nProbe
nProbe copied to clipboard
ntop
Open source components and extensions for nProbe
I get this error when collecting IPFIX data from Mikrotik router: [collect.c:3150] WARNING: Unrecognized version [0D][0A] Does anyone know what that means? ---- nprobe -n none -i none --collector-port 2055...
Hello, BPF filtering as configured like below is not working in Cento version listed in subject line, I am still seeing traffic for all IPs and port listed in the...
I exported the stream remotely to another server following the parameters in the documentation above,But it never works, sometimes he says my tcp connection is not open, other times it...
I'm having a hard time reconciling the documentation and the observed behavior of nProbe. https://www.ntop.org/guides/nprobe/flow_information_elements.html has the following details. ``` [277][Len 2] %OBSERVATION_POINT_TYPE Observation point type [300][Len 2] %OBSERVATION_POINT_ID Observation...
Hi guys, i am trying to monitor IoT devices, especially communicating via MQTT. I came across some extensions on Google, e.g., to include layer 7 data like MQTT topics (see...
Hello Team, I have configured nprobe to collect exported sflow as below. --zmq="tcp://127.0.0.1:5556" #--collector-port=2055 --collector-port=6343 -n=none -i=none I have Configured ntopng to read the flow and visualize in ntopng web...
Hello, We're running nProbe to dump flow files like this: `/usr/bin/nprobe -i fbcard:0:a06 --verbose 1 --max-log-lines 100000 --dump-path /u01/flow/raw/fbcard-0-a06/ --collector none --dump-format t --dont-nest-dump-dirs --dont-drop-privileges --smart-udp-frags --hash-size 524288 --max-num-flows 1073741823...
nProbe only exports a subset of flows and without all IEs to ntopng. Example: ``` ./nprobe -i ../nDPI/tests/pcap/tls_certificate_too_long.pcap --zmq tcp://127.0.0.1:1234 -T "@NTOPNG@ %TLS_CIPHER %TLS_VERSION %SRC_TO_DST_MAX_THROUGHPUT %JA3C_HASH %JA3S_HASH" --zmq-format j --json-labels...
I've noticed since the 9/4/21 update on rpi 4b the nprobe service is consistently using one core around 100% about 100% of the time. Is there something that has changed?...
Hello, We've upgraded recently nprobe in a server, moving from v.8.7.181005 (r6312) to v.9.5.210716 (r7377) (and later to v9.7.210803 (r7412)). With this change, we've detected the information in the fields...
