Back to Blog
Ntopng dump location windows6/30/2023 I let the first 6 items (interval to delay) unchanged. Then click on "rrdPlugin" in the Configure column to show the RRD Preferences. In the Active column click on "NO" next to rrdPlugin to enable the plugin. You have to configure what data with what detail must be archived and with what retention time. RRD uses a round robin database which stores time-series data in a very compact way so that it will not expand over time. Ntop is using rrd to prevent that your disk fills up. Archiving of this data to disk must be configured. Ntop stores all of its active data in RAM, so if the system is reset, you lose all your data. You can take a first view of the web pages of ntop. The default credentials for the XTRA package is user = admin, password = admin. You will notice that some menu entries have a small padlock icon in them these are the Web pages that require a password to access. Under Available Network Interface select the NetFlow Device name you entered earlier (DD-WRT in my case). In the menu at the top select Admin | Switch NIC. We now can switch which interface we wish to monitor. Now we have two interfaces ntop can monitor, the NIC of the local computer and the Netflow interface. Ntop uses this address to recognize the local hosts from the remote hosts. Virtual Netflow Interface Network Address: Your LAN network address and its netmask. Local UDP Collector Port: Use the same port as configured in the router (I used 9996). NetFlow Device Name: Any name you like, I choose DD-WRT. In the Active column click on "NO" next to NetFlow to enable the plugin.Ĭlick on "NetFlow" in the Configure column. You have to create a virtual rflow interface.ĭo this by selecting Plugins | All in the menu listing at the top of the webpage. Optional you can configure the service to restart automatic after a failure. In the Windows Control panel | Administrative Tools | Services you can check if the ntop service is running. Once it is started, click the Launch action for the NTop plug-in, which will open your browser ( If all is well, you will already be collecting some impressive data. If the NTop Service plug-in is not started, click Start in the Action column to start it. Double-click this icon to open the OPENXTRA Commander. To run ntop for win32 I use an old Windows XP laptop (320MB RAM) as terminal-, web-, file-, print- and scanner server in my network and this laptop proofs to have enough resources to do this additional job.Īfter the installation is finished, you should have a new icon in the system tray called OPENXTRA Commander. You can find the easy to install OPENXTRA version on several places on the Internet like here I use the free unlimited version ntop for win32 v3.2 from OPENXTRA. This limitation does not exist in the Linux versions and the paid Windows version. The free binary version for Windows is limited to capturing only the first 2000 packets. The ntop Web site offers multiple versions (sources and binaries) of the package for download. In my first setup I used port 2055 but because this port was used by other applications I had to change to 9996 to make my installation stable. Port: The UDP port that will be used to send the netflow information.Ĭommon default ports for Netflow are 20. ![]() This computer must have a static IP address, or using a DHCP static lease. Server IP: The IP address of your computer that wil run ntop. Log into your router through your browser, than go to the Services | Services where you will find the RFlow / MACupd section. Rflow can monitor the available interfaces of the router, in my case these are br0 (Lan & Wlan), vlan0, eth1, Wlan0 and WAN. My router is running the DD-WRT v24-sp2 firmware (you need a version with rflow support). The web interface for monitoring, configuration and administration make ntop easy to use and suitable for monitoring various kind of networks. Ntop is an open source network traffic monitoring tool that shows the network usage via a web browser. The netflow data is sent to a port of a computer (management server) on your LAN running a Netflow collector, in this case this is ntop. DD-WRT include the capability of running rflow, a Cisco Netflow data exporter implementation.
0 Comments
Read More
Leave a Reply. |