Installing network monitoring Software on the CentOS system ntopng

What's ntopng?

Ntopng is a web-based high-speed communication analyzer and flow collector. Ntopng is based on NTOP, which runs on all UNIX platforms, MacOS x, and Windows.

Characteristics

From the Ntopng website, we can see that they say it has a lot of features. Some of these are listed here:

Sort network traffic by various protocols

Activate host that displays network traffic and IPV4/V6

Continuously stores the communication data of the location host in RRD format to disk

Discover application protocols through the Ndpi,ntop DPI framework

Shows the distribution of IP traffic between various protocols

Analyze IP traffic and sort by source/destination Address

Displays the matrix of the IP communication subnet (who is communicating with whom?)

Report IP protocol usage by protocol type

Generate Html5/ajax network communication data

Prerequisites for Installation

NTOP for CentOS and 64-bit Ubuntu precompiled packages, you can find these packages on their download page. For 32-bit operating systems, you must compile from the source code. This article was tested on the CentOS 6.4 32-bit version. However, it can also work on other Linux versions based on Centos/redhat. Let's get started.

Development tools

You have to make sure that you have all the development tools you need to compile ntopng, and you can use the Yum command to install the development tools:

The code is as follows:

# yum Groupinstall ' Development Tools '

Install Tcl

The code is as follows:

# yum Install Tcl

Install Libpcap

The code is as follows:

# yum Install Libpcap Libpcap-devel

Install Redis

The code is as follows:

# wget http://redis.googlecode.com/files/redis-2.6.13.tar.gz

# tar ZXFV redis-2.6.13.tar.gz

# CD redis-2.6.13

# Make 32bit

# Make Test

# make Install

Install Ntopng

Method 1:

The code is as follows:

# wget Http://sourceforge.net/projects/ntop/files/ntopng/ntopng-1.1_6932.tgz/download

# tar ZXFV ntopng-1.1_6932.tgz

# CD ntopng-1.1_6932

#./configure

# make

# make Install

Method 2:

On my CentOS 6.4, I received an error message using Method 1 o'clock, and the error message reads as follows:

The code is as follows:

./third-party/luajit-2.0.2/src/libluajit.a:could not read symbols:file in wrong format

So I switched to SVN to install it. For this approach, networking is required, as follows:

The code is as follows:

# SVN Co https://svn.ntop.org/svn/ntop/trunk/ntopng/

#./autogen.sh

#./configure

# make

# make Install

Since Ntopng is a web based application, your system must have a working Web server installed

Create a profile for Ntopng

If everything is installed, then we have to run it. By default, if we do not explicitly modify the installation folder at this step of the./configure, Redis and Ntopng will be installed to the/usr/local/folder. Next, we need to create a configuration file for Ntopng. In this article, we use VI as a text editor. You can also use your favorite text editor to create a ntopng configuration file.

The code is as follows:

# CD/USR/LOCAL/ETC

# mkdir Ntopng

# CD Ntopng

# VI Ntopng.start

Put in these lines:

The code is as follows:

--local-network "10.0.2.0/24"

--interface 1

< p> # VI Ntopng.pid

Put in the line:

The code is as follows:

-g=/var/run/ntopng.pid

Save the files, and then continue to the next step.

Run Ntopng

We assume that you have installed the network server correctly, then the next step is to run the Redis server.

Copy Code

The code is as follows:

#/usr/local/bin/redis-server

Then, run Ntopng

Copy Code

The code is as follows:

#/usr/local/bin/ntopng

Test Ntopng

Now you can test the Ntopng application by visiting http://yourserver.name:3000 and you will see the ntopng login page. First login, you can use the user ' admin ' and password ' admin '.

The dashboard is fairly concise. When you log in, you will see a page about the top traffic communicator.

If you click on the Flow menu at the top of the right, Ntopng will show more details of the activity flow.

On the host menu, you can see all the hosts connected to the stream.

Ntopng Hosts List

If you click host > Interaction, NTOP will display a nice interactive information graph between the hosts.

Instrument panel Menu

Part:

Top-level host (send + receive)

Top Application Protocols

Ntopng Apps

The interface menu will lead you into more internal menus. The Package menu will show you the size distribution of the package.

The Protocol menu will show you how many protocols are used and the percentages used.

You can also view the active degree by using the history active menu.

The final point is that you can also manage which users can access ntopng through the Settings menu (the one in the gear icon) on the top right side of the section.

Ntopng provides you with a wide range of timelines, from 5 minutes to 1 years. You just need to click on the timeline you want to show. The chart itself is clickable and you can click it to zoom in.

Of course, ntopng can do much more than the pictures shown above. You can also integrate positioning and electronic map services. On Ntopng's own website, there are paid modules available, such as nprobe can extend the information ntopng can provide to you. For more information about Ntopng, you can visit the Ntopng website.