When you monitor network traffic on the local network, there are many different options based on the traffic size, monitoring platform/interface, database type, and so on.
Ntopng is an open-source network traffic analysis solution that complies with the GPLv3 protocol. It provides real-time network traffic monitoring based on web interfaces. Supports cross-platform, including Linux and MacOS X. Ntopng is similar to RMON remote network monitoring proxy and has built-in Web service capabilities. It uses the Redis key value service to store statistics in a time series. You can install ntopng on any specified Monitoring Server. You only need to use any web browser to access traffic reports on the server in real time.
This tutorial introduces how to use ntopng to configure a Web-based network traffic monitoring system on Linux.
Ntopng features
- Real-time analysis of local network traffic at the data stream level and protocol level
- Supports statistical analysis at the domain, AS (self-made system), and VLAN level
- Supports IP address location
- Supports deep message detection (DPI) based on "service discovery" (such as Google and Facebook)
- Historical traffic analysis (for example, analysis by hour, day, week, month, and year)
- Supports sFlow, NetFlow (v5/v9), and nProbe-based IPFIX.
- Network Traffic matrix (who is talking ?)
- IPv6 support
Install ntopng on Linux
The official website provides binary installation packages for Ubuntu and CentOS. If you are using either of the above and are too reluctant to use the source code for installation, you can directly download the Binary Package installation on the official website and ignore the content below this section.
If you want to install the latest ntopng through the source code, continue to read it.
If you are using Debian, Ubuntu, or Linux Mint, run the following command:
$ Sudo apt-get install libpcap-dev libglib2.0-dev libgeoip-dev redis-server wget libxml2-dev
$ Tar xzf ntopng-1.0.tar.gz-C ~
$ Cd ~ /Ntopng-1.0/
$./Configure
$ Make geoip
$ Make
In the above steps, "make geoip" will automatically download a free version of GeoIP database from maxmind.com through wget. Therefore, it is best to ensure that your system is connected to the Internet.
If you are a Fedora:
$ Sudo yum install libpcap-devel glib2-devel GeoIP-devel libxml2-devel
Libxml2-devel redis wget
$ Tar xzf ntopng-1.0.tar.gz-C ~
$ Cd ~ /Ntopng-1.0/
$./Configure
$ Make geoip
$ Make
If you are CentOS or RHEL, set EPEL repository first, and then execute the same command as Fedora.
For more details, please continue to read the highlights on the next page:
Nagios details: click here
Nagios: click here
Related reading:
Network Monitor Nagios Overview
Nagios construction and Configuration
Build a Nagios monitoring platform in the Nginx Environment
Configure the basic Nagios System on RHEL5.3 (using Nagios-3.1.2)
CentOS 5.5 + Nginx + Nagios monitoring and control terminal installation and Configuration Guide