ntopng

ntopng

ntopng goes Elastic: Introducing ElasticSearch 6 Support
As you ntopng users know, out of the Elastic toolset ntopng supports both ElasticSearch and LogStash. You can use them using the -F flag: --dump-flows|-F] <mode> | Dump expired flows. Mode: | es Dump in ElasticSearch database | Format: | es;<mapping type>;<idx name>;<es URL>;<http auth> | Example: | es;ntopng;ntopng-%Y.%m.%d;http://localhost:9200/_bulk; | Notes: | The <idx name> accepts the strftime() format. | <mapping type>s have been removed starting at | ElasticSearch version 6. <mapping type> | values whill therefore be ignored when using | versions greater than or equal to 6. | …
ntopng

Welcome to ntopng 3.4: Improved Alerts/SNMP/Asset Discovery, InfluxDB/Prometheus Support
We’re happy to announce the release of ntopng 3.4 that introduces several enhancements and new features, some of which will be finalised in 3.6 due later this year. This version consolidates several months of work and paves the way to more radical changes planned for the next release. In particular beta features present in this version include support for InfluxDB and Prometheus so that you can use ntopng for exporting traffic data towards time-series databases (you can read about influx and prometheus). We have also revamped the alert implementation and introduced initial …
Announce

Introducing Multi-language Support in ntopng
Traditionally all ntop tools have manuals and user interface in English. As sometimes our users are not really familiar with it, we have decided to introduce user interface translation of the user interface so that we can make those users more comfortable when using ntopng. As the moment we have added support for Italian and German, but we might consider adding further languages in the future. When you first login to ntopng after installation you will notice that there is a new menu that allows you to set the language …
nProbe

Network Monitoring 101: A Beginner’s Guide to Understanding ntop Tools
The first important step to start with network monitoring is to analyze what we want to monitor and how to deploy the monitoring solution in the existing network. Here are some important questions to ask ourselves before starting the actual monitoring: Do we need to monitor the entire network or just a specific segment? Do we already have network appliances with network flow export capabilities (e.g. NetFlow/sFlow devices)? Can we use port mirroring of a switch or a network TAP? Where are we deploying our network monitoring appliances to get …
Announce

Announcing ntopng 3.2 – The First Move Towards Active Network Monitoring
Today we are glad to announce the new 3.2 stable release of ntopng. Among the most important new features available in this release, there is without any doubt an advanced network devices discovery functionality. Historically, ntopng has always been a fully passive monitoring tool. This release aims at complementing the information gathered from a purely passive packet capture with precious extra bits of data obtained by actively searching for devices. Network devices discovery glues together multiple techniques and heuristics, including ARP pinging, SNMP querying, SSDP discovery and MDNS names resolution. …
ntopng

Network Device Discovery. Part 1: Active Discovery
Since its introduction in 1998, ntop(ng) has been a pure (well beside DNS address resolution if enabled) passive network monitoring tool. Recently we have complemented it with active device discovery in order to find out if there are silent devices in our network, and what services/OS our devices are featuring. In this article we will analyze how active discovery works, leaving to a future article the analysis of passive discovery. Active discovery can be started on demand from the menu     or from the network preferences to enable periodic …
ntopng

ntopng Grafana Integration: The Beauty of Data Visualizazion
Disclaimer This article is outdated: please see this document for using ntopng with grafana Summary Grafana is one of the most widely known platforms for metrics monitoring (and alerting); ntopng version 3.1 natively integrates with Grafana thanks to a datasource plugin which is freely available; This article explains how to install and configure the ntopng datasource plugin, and how to build a dashboard for the visualization of ntopng-generated metrics. A video tutorial is available as well: Introduction Grafana is an open platform for analytics and visualization. An extremely-well engineered architecture makes …
ntopng

Announcing ntopng and Grafana Integration
Disclaimer This article is outdated: please see this document for using ntopng with grafana This is to announce the release of the ntopng Grafana datasource that you can find on the grafana website. Using this plugin you can create a Grafana dashboard that fetches data from ntopng in a matter of clicks. To set up the datasource visit Grafana Datasources page and select the green button Add a datasource. Select ntopng as the datasource Type in the page that opens. The HTTP url must point to a running ntopng instance, …
Guides

When Live is not Enough: Connecting ntopng and nProbe via MySQL for Historical Flows Exploration
Using nProbe in combination with ntopng is a common practice. The benefits of this combination are manyfold and include: A complete decoupling of monitoring activities (taking place on the nProbe) from visualization tasks (taking place on ntopng); The capability of building distributed deployments where multiple (remote) nProbe instances send monitored data towards one or more ntopng instances for visualization; A comprehensive support for the collection, harmonization and visualization of heterogeneous flow export protocols and technologies, including NetFlow V5/v9/V10 IPFIX and sFlow; Full support for any proprietary technology that sends custom …
ntopng

How to use ntopng for Realtime Traffic Analysis on Fritz!Box Routers
Fritz!Box routers are popular devices that many people use to connect to the Internet. Inside these routers there is a hidden (i.e. not accessible from the router web admin page, but that you access directly with a web browser by writing the whole URL) URL http://192.168.2.1/html/capture.html (BTW replace the 192.168.2.1 IP address with your Fritz!Box router IP if you have changed it) that can be used to dump router traffic in pcap format. While pcaps are good for troubleshooting, most people need to know what is happening on their network in realtime, …
ntopng

Integrating ntopng with Grafana
Last week the NYC Metrics and Monitoring meetup invited ntop to give a talk. The topic was how to open ntopng so that it can become a gateway for producing network metrics that could be used by popular applications and frameworks such as Snap-io, Prometheus or Influx. The first result of this activity is the integration of ntopng with Grafana that we plan to complete in July. Here you can see the presentation slides  where you can have an idea of the work we’re doing. If you are interested in using …
ntopng

Introducing ntopng 3.0
If you have enjoyed ntopng 2.x, we believe you will like 3.0 even more as we have worked for almost one year to this release. We have modified many things, improved security in ntopng (in the cybersecurity days this is the least we could do), added layer 2 visibility, improved metrics calculations, added alerts support (even on the go), improved significantly the Windows version (yes Win 10 is supported out of the box), improved performance, reworked the GUI in many aspects, improved significantly the inline traffic mode, improved FreeBSD support. As …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe