Mailing List Archive

About ntopng specifications
Dear all,

Please tell me the following questions about ntopng specifications.


1.)Regarding Interfaces menu,
is the value displayed chart displayed on below menu on Host Detail the cumulative value of data collected in the past?
Or data within a certain period of time?
--Traffic, Packets, Ports, Peers, Protocols, DNS, HTTP, Flows, SNMP, Talkers, geography, Alert Configuration


2.)Regarding Activity Map at Home of screen of Host Detail,
it seems can change timeframe by control, what range is be able to change timeframe?


3.)Regarding Interfaces menu,
in which period value is the value displayed by Packets, protocols, ICMP, ARP?
At Protocol menu, there is Total(Since Startup) menu, what timing does "start up" mean?


4.) We would like to see the data of ntopng up to 6 months ago.

As far as we confirmed, it is specification that can see past information to 1 year by historical chart,
there seems to be no item that automatically disappears within 6 months.

Please tell us the item if there are some item that automatically disappears within 6 months.

# The flow information assume to be dumped to mysql for six months.

Sorry to trouble you, but I hope you can reply.

Best Regards,
Ebihara


_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop
Re: About ntopng specifications [ In reply to ]
Hi Ebihara,

Please see below.

On 11/16/18 11:01 AM, Chiaki Ebihara wrote:
> Dear all,
>
> Please tell me the following questions about ntopng specifications.
>
>
> 1.)Regarding Interfaces menu,
> is the value displayed chart displayed on below menu on Host Detail the cumulative value of data collected in the past?
> Or data within a certain period of time?
> --Traffic, Packets, Ports, Peers, Protocols, DNS, HTTP, Flows, SNMP, Talkers, geography, Alert Configuration

All the statistics are intended since ntopng was started. Flows are the
current active flows. The historical charts (via this icon
https://fontawesome.com/v4.7.0/icon/area-chart) are timeseries recorded
in the past, depending on the selected timeframe.

>
>
> 2.)Regarding Activity Map at Home of screen of Host Detail,
> it seems can change timeframe by control, what range is be able to change timeframe?
I think this was removed in the new version of ntopng. What ntopng
version are you using (ntopng --version)?
>
>
> 3.)Regarding Interfaces menu,
> in which period value is the value displayed by Packets, protocols, ICMP, ARP?
> At Protocol menu, there is Total(Since Startup) menu, what timing does "start up" mean?
Same as the host, since ntopng "startup", when the ntopng service was
started.
>
>
> 4.) We would like to see the data of ntopng up to 6 months ago.
>
> As far as we confirmed, it is specification that can see past information to 1 year by historical chart,
> there seems to be no item that automatically disappears within 6 months.
>
> Please tell us the item if there are some item that automatically disappears within 6 months.
>
> # The flow information assume to be dumped to mysql for six months.

What I say is related to the new 3.7 ntopng version. For mysql, you have
the ability to configure the retention, as explained here:
https://www.ntop.org/guides/ntopng/advanced_features/flows_dump.html#mysql-performance
.

For the timeseries (the charts), there are two options :

    - If you are using RRD as timeseries driver (check out the ntopng
Timeseries preferences), data will be retained for one here. However,
old data is aggregated so you will lose resolution on past data (e.g.
today data has 1 second resolution while one week data has 1 hour
resolution).

    . If you are using InfluxDB, data will be written "raw" and you can
configure the retention time directly from the ntopng gui.

> Sorry to trouble you, but I hope you can reply.

You are welcome!

Regards,

Emanuele

>
> Best Regards,
> Ebihara
>
>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop
Re: About ntopng specifications [ In reply to ]
Hi Emanuele,

Thank you for reply.

And thank you for InfluxDB information, I didn't know this.

If I use InfluxDB, I understand that statistic information displayed on each screen of host.detail and interface displays cumulative data for days specified by influxDB Storage.

(e.g. If "1" is set to influxDB Storage, host and interface information on GUI is only accumulated for one day, it is deleted from the old one.)

Also, I understood that rotation setting like influxDB can not be done when using RRD.

Please point out if it is worng.

Understood about that Activity Map has been deleted on the new version.

There is no particular problem with this as long as it has been deleted with the latest version.

