I installed NTOPNG from the Ubuntu repositories. It' version 1.1. I have my local network defined and can see my flows. I wanted to see historical data. I installed SQLite and started NTOPNG with the -F option. Do I have to configure my SQLite database to receive NTOPNG data? Or configure NTOPNG to use a specific database?
My server has two network interfaces. I access my server using it's wlan0 port and have a SPAN port on my switch configured to mirror data to eth0 on my server. Since it is connected to a SPAN port, I don't have an IP address defined. How do I go about viewing historical data? I read the userguide but couldn't quite figure out how to define my historical interface or view my data. Also - would I need to run a second instance of ntopng if I want to pull current flows while viewing historic flows? Here is the scenario: I noticed a large spike in traffic a few days ago. I was in ntopng at the time. I looked at top talkers and saw it was a PC sending 3.5 gigs of data over to Google. If I were not in ntopng at the time, I would not have noticed the flow. So I'd like to be able to look at a previous day's flows and find my top talkers of the day.
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
