Contribute
Contribute to the project by sending encrypted, anonymous telemetry data to ntop.org.
Plugin | Description | Source Location | Availability |
---|---|---|---|
Active Monitoring | Monitors the status and the response time of specific hosts | /usr/share/ntopng/scripts/plugins/monitors/network/active_monitoring | Community |
App Misconfiguration | Detects problems in app configuration | /usr/share/ntopng/scripts/plugins/alerts/internals/app_misconfiguration | Community |
Blacklisted Hosts | Detects blacklisted hosts and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/security/blacklisted | Community |
Country Check | Detects hosts contacts with specific countries | /usr/share/ntopng/scripts/plugins/alerts/security/blacklisted_country | Community |
Device Application Not Allowed | Detects applications not allowed for a specific device type and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/security/device_application_not_allowed | Community |
Device Connection/Disconnection | Trigger an alert upon device connection/disconnection | /usr/share/ntopng/scripts/plugins/alerts/network/device_connection_disconnection | Community |
Discords Alert Endpoint | Provides alerts notifications to discord | /usr/share/ntopng/scripts/plugins/endpoints/discord_alert_endpoint | Community |
Disk Monitor | Monitors storage free space | /usr/share/ntopng/scripts/plugins/monitors/system/disk_monitor | Community |
Dropped Alerts | Triggers an alert on the system when any interface has dropped alerts | /usr/share/ntopng/scripts/plugins/alerts/internals/alerts_drops | Community |
Email Alert Endpoint | Provides alerts notifications via emails | /usr/share/ntopng/scripts/plugins/endpoints/email_alert_endpoint | Community |
External Alert | Retrieves and triggers alerts from external sources (e.g. suricata) | /usr/share/ntopng/scripts/plugins/alerts/system/external_alert_check | Community |
Flow Calls Drops | Detects drops in flow user scripts calls and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/internals/flow_calls_drops | Community |
Flow Flood detector | Detects flow flood attacks and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/security/flow_flood | Community |
Flow Logger | Logs on the console each new flow | /usr/share/ntopng/scripts/plugins/examples/flow_logger | Community |
Flow Risks | Report flow risks detected by nDPI | /usr/share/ntopng/scripts/plugins/alerts/security/flow_risks | Community |
Ghost Networks | Detects ghost networks and trigger alerts | /usr/share/ntopng/scripts/plugins/alerts/security/ghost_networks | Community |
Host Log Collector | Collects syslog events from hosts | /usr/share/ntopng/scripts/plugins/collectors/host_log_collector | Community |
Host Pool Connection/Disconnection | Trigger an alert upon host pool connection/disconnection | /usr/share/ntopng/scripts/plugins/alerts/network/pool_connection_disconnection | Community |
InluxDB Monitor | Monitors the status of InfluxDB | /usr/share/ntopng/scripts/plugins/monitors/system/influxdb_monitor | Community |
LLDP Topology Monitor | Detects changes in the SNMP network topology and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/network/snmp_topology_change | Community |
Not Purged | Detect issues in purging idle flows from the flows hash table | /usr/share/ntopng/scripts/plugins/alerts/internals/not_purged | Community |
Periodic Activities | Checks the state and functioning of periodic activities | /usr/share/ntopng/scripts/plugins/alerts/internals/periodic_activities | Community |
Quota Exceeded | Trigger an alert when a time/traffic quota is exceeded | /usr/share/ntopng/scripts/plugins/alerts/network/pool_quota_exceeded | Community |
Redis Monitor | Monitors Redis health and performance | /usr/share/ntopng/scripts/plugins/monitors/system/redis_monitor | Community |
Remote to Remote | Detects remote to remote flows and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/network/ip_reassignment | Community |
Remote to Remote | Detects remote to remote flows and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/network/remote_to_remote | Community |
Requests vs Replies Ratio | Trigger alerts when on the requests/reply ratio | /usr/share/ntopng/scripts/plugins/alerts/network/request_reply_ratio | Community |
SQLite Alert Endpoint | Handles SQLite alert notifications for the UI | /usr/share/ntopng/scripts/plugins/endpoints/sqlite_alert_endpoint | Community |
SYN Scan detector | Detects SYN scan attacks on hosts and networks and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/security/syn_scan_alert | Community |
Slack Alert Endpoint | Provides alerts notifications to Slack | /usr/share/ntopng/scripts/plugins/endpoints/slack_alert_endpoint | Community |
Slow Purge | Detects problems in hash tables purging | /usr/share/ntopng/scripts/plugins/alerts/internals/slow_purge | Community |
Suricata Collector | Collects events and alerts from suricata | /usr/share/ntopng/scripts/plugins/collectors/suricata_collector | Community |
Syslog Alert Endpoint | Provides alerts notifications to Syslog | /usr/share/ntopng/scripts/plugins/endpoints/syslog_alert_endpoint | Community |
TCP Connection Issues | Detects TCP Connection Issues | /usr/share/ntopng/scripts/plugins/alerts/network/tcp_connection_issues | Community |
TCP SYN Flood detector | Detects TCP SYN flood attacks on hosts and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/security/syn_flood | Community |
Telegram Alert Endpoint | Provides alerts notifications to telegram | /usr/share/ntopng/scripts/plugins/endpoints/telegram_alert_endpoint | Community |
Threshold Cross | Multiple threshold cross alerts | /usr/share/ntopng/scripts/plugins/alerts/network/threshold_cross | Community |
Timeseries | Contains scripts executed periodically to dump timeseries | /usr/share/ntopng/scripts/plugins/monitors/system/timeseries | Community |
Too Many Drops | Detects excessive packet drops in network interfaces | /usr/share/ntopng/scripts/plugins/alerts/system/too_many_drops | Community |
UDP Unidirectional | Detects UDP unidirectional flows | /usr/share/ntopng/scripts/plugins/alerts/network/udp_unidirectional | Community |
Unexpected DHCP | Trigger an alert when an unexpected DHCP server is detected | /usr/share/ntopng/scripts/plugins/alerts/security/unexpected_dhcp | Community |
Unexpected DNS | Trigger an alert when an unexpected DNS server is detected | /usr/share/ntopng/scripts/plugins/alerts/security/unexpected_dns | Community |
Unexpected NTP server | Trigger an alert when not allowed NTP server is detected | /usr/share/ntopng/scripts/plugins/alerts/security/unexpected_ntp | Community |
Unexpected SMTP server | Trigger an alert when not allowed SMTP server is detected | /usr/share/ntopng/scripts/plugins/alerts/security/unexpected_smtp | Community |
Web Mining | Detects web mining flows | /usr/share/ntopng/scripts/plugins/alerts/security/web_mining | Community |
Webhook Alert Endpoint | Provides alerts notifications via webhooks | /usr/share/ntopng/scripts/plugins/endpoints/webhook_alert_endpoint | Community |