Mailing List Archive

Hi Gerard,

Right now, this is how you can implement the view you request:

?- If the networks are not spread across multiple collectors and are
some defined set, you can define local networks globally to get charts
by local networks:
https://www.ntop.org/guides/ntopng/basic_concepts/hosts.html#local-hosts .

?- You can also group hosts by local network, ip address or mac address
on a collector interface basis by the means of "Host Pools". Please
check out
https://www.ntop.org/guides/ntopng/web_gui/hosts.html#host-pools . You
will need to enable Host Pools timeseries generation in order to see the
charts.

Please note that currently in ntopng the charts/report information is
not generated "on demand" but rather it is precomputed periodically
during the monitoring. This means that you can't currently apply a
dynamic filter like subnet filter on the charts page. However, we have
implemented a new flow database storage which would allow us to be more
dynamic on such kind of queries, although we still have to evaluate the
possible drawbacks of such a dynamic approach.

Regards,

Emanuele

On 1/15/19 6:41 PM, Gerard Beekmans wrote:
>
> Hi,
>
> When I get the data issues ironed out (see previous thread), I am also
> having a hard time how to actually create the kinds of reports we need.
>
> The Netflow traffic received by nprobe is aggregate traffic consisting
> of traffic from all our remote locations, showing each individual
> device inside those LANs.
>
> The type of graph shown when going to Interfaces -> Netflow collector
> interface -> historical chart page is exactly what I need to see, but
> it needs to be filtered by subnet so I can see traffic belonging to
> just that group of hosts.
>
> I can?t use the Hosts -> Hosts overview because this shows me the
> individual computers at the remote locations. We don?t use NAT so
> there isn?t a single host entry that corresponds to their router?s WAN
> interface. Also, hosts don?t seem to have a historical timeseries type
> chart like Interfaces does. The pie chart on a host?s Protocols page
> isn?t useful ? we need the graphs according to time of day. The
> Protocols page does have a link at the very bottom to a historical
> reports page (host.details.lua?host=IP&page=historical) but those
> pages are blank. Maybe this needs to be enabled somewhere but I
> haven?t found the setting yet.
>
> I tried using the ?Traffic Report? as well but all it lets me specify
> is interfaces and protocols as filters. What I miss is the ability to
> add subnets to drill down to specific locations only.
>
> Is any of this possible with ntopng or am I trying to make it do
> something that it?s not designed to do?
>
> Thanks,
>
> Gerard Beekmans
> Sr. Network Engineer
> First Nations Technical Services Advisory Group Inc.
> Phone: 780-638-2739
> Fax: 780-483-8632
> Helpdesk: 1-888-999-3356
> Email: gbeekmans@tsag.net <mailto:gbeekmans@tsag.net>
>
> Santa Fe Plaza
> 18232 - 102 Avenue NW
> Edmonton, AB T5S 1S7
> http://www.tsag.net <http://www.tsag.net/>
>
>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop

Thank you, I will give that a try.

Any thoughts on the other emails I sent yesterday? Maybe this isn't the best place to use up the 5 days of included installation support that comes with activating the licenses?



Thanks,
Gerard


-------- Original message --------
From: Emanuele Faranda <faranda@ntop.org>
Date: 1/16/19 03:14 (GMT-07:00)
To: ntop@listgateway.unipi.it
Subject: Re: [Ntop] Filter time series charts


Hi Gerard,

Right now, this is how you can implement the view you request:

- If the networks are not spread across multiple collectors and are some defined set, you can define local networks globally to get charts by local networks: https://www.ntop.org/guides/ntopng/basic_concepts/hosts.html#local-hosts .

- You can also group hosts by local network, ip address or mac address on a collector interface basis by the means of "Host Pools". Please check out https://www.ntop.org/guides/ntopng/web_gui/hosts.html#host-pools . You will need to enable Host Pools timeseries generation in order to see the charts.

Please note that currently in ntopng the charts/report information is not generated "on demand" but rather it is precomputed periodically during the monitoring. This means that you can't currently apply a dynamic filter like subnet filter on the charts page. However, we have implemented a new flow database storage which would allow us to be more dynamic on such kind of queries, although we still have to evaluate the possible drawbacks of such a dynamic approach.

Regards,

Emanuele

On 1/15/19 6:41 PM, Gerard Beekmans wrote:
Hi,

When I get the data issues ironed out (see previous thread), I am also having a hard time how to actually create the kinds of reports we need.

The Netflow traffic received by nprobe is aggregate traffic consisting of traffic from all our remote locations, showing each individual device inside those LANs.

The type of graph shown when going to Interfaces -> Netflow collector interface -> historical chart page is exactly what I need to see, but it needs to be filtered by subnet so I can see traffic belonging to just that group of hosts.

I can?t use the Hosts -> Hosts overview because this shows me the individual computers at the remote locations. We don?t use NAT so there isn?t a single host entry that corresponds to their router?s WAN interface. Also, hosts don?t seem to have a historical timeseries type chart like Interfaces does. The pie chart on a host?s Protocols page isn?t useful ? we need the graphs according to time of day. The Protocols page does have a link at the very bottom to a historical reports page (host.details.lua?host=IP&page=historical) but those pages are blank. Maybe this needs to be enabled somewhere but I haven?t found the setting yet.

I tried using the ?Traffic Report? as well but all it lets me specify is interfaces and protocols as filters. What I miss is the ability to add subnets to drill down to specific locations only.

Is any of this possible with ntopng or am I trying to make it do something that it?s not designed to do?

Thanks,
Gerard Beekmans
Sr. Network Engineer
First Nations Technical Services Advisory Group Inc.
Phone: 780-638-2739
Fax: 780-483-8632
Helpdesk: 1-888-999-3356
Email: gbeekmans@tsag.net<mailto:gbeekmans@tsag.net>
Santa Fe Plaza
18232 - 102 Avenue NW
Edmonton, AB T5S 1S7
http://www.tsag.net<http://www.tsag.net/>




_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it<mailto:Ntop@listgateway.unipi.it>
http://listgateway.unipi.it/mailman/listinfo/ntop

Thank you, I will give that a try.

Any thoughts on the other emails I sent yesterday? Maybe this isn't the best place to use up the 5 days of included installation support that comes with activating the licenses?



Thanks,
Gerard


-------- Original message --------
From: Emanuele Faranda <faranda@ntop.org>
Date: 1/16/19 03:14 (GMT-07:00)
To: ntop@listgateway.unipi.it
Subject: Re: [Ntop] Filter time series charts


Hi Gerard,

Right now, this is how you can implement the view you request:

- If the networks are not spread across multiple collectors and are some defined set, you can define local networks globally to get charts by local networks: https://www.ntop.org/guides/ntopng/basic_concepts/hosts.html#local-hosts .

- You can also group hosts by local network, ip address or mac address on a collector interface basis by the means of "Host Pools". Please check out https://www.ntop.org/guides/ntopng/web_gui/hosts.html#host-pools . You will need to enable Host Pools timeseries generation in order to see the charts.

Please note that currently in ntopng the charts/report information is not generated "on demand" but rather it is precomputed periodically during the monitoring. This means that you can't currently apply a dynamic filter like subnet filter on the charts page. However, we have implemented a new flow database storage which would allow us to be more dynamic on such kind of queries, although we still have to evaluate the possible drawbacks of such a dynamic approach.

Regards,

Emanuele

On 1/15/19 6:41 PM, Gerard Beekmans wrote:
Hi,

When I get the data issues ironed out (see previous thread), I am also having a hard time how to actually create the kinds of reports we need.

The Netflow traffic received by nprobe is aggregate traffic consisting of traffic from all our remote locations, showing each individual device inside those LANs.

The type of graph shown when going to Interfaces -> Netflow collector interface -> historical chart page is exactly what I need to see, but it needs to be filtered by subnet so I can see traffic belonging to just that group of hosts.

I can?t use the Hosts -> Hosts overview because this shows me the individual computers at the remote locations. We don?t use NAT so there isn?t a single host entry that corresponds to their router?s WAN interface. Also, hosts don?t seem to have a historical timeseries type chart like Interfaces does. The pie chart on a host?s Protocols page isn?t useful ? we need the graphs according to time of day. The Protocols page does have a link at the very bottom to a historical reports page (host.details.lua?host=IP&page=historical) but those pages are blank. Maybe this needs to be enabled somewhere but I haven?t found the setting yet.

I tried using the ?Traffic Report? as well but all it lets me specify is interfaces and protocols as filters. What I miss is the ability to add subnets to drill down to specific locations only.

Is any of this possible with ntopng or am I trying to make it do something that it?s not designed to do?

Thanks,
Gerard Beekmans
Sr. Network Engineer
First Nations Technical Services Advisory Group Inc.
Phone: 780-638-2739
Fax: 780-483-8632
Helpdesk: 1-888-999-3356
Email: gbeekmans@tsag.net<mailto:gbeekmans@tsag.net>
Santa Fe Plaza
18232 - 102 Avenue NW
Edmonton, AB T5S 1S7
http://www.tsag.net<http://www.tsag.net/>




_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it<mailto:Ntop@listgateway.unipi.it>
http://listgateway.unipi.it/mailman/listinfo/ntop

Hi Gerard,

If you need installation/configuration assistance please contact us
privately.

Emanuele

On 1/16/19 2:31 PM, Gerard Beekmans wrote:
> Thank you, I will give that a try.
>
> Any thoughts on the other emails I sent yesterday? Maybe this isn't
> the best place to use up the 5 days of included installation support
> that comes with activating the licenses?
>
>
>
> Thanks,
> Gerard
>
>
> -------- Original message --------
> From: Emanuele Faranda <faranda@ntop.org>
> Date: 1/16/19 03:14 (GMT-07:00)
> To: ntop@listgateway.unipi.it
> Subject: Re: [Ntop] Filter time series charts
>
> Hi Gerard,
>
> Right now, this is how you can implement the view you request:
>
> ?- If the networks are not spread across multiple collectors and are
> some defined set, you can define local networks globally to get charts
> by local networks:
> https://www.ntop.org/guides/ntopng/basic_concepts/hosts.html#local-hosts .
>
> ?- You can also group hosts by local network, ip address or mac
> address on a collector interface basis by the means of "Host Pools".
> Please check out
> https://www.ntop.org/guides/ntopng/web_gui/hosts.html#host-pools . You
> will need to enable Host Pools timeseries generation in order to see
> the charts.
>
> Please note that currently in ntopng the charts/report information is
> not generated "on demand" but rather it is precomputed periodically
> during the monitoring. This means that you can't currently apply a
> dynamic filter like subnet filter on the charts page. However, we have
> implemented a new flow database storage which would allow us to be
> more dynamic on such kind of queries, although we still have to
> evaluate the possible drawbacks of such a dynamic approach.
>
> Regards,
>
> Emanuele
>
> On 1/15/19 6:41 PM, Gerard Beekmans wrote:
>>
>> Hi,
>>
>> When I get the data issues ironed out (see previous thread), I am
>> also having a hard time how to actually create the kinds of reports
>> we need.
>>
>> The Netflow traffic received by nprobe is aggregate traffic
>> consisting of traffic from all our remote locations, showing each
>> individual device inside those LANs.
>>
>> The type of graph shown when going to Interfaces -> Netflow collector
>> interface -> historical chart page is exactly what I need to see, but
>> it needs to be filtered by subnet so I can see traffic belonging to
>> just that group of hosts.
>>
>> I can?t use the Hosts -> Hosts overview because this shows me the
>> individual computers at the remote locations. We don?t use NAT so
>> there isn?t a single host entry that corresponds to their router?s
>> WAN interface. Also, hosts don?t seem to have a historical timeseries
>> type chart like Interfaces does. The pie chart on a host?s Protocols
>> page isn?t useful ? we need the graphs according to time of day. The
>> Protocols page does have a link at the very bottom to a historical
>> reports page (host.details.lua?host=IP&page=historical) but those
>> pages are blank. Maybe this needs to be enabled somewhere but I
>> haven?t found the setting yet.
>>
>> I tried using the ?Traffic Report? as well but all it lets me specify
>> is interfaces and protocols as filters. What I miss is the ability to
>> add subnets to drill down to specific locations only.
>>
>> Is any of this possible with ntopng or am I trying to make it do
>> something that it?s not designed to do?
>>
>> Thanks,
>>
>> Gerard Beekmans
>> Sr. Network Engineer
>> First Nations Technical Services Advisory Group Inc.
>> Phone: 780-638-2739
>> Fax: 780-483-8632
>> Helpdesk: 1-888-999-3356
>> Email: gbeekmans@tsag.net <mailto:gbeekmans@tsag.net>
>>
>> Santa Fe Plaza
>> 18232 - 102 Avenue NW
>> Edmonton, AB T5S 1S7
>> http://www.tsag.net <http://www.tsag.net/>
>>
>>
>> _______________________________________________
>> Ntop mailing list
>> Ntop@listgateway.unipi.it
>> http://listgateway.unipi.it/mailman/listinfo/ntop
>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop