Specify the maximum number of active hosts that ntopng will handle. If more flows are detected they will be discarded. Specify the maximum number of active flows that ntopng will handle. The available modes are:ġ – Enable aggregations but do not dump on disk their activity timelineĢ – Enable aggregations and timeline dump on disk. For pcap/PF_RING interfaces the filter has to be specified in BPF format (Berkeley Packet Filter).Įnable timeline dump on disk (default: disabled).Įnable data aggregations (e.g. Specifies the packet filter for the specified interface. Run ntopng with the specified system user instead of 'nobody'. For more information about redis, please refer to. Specifies the redis database host and port. This is useful for debug purposes or if you want to let everyone access the web gui. As example see ĭisable web interface logout for inactivity.ĭisable user login. The format is :,:, where is a port number and is a name of a protocol supported by nDPI protocol, or where string is part of an host name. This parameter is used to specify a nDPI protocol file. If not specified the default is set to 192.168.1.0/24.Ĭommas separate multiple network values. This parameter allows the user to define additional networks and subnetworks whose traffic is also considered local in ntopng reports. Any traffic on those networks is considered local. Ntopng determines the ip addresses and netmasks for each active interface. #NTOPNG FOR WINDOWS PLUS#If not set, it will be set to the value of -w plus one. Sets the HTTPS port of the embedded web server. If set to 0, the http server will be disable. Sets the HTTP port of the embedded web server. To use ntop other than as a casual monitoring tool, you probably will want to use this option. a task which runs in the background without connection to a specific terminal. This parameter causes ntop to become a daemon, i.e. For test driving the service please use as key 9hoAtewwpC2tXRMJBfifrY24B (example ntopng -c 9hoAtewwpC2tXRMJBfifrY24B. ntopng categorizes hosts using services provided by In order to use these categorization services you need to mail and ask for a test key to be used in ntopng. Sets the key used to access host categorization services. Set the key used to access httpbl services (default: disabled). Specifies the path where the PID (process ID) is saved. Specifies the data directory (it must be writable). NProbe can be instructed to act as a publisher delivering flows to a ZeroMQ endpoint using the -ZMQ parameter. i pcap.list) and ntopng will read packets from the specified pcap file/s. i dummy.pcap) or a path of a list file contains a path of a pcap file for each line (e.g. If you want you can pass a path of a pcap file (e.g. Example of valid collector endpoints are "tcp://127.0.0.1:5556" or ipc://flows.ipc Note that you can specify multiple endpoint, commas separated list, in order to instruct ntopng to aggregate it in a single interface. If a collector endpoint is specified, ntopng open a ZeroMQ connection to the specified endpoint as a subscriber whose format is. Note that you can specify -i multiple times in order to instruct ntopng to create multiple interfaces. #NTOPNG FOR WINDOWS WINDOWS#On Windows you must use the interface number instead. lo) or the numeric interface id as shown by ntopng -h. On Unix you can specify both the interface name (e.g. Specifies the network interface or collector endpoint to be used by ntopng for network monitoring. However, options that set a value, such as -trace-level, will use the LAST value given: -w 8000 -w 8080 will run as -w 8080.Ġ – Decode DNS responses and resolve only local (-m) numeric IPsġ – Decode DNS responses and resolve all numeric IPsĢ – Decode DNS responses and don't resolve numeric IPsģ – Don't decode DNS responses and don't resolve numeric IPs Invoking them multiple times doesn't change the ntopng's behavior. Remember, most ntopng options are "sticky", that is they just set an internal flag. Example: -i=p1p2 or -interface=p1p2 For options with no value (e.g. The configuration file is similar to the command line, with the exception that an equal sign '=' must be used between key and value. Example "ntopng /etc/ntopng/nf -v" the -v option is ignored. In case you use a configuration file, the following options on the command line will be ignored. For example, if the command line is "ntopng s.conf" and file s.conf contains just the line '-s', then the effective command line is "ntopng -s". ntopng behaves as if all of the text had simply been typed directly on the command line. The text of filename is copied – ignoring line breaks and comment lines (anything following a #) – into the command line.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |