Version : Ntopng v4.2 and later

Ntopng is the next-generation version of the original ntop. It is a passive network monitoring tool, focused on flows and statistics that can be obtained from the traffic captured by the server.

Ntopng log integration with Netsurion Open XDR can be achieved via syslog. Ntopng sends events information like alerts and web traffic activities. Netsurion Open XDR generates detail reports for suspicious traffic activities. Its graphical representation shows web traffic activities, source IP address, destination IP address, top accessed URL, etc.

Netsurion Open XDR triggers alerts in the event when suspicious traffic is detected by Ntopng.

  • Security: All the events that are detected as suspicious activity.
  • Operations: Web traffic activities

Once Ntopng is configured to deliver events to Netsurion Open XDR, then alerts, dashboards, and reports can be configured into Netsurion Open XDR.

To take advantage of this data source integration and to learn more about alerts, reports, and dashboards, contact your Technical Account Manager (TAM). If you are not currently a Netsurion customer or partner, contact us to learn more.