Ohad, this is not possible as the format of the http dump is fixes. Please send me a pcap dump as example, file a bug on github, as we’ll follow up
Regards Luca > On 11 Oct 2015, at 14:58, Ohad Kleinman <[email protected]> wrote: > > Hi, > We have installed nProbe v.7.2.150922 (r4468) on ubuntu 14.04 (64 but) and we > are trying to monitor a network with IP cameras. > We are using the nProbe to send network information into elastic search along > with dump files into folder and to analyze the information, with the http > plugin we also dump logs into a folder > > Our config file contains the following parameters: > > -n=none > -i=eth1 > -s=128 > -t=60 > -d=60 > -a=0 > -e=1 > -B=10 > -w=128000 > -z=0 > -S=1:1 > -E=0:0 > -g=/var/run/nprobe-eth1.pid > --vlanid-as-iface-idx=none > -V=5 > --dump-stats=/var/log/nprobe/eth1-0_flows_stats.txt > -T=%IPV4_SRC_ADDR %IPV4_DST_ADDR %IN_SRC_MAC %OUT_DST_MAC %L4_SRC_PORT > %L4_DST_PORT %IN_BYTES %OUT_BYTES %IN_PKTS %OUT_PKTS %FIRST_SWITCHED > %LAST_SWITCHED %L7_PROTO_NAME %PROTOCOL > -D=t > -P=/var/log/nprobe > --http-dump-dir=/var/log/nprobe > --elastic=nProbe;nprobe;http://10.0.1.64:9200/_bulk > <http://10.0.1.64:9200/_bulk> > --timestamp-format 2 > --dont-nest-dump-dirs > > > I could not have find one thing, a way to dump into the http log also the > actual data and not just the existing info. > The relevant information that we can see in the pcap files is located in the > envelope section when dealing with http/xml format and in the line-base text > data. > Is this possible with the nProbe software? > > > Thanks > > Best Regards, > Ohad Kleinman > > > > _______________________________________________ > Ntop-misc mailing list > [email protected] <mailto:[email protected]> > http://listgateway.unipi.it/mailman/listinfo/ntop-misc > <http://listgateway.unipi.it/mailman/listinfo/ntop-misc>
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
