ntopng creates timeseries for traffic by periodically (e.g. every minute) writing into RRD/Influx the traffic volume observed. Below you can see an example. Traffic is used to keep track of the data volume exchanged. Over time timeseries are aggregated (roll-up) to save space, meaning for instance that 60 minute observations are used to compute a […]
HowTo Trigger an Alert When Contacting a Website/IP with ntopng
ntopng has native blacklist support that enables generation of alerts when malware sites are contacted. You can enable/disable the list of active blacklist by accessing the blacklist page from the preferences menu of the left sidebar and also configure the list properties such as refresh rate as well enable/disable them. Now suppose you want to […]
ntopConf 2023 (25 years of ntop) Registration is Now Open
This is to announce that the registration for the ntop Conference 2023, 25 years since the first release of ntop, is now open. Similar to past conferences, this event is divided into two days: the first day will be allocated for training on ntop products, the second day for the main conference and workshop. You […]
ntop June 2023 Webinar Recording
Those who missed our June 2023 webinar can watch the webinar recording as well glance through the presentation slides.
Monitoring Microsoft Teams Performance and Video/Call Quality
Months ago we have talked how ntopng identifies ad monitors Zoom calls quality. Today we show how call monitoring has been now seamlessly extended to Microsoft Teams. Thanks to nDPI, ntopng is now able to detect Teams calls and to label them according to the stream type: Video Audio Screen Sharing. For each call it […]
Register for ntop June 2023 Webinar: June 20th 3PM CET / 9 AM EST
This is to invite you to the latest ntop webinar before the summer break. The major webinar topic will include n2disk smart packet recorder Latest OT/SCADA Developments; IEC 104 and ModbusTCP Suricata/Zeek IDS Acceleration at 40/100 Gbit New ntopng charts and tables Traffic Rules Inactive Host Monitoring and ,,,, You can register for the webinar […]
Scaling Up ntopng Flow and Packet Processing
As traffic rate increases, it is important to tune packet processing in order to avoid drops and thus educe visibility. This post will show you a few tricks for improving the overall performance and better exploit modern multicore systems. The Problem ntopng packet processing performance depends on the number of ingress pps (packets per second) […]
Introducing Modbus Traffic Monitoring in ntopng
Modbus is an industrial protocol used to communicate with automation devices. The initial protocol version was implemented over a serial layer, whereas the current version named ModbusTCP is a variant of the original protocol running over TCP/IP. This blog post describes how ntopng monitors ModbusTCP traffic: it detects Modbus flows via nDPI and dissects them […]
OpenAPI: ntopng REST API for Software Developers
Maybe not all of you know that ntopng powers in some popular monitoring systems such as CheckMK and Centreon. The integration is made possible through the ntopng REST API (REST stands for REpresentational State Transfer) that allows developers to manipulate ntopng configuration and query monitored information including hosts, flows, alerts and historical data. Recently we […]
OT, ICS, SCADA: IEC 60870-5-104 in ntopng
What is OT, ICS, SCADA ? Operational Technology (OT) refers to computing systems that are used to manage industrial operations or process operations, like water treatment, electrical power distribution or wrapping a chocolate in foil. ntopng supports some Industrial control systems (ICS) protocol often managed via a Supervisory Control and Data Acquisition (SCADA) systems. Via […]