Contribute
Contribute to the project by sending encrypted, anonymous telemetry data to ntop.org.
| Plugin | Description | Source Location | Availability |
|---|---|---|---|
| Active Monitoring | Monitors the status and the response time of specific hosts | /usr/share/ntopng/scripts/plugins/monitors/network/active_monitoring | Community |
| App Misconfiguration | Detects problems in app configuration | /usr/share/ntopng/scripts/plugins/alerts/internals/app_misconfiguration | Community |
| Blacklisted Hosts | Detects blacklisted hosts and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/security/blacklisted | Community |
| Country Check | Detects hosts contacts with specific countries | /usr/share/ntopng/scripts/plugins/alerts/security/blacklisted_country | Community |
| Device Application Not Allowed | Detects applications not allowed for a specific device type and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/security/device_application_not_allowed | Community |
| Device Connection/Disconnection | Trigger an alert upon device connection/disconnection | /usr/share/ntopng/scripts/plugins/alerts/network/device_connection_disconnection | Community |
| Discords Alert Endpoint | Provides alerts notifications to discord | /usr/share/ntopng/scripts/plugins/endpoints/discord_alert_endpoint | Community |
| Disk Monitor | Monitors storage free space | /usr/share/ntopng/scripts/plugins/monitors/system/disk_monitor | Community |
| Dropped Alerts | Triggers an alert on the system when any interface has dropped alerts | /usr/share/ntopng/scripts/plugins/alerts/internals/alerts_drops | Community |
| Email Alert Endpoint | Provides alerts notifications via emails | /usr/share/ntopng/scripts/plugins/endpoints/email_alert_endpoint | Community |
| External Alert | Retrieves and triggers alerts from external sources (e.g. suricata) | /usr/share/ntopng/scripts/plugins/alerts/system/external_alert_check | Community |
| Flow Calls Drops | Detects drops in flow user scripts calls and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/internals/flow_calls_drops | Community |
| Flow Flood detector | Detects flow flood attacks and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/security/flow_flood | Community |
| Flow Logger | Logs on the console each new flow | /usr/share/ntopng/scripts/plugins/examples/flow_logger | Community |
| Flow Risks | Report flow risks detected by nDPI | /usr/share/ntopng/scripts/plugins/alerts/security/flow_risks | Community |
| Ghost Networks | Detects ghost networks and trigger alerts | /usr/share/ntopng/scripts/plugins/alerts/security/ghost_networks | Community |
| Host Log Collector | Collects syslog events from hosts | /usr/share/ntopng/scripts/plugins/collectors/host_log_collector | Community |
| Host Pool Connection/Disconnection | Trigger an alert upon host pool connection/disconnection | /usr/share/ntopng/scripts/plugins/alerts/network/pool_connection_disconnection | Community |
| InluxDB Monitor | Monitors the status of InfluxDB | /usr/share/ntopng/scripts/plugins/monitors/system/influxdb_monitor | Community |
| LLDP Topology Monitor | Detects changes in the SNMP network topology and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/network/snmp_topology_change | Community |
| Not Purged | Detect issues in purging idle flows from the flows hash table | /usr/share/ntopng/scripts/plugins/alerts/internals/not_purged | Community |
| Periodic Activities | Checks the state and functioning of periodic activities | /usr/share/ntopng/scripts/plugins/alerts/internals/periodic_activities | Community |
| Quota Exceeded | Trigger an alert when a time/traffic quota is exceeded | /usr/share/ntopng/scripts/plugins/alerts/network/pool_quota_exceeded | Community |
| Redis Monitor | Monitors Redis health and performance | /usr/share/ntopng/scripts/plugins/monitors/system/redis_monitor | Community |
| Remote to Remote | Detects remote to remote flows and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/network/remote_to_remote | Community |
| Remote to Remote | Detects remote to remote flows and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/network/ip_reassignment | Community |
| Requests vs Replies Ratio | Trigger alerts when on the requests/reply ratio | /usr/share/ntopng/scripts/plugins/alerts/network/request_reply_ratio | Community |
| SQLite Alert Endpoint | Handles SQLite alert notifications for the UI | /usr/share/ntopng/scripts/plugins/endpoints/sqlite_alert_endpoint | Community |
| SYN Scan detector | Detects SYN scan attacks on hosts and networks and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/security/syn_scan_alert | Community |
| Slack Alert Endpoint | Provides alerts notifications to Slack | /usr/share/ntopng/scripts/plugins/endpoints/slack_alert_endpoint | Community |
| Slow Purge | Detects problems in hash tables purging | /usr/share/ntopng/scripts/plugins/alerts/internals/slow_purge | Community |
| Suricata Collector | Collects events and alerts from suricata | /usr/share/ntopng/scripts/plugins/collectors/suricata_collector | Community |
| Syslog Alert Endpoint | Provides alerts notifications to Syslog | /usr/share/ntopng/scripts/plugins/endpoints/syslog_alert_endpoint | Community |
| TCP Connection Issues | Detects TCP Connection Issues | /usr/share/ntopng/scripts/plugins/alerts/network/tcp_connection_issues | Community |
| TCP SYN Flood detector | Detects TCP SYN flood attacks on hosts and triggers alerts | /usr/share/ntopng/scripts/plugins/alerts/security/syn_flood | Community |
| Telegram Alert Endpoint | Provides alerts notifications to telegram | /usr/share/ntopng/scripts/plugins/endpoints/telegram_alert_endpoint | Community |
| Threshold Cross | Multiple threshold cross alerts | /usr/share/ntopng/scripts/plugins/alerts/network/threshold_cross | Community |
| Timeseries | Contains scripts executed periodically to dump timeseries | /usr/share/ntopng/scripts/plugins/monitors/system/timeseries | Community |
| Too Many Drops | Detects excessive packet drops in network interfaces | /usr/share/ntopng/scripts/plugins/alerts/system/too_many_drops | Community |
| UDP Unidirectional | Detects UDP unidirectional flows | /usr/share/ntopng/scripts/plugins/alerts/network/udp_unidirectional | Community |
| Unexpected DHCP | Trigger an alert when an unexpected DHCP server is detected | /usr/share/ntopng/scripts/plugins/alerts/security/unexpected_dhcp | Community |
| Unexpected DNS | Trigger an alert when an unexpected DNS server is detected | /usr/share/ntopng/scripts/plugins/alerts/security/unexpected_dns | Community |
| Unexpected NTP server | Trigger an alert when not allowed NTP server is detected | /usr/share/ntopng/scripts/plugins/alerts/security/unexpected_ntp | Community |
| Unexpected SMTP server | Trigger an alert when not allowed SMTP server is detected | /usr/share/ntopng/scripts/plugins/alerts/security/unexpected_smtp | Community |
| Web Mining | Detects web mining flows | /usr/share/ntopng/scripts/plugins/alerts/security/web_mining | Community |
| Webhook Alert Endpoint | Provides alerts notifications via webhooks | /usr/share/ntopng/scripts/plugins/endpoints/webhook_alert_endpoint | Community |