New Package: ntopng
-
I uninstalled it to see if this package perhaps made my box crash. After that, my log is flooded with this:
ntopng: [PeriodicActivities.cpp:83] ERROR: Missing script /usr/local/share/ntopng/scripts/callbacks/second.lua
Literally thousands of these lines, 1 per second it seems.
But it isn't installed anymore ;D
How might I perhaps fix this?
Thank you :)
-
The process must not have stopped. Try
killall -9 ntopng
-
Worked marvelously, Jim: thank you ;D
-
Errors from system log
This below occurred after I installed and then deinstalled ntopng…
Jan 14 20:33:32 ntopng: [PeriodicActivities.cpp:83] ERROR: Missing script /usr/local/share/ntopng/scripts/callbacks/second.lua
Jan 14 20:33:31 ntopng: [PeriodicActivities.cpp:83] ERROR: Missing script /usr/local/share/ntopng/scripts/callbacks/second.luaAFTER I installed/deinstalled/installed ntopng, I then go the below in the system log.
Jan 14 20:34:26 ntopng: [Prefs.cpp:408] ERROR: Unable to create log C:\Windows\Temp/ntopng.log
Jan 14 20:34:02 ntopng: [HTTPserver.cpp:332] ERROR: Unable to start HTTP server (IPv4) on port 3000
Jan 14 20:34:01 ntopng: [NetworkInterface.cpp:75] WARNING: No capture interface specified
Jan 14 20:34:01 ntopng: [Prefs.cpp:408] ERROR: Unable to create log C:\Windows\Temp/ntopng.log
Jan 14 20:33:33 ntopng: [Lua.cpp:1461] WARNING: Script failure [/usr/local/share/ntopng/scripts/callbacks/second.lua][/usr/local/share/ntopng/scripts/callbacks/second.lua:8: module 'lua_utils' not found: no field package.preload['lua_utils'] no file '/usr/local/share/ntopng/scripts/lua/modules/lua_utils.lua' no file './lua_utils.lua' no file '/usr/pbi/ntopng-i386/share/luajit-2.0.2/lua_utils.lua' no file '/usr/local/share/lua/5.1/lua_utils.lua' no file '/usr/local/share/lua/5.1/lua_utils/init.lua' no file '/usr/pbi/ntopng-i386/share/lua/5.1/lua_utils.lua' no file '/usr/pbi/ntopng-i386/share/lua/5.1/lua_utils/init.lua' no file './lua_utils.so' no file '/usr/local/lib/lua/5.1/lua_utils.so' no file '/usr/pbi/ntopng-i386/lib/lua/5.1/lua_utils.so' no file '/usr/local/lib/lua/5.1/loadall.so'] -
Hello,
i can't use the historical feature. when i try to load historical data after setting interface and time interval i see this error message on the logntopng: [Lua.cpp:72] ERROR: ntop_find_interface : expected string, got number
i'm using 2.2-RC x64 release with Intel interfaces.
Has anyone tried this feature? -
What interface is it best to listen on, just LAN interfaces or LAN + WAN?
-
What interface is it best to listen on, just LAN interfaces or LAN + WAN?
LAN should be good. Or you can select both
-
If you are interested in identifying which local user is sending out specific traffic, then listening on LAN is best. LAN+WAN may catch some additional traffic that originates to/from the firewall that doesn't hit LAN.
If you are routing traffic (no NAT) then WAN alone works, too.
-
Wondering if anyone is experiencing readability issue for ntop? I am running it on pfsense 2.2 and seeing garbled texts on the RRD graphs.
-
@packeteer I haven't… Maybe stop it and wipe the DB? /var/db/ntopng and start fresh?
I have to say going from 2.1.5 to 2.2, what a difference with ntopng... I thought sqlite wasn't compile in 2.1.5 because I didn't see any historical data. With 2.2, everything is there. And I can rename interfaces and such
I've been messing with other options and thinking about adding the following options if there is a need:
--enable-aggregations (only works using -A, core dump if I use --enable-aggregations) --dump-timeline --dump-hosts --dump-aggregations
https://svn.ntop.org/svn/ntop/trunk/ntopng/doc/UserGuide.pdf
Has anyone renamed an interface or stop a flow alert then stop/start ntopng or rebooted and noticed all customize you did is gone? I'll have to research but I'm wondering if it has somthing to do with redis-server
-
I installed ntopng in new install pfsense 2.2 with LAN,WAN (inactive),OPT1 (active), other packages: darkstat, squid3, squidguardian, sarg.
DHCP (31 static leases), DNS resolver (registering DHCP leases).
ntopng settings: capturing LAN, Decode DNS responses and resolve local numeric IPs only (default),
Turn historical data storages on tickedto solve locating scripts problem:
ln -s /usr/pbi/ntopng-amd64/local/share/ntopng /usr/local/share/ntopng
To solve GeoIP problem: [Geolocation.cpp:59] WARNING: Unable to read GeoIP database /usr/local/share/ntopng/httpdocs/geoip/GeoLiteCityv6.dat
Downloaded geoIP in /usr/pbi/ntopng-amd64/local/share/GeoIP
cd /usr/pbi/ntopng-amd64/local/share/ntopng/httpdocs/
ln -s /usr/pbi/ntopng-amd64/local/share/GeoIP geoipNow, my problem:
notpng show LAN hostnames based on network traffic such LAN hostnames, example:- ntopng db cleared
- ntopng displays the LAN hostnames correctly
- As for traffic, the LAN hostnames changed :
192.168.20.1 (LAN gateway, ntopng capture) hostname: zpf22.domain.local, ntopng show www.google.es, then clients1.google.com, then vl.ff.avast.com, etc.
You could avoid change LAN hostnames based in traffic?
Thanks in advanced, this amazing product!!
-
I split several unrelated issues off into separate threads, and I'm locking this one. Please start a new thread for each new issue rather than using a single thread.
Thanks!