --data-dir "/data/ntopng" --http-port "3000" --max-num-hosts "300000" --local-networks "138.xxx.xx.0/xx" --dump-flows "mysql;localhost;ntop;flows;ntop;xxxxx" Last Log Trace 10/Apr/2017 09:27:37 [MySQLDB.cpp:622] Successfully connected to MySQL [localhost:ntop] for interface tcp://127.0.0.1:5556 10/Apr/2017 09:27:37 [MySQLDB.cpp:582] Attempting to connect to MySQL for interface tcp://127.0.0.1:5556... 10/Apr/2017 09:27:37 [NetworkInterface.cpp:1931] Started packet polling on interface tcp://127.0.0.1:5556 [id: 0]... 10/Apr/2017 09:27:37 [AddressTree.cpp:171] [AddressTree] 138.xxx.xxx.0/xxx 10/Apr/2017 09:27:37 [Ntop.cpp:614] Local Networks 10/Apr/2017 09:27:37 [Ntop.cpp:612] Local Interface Addresses (System Host) 10/Apr/2017 09:27:37 [NtopPro.cpp:300] [LICENSE] Maintenance is available until Thu Mar 22 12:28:01 2018 [346 days left] 10/Apr/2017 09:27:37 [NtopPro.cpp:279] [LICENSE] ntopng license: xxxxxx 10/Apr/2017 09:27:37 [NtopPro.cpp:268] [LICENSE] ntopng systemId: xxxxxxxxxxx 10/Apr/2017 09:27:37 [PeriodicActivities.cpp:56] Started periodic activities loop... 10/Apr/2017 09:27:37 [Ntop.cpp:297] Built on Debian GNU/Linux 8.2 (jessie) 10/Apr/2017 09:27:37 [Ntop.cpp:292] Welcome to ntopng x86_64 v.2.5.170410 - (C) 1998-17 ntop.org 10/Apr/2017 09:27:37 [main.cpp:313] Scripts/HTML pages directory: /usr/share/ntopng 10/Apr/2017 09:27:37 [main.cpp:311] Working directory: /data/ntopng 10/Apr/2017 09:27:37 [MySQLDB.cpp:370] MySQL schema update. Altering table flowsv6: changing OUT_BYTES data type to unsigned int. 10/Apr/2017 09:27:37 [MySQLDB.cpp:370] MySQL schema update. Altering table flowsv6: changing IN_BYTES data type to unsigned int. 10/Apr/2017 09:27:37 [MySQLDB.cpp:370] MySQL schema update. Altering table flowsv4: changing OUT_BYTES data type to unsigned int. 10/Apr/2017 09:27:37 [MySQLDB.cpp:370] MySQL schema update. Altering table flowsv4: changing IN_BYTES data type to unsigned int. 10/Apr/2017 09:27:36 [MySQLDB.cpp:342] MySQL schema update. Altering table flowsv6: changing engine from InnoDB to MyISAM. 10/Apr/2017 09:27:36 [MySQLDB.cpp:342] MySQL schema update. Altering table flowsv4: changing engine from InnoDB to MyISAM. 10/Apr/2017 09:27:36 [MySQLDB.cpp:314] MySQL schema update. Altering table flowsv6: renaming BYTES to IN_BYTES and adding OUT_BYTES 10/Apr/2017 09:27:36 [MySQLDB.cpp:314] MySQL schema update. Altering table flowsv4: renaming BYTES to IN_BYTES and adding OUT_BYTES 10/Apr/2017 09:27:34 [MySQLDB.cpp:622] Successfully connected to MySQL [localhost:ntop] for interface tcp://127.0.0.1:5556 10/Apr/2017 09:27:34 [MySQLDB.cpp:582] Attempting to connect to MySQL for interface tcp://127.0.0.1:5556... 10/Apr/2017 09:27:34 [HTTPserver.cpp:772] HTTP server listening on port(s) 3000 10/Apr/2017 09:27:34 [HTTPserver.cpp:769] Web server dirs [/usr/share/ntopng/httpdocs][/usr/share/ntopng/scripts] 10/Apr/2017 09:27:34 [Utils.cpp:368] User changed to nobody 10/Apr/2017 09:27:34 [HTTPserver.cpp:723] Please read https://github.com/ntop/ntopng/blob/dev/doc/README.SSL if you want to enable S nothing on mysql: MariaDB [ntop]> select count(*) flowsv4; +---------+ | flowsv4 | +---------+ | 1 | +---------+ 1 row in set (0.00 sec) MariaDB [ntop]> select count(*) flowsv6; +---------+ | flowsv6 | +---------+ | 1 | +---------+ 1 row in set (0.00 sec) MariaDB [ntop]> nprobe log on stop: 10/Apr/2017 09:32:04 [nprobe.c:2867] Processed packets: 0 (max bucket search: 0) 10/Apr/2017 09:32:04 [nprobe.c:2850] Fragment queue length: 0 10/Apr/2017 09:32:04 [nprobe.c:2876] Flow export stats: [0 bytes/0 pkts][0 flows/0 pkts sent] 10/Apr/2017 09:32:04 [nprobe.c:2883] Flow collection: [collected pkts: 5277][processed flows: 75120] 10/Apr/2017 09:32:04 [nprobe.c:2886] Flow drop stats: [0 bytes/0 pkts][0 flows] 10/Apr/2017 09:32:04 [nprobe.c:2891] Total flow stats: [0 bytes/0 pkts][0 flows/0 pkts sent] nprobe config: -i none -n none --daemon-mode -V 9 (added this option after upgrade) --no-promisc --zmq tcp://127.0.0.1:5556 —collector-port 2055 and i dont know what to do now Regards Roberto > On Apr 10, 2017, at 04:17, Emanuele Faranda <[email protected]> wrote: > > Hi Roberto, > > The issue is likely solved in the 2.5 version of ntopng. > > Since we are migrating towards the 2.6 release, if you can afford to lose > your current ntopng collected data, I suggest you to install the 2.5 version > of ntopng which, at the current time, should be stable enough for use. > > For the update to the 2.5 version, please be sure to: > > - flush redis with "redis-cli flushall" > > - remove the ntopng data directory "rm -rf /data/ntopng" > > - update nprobe too > > Regards, > Emanuele > > > On 04/10/2017 03:23 AM, Roberto Alvarado wrote: >> Hi, >> >> I have this problem, when I open a host detail, the first and last seen date >> are from 1970: >> >> First / Last Seen 01/01/1970 18:07:04 [47 years, 107 days, 15 hours, 10 >> min, 44 sec ago] 25/03/1970 03:33:32 [47 years, 25 days, 5 hours, 44 min, >> 16 sec ago] >> >> >> Do you know how to fix this??? >> >> Debian Jessie >> >> root@mhost:~# date >> Fri Apr 7 09:22:13 -03 2017 >> root@mhost:~# >> >> My config: >> >> ntopng: >> >> >> Version 2.4.170215 - Pro Small Business Edition >> Platform Debian 8.2 [x86_64][Debian GNU/Linux 8.2 (jessie)] - 64 bit >> Startup Line ntopng —pid “/var/tmp/ntopng.pid" --daemon "" --interface >> "tcp://127.0.0.1:5556" --data-dir "/data/ntopng" --http-port "3000" >> --local-networks "138.xxx.xxxx.0/22" --dump-flows >> "mysql;localhost;ntop;flows;ntop;xxxxxxx" >> >> nprobe: >> >> -i none >> -n none >> --daemon-mode >> --num-threads 1 >> --no-promisc >> --zmq tcp://127.0.0.1:5556 >> --collector-port 2055 >> >> >> Thanks! >> >> Regards >> Robertp >> _______________________________________________ >> Ntop mailing list >> [email protected] >> http://listgateway.unipi.it/mailman/listinfo/ntop > > _______________________________________________ > Ntop mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
