Pular para o conteúdo principal

Install Ntopng Network Traffic Monitoring Tool on CentOS 7

Table of Contents

Introduction

Ntopng is an opensource network traffic monitoring system that provides a web interface for real-time network monitoring. It very useful tool that helps you learn more about your network traffic.
Ntopng provides several tools for monitoring various protocols, traffic variants and bandwidth across multiple time frames. You can install ntopng on any monitoring server connected to your network and use a web browser to access real-time traffic reports available on the server.
In this tutorial, I will explain how to set up a web-based network traffic monitoring system on CentOS 7 using ntopng.

Ntopng Features

  • Protocol-level real-time analysis of local network traffic.
  • Geolocation of IP addresses.
  • Network traffic matrix
  • Historical traffic analysis
  • Support for sFlow, NetFlow and IPFIX through nProbe.
  • IPv6 support.

Requirements

  • A server running CentOS v. 7

Installing Ntopng

Ntopng is not available in the default CentOS 7 repository. To begin, you will need to add the EPEL repository to your system by running the following command:
sudo yum install epel-release
Next, you will need to create an ntop repository for the stable builds. To do this, create a file named ntop.repo inside the /etc/yum.repos.d/ directory.
 sudo nano /etc/yum.repos.d/ntop.repo
Add the following content to the ntop.repo file:
[ntop]
name=ntop packages
baseurl=http://www.nmon.net/centos-stable/$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://www.nmon.net/centos-stable/RPM-GPG-KEY-deri
[ntop-noarch]
name=ntop packages
baseurl=http://www.nmon.net/centos-stable/$releasever/noarch/
enabled=1
gpgcheck=1
gpgkey=http://www.nmon.net/centos-stable/RPM-GPG-KEY-deri
Save and exit the file.
Now, update the repositories and all installed packages with the following command:
 sudo yum -y update
Finally, install ntopng by running the following command:
sudo yum --enablerepo=epel install redis ntopng

Start the Ntopng and Redis Service

Once ntopng has been installed, you need to install the hiredis-devel package and start the redis server before starting ntopng.
sudo yum --enablerepo=epel install hiredis-devel
Now, start the redis service and enable the service to start at boot time:
sudo systemctl start redis.service
sudo systemctl enable redis.service
Let’s start ntopng and add the service to start at boot time:
sudo systemctl start ntopng.service
sudo systemctl enable ntopng.service

Configure Ntopng

Ntop will create a default configuration file at /etc/ntopng/ntopng.conf. However if you check the status, you’ll see that ntop gives you a "No Pro licence is found" error, and announces that it will return to community mode after 10 minutes.
To check the ntopng status, run:
sudo systemctl status ntopng
You should see the following output
Ntopng warning status
You can remove this warning message by editing the ntopng configuration file:
sudo nano /etc/ntopng/ntopng.conf
Add/change the line shown below:
-G=/var/tmp/ntopng.pid\
--community
Save and exit the file, restart ntopng and check status again:
sudo systemctl restart ntopng
sudo systemctl status ntopng

Allow Ntopng Through the Firewall

Ntopng listens by default at the 3000 TCP port so you’ll need to add firewall rule to access ntopng from remote machine. You can do this by running following command:
sudo firewall-cmd --permanent --add-port=3000/tcp
Now, reload the firewalld service:
sudo firewall-cmd --reload

Test Ntopng

After setting everything up, you can access the ntopng web interface in a web browser by going to the URL http://your.server.ip:3000. Use the login information:
User: admin Password: admin
Enjoy...

Comentários

Postar um comentário

Postagens mais visitadas deste blog

Upgrading Iomega ix2-200 to Cloud Edition

You just got your ix2-200 from eBay and there are no disks inside the NAS. Or you have a brand new ix2-200 -yet you could not afford Cloud Edition. No problem. With just a USB stick and a SATA adapter or desktop PC, you will easily upgrade your ix2-200 to ix2-200 Cloud Edition. Not only your ix2-200 will have a brand new interface and Cloud options, but also will become Mac OS X Lion compatible! What do we need? Decrypted! ix2-200 Cloud Edition Firmware 3.1.12.47838 S endSpace or RapidShare * USB Flash Drive with at least 2 GB capacity and LED indicator** SATA to USB adapter or desktop PC Toothpick or paperclip Preparing Hard Drives Preparing hard drives is the first step because you have to wipe all the data inside the hard drives and make them just like brand new. We used 2 x Seagate 2 TB 5900 RPM Drives. Backup any files if you have and then remove both disks from ix2-200 and attach them to SATA to USB adapter or your desktop PC's SATA port. Using ...
Postar um comentário
Leia mais

How to Fix sub-process /usr/bin/dpkg returned an error code (1)

Introduction The error message “Sub-process /usr/bin/dpkg returned an error code (1)” indicates a problem with the package installer. This can happen in Ubuntu after a failed software installation, or if the installer becomes corrupted. The key phrase in this error is /usr/bin/dpkg. This refers to the dpkg package installer for Linux. A package installer is an application that tracks software, updates, and dependencies. If it is damaged, any new software installation will cause this error message. We cover several possible solutions, from easily-solved and straightforward solutions to more complex processes. This guide will help you resolve the dpkg returned an error code 1 on an Ubuntu operating system. Prerequisites A user account with sudo privileges A terminal window/command-line ( Ctrl - Alt - T ) Options to Fix sub-process /usr/bin/dpkg returned an error code (1) Method 1: Reconfigure dpkg Database ...
Postar um comentário
Leia mais

How to Create Reports from Audit Logs Using ‘aureport’ on CentOS/RHEL

  What is aureport? aureport is a command line utility used for creating useful summary reports from the audit log files stored in /var/log/audit/ . Like ausearch , it also accepts raw log data from stdin. It is an easy-to-use utility; simply pass an option for a specific kind of report that you need, as shown in the examples below. Create Report Concerning Audit Rule Keys The aurepot command will produce a report about all keys you specified in audit rules, using the -k flag. # aureport -k Report Audit Rule Keys You can enable interpreting of numeric entities into text (for example convert UID to account name) using the -i option. # aureport -k -i Create Report About Attempted Authentications If you need a report about all events relating to attempted authentications for all users, use the -au option. # aureport -au OR # aureport -au -i   Summary of Login Authentication Produce Report Concerning Logins The -l option tells aureport to ge...
Postar um comentário
Leia mais