nhoeller at sinet
Nov 18, 2009, 7:04 AM
Post #1 of 1
(355 views)
Permalink
|
|
Re: Ntop Digest, Vol 66, Issue 9
|
|
Gary, my comment was based on differences between the hostname displayed
by ntop and what a reverse lookup generated. I found a post by Burton
Strauss (http://lists.ntop.org/pipermail/ntop/2004-March/007684.html) that
matches what you describe (about a third of the way down).
> What is "ntop host name"? Ntop "sniffs" name res requests, but I don't
think it looks in http headers for url connects, does it?
I just got the rrdPlugin 'Arbitrary Graphs' working - I had originally
left the host IP address blank to generate a 'per-interface graph' but got
errors ('unknown RRD file'). The 'table' output gave me the format of the
'rrdtool fetch' command. I should be able to develop much better data
extraction code if I can figure out how to extract the IP/hostname mapping
from dnsCache.db.
> If you have the right detail enabled in the rrd plugin, there's a basic
gui graph function in ntop to get at said data.
Based on my reading of the mailing list, the SQL support is only for
Netflow records.
> Perhaps if you compile with sql it will give you more options?
Thanks for your help! The pieces are starting to fall into place.
|
