Install ntopng on Rocky Linux 8

gen_too
|
Last Updated:
|
Monitoring, HowTos
|
Leave a Comment

This guide will take you through how to install ntopng on Rocky Linux 8. ntopng is a high performance web-based network traffic monitoring application. It provides a intuitive, encrypted web user interface for the exploration of realtime and historical traffic information.

Installing ntopng on Rocky Linux 8

There exists various versions of ntopng. From community versions to Enterprise versions.

We will learn how to install community version of ntopng on Rocky Linux 8.

Install the ntop Packages Repository on Rocky Linux 8

ntopng is not available on default Rocky Linux 8 repositories.

Thus, you need to install the ntop Packages Repository. 

wget https://packages.ntop.org/centos-stable/ntop.repo -O /etc/yum.repos.d/ntop.repo

Install and enable other repositories

dnf install epel-release
dnf install http://rpms.remirepo.net/enterprise/remi-release-8.rpm
dnf config-manager --set-enabled powertools

Install ntopng

Next, execute the commands below to install ntopng.

dnf erase zeromq3
dnf install pfring-dkms n2disk nprobe ntopng cento pfring-drivers-zc-dkms

Run ntopng community Version

In order to run the community version of ntopng, edit the configuration file, /etc/ntopng/ntopng.conf, by running the command below;

sed -i 's#-G=/var/run/ntopng.pid#-G=/var/run/ntopng.pid \\n--community#'  /etc/ntopng/ntopng.conf

That is the only configuration we can make in this demo. The file is highly commented and you can read through it for more configuration options.

Running ntopng Service

Start and enable ntopng to run on system boot;

systemctl enable --now ntopng

Check the status;

systemctl status ntopng

● ntopng.service - ntopng high-speed web-based traffic monitoring and analysis tool
   Loaded: loaded (/usr/lib/systemd/system/ntopng.service; disabled; vendor preset: disabled)
   Active: active (running) since Thu 2021-07-22 13:20:13 EAT; 12s ago
  Process: 5087 ExecStopPost=/bin/rm -rf /run/ntopng.conf /run/ntopng.conf.raw /run/ntopng.pid (code=exited, status=0/SUCCESS)
  Process: 5510 ExecStartPre=/bin/sh -c /bin/sed "/^[ ]*-e.*$\|^[ ]*-G.*\|^[ ]*--daemon.*\|[ ]*--pid.*/s/^/#/" /run/ntopng.conf.raw > /run/ntopng.conf (code=exited, status>
  Process: 5507 ExecStartPre=/bin/sh -c /bin/cat /etc/ntopng/ntopng.conf.d/*.conf >> /run/ntopng.conf.raw 2>/dev/null || true (code=exited, status=0/SUCCESS)
  Process: 5503 ExecStartPre=/bin/sh -c /bin/cat /etc/ntopng/ntopng.conf > /run/ntopng.conf.raw (code=exited, status=0/SUCCESS)
  Process: 5490 ExecStartPre=/bin/sh -c /usr/bin/ntopng-utils-manage-config -a check-restore  && /usr/bin/ntopng-utils-manage-config -a restore || true (code=exited, statu>
 Main PID: 5512 (ntopng)
    Tasks: 47 (limit: 23673)
   Memory: 203.7M
   CGroup: /system.slice/ntopng.service
           └─5512 /usr/bin/ntopng /run/ntopng.conf

Jul 22 13:20:16 rocky8.kifarunix-demo.com ntopng[5512]: 22/Jul/2021 13:20:16 [Ntop.cpp:882] Adding fe80::301d:abeb:ad8b:6c56/64 as IPv6 local network for enp0s8
Jul 22 13:20:16 rocky8.kifarunix-demo.com ntopng[5512]: 22/Jul/2021 13:20:16 [PeriodicActivities.cpp:107] Started periodic activities loop...
Jul 22 13:20:17 rocky8.kifarunix-demo.com ntopng[5512]: 22/Jul/2021 13:20:17 [startup.lua:50] Processing startup.lua: please hold on...
Jul 22 13:20:18 rocky8.kifarunix-demo.com ntopng[5512]: 22/Jul/2021 13:20:18 [startup.lua:144] [lists_utils.lua:758] Refreshing category lists...
Jul 22 13:20:18 rocky8.kifarunix-demo.com ntopng[5512]: 22/Jul/2021 13:20:18 [startup.lua:144] [lists_utils.lua:696] Category Lists (695 hosts, 3140 IPs, 99 JA3) loaded in>
Jul 22 13:20:18 rocky8.kifarunix-demo.com ntopng[5512]: 22/Jul/2021 13:20:18 [startup.lua:218] Startup completed: ntopng is now operational
Jul 22 13:20:18 rocky8.kifarunix-demo.com ntopng[5512]: 22/Jul/2021 13:20:18 [PeriodicActivities.cpp:168] Each periodic activity script will use 4 threads
Jul 22 13:20:18 rocky8.kifarunix-demo.com ntopng[5512]: 22/Jul/2021 13:20:18 [NetworkInterface.cpp:2749] Started packet polling on interface lo [id: 1]...
Jul 22 13:20:18 rocky8.kifarunix-demo.com ntopng[5512]: 22/Jul/2021 13:20:18 [NetworkInterface.cpp:2749] Started packet polling on interface enp0s3 [id: 2]...
Jul 22 13:20:18 rocky8.kifarunix-demo.com ntopng[5512]: 22/Jul/2021 13:20:18 [NetworkInterface.cpp:2749] Started packet polling on interface enp0s8 [id: 3]...

Access ntopng Web Interface

By default, ntopng listens on port 3000/tcp.

ss -altnp | grep 3000
LISTEN 0      128          0.0.0.0:3000      0.0.0.0:*    users:(("ntopng",pid=5512,fd=45))

Hence, open this port on firewalld:

firewall-cmd --permanent --add-port=3000/tcp
firewall-cmd --reload

Next, navigate to http://server-IP:3000

Login using the default credentials: admin:admin and reset the password afterwards.

ntopng login

Some dashboards for ntopng;

dashboard

Alerts

alerts
interface

And that is it. ntopng is now installed and running. You can read further on the documentation page;

ntopng Documentation

Other tutorials

Detecting Malicious Files with Wazuh and VirusTotal

Install Prometheus on Rocky Linux 8

Install Grafana on Rocky Linux 8

SUPPORT US VIA A VIRTUAL CUP OF COFFEE

We're passionate about sharing our knowledge and experiences with you through our blog. If you appreciate our efforts, consider buying us a virtual coffee. Your support keeps us motivated and enables us to continually improve, ensuring that we can provide you with the best content possible. Thank you for being a coffee-fueled champion of our work!

Photo of author
gen_too
Co-founder of Kifarunix.com, Linux Tips and Tutorials. Linux/Unix admin and author at Kifarunix.com.

Related Posts

Install and Setup OpenVPN Server on Ubuntu 20.04

Integrate Suricata with Wazuh for Log Processing

Different Kinds Of New Bonuses In Online Bingo

Install Nagios Core on Debian 10 Buster

How to Install Wine 4.0 on Debian 9.8

Mount Remote Filesystem Over SSH using SSHFS

Leave a Comment

© 2024 kifarunix.com

Home Advertise with us Privacy Policy