Hi Simone,
I tried what you said but I am still not getting all the networks from netflow data on my router. Here is a screenshot of what networks I am getting. There should be 4 networks under the 192.168.0.0/16 range and 1 network in the 172.16.0.0/16 range. Any help is much appreciated. We can also purchase the license if you like but I am not sure which one we should buy. I am just trying to see how the software will help us in analyzing network traffic and addressing bandwidth hogs on the network. Thank you. [cid:[email protected]] -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: July 14, 2017 1:40 AM To: [email protected] Subject: Ntop Digest, Vol 158, Issue 11 Send Ntop mailing list submissions to [email protected]<mailto:[email protected]> To subscribe or unsubscribe via the World Wide Web, visit http://listgateway.unipi.it/mailman/listinfo/ntop or, via email, send a message with subject or body 'help' to [email protected]<mailto:[email protected]> You can reach the person managing the list at [email protected]<mailto:[email protected]> When replying, please edit your Subject line so it is more specific than "Re: Contents of Ntop digest..." Today's Topics: 1. Help (Chris Markus) 2. Daily download totals needed (Peter Shute) 3. Re: Daily download totals needed (Peter Shute) 4. Re: Help (Simone Mainardi) 5. Re: Help (Simone Mainardi) ---------------------------------------------------------------------- Message: 1 Date: Thu, 13 Jul 2017 17:19:39 +0000 From: Chris Markus <[email protected]<mailto:[email protected]>> To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: [Ntop] Help Message-ID: <cy1pr0101mb092487ea294adc8a3478e2c5b7...@cy1pr0101mb0924.prod.exchangelabs.com<mailto:cy1pr0101mb092487ea294adc8a3478e2c5b7...@cy1pr0101mb0924.prod.exchangelabs.com>> Content-Type: text/plain; charset="us-ascii" Hello, I recently installed Ntop and I love it so far. However I am unable to pull any netflow data from my router. Ntop is only displaying 1 network that is connected to the machine I am running the website from. Any help would be much appreciated. Thank you, [Perimeter9 Logo]<http://www.perimeter9.com> Chris Markus p. 403.212.4358 c. +1 5877779537 e. [email protected]<mailto:[email protected]> w. www.perimeter9.com<http://www.perimeter9.com> -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://listgateway.unipi.it/pipermail/ntop/attachments/20170713/34eb7077/attachment-0001.htm> ------------------------------ Message: 2 Date: Fri, 14 Jul 2017 11:59:18 +1000 From: Peter Shute <[email protected]<mailto:[email protected]>> To: "'[email protected]'" <[email protected]<mailto:[email protected]>> Subject: [Ntop] Daily download totals needed Message-ID: <8A441D60E185A048A96A5674C0B98F2701C006A46573@nuwvicms2> Content-Type: text/plain; charset="us-ascii" I'm investigating why our ISP's website is displaying our daily download stats as about 1/4 of the normal amounts for the last three weeks. One theory is that their stats are wrong, so I'm trying to use ntopng to verify their totals. How? The historical data explorer is giving totals way too high, so I assume includes outgoing traffic too, and probably WAN traffic. Is there no way to separate these out? If I click on Interfaces, and select the only option there, then on what looks like someone wearing a stethoscope, I see the traffic broken up by profiles, so I can choose "Incoming only", which I've defined as " dst net 192.168 and not src net 192.168". I click on the graph icon, and I can see the last day, week, etc, with the total for that period at the bottom. But I can't get a total for yesterday, or the day before. I can't even get a midnight to midnight total for the last day because it uses the current time as the end of the 24 hours. Is there a way to get what I want from it? Peter Shute ------------------------------ Message: 3 Date: Fri, 14 Jul 2017 14:30:41 +1000 From: Peter Shute <[email protected]<mailto:[email protected]>> To: "'[email protected]'" <[email protected]<mailto:[email protected]>> Subject: Re: [Ntop] Daily download totals needed Message-ID: <8A441D60E185A048A96A5674C0B98F2701C006A4657B@nuwvicms2> Content-Type: text/plain; charset="us-ascii" I'm confused about the "Info" filter on the Historical Data Explorer page. In the results, in the IPv4 tab, the info column contains the names of traffic profiles I've created. But if I type any of those names into the Info filter box, it returns no results. And if I download IPv4 flows, the Info column is empty, and traffic profile names are in the Profile column. What exactly is this Info filter? Is there any way to filter on traffic profile? And why is there no mention of the historical data explorer in the user guide? (https://raw.githubusercontent.com/ntop/ntopng/dev/doc/UserGuide.pdf) > -----Original Message----- > From: > [email protected]<mailto:[email protected]> > [mailto:ntop- > [email protected]<mailto:[email protected]>] On Behalf > Of Peter Shute > Sent: Friday, 14 July 2017 11:59 AM > To: '[email protected]' > <[email protected]<mailto:[email protected]>> > Subject: [Ntop] Daily download totals needed > > I'm investigating why our ISP's website is displaying our daily > download stats as about 1/4 of the normal amounts for the last three weeks. > > One theory is that their stats are wrong, so I'm trying to use ntopng > to verify their totals. How? > > The historical data explorer is giving totals way too high, so I > assume includes outgoing traffic too, and probably WAN traffic. Is > there no way to separate these out? > > If I click on Interfaces, and select the only option there, then on > what looks like someone wearing a stethoscope, I see the traffic > broken up by profiles, so I can choose "Incoming only", which I've > defined as " dst net 192.168 and not src net 192.168". I click on the > graph icon, and I can see the last day, week, etc, with the total for > that period at the bottom. But I can't get a total for yesterday, or > the day before. I can't even get a midnight to midnight total for the last > day because it uses the current time as the end of the 24 hours. > > Is there a way to get what I want from it? > > Peter Shute > _______________________________________________ > Ntop mailing list > [email protected]<mailto:[email protected]> > http://listgateway.unipi.it/mailman/listinfo/ntop ------------------------------ Message: 4 Date: Fri, 14 Jul 2017 09:39:26 +0200 From: Simone Mainardi <[email protected]<mailto:[email protected]>> To: [email protected]<mailto:[email protected]> Cc: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: Re: [Ntop] Help Message-ID: <[email protected]<mailto:[email protected]>> Content-Type: text/plain; charset="us-ascii" Dear Chris, In order to monitor net flow data you need to use ntopng in combination with nProbe. Assuming your have configured your devices to export Netflow on port 2055, you can use this configuration: ./nprobe -i none -n none --collector-port 2055 --zmq tcp://*:5556 This configuration will collect flows and deliver them to ntopng that you can configure as follows: ./ntopng -i tcp://<nProbe host IP>:5556 --local-networks "a list of comma separated networks in CIDR notation" Regards, Simone > On 13 Jul 2017, at 19:19, Chris Markus > <[email protected]<mailto:[email protected]>> wrote: > > Hello, > > I recently installed Ntop and I love it so far. However I am unable to pull > any netflow data from my router. Ntop is only displaying 1 network that is > connected to the machine I am running the website from. Any help would be > much appreciated. > > Thank you, > > <http://www.perimeter9.com/> > Chris Markus > > p. 403.212.4358 > c. +1 5877779537 > e. [email protected]<mailto:[email protected]> > <mailto:[email protected]> > w. www.perimeter9.com<http://www.perimeter9.com> <http://www.perimeter9.com/> > _______________________________________________ > Ntop mailing list > [email protected]<mailto:[email protected]> > <mailto:[email protected]> > http://listgateway.unipi.it/mailman/listinfo/ntop > <http://listgateway.unipi.it/mailman/listinfo/ntop> -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://listgateway.unipi.it/pipermail/ntop/attachments/20170714/925f8e70/attachment-0001.htm> ------------------------------ Message: 5 Date: Fri, 14 Jul 2017 09:39:26 +0200 From: Simone Mainardi <[email protected]<mailto:[email protected]>> To: [email protected]<mailto:[email protected]> Cc: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: Re: [Ntop] Help Message-ID: <[email protected]<mailto:[email protected]>> Content-Type: text/plain; charset="us-ascii" Dear Chris, In order to monitor net flow data you need to use ntopng in combination with nProbe. Assuming your have configured your devices to export Netflow on port 2055, you can use this configuration: ./nprobe -i none -n none --collector-port 2055 --zmq tcp://*:5556 This configuration will collect flows and deliver them to ntopng that you can configure as follows: ./ntopng -i tcp://<nProbe host IP>:5556 --local-networks "a list of comma separated networks in CIDR notation" Regards, Simone > On 13 Jul 2017, at 19:19, Chris Markus > <[email protected]<mailto:[email protected]>> wrote: > > Hello, > > I recently installed Ntop and I love it so far. However I am unable to pull > any netflow data from my router. Ntop is only displaying 1 network that is > connected to the machine I am running the website from. Any help would be > much appreciated. > > Thank you, > > <http://www.perimeter9.com/> > Chris Markus > > p. 403.212.4358 > c. +1 5877779537 > e. [email protected]<mailto:[email protected]> > <mailto:[email protected]> > w. www.perimeter9.com<http://www.perimeter9.com> <http://www.perimeter9.com/> > _______________________________________________ > Ntop mailing list > [email protected]<mailto:[email protected]> > <mailto:[email protected]> > http://listgateway.unipi.it/mailman/listinfo/ntop > <http://listgateway.unipi.it/mailman/listinfo/ntop> -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://listgateway.unipi.it/pipermail/ntop/attachments/20170714/925f8e70/attachment-0002.htm> ------------------------------ _______________________________________________ Ntop mailing list [email protected]<mailto:[email protected]> http://listgateway.unipi.it/mailman/listinfo/ntop End of Ntop Digest, Vol 158, Issue 11 *************************************
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
