« Previous 1 2 3 4 5
Monitoring network traffic with ntopng
Eyes on the Network
Alerts
As mentioned earlier, ntopng can generate alerts for certain events and for cases when thresholds are exceeded or not reached. Although supported events (e.g., adding a new device or contacting a malware host) are hard-coded in the program, you can set threshold alerts individually.
All alerts are displayed on the Alerts dashboard (Figure 5), where they can be filtered by time period and whether local or remote for a better overview. A click on the respective host IP address takes you to detailed information on the respective alert. Ntopng can also display all alerts in tabular form with Detected Alerts .
Furthermore, ntopng can both display the alarms in the web interface and forward them to third-party applications. The currently supported crop of applications is email, Slack, Syslog, Nagios, and web hooks. The web hook option provides a universal HTTP interface for encoding alerts as JSON messages and passing them to an HTTP endpoint. Depending on certain alerts, the web hook can be used to control systems with a RESTful API (e.g., firewall or network management systems) and trigger certain responses.
Conclusions
Ntopng helps administrators monitor their networks and provides detailed information on bandwidth usage and the protocols and applications used, as well as deep insights into network traffic. The tool is indispensable for troubleshooting network problems.
The cost of Professional and Enterprise versions are very manageable, and both offer considerable advantages over the free Community edition. Unfortunately, the Windows version contains significantly fewer features than the Linux version.
Infos
- ntop: https://www.ntop.org
- ntopng Edge (nEdge): https://www.ntop.org/products/traffic-analysis/ntopng-edge/
- ntop for universities, nonprofit organizations, and research institutions: https://www.ntop.org/support/faq/do-you-charge-universities-no-profit-and-research/
- ntopng versions: https://www.ntop.org/products/traffic-analysis/ntop/
- Licenses for Professional and Enterprise editions: https://shop.ntop.org
- Download: https://packages.ntop.org
- Instructions for Let's Encrypt: https://www.ntop.org/ntopng/securing-ntopng-with-ssl-and-lets-encrypt/
« Previous 1 2 3 4 5
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.