The status of ntopng does show that maxmind 1.3.2 is compiled in, and the maxmind files are on my opensense system. I've manually ran the download scripts etc, but to no avail, all ips are still non geolocated. Geolocation does not seem to be working with ntopng plugin. Ntopng | 18/Aug/2022 17:58:45 Started packet polling on interface tcp://flowhost:5556. Ntopng | 18/Aug/2022 17:58:43 Fetching latest ntop blog posts. Ntopng | 18/Aug/2022 17:58:43 Initializing device polices. Ntopng | 18/Aug/2022 17:58:42 Updating list 'SSLBL Botnet C2 IP Blacklist'. Ntopng | 18/Aug/2022 17:58:41 Updating list 'NoCoin Filter List'. Ntopng | 18/Aug/2022 17:58:40 Updating list 'Feodo Tracker Botnet C2 IP Blocklist'. Ntopng | 18/Aug/2022 17:58:34 Started periodic activities loop. Ntopng | 18/Aug/2022 17:58:34 nDPI risk 27/Risky Domain Name has not been defined in ntopng Ntopng | 18/Aug/2022 17:58:34 nDPI risk 26/Risky ASN has not been defined in ntopng Ntopng | 18/Aug/2022 17:58:34 Scripts/HTML pages directory: /usr/share/ntopng Ntopng | 18/Aug/2022 17:58:34 Started host user script hooks loop on interface tcp://goflow:5556. Ntopng | 18/Aug/2022 17:58:34 Started flow user script hooks loop on interface tcp://goflow:5556. Ntopng | 18/Aug/2022 17:58:34 WARNING: Unable to retain privileges for privileged file writing Ntopng | 18/Aug/2022 17:58:34 WARNING: Capabilities cap_set_proc error: Operation not permitted Ntopng | 18/Aug/2022 17:58:34 Found TLS certificate /usr/share/ntopng/httpdocs/ssl/ntopng-cert.pem Ntopng | 18/Aug/2022 17:58:33 To enable geolocation follow the instructions at Ntopng | 18/Aug/2022 17:58:33 Running without geolocation support. Ntopng | 18/Aug/2022 17:58:33 PID stored in file /var/run/ntopng.pid Ntopng | Starting redis-server: redis-server. I don't know where to get older versions from to see where it started. It happens on start up on both interface collection or zmq message collection There does not have to be flows published to zmq for this to happen. I upgraded to ntopng_15-18228 and now when I start ntopng it uses 197% cpu and the process name is Ntopng does not monitor the interfaces, it only collects netflow messages on a zmq interface. It is a RPI4 with 8GB ram and nothing else running on it. I use ntopng to process NetFlows sent from a pFSense router.Įverything worked perfectly for many months.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |