Thanks Gary,
I have a traffic generator application. It simulates many thousands of
clients and servers -- lots and lots of unique flows, somewhat distinguised by
dest-port (app) but mosty distinguished by source port. I what to know what it
did for the last run of (1 ~ 60*24) minutes.
During my traffic generator testrun, I do see "Active Sessions" at the
bottom of a Hosts::<click-an-ip> report.
I need bytes sent/received per interface per flow. I would also
appreciate tcp retransmission counts, flow counts, interface error counts. I am
willing to go with the roll-my-own rdd-querries with few helpful hints from the
community if that is what it takes.
Please let me know if you see a path to victory here and if ntop-dev
team would be willing to make it so.
--
Live strong,
Ricky Charlet
On Sep 9, 2011, at 11:28 AM, Gary Gatten wrote:
> Hello,
>
> I don't THINK the report you seek exists. First, ignore "Summary -> Network
> Flows". It has nothing to do with anything - see the FAQ.
>
> Next, check to see if whatever version of ntop you're using is actually
> tracking flows; aka tcp/udp sessions. Select a busy host and scroll to the
> bottom of the report. If you don't see a bunch of active sessions, you're
> screwed. If they ARE there AND you have rrd configured, you MAY be able to
> get what you want with rrd queries, but I doubt it....
>
> If you can tell me what problem you're trying to solve I can maybe recommend
> an alternative view / report. That said, ntop is TYPICALLY best at
> "real-time" reporting and not so good at reporting on historical stuff,
> especially detailed history such as flow/conversation info.
>
> HOWEVER :) There are subsets of ntop that are exposed via Python, snmp,
> http, etc. - it's possible to create the reports you want - but I really
> don't think it's possible with shipping code.
>
> G
>
>
> -----Original Message-----
> From: ntop-boun...@listgateway.unipi.it
> [mailto:ntop-boun...@listgateway.unipi.it] On Behalf Of Ricky Charlet
> Sent: Friday, September 09, 2011 12:44 PM
> To: ntop@listgateway.unipi.it
> Subject: [Ntop] using ntop to see flows report
>
> Howdy,
>
> I'm new to ntop (for about 20 hours so far). But I know my way around
> compiling/unixOS/networking very well.
>
> I can't quite figure out how to find a report in ntop which shows a
> historic list of flows. I do have several nifty reports like
> Summary::Traffic, Summary::Hosts, Summary::NetworkLoad, AllProtocols::Traffic
> and more. But some of the reports are either missing or empty. In particular,
> I very much want to see a flows report (that is sort of the reason why I
> started experimenting with an ipfix probe/collector).
>
> So, it turns out that bothSummary:NetworkFlows and
> Utils::Datadump::NetworkFlows are empty. Just judging by the name, I think
> those are the reports I'm interested in.
>
> Note that I have already found my way into Pluggins::RDD::Configure and
> enabled DataToDump=(flows, subnets, hosts, interfaces).
>
> I'm not sure if I'm chasing the 'right' reports and if so, if I have
> correct or incorrect config. Please help. For reasons beyond my control, I
> need a project answer here within a few hours :-(
>
> I can post any config, log upon request.
>
>
> --
> Live strong,
> Ricky Charlet
>
>
>
>
>
>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
>
>
>
>
>
> <font size="1">
> <div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in
> 0in 1.0pt 0in'>
> </div>
> "This email is intended to be reviewed by only the intended recipient
> and may contain information that is privileged and/or confidential.
> If you are not the intended recipient, you are hereby notified that
> any review, use, dissemination, disclosure or copying of this email
> and its attachments, if any, is strictly prohibited. If you have
> received this email in error, please immediately notify the sender by
> return email and delete this email from your system."
> </font>
>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop
