mirror of
https://github.com/LCTT/TranslateProject.git
synced 2024-12-26 21:30:55 +08:00
Merge pull request #2839 from GOLinux/master
[Translated]20150525 Linux ntopng--Network Monitoring Tool Installation Screenshots.md
This commit is contained in:
joeren
commit
1c26291f46
@ -1,189 +0,0 @@
|
||||
Translating by GOLinux!
|
||||
Linux ntopng - Network Monitoring Tool Installation (Screenshots)
|
||||
================================================================================
|
||||
Nowdays computers are connected between each other. From the small area such as your home Local Area Network (LAN) until the the biggest one which we call - Internet. When you are managing a network computer, you are managing one of the most critical component. Since most of developed application is web based application, the network between critical.
|
||||
|
||||
There is why we need a network monitoring tool. One of the best network monitoring tool is called ntop. From [Wikipedia][1] “ntop is a network probe that shows network usage in a way similar to what top does for processes. In interactive mode, it displays the networkstatus on the user's terminal. In Web mode, it acts as a web server, creating a HTML dump of the network status. It supports a NetFlow/sFlowemitter/collector, a HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics”
|
||||
|
||||
Now after 15 years, you will find ntopng - the next generation ntop.
|
||||
|
||||
### What is ntopng ###
|
||||
|
||||
Ntopng is a high-speed web-based traffic analysis and flow collection. Ntopng is based from ntop. It’s run on every Unix platform, MacOS X and Windows.
|
||||
|
||||
### Features ###
|
||||
|
||||
From [ntopng website][2], they said there are many features of it. Here’s some of the list :
|
||||
|
||||
- Sort network traffic according to many protocols
|
||||
- Show network traffic and IPv4/v6 active hosts
|
||||
- Store on disk persistent traffic statistics in RRD format Geolocate hosts
|
||||
- Discover application protocols by leveraging on nDPI, ntop’s DPI framework
|
||||
- Show IP traffic distribution among the various protocols
|
||||
- Analyse IP traffic and sort it according to the source/destination
|
||||
- Display IP Traffic Subnet matrix (who’s talking to who?)
|
||||
- Report IP protocol usage sorted by protocol type
|
||||
- Produce HTML5/AJAX network traffic statistics
|
||||
|
||||
### Installation ###
|
||||
|
||||
Ntop is available in pre-compiled packages for CentOS dan Ubuntu **64-bit based**. You may find the packages in [their download page][3]. For 32-bit operating system, you have to compile it from the source. This article is **tested** on **CentOS 6.4 32-bit** version. But it may works also in other version of CentOS / RedHat based Linux. Let’s start.
|
||||
|
||||
#### Prerequisites ####
|
||||
|
||||
#### Development Tools ####
|
||||
|
||||
You have to make sure that you have all development tools which is needed to compile ntopng. To install the development tools you can use yum command :
|
||||
|
||||
# yum groupinstall ‘Development Tools’
|
||||
|
||||
#### Install TCL ####
|
||||
|
||||
# yum install tcl
|
||||
|
||||
#### Install libpcap ####
|
||||
|
||||
# yum install libpcap libcap-devel
|
||||
|
||||
#### Install Redis ####
|
||||
|
||||
# wget http://redis.googlecode.com/files/redis-2.6.13.tar.gz
|
||||
# tar zxfv redis-2.6.13.tar.gz
|
||||
# cd redis-2.6.13
|
||||
# make 32bit
|
||||
# make test
|
||||
# make install
|
||||
|
||||
### Install ntopng ###
|
||||
|
||||
#### Method 1 : ####
|
||||
|
||||
# wget http://sourceforge.net/projects/ntop/files/ntopng/ntopng-1.1_6932.tgz/download
|
||||
# tar zxfv ntopng-1.1_6932.tgz
|
||||
# cd ntopng-1.1_6932
|
||||
# ./configure
|
||||
# make
|
||||
# make install
|
||||
|
||||
#### Method 2 : ####
|
||||
|
||||
On my CentOS 6.4 , I got an error message when using Method 1. Here’s the error message :
|
||||
|
||||
./third-party/LuaJIT-2.0.2/src/libluajit.a : could not read symbols : File in wrong format
|
||||
|
||||
So I **switch** to install it using **SVN**. Internet connection is required for this installation method. Here’s the steps :
|
||||
|
||||
# svn co https://svn.ntop.org/svn/ntop/trunk/ntopng/
|
||||
# ./autogen.sh
|
||||
# ./configure
|
||||
# make
|
||||
# make install
|
||||
|
||||
*Since ntopng is a web-based application, your system must have a working web-server installed*
|
||||
|
||||
### Create configuration files for ntopng ###
|
||||
|
||||
If everything is installed, then it’s time for us to running it. By default, redis and ntopng will installed in /usr/local/ folder if we don’t change the installation folder explicitly in ./configure step. Next we need to create configuration files for ntopng. In this article we use vi as text editor. You can use your favorite text editor to create ntopng configuration files.
|
||||
|
||||
# cd /usr/local/etc
|
||||
# mkdir ntopng
|
||||
# cd ntopng
|
||||
# vi ntopng.start
|
||||
|
||||
Put these lines :
|
||||
--local-network “10.0.2.0/24”
|
||||
--interface 1
|
||||
|
||||
# vi ntopng.pid
|
||||
|
||||
Put this line :
|
||||
-G=/var/run/ntopng.pid
|
||||
|
||||
Save those files and we can continue to the next step
|
||||
|
||||
### Run ntopng ###
|
||||
|
||||
We assume that you have installed web server correctly, then the next step is to run redis server.
|
||||
|
||||
# /usr/local/bin/redis-server
|
||||
|
||||
|
||||
|
||||
Then **run** ntopng
|
||||
|
||||
# /usr/local/bin/ntopng
|
||||
|
||||
|
||||
|
||||
### Testing ntopng ###
|
||||
|
||||
Now you can test your ntopng application by typing [http://yourserver.name:3000][4] . You will see ntopng login page. For the first time, you can use user ‘**admin**’ and password ‘**admin**’.
|
||||
|
||||
|
||||
|
||||
The dashboard is quite simple. After you logged in, you will see an information about Top Flow Talkers.
|
||||
|
||||
|
||||
|
||||
If you click **Flows menu** on the right top, ntopng will show you more detail about Active Flows.
|
||||
|
||||
|
||||
|
||||
On **Hosts menu**, you can see all hosts which are connected to the flows
|
||||
|
||||
|
||||
|
||||
If you click **Hosts > Interactions**, ntop will show you a nice graphic about interaction which happen between them.
|
||||
|
||||
|
||||
|
||||
**Dashboard menu** consist of :
|
||||
|
||||
#### Top Hosts (Send+Receive) ####
|
||||
|
||||
|
||||
|
||||
#### Top Application Protocol ####
|
||||
|
||||
|
||||
|
||||
**Interfaces menu** will bring you more menus inside. Packets menu shows you size distribution of packets.
|
||||
|
||||
|
||||
|
||||
**Protocols menus** will give you information about how many protocols that have been used and its percentage.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
You can also see the activity by using **Historical Activity menu**
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Last but not least, you can also manage the user who can access ntopng via **Settings menu** on the top right area (the one that have a gear icon). Then click **Manage Users**.
|
||||
|
||||
|
||||
|
||||
Ntopng provide you with a wide range of timeframe, from every 5 minutes until 1 year. You just need to click the timeframe you want to show. The graphic itself is clickable. You can click it to zoom it.
|
||||
|
||||
Of course, ntopng is more than just pictures above. You can also integrates it with GeoLocation and GeoMap services. From ntopng website it self, there are a paid modul such as nprobe to enrich the information provided by ntopng. For more detail usage of ntopng, please visit [ntopng website][5].
