![]() deleted ntopng and nprobe program folders.removed old ntopng and nprobe services with /r switch.Maybe something to do with the zmq listener service? I can't see stuff being received into ntopng. TLDR - is there something missing from the ntopng windows binary? in the verbose mode of ntopng should there be info about whether its picking up data from zmq?.both the ntopng and nprobe service are registered to run as Local System.For ntopng process i see TCP Reconnect events on port 5556 going to high order ports like 61576. For nprobe process i see the receipt of the netflow packets, but no activity on port 5556. Waited up to 10mins between each try to see if data fetching was delayed.Nprobe /c -i none -n none -collector-port 2055 -zmq "tcp://*:5556" -debug Tried running the /c command without the second specification of nprobe in the argument:.Nprobe /c nprobe -P D:\temp\nprobe -D t -i 1 -n none -collector-port 2055 -zmq "tcp://*:5556" -debug Using "2" provides no netflow data in debug mode using "1" in debug mode provides the same data as "none" (i.e. Tried running nprobe with different interfaces in the -i switch.Tried deleting the ntopng files in c:\users\username\documents each time i restarted the ntopng service or reran it from the command line with /c. ![]() Tried running ntop in service mode while nprobe in command line mode & vice versa.Tried changing the zmq port to 5557 on both nprobe and ntopng.Tried changing around the order of starting ntopng before nprobe and vice versa.Tried running both nprobe and ntopng from the console.Tried changing the order of the -zmq switch to the start or to the end of the nprobe command.Nprobe /c nprobe -P D:\temp\nprobe -D t -i none -n none -collector-port 2055 -zmq "tcp://*:5556" -debug Although still no data appears in the web GUI This works fine, the files are populated. Tried nprobe in the mode to spit the data out to file.Nprobe /c nprobe -i none -n none -collector-port 2055 -zmq "tcp://*:5556" -debug Tried npobe in debug mode (using -debug switch) and i can see that nprobe sees the netflow data, but when i ctrl-c to end it, it tells me that although packets were collected, none were processed.Remove the ntopng/nprobe services and re-add them using the /r switch.Here is a list of the other things i have tried: On logging into the ntopng GUI i got the "no data is available" Nprobe /i nprobe -zmq "tcp://*:5556" -i none -n none -collector-port 2055
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |