Hello, I don't THINK the report you seek exists. First, ignore "Summary -> Network Flows". It has nothing to do with anything - see the FAQ.
Next, check to see if whatever version of ntop you're using is actually tracking flows; aka tcp/udp sessions. Select a busy host and scroll to the bottom of the report. If you don't see a bunch of active sessions, you're screwed. If they ARE there AND you have rrd configured, you MAY be able to get what you want with rrd queries, but I doubt it.... If you can tell me what problem you're trying to solve I can maybe recommend an alternative view / report. That said, ntop is TYPICALLY best at "real-time" reporting and not so good at reporting on historical stuff, especially detailed history such as flow/conversation info. HOWEVER :) There are subsets of ntop that are exposed via Python, snmp, http, etc. - it's possible to create the reports you want - but I really don't think it's possible with shipping code. G -----Original Message----- From: ntop-boun...@listgateway.unipi.it [mailto:ntop-boun...@listgateway.unipi.it] On Behalf Of Ricky Charlet Sent: Friday, September 09, 2011 12:44 PM To: ntop@listgateway.unipi.it Subject: [Ntop] using ntop to see flows report Howdy, I'm new to ntop (for about 20 hours so far). But I know my way around compiling/unixOS/networking very well. I can't quite figure out how to find a report in ntop which shows a historic list of flows. I do have several nifty reports like Summary::Traffic, Summary::Hosts, Summary::NetworkLoad, AllProtocols::Traffic and more. But some of the reports are either missing or empty. In particular, I very much want to see a flows report (that is sort of the reason why I started experimenting with an ipfix probe/collector). So, it turns out that bothSummary:NetworkFlows and Utils::Datadump::NetworkFlows are empty. Just judging by the name, I think those are the reports I'm interested in. Note that I have already found my way into Pluggins::RDD::Configure and enabled DataToDump=(flows, subnets, hosts, interfaces). I'm not sure if I'm chasing the 'right' reports and if so, if I have correct or incorrect config. Please help. For reasons beyond my control, I need a project answer here within a few hours :-( I can post any config, log upon request. -- Live strong, Ricky Charlet _______________________________________________ Ntop mailing list Ntop@listgateway.unipi.it http://listgateway.unipi.it/mailman/listinfo/ntop <font size="1"> <div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in'> </div> "This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system." </font> _______________________________________________ Ntop mailing list Ntop@listgateway.unipi.it http://listgateway.unipi.it/mailman/listinfo/ntop
