Install ntopng on CentOS 7 to Monitor Network Traffic

Ntopng, is one of the most popular and powerful open-source network traffic monitoring tools that shows real-time traffic flow and its behaviour in a user friendly and intuitive web interface. The interface has some awesome features like viewing of network traffic, including top hosts data, top flow talkers, application protocols in use, top flow senders data in live mode.

I would like to show you how to install ntopng on CentOS 7. Here are the steps:

Step 1: Prepare and Update the system by installing EPEL using YUM

[root@rnd] # yum install epel-release
[root@rnd] # yum update

Step 2: Installing the ntop repo

First, create the ntop repo file to your system with the following commands:

[root@rnd] # touch /etc/yum.repos.d/ntop.repo

Now edit ntop.repo file by adding the following lines:

[ntop]
name=ntop packages
baseurl=http://www.nmon.net/centos-stable/$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://www.nmon.net/centos-stable/RPM-GPG-KEY-deri
[ntop-noarch]
name=ntop packages
baseurl=http://www.nmon.net/centos-stable/$releasever/noarch/
enabled=1
gpgcheck=1
gpgkey=http://www.nmon.net/centos-stable/RPM-GPG-KEY-deri

Step 3: Install ntopng, redis and necessary dependancies

[root@rnd] # yum update
[root@rnd] # yum –enablerepo=epel install redis ntopng hiredis-devel

Step 4: Start redis and ntopng

[root@rnd] # systemctl start redis.service
[root@rnd] # systemctl enable redis.service
[root@rnd] # systemctl start ntopng.service
[root@rnd] # systemctl enable ntopng.service

Now, check the status of the ntopng service:

[root@rnd] # systemctl status ntopng.service

Or, if full error logs are not shown, use -l with the previous command:

[root@rnd] # systemctl status ntopng.service -l

As you see, the ntopng service is active (running) along with a license error.

Let’s fix the error by modifying the ntopng configuration file ntopng.conf:

[root@rnd] # vi /etc/ntopng/ntopng.conf

Before it might look like:

-G=/var/run/ntopng.pid

After editing it should be like:

-G=/var/run/ntopng.pid\
–community

Restart the ntopng service:

[root@rnd] # systemctl restart ntopng.service

Recheck the status of the ntopng service:

[root@rnd] # systemctl status ntopng.service -l

you shouldn’t see the error notice now.

Step 5: Configure the firewall if it is active

In order to allow accessing ntopng from a web browser, you need to allow traffic on port 3000, the default ntopng communication port:

[root@rnd] # firewall-cmd –zone=public –permanent –add-port=3000/tcp
[root@rnd] # firewall-cmd –reload

Step 6: Visit ntopng from a web browser

Now, you are ready to use a web browser to explore ntopng’s web interface. Access the following URL:

http://[your-server-ip]:3000

Use the default username admin and the default password admin to log in.

 

Now, you have the access to the dashboard. There are some very useful and interesting options to check out there. Here are some snapshots:

 

 

 

 

 

Tuning the configuration

Step 8: Change the default password

After logged in, go to Settings>Manage Users>Edit to change the password of an user.

Step 7: Change the default port for ntopng’s web interface.

Edit the /etc/ntopng/ntopng.conf file.

[root@rnd] # vi /etc/ntopng/ntopng.conf

Add the line:

–http-port=[your desired port number]

For example, if you want the ntopng to listen on port 3001 your ntopng.conf file should look like this:

-G=/var/run/ntopng.pid\
–http-port=3001
–community

Restart ntopng:

[root@rnd] # systemctl restart ntopng.service

Verify the configuration. Your server should listen on port 3001 instead of 3000 for ntopng as highlighted below:

[root@rnd] # netstat -n -p -l

Now, you should be able to access ntop using the following URL:

http://[your-server-ip]:3001

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.