Best regards,
Ebihara


> -----Original Message-----
> From: ntop-bounces@listgateway.unipi.it
> [mailto:ntop-bounces@listgateway.unipi.it] On Behalf Of Emanuele Faranda
> Sent: Friday, November 16, 2018 11:13 PM
> To: ntop@listgateway.unipi.it
> Subject: Re: [Ntop] About ntopng specifications
>
> Hi Ebihara,
>
> Please see below.
>
> On 11/16/18 11:01 AM, Chiaki Ebihara wrote:
> > Dear all,
> >
> > Please tell me the following questions about ntopng specifications.
> >
> >
> > 1.)Regarding Interfaces menu,
> > is the value displayed chart displayed on below menu on Host Detail
> the cumulative value of data collected in the past?
> > Or data within a certain period of time?
> > --Traffic, Packets, Ports, Peers, Protocols, DNS, HTTP, Flows,
> > SNMP, Talkers, geography, Alert Configuration
>
> All the statistics are intended since ntopng was started. Flows are the
> current active flows. The historical charts (via this icon
> https://fontawesome.com/v4.7.0/icon/area-chart) are timeseries recorded
> in the past, depending on the selected timeframe.
>
> >
> >
> > 2.)Regarding Activity Map at Home of screen of Host Detail,
> > it seems can change timeframe by control, what range is be able to
> change timeframe?
> I think this was removed in the new version of ntopng. What ntopng version
> are you using (ntopng --version)?
> >
> >
> > 3.)Regarding Interfaces menu,
> > in which period value is the value displayed by Packets, protocols,
> ICMP, ARP?
> > At Protocol menu, there is Total(Since Startup) menu, what timing
> does "start up" mean?
> Same as the host, since ntopng "startup", when the ntopng service was
> started.
> >
> >
> > 4.) We would like to see the data of ntopng up to 6 months ago.
> >
> > As far as we confirmed, it is specification that can see past
> information to 1 year by historical chart,
> > there seems to be no item that automatically disappears within 6
> months.
> >
> > Please tell us the item if there are some item that automatically
> disappears within 6 months.
> >
> > # The flow information assume to be dumped to mysql for six months.
>
> What I say is related to the new 3.7 ntopng version. For mysql, you have
> the ability to configure the retention, as explained here:
> https://www.ntop.org/guides/ntopng/advanced_features/flows_dump.html#m
> ysql-performance
> .
>
> For the timeseries (the charts), there are two options :
>
>     - If you are using RRD as timeseries driver (check out the ntopng
> Timeseries preferences), data will be retained for one here. However, old
> data is aggregated so you will lose resolution on past data (e.g.
> today data has 1 second resolution while one week data has 1 hour
> resolution).
>
>     . If you are using InfluxDB, data will be written "raw" and you can
> configure the retention time directly from the ntopng gui.
>
> > Sorry to trouble you, but I hope you can reply.
>
> You are welcome!
>
> Regards,
>
> Emanuele
>
> >
> > Best Regards,
> > Ebihara
> >
> >
> > _______________________________________________
> > Ntop mailing list
> > Ntop@listgateway.unipi.it
> > http://listgateway.unipi.it/mailman/listinfo/ntop
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop
Re: About ntopng specifications [ In reply to ]
Hi Emanuele,

Thank you for reply.

And thank you for InfluxDB information, I didn't know this.

If I use InfluxDB, I understand that statistic information displayed on each screen of host.detail and interface displays cumulative data for days specified by influxDB Storage.

(e.g. If "1" is set to influxDB Storage, host and interface information on GUI is only accumulated for one day, it is deleted from the old one.)

Also, I understood that rotation setting like influxDB can not be done when using RRD.

Please point out if it is worng.

Understood about that Activity Map has been deleted on the new version.

There is no particular problem with this as long as it has been deleted with the latest version.

Best regards,
Ebihara


> -----Original Message-----
> From: ntop-bounces@listgateway.unipi.it
> [mailto:ntop-bounces@listgateway.unipi.it] On Behalf Of Emanuele Faranda
> Sent: Friday, November 16, 2018 11:13 PM
> To: ntop@listgateway.unipi.it
> Subject: Re: [Ntop] About ntopng specifications
>
> Hi Ebihara,
>
> Please see below.
>
> On 11/16/18 11:01 AM, Chiaki Ebihara wrote:
> > Dear all,
> >
> > Please tell me the following questions about ntopng specifications.
> >
> >
> > 1.)Regarding Interfaces menu,
> > is the value displayed chart displayed on below menu on Host Detail
> the cumulative value of data collected in the past?
> > Or data within a certain period of time?
> > --Traffic, Packets, Ports, Peers, Protocols, DNS, HTTP, Flows,
> > SNMP, Talkers, geography, Alert Configuration
>
> All the statistics are intended since ntopng was started. Flows are the
> current active flows. The historical charts (via this icon
> https://fontawesome.com/v4.7.0/icon/area-chart) are timeseries recorded
> in the past, depending on the selected timeframe.
>
> >
> >
> > 2.)Regarding Activity Map at Home of screen of Host Detail,
> > it seems can change timeframe by control, what range is be able to
> change timeframe?
> I think this was removed in the new version of ntopng. What ntopng version
> are you using (ntopng --version)?
> >
> >
> > 3.)Regarding Interfaces menu,
> > in which period value is the value displayed by Packets, protocols,
> ICMP, ARP?
> > At Protocol menu, there is Total(Since Startup) menu, what timing
> does "start up" mean?
> Same as the host, since ntopng "startup", when the ntopng service was
> started.
> >
> >
> > 4.) We would like to see the data of ntopng up to 6 months ago.
> >
> > As far as we confirmed, it is specification that can see past
> information to 1 year by historical chart,
> > there seems to be no item that automatically disappears within 6
> months.
> >
> > Please tell us the item if there are some item that automatically
> disappears within 6 months.
> >
> > # The flow information assume to be dumped to mysql for six months.
>
> What I say is related to the new 3.7 ntopng version. For mysql, you have
> the ability to configure the retention, as explained here:
> https://www.ntop.org/guides/ntopng/advanced_features/flows_dump.html#m
> ysql-performance
> .
>
> For the timeseries (the charts), there are two options :
>
>     - If you are using RRD as timeseries driver (check out the ntopng
> Timeseries preferences), data will be retained for one here. However, old
> data is aggregated so you will lose resolution on past data (e.g.
> today data has 1 second resolution while one week data has 1 hour
> resolution).
>
>     . If you are using InfluxDB, data will be written "raw" and you can
> configure the retention time directly from the ntopng gui.
>
> > Sorry to trouble you, but I hope you can reply.
>
> You are welcome!
>
> Regards,
>
> Emanuele
>
> >
> > Best Regards,
> > Ebihara
> >
> >
> > _______________________________________________
> > Ntop mailing list
> > Ntop@listgateway.unipi.it
> > http://listgateway.unipi.it/mailman/listinfo/ntop
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop