As we have released 2.4, it is now time to plan for the next release and highlight the list of features we plan to implement so we can start a discussion and get some feedback. The major changes we would like to introduce include:
- Rework interface views to make them more efficient and not an expecting as they are today.
- Add full support for sFlow/NetFlow so that we can keep per interface statistics as many other collectors do.
- Introduce some “enterprise-oriented” features such as per-AuthononousSystem statistics and traffic accounting, qcreate an alarm dashboard with full alarm support open/closed.
- Traffic interpretation: as of today we graph flow x, y, z but flows are still too low level. It would be nice to correlated them into more high-level activities such as user X downloaded a file, Dropbox folder of IP Y has sync etc etc. in essence continue the transition started with packet to flows, towards some meaningful for humans.
- Add full L2 support: keep a list of mac addresses, associate them to users/devices, implement layer-2 features such as ARP/DHCP monitoring.
- Implement per-flow scripting so that we can execute actions in Lua at flow-level (example trigger an alert when event Z happens).
- Time based comparison (e.g. compare today’s traffic with what happened a week ago at the same time/day of the week) and reporting.
- Integrate messager bots to query ntopng from mobile and for distributing alerts to subscribers.
Anything else you would like to see in the next ntopng release? Willing to help? Please contact us if interested in helping with the development.