Khalili,
Please read the comments below.
On 12/14/2016 09:47 AM, Marat Khalili wrote:
Dear All,
Good time of the day,
I have few questions after installing ntopng, too small for separate
topics:
1. Where do incorrect logins go? I want to configure fail2ban, but
cannot find authentication failures in logs.
Currently incorrect logins for ntopng are not logged to any log file.
2. I have only one data source, so on a dashboard, right column mostly
repeats middle one. Any way to hide it? Even better, same chart with
breakdown by host would be great (of course, for top hosts only).
The dashboard is not configurable right now. Your particular setup would
be a special case.
3. Cpu utilization by ntopng process on server is quite high when its
page is open in browser: 15-20% for dashboard, ~10% for about page
etc. (on a 1.6GHz Xeon). When I open several tabs things starts to lag
noticeably (Firefox CPU utilization is also pretty high BTW). Lowering
update frequency to 60 seconds does not help. Is it normal?
It is a known issue, we plan to move to websockets to reduce cpu load.
4. Throughput values shown in many places are very noisy. Our Cisco
ASA only sends flow updates to nprobe once a minute, therefore any
attempts to measure bandwidth with greater frequency is futile. I set
update frequency to 60 seconds in ntopng preferences, but charts on
dashboard etc. are still updated every second with random values. Any
way to slow them down?
Graphs are conceived to present real time data, so data gaps when
reading periodic updates are normal.
5. Torrent traffic is only detected for seeding, not for downloads,
right? I tried to test-download couple of gigs but ntopng only
reported several megabytes and few kbps as BitTorrent application
traffic for my host. (ASDM, in contrast, displayed correct bandwidth
usage.)
Torrent should actually be detected for both seeding and downloads. If
it isn't, please open a bug report on https://github.com/ntop/nDPI with
a sample .pcap file in order to receive support. Thank you.
Regards,
Emanuele
Thanks in advance,
With Best Regards,
Marat Khalili
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
