Hi Luca,
Thanks for reaching out about our issue. Yes, Security Onion is built
directly on 64 bit Ubuntu 14.04. Doug Burks is the lead developer of
Security Onion and I appreciate his work greatly, as I do yours. I've
copied in Doug on this discussion. I appreciate your interest in a more
Enrico
can you please send (privately) a pcap with sflow packets (full packet size) so
I ca what what’s going on? We do support Arista in nProbe and it should work.
Regards Luca
> On 13 Jun 2016, at 13:03, Enrico Kern wrote:
>
> Hi,
>
> i have some weird issue
i tried that aswell, has no effect. And when i use tcpdump i can also
verify that the zmq connections are ok
On Fri, Jun 17, 2016 at 12:25 PM, Simone Mainardi wrote:
> Hi,
>
> According to the information shown, it may be that ntopng is not able to
> fetch monitored flows
Hi,
According to the information shown, it may be that ntopng is not able to
fetch monitored flows from the nProbe. I would try to bind the nProbe to
any address (--zmq tcp://*:5557) and see if ntopng can see the traffic.
Simone
On Mon, Jun 13, 2016 at 1:03 PM, Enrico Kern
Hello Massimiliano,
There is no 'default' positioning scheme. It depends on the network
topology and device features. However, you should try and place ntopng in a
strategic location where it can sees most traffic. Here are some options:
- If you have a way to 'collect' switches traffic to a
Hi Josiah
this seems to be unrelated to the previous issue actually,
pf_ring is unable to activate more than one socket on the same interface when
in ZC mode,
thus it prints the messages at the moment you start your application, don’t
know exactly what
tests you are doing..
Alfredo
> On 17 Jun