![]() Ntop other than as a casual monitoring tool, you probably will want to In the background without connection to a specific terminal. This parameter causes ntop to become a daemon, i.e. 'active' for some considerable time after it is truly idle. Thus it is possible on aīusy system for an idle host to remain in the ntop tables and appear The idle purge is a statistical one - a random selection of the eligi-īle hosts will be purged during each cycle. Pression to limit the hosts which are stored if you use -sticky. It is strongly recommended that you use a filtering ex. Network, this will consume a significant - and always growing - amount P2P users, port scans, popular web servers and other activity willĬause ntop to record data about a large number of hosts. If you use this option, all hosts - active and idle - are retained in PARM_HOST_PURGE_MINIMUM_IDLE in globals-defines.h. Itored for the period of time defined by the value of Host is identified when no packets from or to that host have been mon. Use this parameter to prevent idle hosts from being purged from mem-īy default idle hosts are periodically purged from memory. Handling some protocols that occur on your network.Įven if decoding is disabled, ftp-data traffic is still decoded to Propriate to use this parameter if you believe that ntop has problems To disable protocol decoding via this parameter. Host is underpowered or monitoring a very busy network, you may wish Protocol specified by the -p | -protocols parameter, below.ĭecoding protocols is a significant consumer of resources. This support is specifically coded for each protocol and is differentįrom the capability to count raw information (packets and bytes) by (layer 3) protocols, such as DNS, http and ftp. Protocol decoders examine and collect information about layer 2 proto-Ĭols such as NetBIOS or Netware SAP, as well as about specific tcp/ip This parameter disables protocol decoders. Releases it was erroneously called -access-log-path. This parameter is the complete file name of the access log. The only difference betweenĪpache and ntop logs is that an additional column has been added which The location of the file where these HTTP requests are logged.Įach log entry is in Apache-like style. Use this parameter to request logging and to specify These changes take effect on the next run ofĪnd on each subsequent run until changed.īy default ntop does not maintain a log of HTTP requests to the inter. Use the LAST value given: -trace-level 2 -trace-level 3 will run asīeginning with 3.1, many command-line options may also be set via the However, options that set a value, such as -trace-level, will Invoking them multiple times doesn't change ntop's behav. Remember, most ntop options are "sticky", that is they just set an in. Line.ğor example, if the command line is "-tē -u ntop" and fileĭ contains just the line '-d', then the effective command line is -t 3 ntop behavesĪs if all of the text had simply been typed directly on the command Lines (anything following a #) - into the command line. arp, rarp) are combined for a complete pictureĬOMMAND-LINE OPTIONS text of filename is copied - ignoring line breaks and comment ntop is capable of associating the two, so that ipĪnd non-ip traffic (e.g. It uses the layer 2 Media Access Control (MAC) addresses AND the layerģ tcp/ip addresses. Ntop is a hybrid layer 2 / layerē network monitor, that is by default Stand-alone collector/display program.Ě web browser is needed to ac-Ĭess the information captured by the ntop program. Operate as a front-end collector (sFlow and/or netFlow plugins) or as a (IP and non-IP) traffic generated and received by each host. It displays a list of hosts thatĪre currently using the network and reports information concerning the ĭESCRIPTION ntop shows the current network usage. _ max_ num_ hash_ entries_] [ -F| -flow-spec FreeBSD Manual Pages man apropos home | help
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |