looking to run ntop once daily reading from pcap file
i have a gateway bridge running snort for ips, tethereal to dump all traffic to a pcap file which gets gz'd and stored hourly and mrtg to graph traffic pulling from snmp once a minute. what im looking to do is run ntop once daily to produce the detailed graphs in html pulling the data for the graphs from the pcap dump. i don't want to run ntop constant as a daemon because of performance issues. ntop will be run on a seperate machine, where the gz'd files are, after the previous 24 hrs worth of captures have been unzipped and merged into one file. i then want to run ntop as described, once daily, and take the graphs produced and post them on another web server. im going to take the graphs produced and embed them in html on another web server... i'll get this done one way or the other, hopefully with a simple copy, if not a cropped screen capture... something, that should be relatively simple. so, in a nutshell, i need to run ntop once a day reading from 24hrs worth of pcap in a file.
thanks in advance for any suggestions...
im open to any other suggestions on how to accomplish this. i need ntop like graphs, all nice and pretty like ntop does it, but don't care how i get it done. it just needs to read that pcap file and give me some ntop like graphs which i can embed in some html. so if some one has an easier way to do this, or has already done something like this, maybe a script already written (would be beautiful), i'd love to hear it...
|