Pular para o conteúdo principal

Install Ntopng Network Traffic Monitoring Tool on CentOS 7

Table of Contents

Introduction

Ntopng is an opensource network traffic monitoring system that provides a web interface for real-time network monitoring. It very useful tool that helps you learn more about your network traffic.
Ntopng provides several tools for monitoring various protocols, traffic variants and bandwidth across multiple time frames. You can install ntopng on any monitoring server connected to your network and use a web browser to access real-time traffic reports available on the server.
In this tutorial, I will explain how to set up a web-based network traffic monitoring system on CentOS 7 using ntopng.

Ntopng Features

  • Protocol-level real-time analysis of local network traffic.
  • Geolocation of IP addresses.
  • Network traffic matrix
  • Historical traffic analysis
  • Support for sFlow, NetFlow and IPFIX through nProbe.
  • IPv6 support.

Requirements

  • A server running CentOS v. 7

Installing Ntopng

Ntopng is not available in the default CentOS 7 repository. To begin, you will need to add the EPEL repository to your system by running the following command:
sudo yum install epel-release
Next, you will need to create an ntop repository for the stable builds. To do this, create a file named ntop.repo inside the /etc/yum.repos.d/ directory.
 sudo nano /etc/yum.repos.d/ntop.repo
Add the following content to the ntop.repo file:
[ntop]
name=ntop packages
baseurl=http://www.nmon.net/centos-stable/$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://www.nmon.net/centos-stable/RPM-GPG-KEY-deri
[ntop-noarch]
name=ntop packages
baseurl=http://www.nmon.net/centos-stable/$releasever/noarch/
enabled=1
gpgcheck=1
gpgkey=http://www.nmon.net/centos-stable/RPM-GPG-KEY-deri
Save and exit the file.
Now, update the repositories and all installed packages with the following command:
 sudo yum -y update
Finally, install ntopng by running the following command:
sudo yum --enablerepo=epel install redis ntopng

Start the Ntopng and Redis Service

Once ntopng has been installed, you need to install the hiredis-devel package and start the redis server before starting ntopng.
sudo yum --enablerepo=epel install hiredis-devel
Now, start the redis service and enable the service to start at boot time:
sudo systemctl start redis.service
sudo systemctl enable redis.service
Let’s start ntopng and add the service to start at boot time:
sudo systemctl start ntopng.service
sudo systemctl enable ntopng.service

Configure Ntopng

Ntop will create a default configuration file at /etc/ntopng/ntopng.conf. However if you check the status, you’ll see that ntop gives you a "No Pro licence is found" error, and announces that it will return to community mode after 10 minutes.
To check the ntopng status, run:
sudo systemctl status ntopng
You should see the following output
Ntopng warning status
You can remove this warning message by editing the ntopng configuration file:
sudo nano /etc/ntopng/ntopng.conf
Add/change the line shown below:
-G=/var/tmp/ntopng.pid\
--community
Save and exit the file, restart ntopng and check status again:
sudo systemctl restart ntopng
sudo systemctl status ntopng

Allow Ntopng Through the Firewall

Ntopng listens by default at the 3000 TCP port so you’ll need to add firewall rule to access ntopng from remote machine. You can do this by running following command:
sudo firewall-cmd --permanent --add-port=3000/tcp
Now, reload the firewalld service:
sudo firewall-cmd --reload

Test Ntopng

After setting everything up, you can access the ntopng web interface in a web browser by going to the URL http://your.server.ip:3000. Use the login information:
User: admin Password: admin
Enjoy...

Comentários

Postagens mais visitadas deste blog

Upgrading Iomega ix2-200 to Cloud Edition

You just got your ix2-200 from eBay and there are no disks inside the NAS. Or you have a brand new ix2-200 -yet you could not afford Cloud Edition. No problem. With just a USB stick and a SATA adapter or desktop PC, you will easily upgrade your ix2-200 to ix2-200 Cloud Edition. Not only your ix2-200 will have a brand new interface and Cloud options, but also will become Mac OS X Lion compatible! What do we need? Decrypted! ix2-200 Cloud Edition Firmware 3.1.12.47838 S endSpace or RapidShare * USB Flash Drive with at least 2 GB capacity and LED indicator** SATA to USB adapter or desktop PC Toothpick or paperclip Preparing Hard Drives Preparing hard drives is the first step because you have to wipe all the data inside the hard drives and make them just like brand new. We used 2 x Seagate 2 TB 5900 RPM Drives. Backup any files if you have and then remove both disks from ix2-200 and attach them to SATA to USB adapter or your desktop PC's SATA port. Using ...

How to Fix sub-process /usr/bin/dpkg returned an error code (1)

Introduction The error message “Sub-process /usr/bin/dpkg returned an error code (1)” indicates a problem with the package installer. This can happen in Ubuntu after a failed software installation, or if the installer becomes corrupted. The key phrase in this error is /usr/bin/dpkg. This refers to the dpkg package installer for Linux. A package installer is an application that tracks software, updates, and dependencies. If it is damaged, any new software installation will cause this error message. We cover several possible solutions, from easily-solved and straightforward solutions to more complex processes. This guide will help you resolve the dpkg returned an error code 1 on an Ubuntu operating system. Prerequisites A user account with sudo privileges A terminal window/command-line ( Ctrl - Alt - T ) Options to Fix sub-process /usr/bin/dpkg returned an error code (1) Method 1: Reconfigure dpkg Database ...

Installing and Configuring Snorby on CentOS 7

Snorby is a ruby on rails web application for network security monitoring that interfaces with current popular intrusion detection systems (Snort, Suricata and Sagan). The basic fundamental concepts behind Snorby are simplicity, organization and power. The project goal is to create a free, open source and highly competitive application for network monitoring for both private and enterprise use. Set up your system with the follow script to ensure that nothing will be missing http://wiki.douglasqsantos.com.br/doku.php/confinicialcentos7_en The Snorby will use the follow ip: 192.168.1.251 Let's install the development tools yum groupinstall "Development Tools" -y Let's install the dependencies for Snorby. yum install openssl-devel readline-devel libxml2-devel libxslt-devel mariadb mariadb-devel mariadb-server urw-fonts libX11-devel libXext-devel git \ fontconfig-devel libXrender-devel unzip wget xorg-x11-server-Xvfb libyaml libyaml-devel gdbm-de...