Hello Alfredo, Let me explain my setup and then you can suggest the best way out.
I have a debian 9 with accolade NIC cards without an IP address. These cards are a tap to the GTP traffic. So they get to see all the GTP-C traffic. What I want to achieve: 1. Be able to read the entire GTP-C flow. 2. Dump this entire flow to a local disk. I need to read the entire content of the packet. Including IP Address, MSISDN number, LAC etc. 3. Use Filebeat to export this to Logstash and dump it to an elasticsearch database. Now, what I read was I still would require ntopng to read the GTP parse data from nProbe and then log them to a disk and export it to logstash and elasticsearch. -=Srijan Nandi On Tue, 10 Sep 2019 at 22:56, Alfredo Cardigliano <[email protected]> wrote: > Hi > you should not use the accolade adapter for exporting flow data to ntopng, > that’s for > capturing raw packets only, you should use the management interface (or > other standard interfaces) for that. > > Alfredo > > > On 10 Sep 2019, at 19:22, Srijan Nandi <[email protected]> wrote: > > > > Hello Everyone, > > > > I require some assistance with the following. > > > > I have already configured nProbe to list to accolade NIC card. Now I > need help in configuring ntopng so that it reads from nprobe. > > > > The problem, my accolade cards do not have an IP address as this entire > setup is in Layer 2 mode. So I am not able to figure out how to use zmq in > the nprobe config file and utilise the same in the ntopng config file. > > > > -- > > -=Srijan Nandi > > _______________________________________________ > > Ntop mailing list > > [email protected] > > http://listgateway.unipi.it/mailman/listinfo/ntop > > _______________________________________________ > Ntop mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop -- -=Srijan Nandi
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
