Ntopng real-time network traffic monitoring system setup

Last Update:2014-07-19 Source: Internet

Author: User

Tags geoip

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Install the ntopng RPM package

It is also very easy to use the source code package, mainly because centos should be configured in advance.EPEL-RELEASEFacilitate dependency package installation,

Compile the source code package.

Ntopng introduction:

Ntopng is the next-generation ntop version. It monitors and displays network traffic in real time. Ntopng is similar to rmon remote network monitoring proxy and has built-in Web service capabilities. It uses the redis key value service to store statistics in a time series. You can install ntopng on any specified Monitoring Server. You only need to use any web browser to access traffic reports on the server in real time.

Ntopng users can use a web browser to browse ntop (that is, as a web server) traffic information and get a network status dump. In the latter case, we can see that ntop has an embedded network interface as a simple remote monitoring agent. Usage:

A network interface.

Limited configuration and management through the Web interface.

Reduce CPU and memory usage (depending on the network size and traffic ).

Ntopng basic functions:

Automatically identifies useful information from the network;

Converts intercepted data packets into a format that is easy to recognize;

Analyzes communication failures in the network environment;

Measure the test taker's knowledge about the time and process of network communication.

Monitoring Engine for clean Separation

Reporting Facility.

Sturdy, collision engine (ntop is not true ).

Platform extension or script writing

You do not need to restart the instance during running.

The Real-time Monitoring Tool collects data (5 minutes) and submits the data when it is too late.

Many new features, including HTML5-based dynamic graphic user interfaces, classification, DPI.

I. System Environment

System: centos 6.3 64-bit

Kernel version: 2.6.32-279. el6.x86 _ 64

Disable iptables

Disable SELinux

Disable NetworkManager

2. Add a new third-party network Yum Source

Add third-party Yum sources. centos and 163 do not have the following packages

# Wget http://ftp.sjtu.edu.cn/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm

# Ls/etc/yum. Repos. d

CentOS-6-Base-163.repo CentOS-Media.repo.back

# Rpm-IVH epel-release-6-8.noarch.rpm

# Ls/etc/yum. Repos. d

CentOS-6-Base-163.repo CentOS-Media.repo.backEpel. Repo epel-testing.repo

# Yum makecache // generate Cache

3. Install the ntopng dependency package

# Yum install-y redis geoip-devel geoip

# Yum install-y rrdtool * // plot

4. Install ntopng

Note: The libzmq3-3.2.2-5.1.x86_64.rpm package needs to be installed in advance and ntopng will depend on it.

If this parameter is not installed, an error is returned:

Error: Failed dependencies:

Libzmq. so.3 () (64bit) is needed by ntopng-1.1.4_7922-7922.x86_64

# Wget ftp://ftp.pbone.net/mirror/ftp5.gwdg.de/pub/opensuse/repositories/home:/jblunck:/messaging/CentOS_CentOS-6/x86_64/libzmq3-3.2.2-5.1.x86_64.rpm

# Wget http://www.nmon.net/centos/6/x86_64/Packages/ntopng-1.1.4_7922-7922.x86_64.rpm

# Wget http://www.nmon.net/centos/6/x86_64/Packages/ntopng-data-1.1.4_7922-7922.x86_64.rpm

# Rpm-IVH libzmq3-3.2.2-5.1.x86_64.rpm

# Rpm-IVH ntopng-1.1.4_7922-7922.x86_64.rpm

# Rpm-IVH ntopng-data-1.1.4_7922-7922.x86_64.rpm

5. Configure ntopng to start

# Cd/etc/ntopng // ntopng Startup File and configuration template file are stored here

# Ls

Ntopng. conf. Sample ntopng. Start // the front side is the configuration template file, followed by the Startup File

# Cp ntopng. conf. Sample ntopng. conf // copy a configuration file.

# Vim ntopng. conf

-G =/var/tmp/ntopng. PID

-- Local-networks "192.168.2.0/24,192.168 .3.0/24" // specify the monitored CIDR Block

-- Interface eth0 // specifies the Monitoring Interface

-- Interface eth1

-- Interface eth2

-- User ntopng // specifies the account to run

-- Http-port 3333 // specify the port of the web service. If this parameter is not specified, the default port is port 3000.

Parameter description:

-G: Specifies the process number file used for running.

-- Local-Network: Specifies the local subnet

-- Interface eth2 specifies to listen to the traffic on the eth2 Nic

-- User ntopng specifies the account used to run the service

-- Http-port 3333: Specify the service port displayed on the web. If this parameter is not specified, the default value is 3000.

#/Etc/init. d/redis restart // start redis first, and ntopng uses redis to store statistics

#/Etc/init. d/ntopng restart

6. Access ntopng

1) http: // 127.0.0.1: 3333 ntopng default account and password are admin

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/3F/3B/wKiom1PIvmvxTcb7AAEsabnb45w542.jpg "Title =" 1.jpg" alt = "wkiom1pivmvxtcb7aaesabnb45w542.jpg"/>

2) view all online host traffic

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/3F/40/wKiom1PIwhaS_g8qAALqeb9n8Xw180.jpg "Title =" 2.jpg" alt = "wkiom1piwhas_g8qaalqeb9n8xw180.jpg"/>

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/3F/43/wKioL1PIxVqjaFybAADER6Mfrho807.jpg "Title =" 2.jpg" alt = "wkiol1pixvqjafybaader6mfrho807.jpg"/>

3) view IP addresses of all online hosts

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/3F/44/wKioL1PIxxLQpFsTAAKWGUrOpXw525.jpg "Title =" 2.jpg" alt = "wkiol1pixxlqpfstaakwguropxw525.jpg"/> 650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/3F/46/wKiom1PIxjLRDnitAAHY_r1m4ac499.jpg "Title =" 2.jpg" alt = "wkiom1pixjlrdnitaahy_r1m4ac499.jpg"/>

4) monitored Nic Interfaces

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/3F/4A/wKioL1PIx-Owb3bpAAC7coUqYkU510.jpg "Title =" 2.jpg" alt = "wKioL1PIx-Owb3bpAAC7coUqYkU510.jpg"/>

5) Account Management

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/3F/4B/wKiom1PIyQfiYUUpAAE1NFDMI3A060.jpg "Title =" 2.jpg" alt = "wkiom1piyqfiyuupaae1nfdmi3a060.jpg"/>

6) set the refresh frequency

Click --> interfaces --> set the refresh time at the bottom of the NIC Interface

650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/3F/4B/wKioL1PIy0OBqlV_AACWo3a9W2A681.jpg "Title =" 2.jpg" alt = "wkiol1piy0obqlv_aacwo3a9w2a681.jpg"/>

There are still many applications. For more information, please study other functions on your own !!!

This article from the "End-to-End" blog, please be sure to keep this source http://beijing0414.blog.51cto.com/8612563/1439968

Ntopng real-time network traffic monitoring system setup

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More