Unless you are using nprobe to send flows to ntopng, I don't think zeromq is needed at all. It defaults to using /var/tmp for the pid file location so I use this in nf for pid path:Ĥ. ntopng runs by default as nobody, and nobody does not have write permission to /var/run so we can't put the pid file there. Otherwise the option seems to be ignored.ģ. Any of the options in /etc/ntopng/nf which take a value must have an equal sign rather than a space between the option at the value, like this: Thus all config options need to be put into /etc/ntopng/nfĢ. The actual content of the file is not used at all, at least according to my review of /etc/init.d/ntopng and the ntopng man page. etc/ntopng/ntopng.start is just a flag file which if present will result in ntopng running at boot time. Here are a few revisions I made along the way so it would work for me:ġ. It really helped me get ntopng up and running on SO. Make sure you change the username/password for ntopng from admin/admin to something else. Ufw allow from to any port 3000 proto tcp Mv Geo*.dat /usr/local/share/ntopng/httpdocs/geoip/
#Ntopng debian sources.list install
Note, I'm only running Bro and ntopng on this system.Īpt-get install redis-server rrdtool libzmq-dev build-essentialĭpkg -install ntopng_1.1.1-7131_b With ZeroMQ, both Bro and Ntopng share the packets from pf_ring. I have zero packet loss from ntopng after running this and. With ntopng, you can see current flows to Netflix, YouTube, BitTorrent, etc without digging into the data.
![ntopng debian sources.list ntopng debian sources.list](https://i.imgur.com/4xDzc88.png)
![ntopng debian sources.list ntopng debian sources.list](https://1.bp.blogspot.com/-iNGMS2XeaZ4/XRIiyw95xeI/AAAAAAAAr68/wgqNJJ188DMukk1NrBqfLqPvj7dyL4RwQCLcBGAs/s1600/Screenshot_20190625_103351.png)
In my opinion, ntopng on SO is just to provide a graphical instantaneous snapshot of current flows and meant to be used as a supplementary tool to Bro connection logs and Argus, which keep more historical data. Thought since I needed ntopng for some other non-technical people on my team, I thought post the installation instructions here.