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: http://linoxide.com/monitoring-2/ntopng-network-monitoring-tool/
|
||||
|
||||
作者:[Pungki Arianto][a]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]:http://linoxide.com/author/pungki/
|
||||
[1]:http://en.wikipedia.org/wiki/Ntop
|
||||
[2]:http://www.ntop.org/products/ntop/
|
||||
[3]:http://www.nmon.net/packages/
|
||||
[4]:http://yourserver.name:3000/
|
||||
[5]:http://www.ntop.org/
|
||||
@ -0,0 +1,189 @@
|
||||
Linux ntopng——网络监控工具的安装(附截图)
|
||||
================================================================================
|
||||
当今世界,人们的计算机都相互连接,互联互通。小到你的家庭局域网(LAN),大到最大的一个被我们称为的——互联网。当你管理一台联网的计算机时,你就是在管理最关键的组件之一。由于大多数开发出的应用程序都基于网络,网络就连接起了这些关键点。
|
||||
|
||||
这就是为什么我们需要网络监控工具。最好的网络监控工具之一,它叫作ntop。来自[维基百科][1]的知识“ntop是一个网络探测器,它以与top显示进程般类似的方式显示网络使用率。在交互模式中,它显示了用户终端上的网络状态。在网页模式中,它作为网络服务器,创建网络状态的HTML转储文件。它支持NetFlow/sFlowemitter/collector,这是一个基于HTTP的客户端界面,用于创建ntop为中心的监控应用和RRD用于持续地存储通信数据”
|
||||
|
||||
15年后的今天,你将见到ntopng——下一代ntop。
|
||||
|
||||
### ntopng是什么 ###
|
||||
|
||||
Ntopng是一个基于网页的高速通信分析器和流量收集器。Ntopng基于ntop,它运行于所有Unix平台、MacOS X和Windows。
|
||||
|
||||
### 特性 ###
|
||||
|
||||
从[ntopng网站][2]上,我们可以看到他们说它有众多的特性。这里列出了其中一些:
|
||||
|
||||
- 按各种协议对网络通信排序
|
||||
- 显示网络通信和IPv4/v6激活的主机
|
||||
- 持续不断以RRD格式存储定位主机的通信数据到磁盘
|
||||
- 通过nDPI,ntop的DPI框架,发现应用协议
|
||||
- 显示各种协议间的IP通信分布
|
||||
- 分析IP通信,并根据源/目的地址进行排序
|
||||
- 显示IP通信子网的矩阵(谁在和谁通信?)
|
||||
- 报告按协议类型排序的IP协议使用率
|
||||
- 生成HTML5/AJAX网络通信数据
|
||||
|
||||
### 安装 ###
|
||||
|
||||
Ntop为CentOS和**基于64位**Ubuntu预编译好了包,你可以在[他们的下载页面][3]找到这些包。对于32位操作系统,你必须从源代码编译。本文在**CentOS 6.4 32位**版本上**测试过**。但是,它也可以在其它基于CentOS/RedHat的Linux版本上工作。让我们开始吧。
|
||||
|
||||
#### 先决条件 ####
|
||||
|
||||
#### 开发工具 ####
|
||||
|
||||
你必须确保你安装了编译ntopng所需的所有开发工具,要安装开发工具,你可以使用yum命令:
|
||||
|
||||
# yum groupinstall ‘Development Tools’
|
||||
|
||||
#### 安装TCL ####
|
||||
|
||||
# yum install tcl
|
||||
|
||||
#### 安装libpcap ####
|
||||
|
||||
# yum install libpcap libcap-devel
|
||||
|
||||
#### 安装Redis ####
|
||||
|
||||
# wget http://redis.googlecode.com/files/redis-2.6.13.tar.gz
|
||||
# tar zxfv redis-2.6.13.tar.gz
|
||||
# cd redis-2.6.13
|
||||
# make 32bit
|
||||
# make test
|
||||
# make install
|
||||
|
||||
### 安装ntopng ###
|
||||
|
||||
#### 方法 1 : ####
|
||||
|
||||
# wget http://sourceforge.net/projects/ntop/files/ntopng/ntopng-1.1_6932.tgz/download
|
||||
# tar zxfv ntopng-1.1_6932.tgz
|
||||
# cd ntopng-1.1_6932
|
||||
# ./configure
|
||||
# make
|
||||
# make install
|
||||
|
||||
#### 方法 2 : ####
|
||||
|
||||
在我的CentOS 6.4上,我使用方法 1时收到了一个错误消息,错误消息内容如下:
|
||||
|
||||
./third-party/LuaJIT-2.0.2/src/libluajit.a : could not read symbols : File in wrong format
|
||||
|
||||
所以,我**切换**到了**SVN**来安装。对于此方法,需要联网,步骤如下:
|
||||
|
||||
# svn co https://svn.ntop.org/svn/ntop/trunk/ntopng/
|
||||
# ./autogen.sh
|
||||
# ./configure
|
||||
# make
|
||||
# make install
|
||||
|
||||
*由于ntopng是一个基于网页的应用,你的系统必须安装有工作良好的网络服务器*
|
||||
|
||||
### 为ntopng创建配置文件 ###
|
||||
|
||||
如果一切都已安装完毕,那么我们该来运行它了。默认情况下,如果我们在./configure这一步没有明确修改安装文件夹的话,redis和ntopng将安装到/usr/local/文件夹。接下来,我们需要为ntopng创建配置文件。在本文中,我们使用vi作为文本编辑器。你也可以使用你所中意的文本编辑器来创建ntopng的配置文件。
|
||||
|
||||
# cd /usr/local/etc
|
||||
# mkdir ntopng
|
||||
# cd ntopng
|
||||
# vi ntopng.start
|
||||
|
||||
放入这些行:
|
||||
--local-network “10.0.2.0/24”
|
||||
--interface 1
|
||||
|
||||
# vi ntopng.pid
|
||||
|
||||
放入该行:
|
||||
-G=/var/run/ntopng.pid
|
||||
|
||||
保存这些文件,然后继续下一步。
|
||||
|
||||
### 运行ntopng ###
|
||||
|
||||
我们假定你已正确安装了网络服务器,那么下一步就是运行redis服务器。
|
||||
|
||||
# /usr/local/bin/redis-server
|
||||
|
||||
|
||||
|
||||
然后,**运行**ntopng
|
||||
|
||||
# /usr/local/bin/ntopng
|
||||
|
||||
|
||||
|
||||
### 测试ntopng ###
|
||||
|
||||
现在,你可以通过访问[http://yourserver.name:3000][4]来测试ntopng应用,你将会看到ntopng登录页面。首次登录,你可以使用用户‘**admin**’和密码‘**admin**’。
|
||||
|
||||
|
||||
|
||||
仪表盘相当简洁。当你登入后,你将看到关于最高流量通信者页面。
|
||||
|
||||
|
||||
|
||||
如果你点击右侧顶部的**流量菜单**,ntopng将会显示活动流量的更多细节。
|
||||
|
||||
|
||||
|
||||
在**主机菜单**上,你可以看到连接到流的所有主机
|
||||
|
||||
|
||||
|
||||
如果你点击**主机 > 交互**,ntop将显示一个漂亮的主机间的交互信息图表。
|
||||
|
||||
|
||||
|
||||
**仪表盘菜单**组成部分:
|
||||
|
||||
#### 顶级主机(发送+接收) ####
|
||||
|
||||
|
||||
|
||||
#### 顶级应用协议 ####
|
||||
|
||||
|
||||
|
||||
**界面菜单**将引领你进入更多内部菜单。
|
||||
包菜单将给你显示包的分布大小。
|
||||
|
||||
|
||||
|
||||
**协议菜单**将为你显示使用了多少协议及其使用百分比。
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
你也可以通过使用**历史活跃度菜单**查看活跃度
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
最后一项要点是,你也可以通过顶部右侧区域的**设置菜单**(齿轮图标的那一个)管理哪些用户可以访问ntopng。
|
||||
|
||||
|
||||
|
||||
Ntopng为你提供了一个范围宽广的时间线,从5分钟到1年都可以。你只需要点击你想要现实的时间线。图标本身是可以点击的,你可以点击它来进行缩放。
|
||||
|
||||
当然,ntopng能做的事比上面图片中展示的还要多得多。你也可以将定位和电子地图服务整合进来。在ntopng自己的网站上,有已付费的模块可供使用,如nprobe可以扩展ntopng可以提供给你的信息。更多关于ntopng的信息,你可以访问[ntopng网站][5]。
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: http://linoxide.com/monitoring-2/ntopng-network-monitoring-tool/
|
||||
|
||||
作者:[Pungki Arianto][a]
|
||||
译者:[GOLinux](https://github.com/GOLinux)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]:http://linoxide.com/author/pungki/
|
||||
[1]:http://en.wikipedia.org/wiki/Ntop
|
||||
[2]:http://www.ntop.org/products/ntop/
|
||||
[3]:http://www.nmon.net/packages/
|
||||
[4]:http://yourserver.name:3000/
|
||||
[5]:http://www.ntop.org/
|
||||
Loading…
Reference in New Issue
Block a user