nProbe (via its export plugin) supports ElasticSearch flows export. Setting up nProbe for the ElasticSearch export is a breeze, it just boils down to specifying option –elastic. For example, to export NetFlow flows collected on port 2058 (–collector-port 2058) to … Continue reading
Released nProbe Cento 1.8
This is to announce the release of nProbe Cento 1.8 stable release. This is a maintenance release where we have made many reliability fixes and added new options to integrate this tool with the latest ntopng developments. We suggest all … Continue reading
Packets vs Flows: Which Option is the Best?
One of the most difficult steps on a monitoring deployment scenario is to choose where is the best point where traffic has to be monitored, and what is the best strategy to observe this traffic. The main options are basically: … Continue reading
Cento 1.6 Stable Just Released
After more than one year since the latest stable release, we are glad to announce cento 1.6-stable. This new release brings stability, fixes and several new features. Among the new features, it is worth mentioning that: Flows can be exported … Continue reading
How to export BGP routing information (AS Path) in network flows
Tools like traceroute have been used for a long time to track the forward path of packets, i.e. the journey of our packets to a remote destination. Unfortunately with traceroute nothing can be said about the path of ingress packets, … Continue reading
Measuring ntopng+nProbe Flow Processing Performance
In this post we try to analyze the performance of nProbe and ntopng for the collection of NetFlow. ntopng and nProbe will be broken down into smaller functional units and such units will be analyzed to understand the maximum performance … Continue reading
sFlow Collection and Analysis with nProbe and ntopng
sFlow, short for sampled Flow, is a sampling technology designed to export network devices information, namely: Interface counters (à la SNMP MIB-II); Traffic packets (à la ERSPAN). sFlow agents run on switches, routers, firewalls and other devices, and periodically export … Continue reading
Using nProbe for Collecting Ixia IPFIX with IxFlow extensions
Ixia allows to enrich IPFIX records with value-add extensions. Additional information that can be exported, along with standard fields such as source and destination IP addresses, include: Geographical information such as region IP, latitude and city name Application ID or … Continue reading
Using nProbe and ntopng for Collecting and Visualizing Sonicwall Flows
nProbe is both a probe and a NetFlow/sFlow collector. Recently, we’ve also added added the ability to collect flows with proprietary information elements. This greatly improves nProbe flexibility as any custon, vendor-proprietary information element can be understood, correctly parsed, and … Continue reading
Introducing nProbe 8.6: Per-Second Measurements and Collection of Proprietary Flows
We are glad to announce the release of nProbe 8.6 stable release. Among the main new features, this release brings: Per-second measurements of flows traffic Ability to collect proprietary (i.e. using non standard information elements) flows These new features come … Continue reading