Every information is clickable to allow the user to drill down and find insights.Īnd in the Protocols page you can see a pie chart and tabular format of the amount of traffic divided by application. Also, you can see a table with top application per peer below the graphical overview. The Peers page shows the top contacted peers and top protocols used. Who is this host talking to and which protocols are used By default, Activity Map shows the last six hours, but it is possible to set a different timeframe using the controls.Īlso, you can monitor the traffic through a pie chart showing L-4 protocol breakdown that is show at the top of page and a table with detailed statistics shown below the chart.ĥ . Each box represents one minute of traffic. The heat map provides the Activity Map for each host. You can find detailed information about any monitored host here, including host MAC Address (or the last router MAC address if the host is remote), IP Address (with network mask if detected), a toggle to activate/deactivate alerts for the host, a checkbox to enable packet dump for the specific host, symbolic hostname (or IP address), location (local or remote), date and time of first and last packet seen for the host, traffic breakdown, amount of traffic packets received/sent, number of flows as client/server host. If you choose the Geo Map page form The Hosts tab, you can see a world map with the host arranged based on their geographical position. All hosts, can be sorted per total bytes or throughputĪll hosts in the monitoring network, that have been seen by the monitoring interfaces are shown here and can be sorted descending (ascending) based on the criteria we need, can be based on throughput, traffic, activity… It’s a Sankey diagram that represents the client hosts on the left and the servers on the right connected with a bar proportional to the amount of traffic exchanged.Ģ. You can monitor the top flows in real-time in the network with the help of a very clear visualization like on the image below. ![]() You can then access the web interface on: What can you monitor with Ntopng? 1. When starting ntopng, we should configure the local-network, in order for ntopng to distinguish local and remote hosts/traffic. Running Nprobe to collect the netflow traffic, on port 7002: nprobe -zmq "tcp://127.0.0.1:5556" -i none -n none -collector-port 7002
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |