In essence we see hosts, ports, protocols and flows, but we lack visibility on the process that did all that. With flow-based paradigm what we see is depicted below. The idea is very simple: we want to associate a process name with every network activity, and monitor the process resources (CPU, memory and I/O) used to carry on such activity. Our Vision: Combine System with Network Information We have therefore put our experimental code in the trash and started hacking on top of sysdig. We have lived once more the early ntop days when last May our friends at Draios have introduced sysdig and made all this mess below history. Early this year we have started the development of some experimental PF_RING kernel module extensions able to give ntop applications visibility of process activities, this in order to bind network traffic with a process name. Nevertheless we have decided to develop ntop, because there was no tool able to show on a simple way what was happening on our network. I see it has> an "rflow" option.When in 1998 we have started the development of the original ntop, there were many Unix tools for monitoring network traffic: ping, tcpdump, netstat, and many others. Wrote:> I would like to get an IP breakdown on my \ĭdwrt router. NProbe as a> collector for rflow data and 2) send data to ntopng via \ > if rflow is interoperable with netflow, then you can 1) use \ Simone Mainardi wrote on 10:53 AM:> Hi,> \ The new one we have decided to avoid polluting> ntopng code with \ > Does anyone know more about this?> yes the old ntop. From the age, I \Įxpect they> were referring to the old ntop, not ntopng.> \ That with dd-wrt> you could either run ntop externally with rflow, or run \Ī version of> ntop directly within the dd-wrt router. Mandelberg wrote:> Before I asked, I noticed older postings suggesting \ 0200> Subject: Re: Ntopng and ddwrt> On 05:02 PM, Ken \ Software for my own intellectual interest. Starting nprobe
0 Comments
Leave a Reply. |