Author: admin

  • Home
  • Articles by: admin
News

Meet ntop on April 28th @ Microsoft Munich
This year we’ve accepted the invitation from Wuerth-Phoenix to be part of their Roadshows 2017 and talk about network and system monitoring. The first workshop will be in Munich, Germany on April 28th. All ntop users are invited to come and talk about our monitoring tools.   ntop am 28. April bei Microsoft in München Wie wird die IT zu einem echten Service Enabler? Wie wird sich das Monitoring im Zeitalter von Industrie 4.0 entwickeln? Welche Neuigkeiten sind herstellerübergreifend in nächster Zeit zu erwarten? Eine neue Form des Managements und Monitorings …
ntop

What Is a Microburst and How to Detect It?
It’s not uncommon to see network administrator struggling tracking down packet drop on network equipments at interface level, while having a low average link utilisation. At the end it often turns out to be due to a phenomenon (well) known as microburst. While forwarding data between network links, network equipments absorb spikes with buffers, when buffers fill much quicker than they empty because of a line-rate burst, they overflow and packet loss occurs (yes you drop even though your like is in average little used). Now it’s clear that having …
nProbe

Collecting Proprietary Flows with nProbe
nProbe has been originally designed as an efficient tool able to capture traffic packets and transform them into flows. Call it network probe or sensor. Over the years we have added the ability to collect flows (i.e. nProbe is both a probe and a collector), so that nProbe can now act as probe, collector, also proxy by covering flows across formats. For instance you can collect IPFIX flows and export them in NetFlowV9. All this following the standards as confirmed by the IPFIX interoperability tests. Until now we focused in …
ntopng

Clustering Network Devices using ntopng Host Pools
In computer networks, devices are identified by an IP and a MAC. The IP can be dynamically assigned (so it might not be persistent), whereas the MAC is (in theory) unique and persistent for identifying a device. Non-technical users, do not know these low-level details, and in general it makes sense to cluster devices using other criteria. VLANs are a way to logically group devices belonging to the same administrative domain, but this is still a low-level network-level properly. When administering a network, we have have realised that we need …
nProbe

Flow-Based Monitoring, Troubleshooting and Security using nProbe
nProbe is a tool developed over the last 10 years, and thus it has been extended and improved year by year. However many users, even those who are using it since a long time, might not know all its features. Next week at Flocon 2017, I will give a talk about nProbe. The idea is to position nProbe (e.g. against the popular YAF tool), highlight what people can do with it (in addition to traffic monitoring and troubleshooting) and learn that nProbe is much more than a network sensor. I invite …
nProbe

Monitoring VoIP Traffic with nProbe and ntopng
VoIP applications usually limit theirs monitoring capabilities to the generation of CDR (Call Data Records) that are used for the generation of billing/consumption data. In essence you know how many calls a certain user/number has made, the duration etc. While this information can be enough for basic monitoring, it is not enough for guaranteeing reliable call quality as these systems are essentially blind with respect to call quality. Wireshark can analyse both call signalling and voice, but it is a troubleshooting tool meaning that it cannot be used for permanent …
cento

Stream That Flow: How to Publish nProbe/Cento Flows in a Kafka Cluster
Apache Kafka can be used across an organization to collect data from multiple sources and make them available in standard format to multiple consumers, including Hadoop, Apache HBase, and Apache Solr. nProbe — and it’s ultra-high-speed sibling nProbe cento — integration with the Kafka messaging system makes them good candidates source of network data. The delivery of network data to a redundant, scalable, and fault-tolerant messaging system such as Kafka enables companies to protect their data even in-flight, that is, when the consolidation in a database has still to occur. An impatient reader who is eager to use Cento for …
ntopng

ntopng MySQL Flow Export: Increase the Maximum Number of Open Files
ntopng uses partitioned MySQL tables when storing flows. As MySQL needs a file handle for each partition and its index, it is important to make sure that the open_files_limit is large enough to allow the process to keep all these files open. Typically, open_files_limit  default value works out-of-the-box but there are some packages/distributions that keeps this number pretty low. When the current value is too low, ntopng can show errors such as [MySQLDB.cpp:55] ERROR: MySQL error: Out of resources when opening file './ntopng/flowsv6#P#p23.MYD' (Errcode: 24 - Too many open files) [rc=-1] …
News

ntop Users Meeting 2016 Retrospective
Earlier this week we have organised a ntop user’s workshop hosted at Sharkfest EU 2016. For those who have not been able to attend this session, below you can find the slides we have used for presentation. Introduction ntopng: Web-based Traffic Analysis nDPI: Open Source Deep Packet Inspection PF_RING: High-Speed Traffic Processing Hands-On Session Product Roadmap Feel free to contact us if you have any questions. …
nProbe

ntop and Kentik bring nProbe to the Cloud
Traditionally nProbe is used as a host-based network monitoring probe able to produce “augmented” flow records including performance monitoring, security and visibility information. We have a common vision with Kentik of how network instrumentation needs to evolve beyond “just” bytes and packets-based NetFlow, and of how that can enable users to understand network performance and security challenges. This year, we entered a partnership with Kentik to leverage nProbe to export rich network metrics to the Kentik Detect big data network analytics cloud platform, and we’re proud to announce the first …
Announce

You’re Invited to the ntop Users Meeting and (free) Tutorial
Earlier this year we have held a ntop meetup in USA. Now we want to invite you to attend the ntop users meeting that will take place on October 17th (2 PM-5 PM), during the SharkFest Europe 2016 conference. The idea is to meet the ntop community, present our tools, highlight future work items and teach you how to master our tools. The ntop core team will be present at the event, and we would like to meet our users in person as we need to learn what are the things we …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe