nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Network Traffic Collection

From: "Mukom Akong T." <mukom.tamon () gmail com>
Date: Sat, 3 Mar 2012 11:44:38 +0400
Hi Ali


On Sat, Feb 25, 2012 at 6:14 PM, Maverick <myeaddress () gmail com> wrote:

Thanks Mukom for the wonderful guide, this is really helpful. I have
few questions about ntop though.

How can I get access to the log files generated by ntop and do my own
parsing rather than looking for webbased results that are generated.


It's been a while i looked under the hood of ntop. Remember that ntop
itself usually needs to be 'fed' traffic to analyse. I have never done
it myself but if I needed the raw data, I'd mirror a port and capture
it with tcpdump into a pcap file (watch disk space!!) the use whatever
analysis tool suits my needs to look at it.


Are there any programs available that do parsing of ntops log files.
When I run ntop on pcap I don't get the throughput graphs as rrd
doesn't work on pcap is there any work around for that.


Not to my knowledge no. I think there's a switch (-f) for reading data
from a pcap file as opposed to a live feed. I have never played with
that as well.

There are other (possible more feature laden) commercial flow
collectors and analysers out there). I also started following trisul
earlier on in the project, you might want to check it out.





Thanks,
Ali

On Sat, Feb 25, 2012 at 2:27 AM, Mukom Akong T. <mukom.tamon () gmail com> wrote:

On Fri, Feb 24, 2012 at 12:20 AM, Matlock, Kenneth L
<MatlockK () exempla org> wrote:

Netflow + netflow collector.


+1 This guide should give you a good start.

http://techowto.files.wordpress.com/2008/09/ntop-guide.pdf

Regards

--
Mukom Akong Tamon
______________

"If we can't BREATH, we'll die. Yet, we don't LIVE in order to breath.
Ditto we SHOULDN'T WORK just to MAKE MONEY. Doing so puts us on a one
way street to IRRELEVANCE."


[In Search of Excellence & Perfection] - http://perfexcellence.org
[Moments of TechXcellence] - http://techexcellence.net
[ICT Business Integration] - http://ibiztech.wordpress.com
[About Me] - http://about.me/perfexcellence




-- 
Mukom Akong [Tamon]
______________

“We don't LIVE in order to BREATH. Similarly WORKING in order to make
MONEY puts us on a one way street to irrelevance.“


[In Search of Excellence & Perfection] - http://perfexcellence.org
[Moments of TechXcellence] - http://techexcellence.net
[ICT Business Integration] - http://ibiztech.wordpress.com
[About Me] - http://about.me/perfexcellence
Previous By Date Next
Previous By Thread Next

Current thread: