Hi, Sure you can do that on the same machine.
This is a basic configuration of nProbe and ntopng is as follows: ./nprobe -i <mirrored interface> -n <ip address of elastiflow>:<port of elastiflow> -V <elastiflow netflow version> --zmq tcp://127.0.0.1:5556 <tcp://127.0.0.1:5556> ./ntopng -i tcp://127.0.0.1:5556 <tcp://127.0.0.1:5556> -m <one or more subnets of interest> <ip address of elastiflow>:<port of elastiflow> is where elastiflow is listening for incoming netflow <elastiflow netflow version> is the netflow version elastiflow is expecting <one or more subnets of interest> a comma separated list of networks, eg., "192.168.2.0/24, 192.168.3.0/24" Regards, Simone > On 1 Aug 2018, at 10:47, Victor Hooi <victorh...@yahoo.com> wrote: > > Hi, > > We have a small office network, and I'm hoping to use both nProbe and ntopng > to analyse our traffic. > > The plan is to use our switch to mirror the outgoing WAN port to another port > on the switch - and then connect this to the second NIC on the nProbe/ntopng > machine. We can then use nProbe to send the traffic as Netflow data to > Elastiflow (https://github.com/robcowart/elastiflow > <https://github.com/robcowart/elastiflow>), and also analyse it on the box > itself via ntopng. > > Is something like this possible on the same machine? What is the best way of > setting this up? > > Regards, > Victor > _______________________________________________ > Ntop mailing list > Ntop@listgateway.unipi.it > http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________ Ntop mailing list Ntop@listgateway.unipi.it http://listgateway.unipi.it/mailman/listinfo/ntop
