Ntopng, is one of the most popular and powerful open-source network traffic monitoring tools that shows real-time traffic flow and its behaviour in a user friendly and intuitive web interface. The interface has some awesome features like viewing of network traffic, including top hosts data, top flow talkers, application protocols in use, top flow senders data in live mode.
I would like to show you how to install ntopng on CentOS 7. Here are the steps:
Step 1: Prepare and Update the system by installing EPEL using YUM
[root@rnd] # yum install epel-release
[root@rnd] # yum update
Step 2: Installing the ntop repo
First, create the ntop repo file to your system with the following commands:
[root@rnd] # touch /etc/yum.repos.d/ntop.repo
Now edit ntop.repo file by adding the following lines:
[ntop]
name=ntop packages
baseurl=http://www.nmon.net/centos-stable/$releasever/$basearch/
enabled=1
gpgcheck=1
gpgkey=http://www.nmon.net/centos-stable/RPM-GPG-KEY-deri
[ntop-noarch]
name=ntop packages
baseurl=http://www.nmon.net/centos-stable/$releasever/noarch/
enabled=1
gpgcheck=1
gpgkey=http://www.nmon.net/centos-stable/RPM-GPG-KEY-deri
Step 3: Install ntopng, redis and necessary dependancies
[root@rnd] # yum update
[root@rnd] # yum –enablerepo=epel install redis ntopng hiredis-devel
Step 4: Start redis and ntopng
[root@rnd] # systemctl start redis.service
[root@rnd] # systemctl enable redis.service
[root@rnd] # systemctl start ntopng.service
[root@rnd] # systemctl enable ntopng.service
Now, check the status of the ntopng service:
[root@rnd] # systemctl status ntopng.service
Or, if full error logs are not shown, use -l with the previous command:
[root@rnd] # systemctl status ntopng.service -l
As you see, the ntopng service is active (running) along with a license error.
Let’s fix the error by modifying the ntopng configuration file ntopng.conf:
[root@rnd] # vi /etc/ntopng/ntopng.conf
Before it might look like:
-G=/var/run/ntopng.pid
After editing it should be like:
-G=/var/run/ntopng.pid\
–community
Restart the ntopng service:
[root@rnd] # systemctl restart ntopng.service
Recheck the status of the ntopng service:
[root@rnd] # systemctl status ntopng.service -l
you shouldn’t see the error notice now.
Step 5: Configure the firewall if it is active
In order to allow accessing ntopng from a web browser, you need to allow traffic on port 3000, the default ntopng communication port:
[root@rnd] # firewall-cmd –zone=public –permanent –add-port=3000/tcp
[root@rnd] # firewall-cmd –reload
Step 6: Visit ntopng from a web browser
Now, you are ready to use a web browser to explore ntopng’s web interface. Access the following URL:
http://[your-server-ip]:3000
Use the default username admin and the default password admin to log in.
Now, you have the access to the dashboard. There are some very useful and interesting options to check out there. Here are some snapshots:
Tuning the configuration
Step 8: Change the default password
After logged in, go to Settings>Manage Users>Edit to change the password of an user.
Step 7: Change the default port for ntopng’s web interface.
Edit the /etc/ntopng/ntopng.conf file.
[root@rnd] # vi /etc/ntopng/ntopng.conf
Add the line:
–http-port=[your desired port number]
For example, if you want the ntopng to listen on port 3001 your ntopng.conf file should look like this:
-G=/var/run/ntopng.pid\
–http-port=3001
–community
Restart ntopng:
[root@rnd] # systemctl restart ntopng.service
Verify the configuration. Your server should listen on port 3001 instead of 3000 for ntopng as highlighted below:
[root@rnd] # netstat -n -p -l
Now, you should be able to access ntop using the following URL:
http://[your-server-ip]:3001
Very Good Awal..
[root@rnd] # firewall-cmd –zone=public –permanent –add-port=3000/tcp
[root@rnd] # firewall-cmd –reload
Thanks Fizi. Hope that was helpful.