nfsen-ng
nfsen-ng
nfsen-ng is an in-place replacement for the ageing nfsen.
Used components
- Front end: jQuery, dygraphs, FooTable, ion.rangeSlider
- Back end: RRDtool, nfdump tools
TOC
Installation
Ubuntu 18.04 LTS:
# run following commands as root # enable universe repository add-apt-repository universe && sudo apt update # install packages apt install apache2 php7.2 php7.2-dev libapache2-mod-php7.2 pkg-config nfdump rrdtool librrd-dev # enable apache modules a2enmod rewrite deflate headers expires # install rrd library for php pecl install rrd # create rrd library mod entry for php echo "extension=rrd.so" > /etc/php/7.2/mods-available/rrd.ini # enable php mod phpenmod rrd # configure virtual host to read .htaccess files vim /etc/apache2/apache2.conf # set AllowOverride All for /var/www # restart httpd service apache2 restart # install nfsen-ng cd /var/www/html # or wherever git clone https://github.com/mbolli/nfsen-ng chown -R www-data:www-data . chmod +x nfsen-ng/backend/cli.php # next step: configuration
Ubuntu 20.04 LTS:
# run following commands as root # install packages apt install apache2 git nfdump pkg-config php7.4 php7.4-dev libapache2-mod-php7.4 rrdtool librrd-dev # enable apache modules a2enmod rewrite deflate headers expires # install rrd library for php pecl install rrd # create rrd library mod entry for php echo "extension=rrd.so" > /etc/php/7.4/mods-available/rrd.ini # enable php mod phpenmod rrd # configure virtual host to read .htaccess files vi /etc/apache2/apache2.conf # set AllowOverride All for /var/www # restart apache web server systemctl restart apache2 # install nfsen-ng cd /var/www/html # or wherever git clone https://github.com/mbolli/nfsen-ng chown -R www-data:www-data . chmod +x nfsen-ng/backend/cli.php # next step: configuration
Ubuntu 22.04 LTS:
# run following commands as root # install packages apt install apache2 git nfdump pkg-config php8.1 php8.1-dev libapache2-mod-php8.1 rrdtool librrd-dev # enable apache modules a2enmod rewrite deflate headers expires # install rrd library for php pecl install rrd # create rrd library mod entry for php echo "extension=rrd.so" > /etc/php/8.1/mods-available/rrd.ini # enable php mod phpenmod rrd # configure virtual host to read .htaccess files vi /etc/apache2/apache2.conf # set AllowOverride All for /var/www # restart apache web server systemctl restart apache2 # install nfsen-ng cd /var/www/html # or wherever git clone https://github.com/mbolli/nfsen-ng chown -R www-data:www-data . chmod +x nfsen-ng/backend/cli.php # next step: configuration
Debian 11 :
# run following commands as root # install packages apt install apache2 git nfdump pkg-config php php-dev libapache2-mod-php rrdtool librrd-dev # enable apache modules a2enmod rewrite deflate headers expires # install rrd library for php pecl install rrd # create rrd library mod entry for php echo "extension=rrd.so" > /etc/php/7.4/mods-available/rrd.ini # enable php mod phpenmod rrd # configure virtual host to read .htaccess files vi /etc/apache2/apache2.conf # set AllowOverride All for /var/www # restart apache web server systemctl restart apache2 # install nfsen-ng cd /var/www/html # or wherever git clone https://github.com/mbolli/nfsen-ng chown -R www-data:www-data . chmod +x nfsen-ng/backend/cli.php # next step: configuration
CentOS 7:
# run following commands as root # update packages yum update # enable EPEL repo yum -y install epel-release # install yum utils yum install yum-utils # install remi release yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm # enable the repository for PHP 7.2 yum-config-manager --enable remi-php72 # install packages yum install git httpd mod_php nfdump php72 php72-php-devel php-devel php-pear php-pecl-rrd rrdtool rrdtool-devel # configure virtual host to read .htaccess files vim /etc/httpd/conf/httpd.conf # set AllowOverride All for /var/www/html # start httpd service systemctl start httpd # enable httpd service systemctl enable httpd # install nfsen-ng cd /var/www/html # or wherever git clone https://github.com/mbolli/nfsen-ng chown -R apache:apache . chmod +x nfsen-ng/backend/cli.php # next step: configuration
CentOS 8:
# run following commands as root # update packages dnf update # enable EPEL repo and update epel-release package dnf -y install epel-release && dnf -y update epel-release # install dnf-utils dnf -y install dnf-utils # enable PowerTools repo dnf config-manager --set-enabled PowerTools # install packages dnf -y install git httpd make mod_php nfdump php php-devel php-json php-pear rrdtool rrdtool-devel # install rrd library for php pecl install rrd # create rrd library mod entry for php echo "extension=rrd.so" > /etc/php.d/rrd.ini # configure virtual host to read .htaccess files vim /etc/httpd/conf/httpd.conf # set AllowOverride All for /var/www/html # start httpd service systemctl start httpd # enable httpd service systemctl enable httpd # install nfsen-ng cd /var/www/html # or wherever git clone https://github.com/mbolli/nfsen-ng chown -R apache:apache . chmod +x nfsen-ng/backend/cli.php # next step: configuration
Configuration
Note: nfsen-ng expects the profiles-data folder structure to be
PROFILES_DATA_PATH/PROFILE/SOURCE/YYYY/MM/DD/nfcapd.YYYYMMDDHHII
, e.g./var/nfdump/profiles_data/live/source1/2018/12/01/nfcapd.201812010225
.
The default settings file is backend/settings/settings.php.dist
. Copy it to backend/settings/settings.php
and start modifying it. Example values are in italic:
-
general
- ports: (array(80, 23, 22, …)) The ports to examine. Note: If you use RRD as datasource and want to import existing data, you might keep the number of ports to a minimum, or the import time will be measured in moon cycles…
- sources: (array(‘source1’, …)) The sources to scan.
- db: (RRD) The name of the datasource class (case-sensitive).
-
frontend
- reload_interval: Interval in seconds between graph reloads.
-
nfdump
- binary: (/usr/bin/nfdump) The location of your nfdump executable
- profiles-data: (/var/nfdump/profiles_data) The location of your nfcapd files
- profile: (live) The profile folder to use
- max-processes: (1) The maximum number of concurrently running nfdump processes. Note: Statistics and aggregations can use lots of system resources, even to aggregate one week of data might take more than 15 minutes. Put this value to > 1 if you want nfsen-ng to be usable while running another query.
- db If the used data source needs additional configuration, you can specify it here, e.g. host and port.
-
log
- priority: (LOG_INFO) see other possible values at [http://php.net/manual/en/function.syslog.php]
CLI
The command line interface is used to initially scan existing nfcapd.* files, or to administer the daemon.
Usage:
./cli.php [ options ] import
or for the daemon
./cli.php start|stop|status
-
Options:
- -v Show verbose output
- -p Import ports data as well Note: Using RRD this will take quite a bit longer, depending on the number of your defined ports.
- -ps Import ports per source as well Note: Using RRD this will take quite a bit longer, depending on the number of your defined ports.
- -f Force overwriting database and start fresh
-
Commands:
- import Import existing nfdump data to nfsen-ng. Note: If you have existing nfcapd files, better do this overnight.
- start Start the daemon for continuous reading of new data
- stop Stop the daemon
- status Get the daemon’s status
-
Examples:
-
./cli.php -f import
Imports fresh data for sources -
./cli.php -f -p -ps import
Imports all data -
./cli.php start
Starts the daemon
-
API
The API is used by the frontend to retrieve data.
/api/config
-
URL
/api/config
-
Method:
GET
-
URL Params
none -
Success Response:
-
Code: 200
Content:{ "sources": [ "gate", "swi6" ], "ports": [ 80, 22, 23 ], "stored_output_formats": [], "stored_filters": [], "daemon_running": true }
-
Code: 200
-
Error Response:
- Code:…