Ntopng



  • i have a few questions regarding this package.

    1- i checked the option for  "historical data storage" but i don't know how much storage is being used, where can i check that?
    2- is there a way to delete historical data?
    3- is it possible to get historical reports? for example, i want to see which host on my network used the most bandwidth in a month or between a specific set of dates.

    that is all i can think of, right now.  there were a few more questions i wanted to ask, i will add them if they come back to me.

    edit- the counters for hosts/connections seem to reset after a certain amount of time.  personally, i am not a fan of this.  i wouldn't mind the current setup (of resetting the counter) if i was able to pull a report.  this goes back to number 3, it would be helpful to see which host is using the most data.  also, a list of sites accessed by host would be nice.

    for the record, i realize this is a free tool and that i should look into other options if it doesn't work for me, i have no problem with that and i am happy with what i am seeing.  i just want to make sure there isn't something that i am missing, that's all.

    thanks.


  • Banned

    1/ To check ntopng disk usage, run

    du -sh /var/db/ntopng
    

    The thing accumulated 20GiB worth of data in 10 days. Crazy.  ::)

    2/ After your HDD got full after a month or so and you want to clean up the mess

    • While ntopng is running (!!!) do:
    # /usr/pbi/ntopng-*/local/bin/redis-cli
    127.0.0.1:6379> FLUSHALL
    OK
    127.0.0.1:6379> FLUSHDB
    OK
    127.0.0.1:6379> exit
    
    
    • Stop ntopng service from the GUI.

      • Run
      # rm -rf /var/db/ntopng/
      
      • Go to Diagnostics - ntopng Settings, untick Historical Data Storage (!!!), click Change.

      3/ No, not in a usable way ATM. Noone wants to wait days for the historical data to load.