Hello
10 users connecting wirelessly to a mikrotik rb411ar access point
how can i use ntop to monitor users internet bandwidth usage in a
(relatively) easy way ie not have to add and subtract info; like the
usage repports your ISP makes availabe?
Id like to then be able to make this info view-ab
Howdy,
I'm new to ntop (for about 20 hours so far). But I know my way around
compiling/unixOS/networking very well.
I can't quite figure out how to find a report in ntop which shows a
historic list of flows. I do have several nifty reports like Summary::Traffic,
Summary::Hosts
Hello,
I don't THINK the report you seek exists. First, ignore "Summary -> Network
Flows". It has nothing to do with anything - see the FAQ.
Next, check to see if whatever version of ntop you're using is actually
tracking flows; aka tcp/udp sessions. Select a busy host and scroll to the
bot
Thanks Gary,
I have a traffic generator application. It simulates many thousands of
clients and servers -- lots and lots of unique flows, somewhat distinguised by
dest-port (app) but mosty distinguished by source port. I what to know what it
did for the last run of (1 ~ 60*24) minutes.
I can't comment on the dev part - I'm just a lowly user!
Ntop CAN hold some stats for 24+ hours, but requires some tweaks via startup
args and/or globals-defines.h (which requires a recompile). Ie:, sticky hosts,
idle session purge time, idle host purge time, etc.
FWIW I think Wireshark will d
Thanks again Gary,
I appreciate the suggestion that ntop can hold stats for longer based
on recompiles across edits of something or other in globals-defines.h. I will
start seeking. Any more specific advice would be appreciated.
However, in the meantime... not sure why I did no
Ok Couple options.
1.) Check out sticky hosts. If you enable that the "global" tcp/udp stats MAY
stay around "forever" as well, not 100% sure on that. No recompile needed here.
- Each host report also has a similar table (TCP/UDP Service/Port
Usage), perhaps that would be useful
PS: Careful with sticky hosts - stuff NEVER goes away which means you need LOTS
of RAM and/or restart ntop often. But, in your scenario it may work perfect,
especially if you don't have many hosts and/or they are fairly stable IP's and
such. Some people enable sticky and monitor internet traff
Gary,
Your suggestions are extremely helpful. I bumped into a project
deadline here; I'm gonna still try and implement with your suggestion and see
what happens. But I may not get to results and replying until after next week.
--
Live strong,
Ricky Charlet
On Sep 9, 2011, at 3:03 P
