All charts, graphs, counters report the current value without delays. 9ġ0 Everything is in Realtime In ntopng all counters can be polled by the browser (or any other application via HTTP) while they are updated. Currently we support Apache Kafka (distributed messaging), but we are planning to add native support for Flume in the foreseeable future. nprobe (soon ntopng too) allow to do live JSON streaming to such apps as follows: -tcp : For those brave enough to move to the next level we are working at a direct ntop -> Hadoop Distributed File System (HDFS) integration so that you can store all events and flows onto a big data system. As ntopng natively speak JSON, it can be export monitoring data towards applications such as: Splunk Kibana/ElasticSearch 7ĩ Integrating Live ntop Apps with LogStash/ElasticSearch/Kibana 3/NetEye Similar to Splunk, it is possible to export live traffic reports to LogStash/ElasticSearch/Kibana/NetEye. Collected flows (NetFlow/sFlow sent by nprobe). Data sources include: Captured packets (native in ntopng). 6ħ Using ntopng as Live Data Source In essence ntopng is your source of traffic monitoring information. PS: Lua is a simple to use, fast, crash-free scripting language that is used to script many popular applications ranging from Wireshark to networkbased games. Lua methods invoke the ntopng C++ API in order to interact with the monitoring engine. All data export from the engine happens via Lua. This means that ntopng can (also) be used (via HTTP) to feed data onto third party apps such as Nagios or OpenNMS. 5Ħ Lua-based ntopng Scriptability A design principle of ntopng has been the clean separation of the GUI from engine (in ntop it was all mixed). This means that through HTTP and JavaScript you can create dynamic web pages for realtime monitoring as every activity in ntopng is asynchronous. In ntopng every object is serialisable in JSON (JavaScript Object Notation) that is the native format that modern web browsers can handle. Scriptability enable the creation of dynamic HTML 5 pages without having to understand/modify the inner ntopng engine or low-level monitoring concepts. Use the port 3000, -w=3000.įinally, create another configuration file named ntopng.start and set your local network IP and the interface we previously used.5 Welcome to ntopng The C++ monitoring engine is designed to be fast (10 Gbit line rate), resource savvy, and be accessible via Lua scripts. You can also add its name instead of the number.Īlso, set the web server port in which the ntopng will open the web-based interface.
![ntopng free ntopng free](https://i1.wp.com/www.ntop.org/wp-content/uploads/2015/05/landscape1.png)
In this case, we are choosing to monitor the interface number 2. To set the interface to use, add the -i=2. Now that you know which interfaces you have, we need to define which interface you want to monitor. It displays the available network interfaces at the bottom of the file. The next method is using the ntopng -h command. Yours may be different, so make sure to change it appropriately. Type the command on your terminal, and it will display which interface your network is using: The first configuration involves determining which network interface you are using.