I’ve gone down this rabbit hole and have yet to find a solution I like. The only routes I haven’t gone down yet are the grey log or sec onion, as the learning curve is steep.

I do use crowdsec and that has been semi-helpful at showing me where a scanner is trying to poke around and on what service.

I currently use ntopng’s community version and that’s been acceptable for now. Some parts are a bit confusing and the documentation didn’t help me understand, but the tables are really well laid out and I can easily see the server/cliebt relationship with in and outbound traffic. I’ll try and share screenshots of how it looks for me to see if that helps you.

Have you opened an issue on repo for the devs to see? might as well go straight to the source.

i’m assuming the flask module here is the flask that is a python framework for building apps. sounds like the dependency wasn’t added to the latest build