At interface page.
There are not drop alerts but there are others:
interface tcp://127.0.0.1:5556 has too many flows. Please extend the
--max-num-flows/-X command line option
Statistics update on interface tcp://127.0.0.1:5556 is too slow. This could
lead to data accuracy loss and missing alerts.
Update frequency can be tuned by the Hosts Statistics Update Frequency
preference.
Perhaps this is why im not getting propper traffic values.
- Is your netflow configured properly to capture alle the 1.2Gpbs traffic?
It should work ... we already have nfsen working properly here.
- Is your nprobe and ntopng configuration ok? Feel free to share it here
Configuration was taken from quick start section at doc pag, here are both
files content:
[root@netflowB ~]# grep "^[^#;]" /etc/ntopng/ntopng.conf
-i=tcp://127.0.0.1:5556
-G=/var/run/ntopng.pid
[root@netflowB ~]# grep "^[^#;]" /etc/nprobe/nprobe.conf
-i=none
--collector-port=6363
--zmq=tcp://*:5556
-n=none
-T=@NTOPNG@
-G=/var/run/nprobe.pid
- Actually, your exporting router should point to nprobe
Exporting router is pointing to server ip on port 6363 , (collector and web
interface are on same machine).
Last:
How do you take 95th percentile.
Is it based on selected time slot ?
Is it calculated only on biggest value ? / Does it take multiple sorted
samples and drops its biggest 5% percent to take next (propper way) ?
Please explain.
Regards,
Leandro.
<
https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Libre
de virus. www.avast.com
<
https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
El mar., 22 oct. 2019 a las 4:32, Simone Mainardi (<mainardi@ntop.org>)
escribió:
> Leandro,
>
> On 21 Oct 2019, at 21:20, Leandro Roggerone <leandro@tecnetmza.com.ar>
> wrote:
>
> Hi guys, im testing ntopng + nprobe (30 days licence created).
> I config exporting router to point to ntopng server.
> I can see top talkers on dashboard screen but:
>
> Traffic graph shown at interface->traffic is not ok.
> I can see 620Mbps max when real traffic is 1.2gbps.
> Is there something I need to tweak ?
>
>
> Check the following:
> - Look at the interface page, do you see any collection or drops?
> - Is your netflow configured properly to capture alle the 1.2Gpbs traffic?
> - Is your nprobe and ntopng configuration ok? Feel free to share it here
> - Actually, your exporting router should point to nprobe
>
>
> Other:
> After going to hosts->networks , i got:
> "no results found"
>
> What is this section for ?
>
>
> Configure your local networks and they will show up here.
>
> Can I create a subnet filter ? / Do I neet to bui pro version for this ?
>
>
> You can create host pools, up to 8 in the community edition, up to 128 in
> the enterprise.
>
> Simone
>
>
> Regards,
> Leandro.
>
>
> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Libre
> de virus. www.avast.com
> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
>
>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop