Mailing List Archive

Hi Christina,

Sure. We can guide you to achieve this and then, if you want, you can also send us a pull request for the inclusion of the change in the mail dev branch.

Basically, you should work on MySQLDB.cpp file. Specifically:
- Extend MySQLDB::createDBSchema and add an ALERT TABLE statement which modifies the current db structure and adds client and server mac addresses. I would pay attention to the type for efficiency. Probably, the best type to use is a VARBINARY(6) for mac addresses
- Edit macro MYSQL_INSERT_FIELDS in ntop_defines.h and add the newly added columns
- Edit MySQLDB::flow2InsertValues, in the snprintf, to actually print also flow mac addresses in the INSERT INTO query.

Regards,
Simone

> On 4 Nov 2019, at 16:39, Christina Phillips <cphillips@inei.com <mailto:cphillips@inei.com>> wrote:
>
> I am aware that MAC addresses are not exported and that this was discussed back in 2016. Can this be added independently when ntopng is compiled? I am asking because I am trying to design a single board discovery system that would use MySQLto capture discovered devices in a new client’s network.
>
> We are designing the unit to have significant disk space (500GB)
>
> CHRISTINA PHILLIPS / Director, IT Security Practice
> INDEPENDENT NETWORK CONSULTANTS
> e: cphillips@inei.com <mailto:cphillips@inei.com> m: 703.626.0385
> http://incsecurity.wordpress.com <http://incsecurity.wordpress.com/>
> Twitter: https://twitter.com/ITSecurityNinja <https://twitter.com/ITSecurityNinja>
> LinkedIn: www.linkedin.com/in/ChristinaPMBA <http://www.linkedin.com/in/ChristinaPMBA>
>
>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it <mailto:Ntop@listgateway.unipi.it>
> http://listgateway.unipi.it/mailman/listinfo/ntop <http://listgateway.unipi.it/mailman/listinfo/ntop>

Hi Christina,

Sure. We can guide you to achieve this and then, if you want, you can also send us a pull request for the inclusion of the change in the mail dev branch.

Basically, you should work on MySQLDB.cpp file. Specifically:
- Extend MySQLDB::createDBSchema and add an ALERT TABLE statement which modifies the current db structure and adds client and server mac addresses. I would pay attention to the type for efficiency. Probably, the best type to use is a VARBINARY(6) for mac addresses
- Edit macro MYSQL_INSERT_FIELDS in ntop_defines.h and add the newly added columns
- Edit MySQLDB::flow2InsertValues, in the snprintf, to actually print also flow mac addresses in the INSERT INTO query.

Regards,
Simone

> On 4 Nov 2019, at 16:39, Christina Phillips <cphillips@inei.com <mailto:cphillips@inei.com>> wrote:
>
> I am aware that MAC addresses are not exported and that this was discussed back in 2016. Can this be added independently when ntopng is compiled? I am asking because I am trying to design a single board discovery system that would use MySQLto capture discovered devices in a new client’s network.
>
> We are designing the unit to have significant disk space (500GB)
>
> CHRISTINA PHILLIPS / Director, IT Security Practice
> INDEPENDENT NETWORK CONSULTANTS
> e: cphillips@inei.com <mailto:cphillips@inei.com> m: 703.626.0385
> http://incsecurity.wordpress.com <http://incsecurity.wordpress.com/>
> Twitter: https://twitter.com/ITSecurityNinja <https://twitter.com/ITSecurityNinja>
> LinkedIn: www.linkedin.com/in/ChristinaPMBA <http://www.linkedin.com/in/ChristinaPMBA>
>
>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it <mailto:Ntop@listgateway.unipi.it>
> http://listgateway.unipi.it/mailman/listinfo/ntop <http://listgateway.unipi.it/mailman/listinfo/ntop>