Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
ntop alerts to slack
« previous
next »
Print
Pages: [
1
]
Author
Topic: ntop alerts to slack (Read 2674 times)
deekdeeker
Newbie
Posts: 36
Karma: 4
ntop alerts to slack
«
on:
April 23, 2019, 02:04:57 am »
Anyone using the ntop alerts via slack?? Just trying this for the first time and not really sure what is happening , I thought that it would just forward the alerts that are appearing the the "flow alerts" section of ntop but apparently not im just getting stuff like below that does not in any way match the alerted flows in ntop.. no more info than that . is this just a useless feature?
22/04/2019 20:00:08][Blacklisted Flow] Client, server or domain is blacklisted [Flow: xxx.176.26.66:52077 xxx.xxx.local:40100] [L4 Protocol: TCP]
Logged
lrosenman
Full Member
Posts: 197
Karma: 8
Re: ntop alerts to slack
«
Reply #1 on:
April 23, 2019, 02:27:12 am »
Even in the logs, I'm trying(!) to figure out what the hades this means.
Logged
deekdeeker
Newbie
Posts: 36
Karma: 4
Re: ntop alerts to slack
«
Reply #2 on:
April 23, 2019, 02:31:52 am »
well i can see that these logs are just random probes from mother russia. But i dont see these anywhere in ntop these are attacks straight to the FW itself. Very confusing and not very useful info as the purpose of slack would be to aggregate the logs that would normally see from NTOP - which do not seem to get logged.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
ntop alerts to slack
