ntopng
ntopng copied to clipboard
ntop
pcap download not working
Environment: ntopng Enterprise XL v.6.1.240410 (Ubuntu 22.04.3 LTS) |
What happened:
Hello ntop Team!
I have configured ntap_collector and use n2disk on the ntap interface.
Now when I want to download the pcap from a flow I get empty .pcap files.
How did you reproduce it?
Debug Information:
@martinscheu could you check the recording Window reported in the Continuous Recording Stats page under Interface details?
I have 13/03/2024 01:40:49 - 11/04/2024 14:52:59
so above example might be out of the window. (didnt it give a error message in such case?)
I tried with last week period, e.g. 4.4 and same result, empty pcap
It should not show the action to download a pcap if out of window, we need to check this.
@martinscheu it seems latest update fixes this, could you check it and let us know?
thanks ntop team, download pcap works from normal storage! as I have smart storage activated, it takes pcap from smart storage when it is outside of the dump window of the normal storage. Is per se good, but I got empty pcaps. Which is correct, when there is no risk associated with the flow, the flow is not transferred to the smart storage. Could you check that? If the user is trying to download a pcap out of the smart storage, but the flow has no associated risk, handle it same as the flow is outside the dump window. Thank you.
@martinscheu yes that is expected, only packets for flows with some detected issue/risk are moved to the smart storage. Are you saying a check is missing to disable the download action from the flows table when the flow has no risks?
@cardigliano yes, when the flow is not in the normal storage, it accesses the smart storage and downloads a empty pcap.
