search

irino / softflowd

softflowd: A flow-based network traffic analyser capable of Cisco NetFlow data export software.
https://github.com/irino/softflowd
Other
162 stars 29 forks source link

Push flows to ntopng #12

Closed deece closed 5 years ago

deece commented 5 years ago

Ntopng is a an open-source traffic analyser: https://www.ntop.org/products/traffic-analysis/ntop/

Unfortunately, it cannot ingest Netflow data directly, instead, it requires a payware component (Nprobe) to tranlate Netflow to JSON encapsulated in ZeroMQ messages.

This patch allows softflowd to generate those messages directly, allowing Ntopng to be used without the need for the payware component.

Signed-off-by: Alastair D'Silva alastair@d-silva.org

tusc commented 4 years ago

Does anyone know what version of ntop supports this? I've tried to different ones from 3.x and 4.x with no luck.

vostorga commented 4 years ago

Hi

In May I tried to push flows to ntop but the maintainer explained to me in ticket #25 that this functionality doesn't exist.

Kind regards,

On Fri, Jul 3, 2020 at 11:35 AM tusc notifications@github.com wrote:

Does anyone know what version of ntop supports this? I've tried to different ones from 3.x and 4.x with no luck.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/irino/softflowd/pull/12#issuecomment-653631961, or unsubscribe https://github.com/notifications/unsubscribe-auth/AD5RHJMR2XR3FVLAT7V2KXTRZYJGPANCNFSM4IIMPHMQ .

deece commented 4 years ago

This patch exports data to ntopng, not ntop, they are different codebase.

vostorga commented 4 years ago

Yes, I tried without success to use softflowd instead of nprobe to export/transform flows to ntopng.

Regards

On Fri, Jul 3, 2020 at 4:01 PM deece notifications@github.com wrote:

This patch exports data to ntopng, not ntop, they are different codebase.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/irino/softflowd/pull/12#issuecomment-653685491, or unsubscribe https://github.com/notifications/unsubscribe-auth/AD5RHJOQTN64VS6VST5JVZDRZZIMDANCNFSM4IIMPHMQ .

tusc commented 4 years ago

@deece , I meant to say ntopng, not ntop. Regardless it does not work with ntopng 3.x or 4.x. Is there a version it is intended to work with?

migube commented 4 years ago

hi guys does it work to ntopng?