系统
eth0
3456000,168000,3560000,88000,56000,328000,3624000,96000,64000,88000,64000,4144000,64000,88000,72000,96000,112000,296000,3872000,80000,48000,88000,5016000,72000,64000,168000,64000,96000,56000,88000
-240000,-64000,-232000,-32000,-24000,-280000,-200000,-32000,-40000,-40000,-24000,-272000,-24000,-24000,-24000,-32000,-120000,-256000,-264000,-32000,-32000,-32000,-224000,-24000,-24000,-96000,-24000,-40000,-16000,-24000
image/svg+xml
仪表盘
流量仪表盘
Monitoring
Active Monitoring
网络发现
Active Scan
警告
Explorer
通知
流
活动流
主机
主机
MAC地址
地图
地理地图
接口
Details
网络
主机池
自治系统
国家
Policies
设备应用程序
Network Configuration
检查
设置
用户
首选项
类别列表
管理配置
应用程序和类别
开发者
REST API
Analyse Pcap File
管理数据
检查
警告和流状态定义
Timeseries Schema Definitions
目录
Lua/C API
帮助
关于
License Limits
ntop博客
Help and News
用户手册
报告问题
Suggest a Feature
系统
系统
接口
eth0
3456000,168000,3560000,88000,56000,328000,3624000,96000,64000,88000,64000,4144000,64000,88000,72000,96000,112000,296000,3872000,80000,48000,88000,5016000,72000,64000,168000,64000,96000,56000,88000
-240000,-64000,-232000,-32000,-24000,-280000,-200000,-32000,-40000,-40000,-24000,-272000,-24000,-24000,-24000,-32000,-120000,-256000,-264000,-32000,-32000,-32000,-224000,-24000,-24000,-96000,-24000,-40000,-16000,-24000
来自
ntop博客
的新闻
nologin
无可用更新.
检查更新
切换高亮主题
重启
创建端点
创建一个
端点
以开始向外部发送警告。
创建
解除
通知
|
端点
收件人
操作
名称
类型
绑定到端点
自上次使用以来的时间
Delivered
Filtered Out
Failed Deliveries
使用
丢失
填充
Notif. Type
Categories
Entities
Alert Types
Min. Severity
Silence Dup. Alerts
Options
Execute shell script when
Always
The alert is triggered
The alert is released
Email Receiver
CC
Comma separated list of email addresses. (此字段是可选的)
Id Mattermost Channel
Username
Channel Id
添加新收件人
中止添加新端点收件人?
取消
中止
名称
端点
Notifications Type
Alerts
Traffic Reports
Vulnerability Scan Reports
Specify which type of notifications the user want to send to this Recipient (e.g. if alerts is selected only alerts are going to be sent here).
Advanced View
Silence Duplicated Alerts
If silenced, the same alert is not delivered to the recipient more than 1 time per hour
Deliver Alerts based on
Properties
Alert Type
Choose which alerts to receive, if by properties(e.g. severity) or by specific alert(s)
最低严重程度
通知
警告
错误
关键
紧急
Specify the minimum severity of the alerts to receive
类别过滤器
Active Monitoring
Intrusion Detection and Prevention
内部
网络
其他
网络安全
SNMP
系统
Specify which alert categories (Cybersecurity, System, ...) to deliver to the Recipient
Alert Entities
活动监控
AS
流
主机
接口
设备
本地网络
其他
SNMP设备
系统
用户
Specify which alert entity (Flow, SNMP, ...) to deliver to the Recipient
Alerts
AS Exporter Ranking Changed
Threshold Crossed
LLDP 拓扑已更改
MAC Appeared
MAC Disappeared
Many MACs on Non-Trunk
SNMP High Error Counter
SNMP Polling Error
SNMP Trap
SNMP 设备重启
SNMP接口MAC已更改
Threshold Crossed
Traffic Change Detected
接口双工状态变化
接口操作状态变化
接口错误
通过SNMP缓解攻击
Countries Contacts
Custom Script
DNS Flood
DNS流量警告
Dangerous Host
Domain Names Contacts
External Script
Host Scanner Detected
ICMP Flood
NAT Detected
NTP服务器通信
SMTP服务器通信
SNMP Flood
Scan
Scan (Realtime)
Server Port Detected
Susp. Domain Scan
Threshold Crossed
Unexpected Gateway
主机日志
分数异常
流量异常
流量泛洪
远程连接
ACL Violation (ARP)
AS Exporter Ranking Changed
Active Scan
Broadcast Domain Too Large
Cloud Disconnection
Cloud Reconnected
DHCP Storm
Exporters Limit Exceeded
Gateway Unreachable
Ghost网络
IP/MAC更改
InfluxDB导出失败
InfluxDB错误
Jailed Host Added
Jailed Host Removed
LLDP 拓扑已更改
Local Host Blacklisted
MAC Appeared
MAC Disappeared
Many MACs on Non-Trunk
NG 信任事件
Network Discovery
Network Score Per Host
Network issues
No Exporter Activity
No Probe Activity
No Traffic Activity
Process
Redis Reads Writes Exceeded
SNMP High Error Counter
SNMP Polling Error
SNMP Trap
SNMP 设备重启
SNMP接口MAC已更改
System Error
TCP SYN 扫描被攻击者
Threshold Crossed
Threshold Crossed
Threshold Crossed
Threshold Crossed
Threshold Crossed
Threshold Crossed
Threshold Crossed
Traffic Change Detected
Unexpected MAC Conn./Disc.
Unexpected Score Behavior
Unexpected Traffic Behavior
丢包
丢弃的警告
主机池断开连接
列表下载失败
列表下载成功
已执行Fail2Ban命令
已执行端点(Endpoint)Shell脚本
异常主机通信
慢周期活动
接口双工状态变化
接口操作状态变化
接口错误
数据包队列刷新
未执行定期活动
活动监控
流泛洪被攻击者
用户活动
登录失败
超出配额
通过SNMP缓解攻击
配置错误的DHCP范围
错误配置的应用程序
阈值交叉
DHCP Storm
Ghost网络
Jailed Host Added
Jailed Host Removed
Network Discovery
No Exporter Activity
No Probe Activity
No Traffic Activity
Threshold Crossed
Threshold Crossed
Threshold Crossed
Threshold Crossed
Unexpected MAC Conn./Disc.
Unexpected Score Behavior
Unexpected Traffic Behavior
丢包
丢弃的警告
阈值交叉
Ghost网络
Network issues
TCP SYN 扫描被攻击者
Threshold Crossed
流泛洪被攻击者
阈值交叉
Active Scan
活动监控
ACL Violation (ICMP/TCP/UDP)
ALPN/SNI Mismatch
Anonymous Subscriber
Binary File/Data Transfer (Attempt)
Blacklisted Client Contact
Blacklisted Flow
Blacklisted Server Contact
Broadcast Non-UDP Traffic
Clear-Text Credentials
Crawler/Bot
Custom Script
DNS数据泄露
Desktop/File Sharing
Error Code
Fragmented DNS Message
HTTP Obsolete Server
HTTP Susp. Content
HTTP 可疑 URL
HTTP 可疑标头
HTTP 可疑用户代理
HTTP 数字 IP 主机
Host Policy
IEC Invalid Command Transition
IEC Invalid Transition
IEC Unexpected TypeID
Invalid Characters
Large DNS Packet (512+ bytes)
Malicious Fingerprint
Malicious SHA1 TLS Cert.
Malware Host Contacted
Minor Issues
Mismatching protocol with IP address
ModbusTCP Invalid Function Code
ModbusTCP Invalid Transition
ModbusTCP Too Many Exceptions
No Answer
Not Purged
Obfuscated Traffic
Periodic Flow
Policy Violation
Possible Exploit
Probing Attempt
Punicody IDN
QoE Issues
Rare Destination
Remote to Local Insecure Flow
Remote to Remote Flow
Risky ASN
Risky Domain
SMB 不安全版本
Susp. Entropy
TCP Connection Issues
TCP Flow Reset
TCP Packets Issues
TCP 零窗口
TLS Cert About To Expire
TLS Fatal Alert
TLS Susp. Extension
TLS Uncommon ALPN
TLS 证书不匹配
TLS 证书已过期
TLS 证书自签名
TLS(可能)不携带 HTTPS
Too Long TLS Cert Validity
Unidirectional Traffic
Unresolved DNS hostname
VLAN Bidirectional Traffic
Web挖掘
不安全的 TLS 密码
不安全的协议
低Goodput率
发现异常 NTP 服务器
发现异常 SMTP 服务器
发现异常DHCP服务器
发现异常DNS服务器
可疑文件传输
可疑的DGA域
可疑的DNS流量
可疑设备协议
可能的 RCE
可能的SQL注入
可能的XSS
在非标准端口上的应用程序
外部警告
大数据流
数据泄露
无效的DNS查询
横向运动
没有数据交换
流周期已更改
由于配置的策略而拦截流
畸形数据包
缺少 TLS SNI
过期的 SSH 客户端版本或密码
过期的 TLS 版本
过期的SSH
远程访问
长期流
黑名单国家
用户活动
登录失败
Cloud Disconnection
Cloud Reconnected
Exporters Limit Exceeded
Gateway Unreachable
InfluxDB错误
Local Host Blacklisted
Process
Redis Reads Writes Exceeded
System Error
Threshold Crossed
Threshold Crossed
Threshold Crossed
Threshold Crossed
Threshold Crossed
丢弃的警告
列表下载失败
列表下载成功
已执行端点(Endpoint)Shell脚本
慢周期活动
数据包队列刷新
未执行定期活动
登录失败
错误配置的应用程序
ACL Violation (ARP)
Broadcast Domain Too Large
IP/MAC更改
Select alerts to deliver to the Recipient
主机池
Default
Jailed Hosts
Filter alerts matching the selected pools, whenever possible (e.g. Flow and Host alerts).
Active Monitoring
Filter alerts matching the selected Active Monitoring entries.
删除收件人:
确认要删除 '
' 收件人吗?
编辑收件人:
中止端点收件人的编辑?
取消
中止
名称
端点
Notifications Type
Alerts
Traffic Reports
Vulnerability Scan Reports
Specify which type of notifications the user want to send to this Recipient (e.g. if alerts is selected only alerts are going to be sent here).
Silence Duplicated Alerts
If silenced, the same alert is not delivered to the recipient more than 1 time per hour
Deliver Alerts based on
Properties
Alert Type
Choose which alerts to receive, if by properties(e.g. severity) or by specific alert(s)
最低严重程度
通知
警告
错误
关键
紧急
Specify the minimum severity of the alerts to receive
类别过滤器
Active Monitoring
Intrusion Detection and Prevention
内部
网络
其他
网络安全
SNMP
系统
Specify which alert categories (Cybersecurity, System, ...) to deliver to the Recipient
Alert Entities
活动监控
AS
流
主机
接口
设备
本地网络
其他
SNMP设备
系统
用户
Specify which alert entity (Flow, SNMP, ...) to deliver to the Recipient
Alerts
AS Exporter Ranking Changed
Threshold Crossed
LLDP 拓扑已更改
MAC Appeared
MAC Disappeared
Many MACs on Non-Trunk
SNMP High Error Counter
SNMP Polling Error
SNMP Trap
SNMP 设备重启
SNMP接口MAC已更改
Threshold Crossed
Traffic Change Detected
接口双工状态变化
接口操作状态变化
接口错误
通过SNMP缓解攻击
Countries Contacts
Custom Script
DNS Flood
DNS流量警告
Dangerous Host
Domain Names Contacts
External Script
Host Scanner Detected
ICMP Flood
NAT Detected
NTP服务器通信
SMTP服务器通信
SNMP Flood
Scan
Scan (Realtime)
Server Port Detected
Susp. Domain Scan
Threshold Crossed
Unexpected Gateway
主机日志
分数异常
流量异常
流量泛洪
远程连接
ACL Violation (ARP)
AS Exporter Ranking Changed
Active Scan
Broadcast Domain Too Large
Cloud Disconnection
Cloud Reconnected
DHCP Storm
Exporters Limit Exceeded
Gateway Unreachable
Ghost网络
IP/MAC更改
InfluxDB导出失败
InfluxDB错误
Jailed Host Added
Jailed Host Removed
LLDP 拓扑已更改
Local Host Blacklisted
MAC Appeared
MAC Disappeared
Many MACs on Non-Trunk
NG 信任事件
Network Discovery
Network Score Per Host
Network issues
No Exporter Activity
No Probe Activity
No Traffic Activity
Process
Redis Reads Writes Exceeded
SNMP High Error Counter
SNMP Polling Error
SNMP Trap
SNMP 设备重启
SNMP接口MAC已更改
System Error
TCP SYN 扫描被攻击者
Threshold Crossed
Threshold Crossed
Threshold Crossed
Threshold Crossed
Threshold Crossed
Threshold Crossed
Threshold Crossed
Traffic Change Detected
Unexpected MAC Conn./Disc.
Unexpected Score Behavior
Unexpected Traffic Behavior
丢包
丢弃的警告
主机池断开连接
列表下载失败
列表下载成功
已执行Fail2Ban命令
已执行端点(Endpoint)Shell脚本
异常主机通信
慢周期活动
接口双工状态变化
接口操作状态变化
接口错误
数据包队列刷新
未执行定期活动
活动监控
流泛洪被攻击者
用户活动
登录失败
超出配额
通过SNMP缓解攻击
配置错误的DHCP范围
错误配置的应用程序
阈值交叉
DHCP Storm
Ghost网络
Jailed Host Added
Jailed Host Removed
Network Discovery
No Exporter Activity
No Probe Activity
No Traffic Activity
Threshold Crossed
Threshold Crossed
Threshold Crossed
Threshold Crossed
Unexpected MAC Conn./Disc.
Unexpected Score Behavior
Unexpected Traffic Behavior
丢包
丢弃的警告
阈值交叉
Ghost网络
Network issues
TCP SYN 扫描被攻击者
Threshold Crossed
流泛洪被攻击者
阈值交叉
Active Scan
活动监控
ACL Violation (ICMP/TCP/UDP)
ALPN/SNI Mismatch
Anonymous Subscriber
Binary File/Data Transfer (Attempt)
Blacklisted Client Contact
Blacklisted Flow
Blacklisted Server Contact
Broadcast Non-UDP Traffic
Clear-Text Credentials
Crawler/Bot
Custom Script
DNS数据泄露
Desktop/File Sharing
Error Code
Fragmented DNS Message
HTTP Obsolete Server
HTTP Susp. Content
HTTP 可疑 URL
HTTP 可疑标头
HTTP 可疑用户代理
HTTP 数字 IP 主机
Host Policy
IEC Invalid Command Transition
IEC Invalid Transition
IEC Unexpected TypeID
Invalid Characters
Large DNS Packet (512+ bytes)
Malicious Fingerprint
Malicious SHA1 TLS Cert.
Malware Host Contacted
Minor Issues
Mismatching protocol with IP address
ModbusTCP Invalid Function Code
ModbusTCP Invalid Transition
ModbusTCP Too Many Exceptions
No Answer
Not Purged
Obfuscated Traffic
Periodic Flow
Policy Violation
Possible Exploit
Probing Attempt
Punicody IDN
QoE Issues
Rare Destination
Remote to Local Insecure Flow
Remote to Remote Flow
Risky ASN
Risky Domain
SMB 不安全版本
Susp. Entropy
TCP Connection Issues
TCP Flow Reset
TCP Packets Issues
TCP 零窗口
TLS Cert About To Expire
TLS Fatal Alert
TLS Susp. Extension
TLS Uncommon ALPN
TLS 证书不匹配
TLS 证书已过期
TLS 证书自签名
TLS(可能)不携带 HTTPS
Too Long TLS Cert Validity
Unidirectional Traffic
Unresolved DNS hostname
VLAN Bidirectional Traffic
Web挖掘
不安全的 TLS 密码
不安全的协议
低Goodput率
发现异常 NTP 服务器
发现异常 SMTP 服务器
发现异常DHCP服务器
发现异常DNS服务器
可疑文件传输
可疑的DGA域
可疑的DNS流量
可疑设备协议
可能的 RCE
可能的SQL注入
可能的XSS
在非标准端口上的应用程序
外部警告
大数据流
数据泄露
无效的DNS查询
横向运动
没有数据交换
流周期已更改
由于配置的策略而拦截流
畸形数据包
缺少 TLS SNI
过期的 SSH 客户端版本或密码
过期的 TLS 版本
过期的SSH
远程访问
长期流
黑名单国家
用户活动
登录失败
Cloud Disconnection
Cloud Reconnected
Exporters Limit Exceeded
Gateway Unreachable
InfluxDB错误
Local Host Blacklisted
Process
Redis Reads Writes Exceeded
System Error
Threshold Crossed
Threshold Crossed
Threshold Crossed
Threshold Crossed
Threshold Crossed
丢弃的警告
列表下载失败
列表下载成功
已执行端点(Endpoint)Shell脚本
慢周期活动
数据包队列刷新
未执行定期活动
登录失败
错误配置的应用程序
ACL Violation (ARP)
Broadcast Domain Too Large
IP/MAC更改
Select alerts to deliver to the Recipient
主机池
Default
Jailed Hosts
Filter alerts matching the selected pools, whenever possible (e.g. Flow and Host alerts).
Active Monitoring
Filter alerts matching the selected Active Monitoring entries.
池使用收件人
没有池使用此收件人。 从
池
页面添加池。
抱歉,但收件人用户加载失败。 请稍后再试。
重启 ntopng
您现在要重启 ntopng 吗?
外部链路
您正在被转到: