The original ntop tool provides a network traffic probe that monitors network usage. ntopng is based on that, but also provides an intuitive, encrypted web user interface of real-time and historical traffic information. For those who don’t know about ntop, it’s an open-source utility for monitoring Linux systems, including Ubuntu. Ntop does not provide a user-friendly user web interface, but you use it to monitor CPU, Memory & Disk Usage, and services from the command line terminal. ntopng comes in three versions, Community, Professional (Small Business Edition), and Enterprise. The Community version is free to use and open source (code can be found on GitHub). For more about ntopng, please visit its homepage. Below are some highlights of ntopng:
Sort network traffic according to many criteria including IP address, port, L7 protocol, throughput, Autonomous Systems (ASs) Show realtime network traffic and active hosts Produce long-term reports for several network metrics including throughput and application protocols Top talkers (senders/receivers), top ASs, top L7 applications Monitor and report live throughput, network and application latencies, Round Trip Time (RTT), TCP statistics (retransmissions, out of order packets, packet lost), and bytes and packets transmitted Store on disk persistent traffic statistics to allow future explorations and post-mortem analyses Geolocate and overlay hosts in a geographical map Discover application protocols (Facebook, YouTube, BitTorrent, etc) by leveraging on nDPI, ntop Deep Packet Inspection (DPI) technology
To install, follow the steps below:
Install ntopng (ntop) Repository
ntopng has its repository that can downloaded and installed easily on Ubuntu systems. To do that, run the command below: After installing its repository above, run the commands below to install ntopng and related dependencies. When ntopng is installed, you may then go to its configuration file and make the below changes. ntopng default configuration file located at /etc/ntopng/ntopng.conf: Make the highlighted changes and save the file. This tells ntopng to listen for traffic on port # 3000 After saving the exiting the file, run the commands below to edit the file and specify the local network to monitor. Add the following lines as per your network layout. Save and close the file, then restart ntopng and enable it to start on boot time:
Log in to Web Interface
After that, log in to the web interface by typing the server IP address or hostname followed by port #3000 You should see ntopng login page. The default login credentials: Username: admin Password: admin After logging in you should begin setting up your environment. From its dashboard, you can view information about systems and networks. Congratulations! You have learned how to install and use ntopng system optimizer and monitoring You may also like the post below: