Hi Ali On Sat, Feb 25, 2012 at 6:14 PM, Maverick <myeaddress@gmail.com> wrote:
Thanks Mukom for the wonderful guide, this is really helpful. I have few questions about ntop though.
How can I get access to the log files generated by ntop and do my own parsing rather than looking for webbased results that are generated.
It's been a while i looked under the hood of ntop. Remember that ntop itself usually needs to be 'fed' traffic to analyse. I have never done it myself but if I needed the raw data, I'd mirror a port and capture it with tcpdump into a pcap file (watch disk space!!) the use whatever analysis tool suits my needs to look at it.
Are there any programs available that do parsing of ntops log files. When I run ntop on pcap I don't get the throughput graphs as rrd doesn't work on pcap is there any work around for that.
Not to my knowledge no. I think there's a switch (-f) for reading data from a pcap file as opposed to a live feed. I have never played with that as well. There are other (possible more feature laden) commercial flow collectors and analysers out there). I also started following trisul earlier on in the project, you might want to check it out.
Thanks, Ali
On Sat, Feb 25, 2012 at 2:27 AM, Mukom Akong T. <mukom.tamon@gmail.com> wrote:
On Fri, Feb 24, 2012 at 12:20 AM, Matlock, Kenneth L <MatlockK@exempla.org> wrote:
Netflow + netflow collector.
+1 This guide should give you a good start.
http://techowto.files.wordpress.com/2008/09/ntop-guide.pdf
Regards
-- Mukom Akong Tamon ______________
"If we can't BREATH, we'll die. Yet, we don't LIVE in order to breath. Ditto we SHOULDN'T WORK just to MAKE MONEY. Doing so puts us on a one way street to IRRELEVANCE."
[In Search of Excellence & Perfection] - http://perfexcellence.org [Moments of TechXcellence] - http://techexcellence.net [ICT Business Integration] - http://ibiztech.wordpress.com [About Me] - http://about.me/perfexcellence
-- Mukom Akong [Tamon] ______________ “We don't LIVE in order to BREATH. Similarly WORKING in order to make MONEY puts us on a one way street to irrelevance.“ [In Search of Excellence & Perfection] - http://perfexcellence.org [Moments of TechXcellence] - http://techexcellence.net [ICT Business Integration] - http://ibiztech.wordpress.com [About Me] - http://about.me/perfexcellence