Re: Bandwidth monitoring .. hints/tips & which tool?

2003-05-19 Thread Jason Lim 

>
> Both ntop 
> and iptraf  should do this.
> iptraf is lighter on resources, and offer realtime monitoring,
> ntop is accessed trough an browser, and offers extensive graphs of
> traffic.
> It all depends on how low-end this box is.
>
> --
> Frode Haugsgjerd
> Norway

I know iptraf does this... but I don't think it offers much in the way of
logging.

ntop does produce many graphs and stuff, but I can see what he is looking
for.

>From reading his post, I think he is hoping to have a list of IPs. Then he
can click on an IP, and it breaks down the bandwidth usage (maybe over
hour, day, week, etc. like MRTG does), and he can see maybe totals by
protocol (eg. 85% http, 10% smtp). ntop offers are more general picture I
think, but I could be wrong!

Re: Bandwidth monitoring .. hints/tips & which tool?

2003-05-19 Thread Frode Haugsgjerd 
On Mon, May 19, 2003 at 08:18:42PM +, Jonathan Matthews wrote:
> Hi all -
> 
> [Summary: What tool is best for traffic monitoring down to the per-user 
> level?]
> 
> Just wondered if anyone could point me in the right direction so that I 
> can build a positive image of Debian within the organisation I work for.  
> The company's nothing exciting - we make cookers :-)
> 
> The IT guy there would like to be able to see who's using our intra-site 
> bandwidth up, and on what task.  Traffic breakdown by time, user (hence 
> IP, I suppose) and port would be my best guess.
> 
> All traffic goes through an MS proxy server at this site (and 
> traffic going that way is all we're concerned about at this juncture) 
> and then through a Cisco router on the way to the remote site.
> 
> He'd like a solution that involves installing a piece of software on his 
> local PC and nothing else, but I'm not so easily satisfied.  I want to 
> (and I think I can convince him to let me) install a low-end box between 
> either the network and the proxy, the proxy and the router, or the 
> router and the remote site.  I'd like to get a Debian box in there, and 
> I'd appreciate some help with what I should be looking to put it on 
> there.
> 
> I've been looking at MRTG, but can't see (remembering that I'm not in a 
> position to try stuff out at work to see if it works :-|) a way to break 
> the reports down by source/destination IP address.  Am I missing 
> something?
> 
> If not, and MRTG just isn't the tool for this job, then what is?
> 
> I'm not averse to a bit of perl/whatever hacking, but would like to use 
> an existing tool if it's out there!
> 
> Any ideas?  On-list, please.
> 
> Thanks!
>   jc
> 

Both ntop 
and iptraf  should do this.
iptraf is lighter on resources, and offer realtime monitoring,
ntop is accessed trough an browser, and offers extensive graphs of 
traffic.
It all depends on how low-end this box is.

--
Frode Haugsgjerd
Norway

Re: Bandwidth monitoring .. hints/tips & which tool?

2003-05-19 Thread Alexandre Dulaunoy 
On Mon, 19 May 2003, Jonathan Matthews wrote:

> If not, and MRTG just isn't the tool for this job, then what is?
> 
> I'm not averse to a bit of perl/whatever hacking, but would like to use 
> an existing tool if it's out there!
> 
> Any ideas?  On-list, please.

http://packages.debian.org/unstable/web/cacti.html
http://www.raxnet.net/products/cacti/

Hope this helps,

adulau

-- 
--   Alexandre Dulaunoy (adulau) -- http://www.foo.be/
-- http://pgp.ael.be:11371/pks/lookup?op=get&search=0x44E6CBCD
-- "Knowledge can create problems, it is not through ignorance
--that we can solve them" Isaac Asimov

Bandwidth monitoring .. hints/tips & which tool?

2003-05-19 Thread Jonathan Matthews 
Hi all -

[Summary: What tool is best for traffic monitoring down to the per-user 
level?]

Just wondered if anyone could point me in the right direction so that I 
can build a positive image of Debian within the organisation I work for.  
The company's nothing exciting - we make cookers :-)

The IT guy there would like to be able to see who's using our intra-site 
bandwidth up, and on what task.  Traffic breakdown by time, user (hence 
IP, I suppose) and port would be my best guess.

All traffic goes through an MS proxy server at this site (and 
traffic going that way is all we're concerned about at this juncture) 
and then through a Cisco router on the way to the remote site.

He'd like a solution that involves installing a piece of software on his 
local PC and nothing else, but I'm not so easily satisfied.  I want to 
(and I think I can convince him to let me) install a low-end box between 
either the network and the proxy, the proxy and the router, or the 
router and the remote site.  I'd like to get a Debian box in there, and 
I'd appreciate some help with what I should be looking to put it on 
there.

I've been looking at MRTG, but can't see (remembering that I'm not in a 
position to try stuff out at work to see if it works :-|) a way to break 
the reports down by source/destination IP address.  Am I missing 
something?

If not, and MRTG just isn't the tool for this job, then what is?

I'm not averse to a bit of perl/whatever hacking, but would like to use 
an existing tool if it's out there!

Any ideas?  On-list, please.

Thanks!
  jc