Setting Up ntopng On My Laptop To Monitor Network Bandwidth

From Nearline Storage
Revision as of 16:27, 2 December 2020 by Dlk (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Installing ntopng

Install geoipupdate RPM package, create an account at MaxMind, register for an API key, and edit /etc/GeoIP.conf as follows:

# GeoIP.conf file for `geoipupdate` program, for versions >= 3.1.1.
# Used to update GeoIP databases from https://www.maxmind.com.
# For more information about this config file, visit the docs at
# https://dev.maxmind.com/geoip/geoipupdate/.

# `AccountID` is from your MaxMind account.
AccountID YOUR_ACCOUNT_ID_HERE

# `LicenseKey` is from your MaxMind account.
LicenseKey YOUR_LICENSE_KEY_HERE

# `EditionIDs` is from your MaxMind account.
EditionIDs GeoLite2-ASN GeoLite2-City GeoLite2-Country

Run sudo geoipupdate command to install the geoip database files.
Install redis and mariadb-server RPM packages
Compile and install the ntopng and nDPI packages from github.com/ntop

Starting ntopng

$ sudo systemctl start mariadb
$ sudo systemctl start redis
$ sudo ethtool -K ens9 gro off gso off tso off
$ sudo ntopng -i ens9 --packet-filter="not host 192.168.1.198" --dns-mode=1 -F "mysql;localhost;ntopng;ntopng_table;ntopng;ntopng"

  Replace ens9 and 192.168.1.198 with the name and address of the local interface.

Connect to http://localhost:3000
Default id/psw are provided in the UI

Resetting ntopng password

$ sudo redis-cli del ntopng.user.admin.password

Restart ntopng
Password will revert to default: admin

Deleting ntopng data

$ sudo rm -fr /var/lib/ntopng

$ mysql -u notopng -p ntopng
> drop table flowsv4, flowsv6;
> quit;

Can also delete data from redis, which will clear settings and passwords as well:

$ sudo redis-cli keys "ntopng.*" | xargs sudo redis-cli del 
$ sudo redis-cli keys "ntonpng.*" | xargs sudo redis-cli del

Notes

After first installing ntopng, or after deleting data, the six category list files defined by default will not exist. Error's will appear in the console log to that effect. These tables can be loaded (updated) manually from the Category Lists menu in the UI or they will get updated automatically as ntopng runs.