Mailing List Archive: Custom alert on Flows and Alert to mail

Custom alert on Flows and Alert to mail

Jun 28, 2017, 8:25 AM

Post #1 of 7 (900 views)

Hello,

I have a ntop pro server configured in collector mode.
I receive the flows from my probe without problems but I would like to setup custom alert when the total numbers of Flows exceed a value to detect DDOS or such.
If possible I want it to send mail to my team.

Is there a way to do this?

--

Yann Honvault
Network and system administrator

Re: Custom alert on Flows and Alert to mail [ In reply to ]

mainardi at ntop

Jun 29, 2017, 5:45 AM

Post #2 of 7 (898 views)

Permalink

Dear Yann,

There is a rich set of custom alerts you can configure for every
interface/host/network monitored by ntopng. This set includes the number of
flows generated by an host. You can configure such alert for a specific
host, or for all the hosts in the system.

The following screenshot show the configuration page:

[image: Inline image 1]

Regards,
Simone

On Wed, Jun 28, 2017 at 5:25 PM, <honvault@cines.fr> wrote:

> Hello,
>
> I have a ntop pro server configured in collector mode.
> I receive the flows from my probe without problems but I would like to
> setup custom alert when the total numbers of Flows exceed a value to detect
> DDOS or such.
> If possible I want it to send mail to my team.
>
> Is there a way to do this?
>
> --
>
> Yann Honvault
> Network and system administrator
>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
>

Re: Custom alert on Flows and Alert to mail [ In reply to ]

mainardi at ntop

Jun 29, 2017, 5:45 AM

Post #3 of 7 (898 views)

Permalink

Re: Custom alert on Flows and Alert to mail [ In reply to ]

honvault at cines

Jun 29, 2017, 5:58 AM

Post #4 of 7 (898 views)

Permalink

Hello,

Thank you for your reply, I understand now why there was lots of alert from Flows when I tried this feature.

And what about the alert to mail system?

--

Yann
tel : 14.16

De: "Simone Mainardi" <mainardi@ntop.org>
À: ntop@unipi.it
Cc: "ntop mailing list" <ntop@listgateway.unipi.it>
Envoyé: Jeudi 29 Juin 2017 14:45:34
Objet: Re: [Ntop] Custom alert on Flows and Alert to mail

Dear Yann,
There is a rich set of custom alerts you can configure for every interface/host/network monitored by ntopng. This set includes the number of flows generated by an host. You can configure such alert for a specific host, or for all the hosts in the system.

The following screenshot show the configuration page:

Regards,
Simone

On Wed, Jun 28, 2017 at 5:25 PM, < honvault@cines.fr > wrote:

Hello,

I have a ntop pro server configured in collector mode.
I receive the flows from my probe without problems but I would like to setup custom alert when the total numbers of Flows exceed a value to detect DDOS or such.
If possible I want it to send mail to my team.

Is there a way to do this?

--

Yann Honvault
Network and system administrator

_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop

_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop

Re: Custom alert on Flows and Alert to mail [ In reply to ]

honvault at cines

Jun 29, 2017, 5:58 AM

Post #5 of 7 (898 views)

Permalink

Re: Custom alert on Flows and Alert to mail [ In reply to ]

mainardi at ntop

Jun 29, 2017, 6:19 AM

Post #6 of 7 (898 views)

Permalink

Hi,

On Thu, Jun 29, 2017 at 2:58 PM, <honvault@cines.fr> wrote:

> Hello,
>
> Thank you for your reply, I understand now why there was lots of alert
> from Flows when I tried this feature.
>
> And what about the alert to mail system?
>

Currently, sending mails is not supported but it is on our TODO list. Stay
tuned!

>
> --
>
> Yann
> tel : 14.16
>
> ------------------------------
> *De: *"Simone Mainardi" <mainardi@ntop.org>
> *À: *ntop@unipi.it
> *Cc: *"ntop mailing list" <ntop@listgateway.unipi.it>
> *Envoyé: *Jeudi 29 Juin 2017 14:45:34
> *Objet: *Re: [Ntop] Custom alert on Flows and Alert to mail
>
> Dear Yann,
> There is a rich set of custom alerts you can configure for every
> interface/host/network monitored by ntopng. This set includes the number of
> flows generated by an host. You can configure such alert for a specific
> host, or for all the hosts in the system.
>
> The following screenshot show the configuration page:
>
> [image: Inline image 1]
>
> Regards,
> Simone
>
> On Wed, Jun 28, 2017 at 5:25 PM, <honvault@cines.fr> wrote:
>
>> Hello,
>>
>> I have a ntop pro server configured in collector mode.
>> I receive the flows from my probe without problems but I would like to
>> setup custom alert when the total numbers of Flows exceed a value to detect
>> DDOS or such.
>> If possible I want it to send mail to my team.
>>
>> Is there a way to do this?
>>
>> --
>>
>> Yann Honvault
>> Network and system administrator
>>
>> _______________________________________________
>> Ntop mailing list
>> Ntop@listgateway.unipi.it
>> http://listgateway.unipi.it/mailman/listinfo/ntop
>>
>
>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
>

Mailing List Archive

Attached Files:

Attached Files:

Attached Files:

Attached Files: