Robert, From the picture enclosed, it seems you are using ntopng to capture from a physical interface -- ens192.
As you've said your scenario is: Cisco L3 Device ——>>>>>netFlow collector (acting as a proxy/forwarder) ——>>>>> nProbe——>>>>>NTOPNG So you have to connect ntopng and nprobe together via ZMQ to see the actual content of flow records. See https://www.ntop.org/guides/ntopng/using_with_other_tools/nprobe.html <https://www.ntop.org/guides/ntopng/using_with_other_tools/nprobe.html> In particular, you have to use option --collector-port to tell nProbe on which port the netflow arrives. Regards, Simone > On 17 Jun 2020, at 22:42, Robert Racioppoli <[email protected]> > wrote: > > > Hi Simone, > > Are there special settings/commands required on NTOPNG or nProbe to allow > this to happen ? To better explain our current setup,, the communication > between the proxy Flow Collector (10.177.45.18) and nProbe is established and > can be seen in NTOPNG (see item #1 ). The issue is that the actual Flow > record information or if you prefer the Flow dataset does not appear in > NTOPNG. > > No individual router conversation flow can be seen. > > > > Grazie mille. > > Robert > > Item #1 > > <image001.png> > > > Here is a small sample of the expected flows as seen by another solution. > > <image003.jpg> > > > > > > Robert Racioppoli > > Conseiller Technique Senior en Télécommunications - Surveillance Réseau > Senior Technical Advisor - Telecommunications - Network Monitoring > 2020 Robert Bourassa > Montréal QC > H3A 2A5 > Canada > [ intact ] Corporation financière > Téléphone : (866) 440-8300 x61257 > > > [email protected] <mailto:[email protected]> > > > De : [email protected] <[email protected]> De > la part de Simone Mainardi > Envoyé : 17 juin 2020 15:57 > À : [email protected] > Cc : [email protected]; Michel Labrecque <[email protected]> > Objet : [E!] Re: [Ntop] nProbe modes > > Robert, > > Yes, nProbe can be on the receiving end of an alternative Flow Collector - > provided that the alternative Flow Collector is exporting NetFlow > v5/v9/IPFIX/sFlow or any other format which is interoperable with them. > > Regards, > Simone > > > On 17 Jun 2020, at 19:18, Robert Racioppoli <[email protected] > <mailto:[email protected]>> wrote: > > Hello, > > > Your documentation clearly describes a scenario where nProbe can act as a > flow proxy/collector. My question is can nProbe be on the receiving end of > an alternative Flow Collector acting as a proxy/forwarder ? > > > > Thank You! > > > > > > > Robert Racioppoli > > Conseiller Technique Senior en Télécommunications - Surveillance Réseau > Senior Technical Advisor - Telecommunications - Network Monitoring > 2020 Robert Bourassa > Montréal QC > H3A 2A5 > Canada > [ intact ] Corporation financière > Téléphone : (866) 440-8300 x61257 > > > [email protected] <mailto:[email protected]> > > > _______________________________________________ > Ntop mailing list > [email protected] <mailto:[email protected]> > http://listgateway.unipi.it/mailman/listinfo/ntop > <https://can01.safelinks.protection.outlook.com/?url=http%3A%2F%2Flistgateway.unipi.it%2Fmailman%2Flistinfo%2Fntop&data=02%7C01%7CRobert.Racioppoli%40intact.net%7Caf733a6ad0564e1d0ce308d812f89346%7Cb880eecaf1fb4c91bff682e84350a6e6%7C0%7C1%7C637280206132739022&sdata=Jz34n4B37hUvysXzc6Bawnxsj5rapE4bD1yktGysyhM%3D&reserved=0> > > _______________________________________________ > Ntop mailing list > [email protected] <mailto:[email protected]> > http://listgateway.unipi.it/mailman/listinfo/ntop > <http://listgateway.unipi.it/mailman/listinfo/ntop>
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
