Wider attack surface coverage powered by hundreds of integrations and deeper threat visibility powered by thousands of detections.
Version : Ntopng v4.2 and later
Ntopng is the next-generation version of the original ntop. It is a passive network monitoring tool, focused on flows and statistics that can be obtained from the traffic captured by the server.
Ntopng log integration with Netsurion's Open XDR platform can be achieved via syslog. Ntopng sends events information like alerts and web traffic activities. Netsurion's Open XDR platform generates detail reports for suspicious traffic activities. Its graphical representation shows web traffic activities, source IP address, destination IP address, top accessed URL, etc.
Netsurion triggers alerts in the event when suspicious traffic is detected by Ntopng.
Once Ntopng is configured to deliver events to Netsurion's Open XDR platform, then alerts, dashboards, and reports can be configured into Netsurion's Open XDR platform. Some of the Data Source Integrations available in Netsurion are listed below.
The configuration details are consistent with Netsurion version 9.2 and later, Ntopng v4.2 and later.
Download Integration Guide and How-to Guide for more information and to configuration instructions.