Hi,
On Tue, Aug 2, 2016 at 4:21 PM, <[email protected]> wrote: > Hi Simone, > > Thanks for the help, it appears using nprobe on the rpi has given us > correct results. > ok, nice > > We did notice that if using a symbol ($) in the password for > --zmq-encrypt-pwd it would cause it to crash and report that it wasn't able > to decrypt correctly. Is using a symbol in the password not allowed? > Who is crashing? the nprobe? Btw, did you try to escape the $? the dollar sign is a special char that may require being escaped in a console command > > With the demo mode of nprobe is the only limitation apart from no plugins > that it has a 25000 flow export limit? If so is this limit for every time > we run nprobe or is it accumulative across multiple runs of nprobe? > the limit is not cumulative across multiple restarts > > Is there any issue running nprobe in demo mode to achieve what we need? > the limitation is that is stops after 25000 exported flows > > > Thanks, > > CTSG > > > Quoting Simone Mainardi <[email protected]>: > > Hi, see below >> >> On Sat, Jul 30, 2016 at 3:46 PM, <[email protected]> wrote: >> >> Hi Simone, >>> >>> We've tried running the raspberry pi "offsite" (on a different network >>> range) to see if the results retrieved to the windows laptop would be >>> more >>> accurate but they weren't. Please see the screenshots below: >>> >>> Raspberry Pi Terminal and Web interface (monitoring bridged network >>> traffic): >>> https://www.dropbox.com/s/dd8f20q04y8krfv/raspberry_pi.jpg?dl=0 >>> >>> Windows Laptop retrieving data from raspberry pi outside/offsite of >>> network: >>> https://www.dropbox.com/s/zcjubx65m43bqxz/windows_laptop.jpg?dl=0 >>> >> >> >> Can you try and use the nProbe on the rpi in this second case? you don't >> have to buy the license, you can try it in demo mode. Please compare the >> results and explain if you see differences. Also, remember -- i quote -- >> >> Note that you should expect some delay on the windows ntopng as flows are >> exported once expired. This is natural and part of the design. >> >> >> >> >> >>> >>> Note that we have tried with and without the -m command for the windows >>> laptop, we get the same output. Notice how it's not showing the 16.78 >>> Mbit >>> download traffic. Also not showing server/client breakdown just client. >>> Plus other data not shown either. >>> >>> What do we need to do to get the same information as the raspberry pi on >>> the windows laptop that's offsite. >>> >>> We also found that on the windows laptop when using --zmq-encrypt-pwd at >>> the same time as the raspberry pi to encrypt the traffic it would cause >>> the >>> ntopng process to crash on the windows laptop, is there a way to fix >>> this? >>> >>> >> zmq encryption is only supported by ntopng when receiving flows from the >> nprobe, not when exporting them. >> >> >> >>> Thanks for the help. >>> >>> >>> CTSG >>> >>> >>> >>> Quoting Simone Mainardi <[email protected]>: >>> >>> Hi, see below >>> >>>> >>>> On Wed, Jul 27, 2016 at 4:04 PM, <[email protected]> wrote: >>>> >>>> Hi Simone, >>>> >>>>> >>>>> We've been able to get ntopng to work by bridging the two ethernet >>>>> interfaces using the raspbian operating system instead of through >>>>> ntopng. >>>>> >>>>> We're able to get the correct data by running the following command >>>>> line: >>>>> >>>>> ntopng -i br0 -m "192.168.99.0/24" >>>>> >>>>> We're now trying to get ntopng on the raspberry pi to send the data to >>>>> an >>>>> offsite pc running ntopng as well (currently we're testing this locally >>>>> between a raspberry pi and a windows laptop). >>>>> >>>>> It appears we're able to get them to talk to each other but the data >>>>> shown >>>>> on the windows laptop (receiver) is not showing all data while the >>>>> raspberry pi appears to be showing all data. It also takes a while to >>>>> update. >>>>> >>>>> The command we're running on the raspberry pi is: >>>>> >>>>> ntopng -i br0 -m "192.168.99.0/24" -I tcp://*3456 --zmq-encrypt-pwd >>>>> TestPass >>>>> >>>>> On the windows laptop the command we're running is: >>>>> >>>>> ntopng /c -i tcp://<local address of raspberry pi>:3456 >>>>> --zmq-encrypt-pwd >>>>> TestPass >>>>> >>>>> Are these the correct commands to run so that the windows laptop >>>>> receives >>>>> the data from the raspberry pi so that we can setup the raspberry pi >>>>> onsite >>>>> and view the data via our windows laptop (keep in mind we would adjust >>>>> the >>>>> address of the raspberry pi to the wan address of the site it's at when >>>>> onsite)? >>>>> >>>>> >>>>> Commands look correct. Also see this tutorial post: >>>> >>>> >>>> http://www.ntop.org/ntopng/creating-a-hierarchical-cluster-of-ntopng-instances/ >>>> >>>> Note that you should expect some delay on the windows ntopng as flows >>>> are >>>> exported once expired. This is natural and part of the design. >>>> >>>> >>>> >>>> >>>> If not can you provide the correct full command line to achieve this for >>>>> both the windows laptop and raspberry pi? >>>>> >>>>> We also noticed that while running it like this the windows laptop >>>>> console >>>>> reports "Collecting flows on tcp://<local address of raspberry pi>:3456 >>>>> [ntopng->nprobe]" Does this mean it's expecting an nprobe on the >>>>> raspberry >>>>> pi or is this information incorrect? >>>>> >>>>> >>>>> this is normal you don't have to worry >>>> >>>> >>>> >>>> It is possible to pull data from an offsite ntopng to a local ntopng, no >>>>> nprobes needed? >>>>> >>>>> >>>>> yes you already did that >>>> >>>> >>>> >>>> Is it possible to adjust how often the offsite ntopng updates it's >>>>> information to our ntopng install? >>>>> >>>>> >>>>> You don't have to tune this. Delays experienced are due to the fact >>>> that >>>> flows are exported once expired. >>>> >>>> >>>> >>>> >>>>> Thanks for the assistance. >>>>> >>>>> >>>>> CTSG >>>>> >>>>> >>>>> >>>>> Quoting Simone Mainardi <[email protected]>: >>>>> >>>>> Hi, >>>>> >>>>> >>>>>> On Mon, Jul 25, 2016 at 2:55 PM, <[email protected]> wrote: >>>>>> >>>>>> >>>>>> Hi Simone, >>>>>> >>>>>>> >>>>>>> -Would the PI3 would be OK for a full 24mbps ADSL2+ connection if >>>>>>> placed >>>>>>> between the modem and the first switch in series at full speed? >>>>>>> >>>>>>> >>>>>>> I would say yes although I recommend you to do some testing. >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -I understand the PI3 would work using mirror port on the switch, but >>>>>> >>>>>>> for >>>>>>> customers without a managed switch what steps, if any are required to >>>>>>> make >>>>>>> the PI3 work in series like the EdgeRouter. I would add 2x ethernet >>>>>>> adapters. 1 for modem, 1 for switch and 1 for management if required >>>>>>> and >>>>>>> any config steps? >>>>>>> >>>>>>> >>>>>>> in that case, I would set the rpi with a bridge interface >>>>>>> >>>>>> -i<modem>,<switch> so that you can intercept all internet traffic and >>>>>> use >>>>>> the management interface to control the rpi >>>>>> >>>>>> >>>>>> >>>>>> -I plan on using only ntopng at all sites using PI3s with a licensed >>>>>> >>>>>>> version at our office with individual adapters configured for each >>>>>>> off-site >>>>>>> ntopng. >>>>>>> >>>>>>> -Im hoping the PI3 in series will not slow down connections up above >>>>>>> 100mbps? In which case it would be future proof for our up coming >>>>>>> national >>>>>>> internet connections upgrades and could be used in series between the >>>>>>> modem >>>>>>> and the switch. I guess the only way to achieve this, if a slow down >>>>>>> is >>>>>>> present is using a managed switch and mirror port. >>>>>>> >>>>>>> -If a slow down is present as above, and the PI3 is used via a mirror >>>>>>> port >>>>>>> and not in series, does it provide a full ntopng experience or are >>>>>>> the >>>>>>> flow >>>>>>> etc limited? >>>>>>> >>>>>>> >>>>>>> if ntopng is used in passive mode, that is, it receives traffic from >>>>>>> a >>>>>>> >>>>>> mirror port, then it won't affect network performance at all. >>>>>> >>>>>> >>>>>> >>>>>> -I notice the command for the PI3 starts nprobe also. I will be trying >>>>>> >>>>>>> to >>>>>>> use ntopng on the PI3 without nprobe if possible. Is the paid nprobe >>>>>>> required for the ability to use the PI3 in series between the modem >>>>>>> and >>>>>>> the >>>>>>> switch? >>>>>>> >>>>>>> >>>>>>> no it is not required, you can just use ntopng. >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> Thank you! >>>>>> >>>>>>> >>>>>>> >>>>>>> CTSG >>>>>>> >>>>>>> >>>>>>> >>>>>>> Quoting Simone Mainardi <[email protected]>: >>>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> >>>>>>> >>>>>>>> On Sat, Jul 23, 2016 at 4:10 PM, <[email protected]> wrote: >>>>>>>> >>>>>>>> Thank you very much Simone, >>>>>>>> >>>>>>>> >>>>>>>> Currently we are not using nProbe and did not see any SMB traffic. I >>>>>>>>> will >>>>>>>>> test this again on Monday but we have the ntopng installed on a 20+ >>>>>>>>> PC >>>>>>>>> network and did not see any SMB traffic. >>>>>>>>> >>>>>>>>> OK Thank you 1 license move is allow. We better confirm the >>>>>>>>> hardware >>>>>>>>> we >>>>>>>>> would like to use as the server before purchasing. >>>>>>>>> >>>>>>>>> Our Goal is: >>>>>>>>> >>>>>>>>> We run a small business IT support company. I would like to put >>>>>>>>> remote >>>>>>>>> probes at approx 5 to 10 customer locations to monitor their >>>>>>>>> network >>>>>>>>> as >>>>>>>>> they are often limited to 6 to 10mbps internet connections. We are >>>>>>>>> looking >>>>>>>>> to monitor high bandwidth users. >>>>>>>>> >>>>>>>>> -If ntopng is used at remote locations does it support encryption >>>>>>>>> of >>>>>>>>> the >>>>>>>>> data like nprobe? >>>>>>>>> >>>>>>>>> >>>>>>>>> yes, see option >>>>>>>>> >>>>>>>>> --zmq-encrypt-pwd <pwd> | Encrypt the ZMQ data using >>>>>>>> the >>>>>>>> specified password >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -Would you recommend a pi3, UBNT EdgeRouter or a PC to be used for >>>>>>>> the >>>>>>>> >>>>>>>> remote probes to provide a good full speed service? >>>>>>>>> >>>>>>>>> >>>>>>>>> for 6-10Mbps all the options are good. >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -I am assuming the EdgeRouter does not need a switch with a mirror >>>>>>>> port >>>>>>>> >>>>>>>> and would act in series between the modem and the first switch? >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> correct, this is a common way to place the edge router. In this way >>>>>>>> you >>>>>>>> will be able to catch all the traffic from (and to) the internet. >>>>>>>> Other >>>>>>>> additional setups are possible using the same edge router. >>>>>>>> >>>>>>>> Note that only nprobe is presently available for the edgerouters. >>>>>>>> >>>>>>>> >>>>>>>> Does the Pi3 with extra Ethernet adapters act the same or do they >>>>>>>> require >>>>>>>> >>>>>>>> a mirror port attached? >>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> You should be able to use the rpi3 as if it was an edgerouter >>>>>>>>> provided >>>>>>>>> >>>>>>>>> you >>>>>>>> add an extra ethernet adapter. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -When using a pi3 or UBNT EdgeRouter do they slow the network down? >>>>>>>> >>>>>>>> >>>>>>>>> >>>>>>>>> Typically no. Clearly this depends on the traffic. For 6-10Mbps no >>>>>>>>> slow >>>>>>>>> >>>>>>>>> down will be perceived. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -If ntopng does support encryption and we are not needing flow data, >>>>>>>> do >>>>>>>> >>>>>>>> we >>>>>>>>> use the community version on all of the remote sites and collect >>>>>>>>> this >>>>>>>>> data >>>>>>>>> with a licensed version at our office? Or when using ntopng at >>>>>>>>> remote >>>>>>>>> sites >>>>>>>>> instead of the nprobe is a license required? >>>>>>>>> >>>>>>>>> >>>>>>>>> you may want to use a licensed version of ntopng at your office to >>>>>>>>> have >>>>>>>>> >>>>>>>>> extra features such as reporting and a realtime dashboard. However >>>>>>>> this >>>>>>>> is >>>>>>>> not strictly necessary and you can implement your solution using >>>>>>>> just >>>>>>>> community versions. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> I like the software and the output so i am just trying to sort out >>>>>>>> which >>>>>>>> >>>>>>>> versions are best used and the hardware required. >>>>>>>>> >>>>>>>>> Once i have the remote sites planned and hardware selected what >>>>>>>>> email >>>>>>>>> should i use to discuss license orders? >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> you can use the contact form on the ntopng website. Your email >>>>>>>> will be >>>>>>>> routed properly. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> Thank you >>>>>>>> >>>>>>>>> >>>>>>>>> CTSG >>>>>>>>> >>>>>>>>> >>>>>>>>> Quoting Simone Mainardi <[email protected]>: >>>>>>>>> >>>>>>>>> Hi, see below inserted reply >>>>>>>>> >>>>>>>>> >>>>>>>>> On Fri, Jul 22, 2016 at 5:30 AM, <[email protected]> wrote: >>>>>>>>> >>>>>>>>>> >>>>>>>>>> Hi Simone, >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Thank you again for your time. >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> We have defined the local network and also the correct adapter on >>>>>>>>>>> the >>>>>>>>>>> service. We now have usable current data. Though we do notice >>>>>>>>>>> ntop >>>>>>>>>>> does >>>>>>>>>>> not >>>>>>>>>>> seem to be capturing any local SMB traffic. So if we copy a large >>>>>>>>>>> file >>>>>>>>>>> from >>>>>>>>>>> 1 PC to another on the same subnet it doesn't seem to show >>>>>>>>>>> anywhere >>>>>>>>>>> in >>>>>>>>>>> ntop. I see an old reference to IP Mon section with local to >>>>>>>>>>> local >>>>>>>>>>> traffics >>>>>>>>>>> in help guides but i cannot find any such data when making the >>>>>>>>>>> file >>>>>>>>>>> copy. >>>>>>>>>>> Also no flows or devices represent the amount of data or speed we >>>>>>>>>>> are >>>>>>>>>>> transferring. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> If you are using ntopng in combination with nProbe, then this is >>>>>>>>>>> >>>>>>>>>>> normal. >>>>>>>>>>> >>>>>>>>>> File transfert are typically long-flows and nProbe will wait flow >>>>>>>>>> completion before reporting that data to ntopng. You can tune >>>>>>>>>> nProbe >>>>>>>>>> export >>>>>>>>>> frequency using : >>>>>>>>>> >>>>>>>>>> [--lifetime-timeout|-t] <timeout> | It specifies the maximum >>>>>>>>>> (seconds) >>>>>>>>>> flow >>>>>>>>>> | lifetime [default=120] >>>>>>>>>> [--idle-timeout|-d] <timeout> | It specifies the maximum >>>>>>>>>> (seconds) >>>>>>>>>> flow >>>>>>>>>> | idle lifetime [default=30] >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Small Business License: From looking it appears this is tied to >>>>>>>>>> the >>>>>>>>>> >>>>>>>>>> hardware? If we change the PC running ntop do we need to purchase >>>>>>>>>> >>>>>>>>>>> another >>>>>>>>>>> license? or just request a new key? >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> license is tied to the hardware. We may allow up to une hardware >>>>>>>>>>> switch >>>>>>>>>>> >>>>>>>>>>> per >>>>>>>>>>> >>>>>>>>>> license but this has to be decided on a case-by-case basis. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> We want to use ntop on cheap a laptop for now until looking at >>>>>>>>>> embedded >>>>>>>>>> >>>>>>>>>> style devices. >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> that's fine. Did you know you can also run ntopng on embedded >>>>>>>>>>> devices >>>>>>>>>>> >>>>>>>>>>> such >>>>>>>>>>> >>>>>>>>>> as ARM (raspberry pi), MIPSEL, etc.? >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Thank you >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>> CTSG >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Quoting Simone Mainardi <[email protected]>: >>>>>>>>>>> >>>>>>>>>>> Hi, see below >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On Thu, Jul 21, 2016 at 1:42 AM, <[email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>>> Hi Simone, >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Thank you for your time. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>>> Thank you. We would like the best possible data from the >>>>>>>>>>>>> capture >>>>>>>>>>>>> so >>>>>>>>>>>>> we >>>>>>>>>>>>> should at least check the outcome using nProbe. >>>>>>>>>>>>> >>>>>>>>>>>>> We are using version 2.4.270616 >>>>>>>>>>>>> >>>>>>>>>>>>> I had a look through the interface to see if any configuration >>>>>>>>>>>>> needed >>>>>>>>>>>>> to >>>>>>>>>>>>> be pointed to local network. Can you advise what config you >>>>>>>>>>>>> were >>>>>>>>>>>>> referring >>>>>>>>>>>>> to please? >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> see option -m >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> If we would like to try nProbe using a Windows PC could you >>>>>>>>>>>> please >>>>>>>>>>>> >>>>>>>>>>>> provide >>>>>>>>>>>> >>>>>>>>>>>> the install commands to get both services talking on the same >>>>>>>>>>>>> required >>>>>>>>>>>>> port >>>>>>>>>>>>> etc. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> here is a good example >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> http://www.ntop.org/ntopng/creating-a-hierarchical-cluster-of-ntopng-instances/ >>>>>>>>>>>> there are just few small differences in the way you execute the >>>>>>>>>>>> command >>>>>>>>>>>> on >>>>>>>>>>>> windows. This is documented in the manual. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Will only mainly be used off mirror ports on a single subnet >>>>>>>>>>>> with >>>>>>>>>>>> both >>>>>>>>>>>> >>>>>>>>>>>> probe and ntopng on the same host. Rarely will we be looking at >>>>>>>>>>>> >>>>>>>>>>>> anything >>>>>>>>>>>> >>>>>>>>>>>>> more than a single switch and network when using ntopng. >>>>>>>>>>>>> >>>>>>>>>>>>> Thank you again >>>>>>>>>>>>> >>>>>>>>>>>>> CTSG >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Quoting Simone Mainardi <[email protected]>: >>>>>>>>>>>>> >>>>>>>>>>>>> Hi, please see below >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> On Wed, Jul 20, 2016 at 7:05 AM, <[email protected]> >>>>>>>>>>>>> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Hi All, >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> We would like to use ntopng installed on a windows laptop >>>>>>>>>>>>>> connected >>>>>>>>>>>>>> >>>>>>>>>>>>>> to >>>>>>>>>>>>>> >>>>>>>>>>>>>>> a >>>>>>>>>>>>>>> mirror port on a network switch to monitor and report on >>>>>>>>>>>>>>> network >>>>>>>>>>>>>>> traffic >>>>>>>>>>>>>>> to >>>>>>>>>>>>>>> determine issues across the network. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Using ntopng connected to a switch port with mirror >>>>>>>>>>>>>>> configured; >>>>>>>>>>>>>>> is >>>>>>>>>>>>>>> nProbe >>>>>>>>>>>>>>> required? >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> it is not strictly necessary in your case. Provided that you >>>>>>>>>>>>>>> don't >>>>>>>>>>>>>>> need >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> deep packet dissection features (e.g., to dissect DNSm BGP, >>>>>>>>>>>>>>> VoIP, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> etc), >>>>>>>>>>>>>>> >>>>>>>>>>>>>> then ntopng may suffice. >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> We appear to still get some flows shown in ntopng with nprobe >>>>>>>>>>>>>> removed >>>>>>>>>>>>>> but >>>>>>>>>>>>>> >>>>>>>>>>>>>> i'm not positive the flow data is complete. Also I notice the >>>>>>>>>>>>>> >>>>>>>>>>>>>> interface >>>>>>>>>>>>>> >>>>>>>>>>>>>> total bandwidth graph at the bottom of the pages is not >>>>>>>>>>>>>>> displaying >>>>>>>>>>>>>>> any >>>>>>>>>>>>>>> data. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> - update ntopng to version >= 2.4 >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> - make sure to define local networks in the configuration >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> Could someone please let us know the basic setup for a >Smart >>>>>>>>>>>>>> >>>>>>>>>>>>>> Switch>?nprobe?>ntopng>Windows laptop. >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>>> if you are mirroring a switch port, then nprobe is not >>>>>>>>>>>>>>> strictly >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> necessary >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> provided that you don't need information extracted by nprobe >>>>>>>>>>>>>>> >>>>>>>>>>>>>> plugins >>>>>>>>>>>>>> http://www.ntop.org/products/netflow/nprobe/ >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> Is nProbe only required when trying to source data from a >>>>>>>>>>>>>> netflow >>>>>>>>>>>>>> or >>>>>>>>>>>>>> >>>>>>>>>>>>>> sflow >>>>>>>>>>>>>> >>>>>>>>>>>>>> compatible router device? >>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> this is just one case. nprobe is required also for deep >>>>>>>>>>>>>>> traffic >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> dissection >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> features. It is also useful to decouple monitoring from >>>>>>>>>>>>>>> >>>>>>>>>>>>>> visualization. >>>>>>>>>>>>>> For >>>>>>>>>>>>>> example, you can deploy multiple nprobes on the vantage points >>>>>>>>>>>>>> of >>>>>>>>>>>>>> your >>>>>>>>>>>>>> network and collect their results on a remote ntopng. >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> Knowing the above intended use what would be the best install >>>>>>>>>>>>>> command >>>>>>>>>>>>>> >>>>>>>>>>>>>> for >>>>>>>>>>>>>> >>>>>>>>>>>>>> either service please? >>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thank you >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> CTSG >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>>>> Ntop mailing list >>>>>>>>>>>>>>> [email protected] >>>>>>>>>>>>>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Ntop mailing list >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> [email protected] >>>>>>>>>>>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>> >>>>>>>>>>>>> Ntop mailing list >>>>>>>>>>>> >>>>>>>>>>> [email protected] >>>>>>>>>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> >>>>>>>>>> Ntop mailing list >>>>>>>>> [email protected] >>>>>>>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> >>>>>>>> Ntop mailing list >>>>>>> [email protected] >>>>>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>> _______________________________________________ >>>>> Ntop mailing list >>>>> [email protected] >>>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>>> >>>>> >>>>> >>> >>> _______________________________________________ >>> Ntop mailing list >>> [email protected] >>> http://listgateway.unipi.it/mailman/listinfo/ntop >>> >>> > > > _______________________________________________ > Ntop mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop >
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
