Installing and configuring NTOPNG on CentOS
I am a relative Linux novice. I am pretty comfortable with scripting and understand the basics of compiling. With that said, I am having significant difficulties installing NTOPNG. I need a solution for network monitoring and NetFlow packet capture that doesn't cost and arm and a leg. I have been able to converse with Luca Deri who developed the application but I haven't been able to get a good walkthrough on setting it up.
I am looking for someone who has experience getting ntopng running. We mainly use Cisco ASAs in our systems and need to capture flow data from these. I would like to use ntopng and nprobe to do this. I can install ntop by simply using the yum install ntop command but I want the features of the new version. I have been trying to follow various walkthroguhs of installing it but I keep running into snags. Hopefully someone has experience with this.
I have been using
http://www.nmon.net/centos/
and
http://blog.jamesspencer.me/2013/08/install-ntop-ng-101-on-centos-64.html
but haven't gotten it running. If anyone has experience with this, I can post some more details.
Thanks!
I am looking for someone who has experience getting ntopng running. We mainly use Cisco ASAs in our systems and need to capture flow data from these. I would like to use ntopng and nprobe to do this. I can install ntop by simply using the yum install ntop command but I want the features of the new version. I have been trying to follow various walkthroguhs of installing it but I keep running into snags. Hopefully someone has experience with this.
I have been using
http://www.nmon.net/centos/
and
http://blog.jamesspencer.me/2013/08/install-ntop-ng-101-on-centos-64.html
but haven't gotten it running. If anyone has experience with this, I can post some more details.
Thanks!
Duncan Roe
When you say you haven't got it to run, what actual error message do you get?
ASKER
I was having compilation errors, but I found a guide that got it running. I am able to access the web GUI and it seems to be pulling data but I'm not certian that it is accurate.
It is running on a virtual machine hosted on an ESXi server. I imagine that it is only seeing packets that pass by it's interface but it does see other hosts on the network. The data rates it is reporting seem very low for the network it is in.
I am pointing the local network's ASA to the server using port 9996. The thing is, I don't see anywhere to configure this port so I'm not sure that the server is looking for data on that port. This makes me believe I need to use nProbe. Getting this up and running is proving to be difficult now as well. I am following this guide:
http://luca.ntop.org/nProbeInstallationGuide.pdf
On page 15 it specifies some configuration parameters but I cannot find any of the files it mentions. First of all, the documentation is out of date. The file that I download from their website is not a .tar file, it is a .deb file. I extracted this package and I'm still not able to find the files they are talking about. I did use the yum install nProbe command and it seems to have installed it, but I can't find any configuration files. I've looked in the /etc/ folder where ntopng is located, but can't find anything. I just need to get to a point where I can see some real data and then I'll know how to go from there.
Thanks for any input!
It is running on a virtual machine hosted on an ESXi server. I imagine that it is only seeing packets that pass by it's interface but it does see other hosts on the network. The data rates it is reporting seem very low for the network it is in.
I am pointing the local network's ASA to the server using port 9996. The thing is, I don't see anywhere to configure this port so I'm not sure that the server is looking for data on that port. This makes me believe I need to use nProbe. Getting this up and running is proving to be difficult now as well. I am following this guide:
http://luca.ntop.org/nProbeInstallationGuide.pdf
On page 15 it specifies some configuration parameters but I cannot find any of the files it mentions. First of all, the documentation is out of date. The file that I download from their website is not a .tar file, it is a .deb file. I extracted this package and I'm still not able to find the files they are talking about. I did use the yum install nProbe command and it seems to have installed it, but I can't find any configuration files. I've looked in the /etc/ folder where ntopng is located, but can't find anything. I just need to get to a point where I can see some real data and then I'll know how to go from there.
Thanks for any input!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.