ntopng ====== [ntopng][1] is the next generation version of the original ntop, a network traffic probe that monitors network usage. ntopng is based on libpcap and it has been written in a portable way in order to virtually run on every Unix platform, MacOSX and on Windows as well. [nProbe][2] is a software NetFlow v5/v9/IPFIX probe able to collect, analyze and export network traffic reports using the standard Cisco NetFlow v5/v9/IPFIX format. It is available for most of the OSs on the market (Windows, BSD, Linux, MacOSX). When installed on a PC, nProbe turn it into a Network-aware monitoring appliance. > :warning: [nProbe][3] is not free ## docker-compose.yml ```yaml version: '3' services: ntopng: image: vimagick/ntopng command: --community -d /var/lib/ntopng -i eth0 -r 127.0.0.1:6379@0 -w 0.0.0.0:3000 volumes: - ./data/ntopng:/var/lib/ntopng network_mode: host restart: unless-stopped redis: image: redis:alpine command: --save 900 1 ports: - "6379:6379" volumes: - ./data/redis:/data restart: unless-stopped ``` ## Standalone mode ``` $ mkdir -m 777 -p data/{ntopng,redis} $ docker-compose up -d $ curl http://127.0.0.1:3000 ``` ## Collector mode ``` $ mkdir -m 777 -p data/{ntopng,redis} $ docker-compose up -d -f docker-compose-collector.yml $ curl http://127.0.0.1:3000 ``` ``` $ nprobe -i eth0 -n none --zmq-probe-mode --zmq tcp://ntopng-server:5556 -f 'tcp port 80' ``` [1]: https://www.ntop.org/guides/ntopng/cli_options.html [2]: https://www.ntop.org/guides/nProbe/cli_options.html [3]: https://www.ntop.org/products/netflow/nprobe/