Hello Alfredo,
Let me explain my setup and then you can suggest the best way out.
I have a debian 9 with accolade NIC cards without an IP address. These
cards are a tap to the GTP traffic. So they get to see all the GTP-C
traffic.
What I want to achieve:
1. Be able to read the entire GTP-C flow.
2. Dump this entire flow to a local disk. I need to read the entire content
of the packet. Including IP Address, MSISDN number, LAC etc.
3. Use Filebeat to export this to Logstash and dump it to an elasticsearch
database.
Now, what I read was I still would require ntopng to read the GTP parse
data from nProbe and then log them to a disk and export it to logstash and
elasticsearch.
-=Srijan Nandi
On Tue, 10 Sep 2019 at 22:56, Alfredo Cardigliano <cardigliano@ntop.org>
wrote:
> Hi
> you should not use the accolade adapter for exporting flow data to ntopng,
> that’s for
> capturing raw packets only, you should use the management interface (or
> other standard interfaces) for that.
>
> Alfredo
>
> > On 10 Sep 2019, at 19:22, Srijan Nandi <srijan.nandi@gmail.com> wrote:
> >
> > Hello Everyone,
> >
> > I require some assistance with the following.
> >
> > I have already configured nProbe to list to accolade NIC card. Now I
> need help in configuring ntopng so that it reads from nprobe.
> >
> > The problem, my accolade cards do not have an IP address as this entire
> setup is in Layer 2 mode. So I am not able to figure out how to use zmq in
> the nprobe config file and utilise the same in the ntopng config file.
> >
> > --
> > -=Srijan Nandi
> > _______________________________________________
> > Ntop mailing list
> > Ntop@listgateway.unipi.it
> > http://listgateway.unipi.it/mailman/listinfo/ntop
>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
--
-=Srijan Nandi