Mailing List Archive: Suricata Netflow export into ntopng

Suricata Netflow export into ntopng

Jun 24, 2019, 6:36 AM

Post #1 of 3 (748 views)

Hello,

I am trying to see if we can export NetFlow data from Suricata and add them either to Nprobe or directly into ntopng ?

Suricata seems to have a the ability to export flows directly in redis format.
But I am not sure if ntopng has the ability to collect the JSON formated flows and store them directly in Redis or if we rather have to use Nprobe as a middleware formater.

Any help is welcome.

Sincerely yours.
_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop

Re: Suricata Netflow export into ntopng [ In reply to ]

deri at ntop

Jun 24, 2019, 7:57 AM

Post #2 of 3 (748 views)

Permalink

Hi
Please see https://github.com/ntop/ntopng/blob/dev/doc/README.suricata

Regards Luca

> On 24 Jun 2019, at 15:36, "bsd@todoo.biz" <bsd@todoo.biz> wrote:
>
> Hello,
>
> I am trying to see if we can export NetFlow data from Suricata and add them either to Nprobe or directly into ntopng ?
>
> Suricata seems to have a the ability to export flows directly in redis format.
> But I am not sure if ntopng has the ability to collect the JSON formated flows and store them directly in Redis or if we rather have to use Nprobe as a middleware formater.
>
>
> Any help is welcome.
>
>
> Sincerely yours.
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop