Skip to main content
  1. All Posts/

nfsen-ng

Tools PHP

nfsen-ng


nfsen-ng is an in-place replacement for the ageing nfsen.

Used components

TOC

Installation

Ubuntu 18.04 LTS:

# run following commands as root
# enable universe repository
add-apt-repository universe && sudo apt update
# install packages
apt install apache2 php7.2 php7.2-dev libapache2-mod-php7.2 pkg-config nfdump rrdtool librrd-dev
# enable apache modules
a2enmod rewrite deflate headers expires
# install rrd library for php
pecl install rrd 
# create rrd library mod entry for php
echo "extension=rrd.so" > /etc/php/7.2/mods-available/rrd.ini
# enable php mod
phpenmod rrd
# configure virtual host to read .htaccess files
vim /etc/apache2/apache2.conf # set AllowOverride All for /var/www
# restart httpd
service apache2 restart
# install nfsen-ng
cd /var/www/html # or wherever
git clone https://github.com/mbolli/nfsen-ng
chown -R www-data:www-data .
chmod +x nfsen-ng/backend/cli.php
# next step: configuration

Ubuntu 20.04 LTS:

# run following commands as root
# install packages
apt install apache2 git nfdump pkg-config php7.4 php7.4-dev libapache2-mod-php7.4 rrdtool librrd-dev
# enable apache modules
a2enmod rewrite deflate headers expires
# install rrd library for php
pecl install rrd 
# create rrd library mod entry for php
echo "extension=rrd.so" > /etc/php/7.4/mods-available/rrd.ini
# enable php mod
phpenmod rrd
# configure virtual host to read .htaccess files
vi /etc/apache2/apache2.conf # set AllowOverride All for /var/www
# restart apache web server
systemctl restart apache2
# install nfsen-ng
cd /var/www/html # or wherever
git clone https://github.com/mbolli/nfsen-ng
chown -R www-data:www-data .
chmod +x nfsen-ng/backend/cli.php
# next step: configuration

Ubuntu 22.04 LTS:

# run following commands as root
# install packages
apt install apache2 git nfdump pkg-config php8.1 php8.1-dev libapache2-mod-php8.1 rrdtool librrd-dev
# enable apache modules
a2enmod rewrite deflate headers expires
# install rrd library for php
pecl install rrd
# create rrd library mod entry for php
echo "extension=rrd.so" > /etc/php/8.1/mods-available/rrd.ini
# enable php mod
phpenmod rrd
# configure virtual host to read .htaccess files
vi /etc/apache2/apache2.conf # set AllowOverride All for /var/www
# restart apache web server
systemctl restart apache2
# install nfsen-ng
cd /var/www/html # or wherever
git clone https://github.com/mbolli/nfsen-ng
chown -R www-data:www-data .
chmod +x nfsen-ng/backend/cli.php
# next step: configuration

Debian 11 :

# run following commands as root
# install packages
apt install apache2 git nfdump pkg-config php php-dev libapache2-mod-php rrdtool librrd-dev
# enable apache modules
a2enmod rewrite deflate headers expires
# install rrd library for php
pecl install rrd
# create rrd library mod entry for php
echo "extension=rrd.so" > /etc/php/7.4/mods-available/rrd.ini
# enable php mod
phpenmod rrd
# configure virtual host to read .htaccess files
vi /etc/apache2/apache2.conf # set AllowOverride All for /var/www
# restart apache web server
systemctl restart apache2
# install nfsen-ng
cd /var/www/html # or wherever
git clone https://github.com/mbolli/nfsen-ng
chown -R www-data:www-data .
chmod +x nfsen-ng/backend/cli.php
# next step: configuration

CentOS 7:

# run following commands as root
# update packages
yum update
# enable EPEL repo
yum -y install epel-release
# install yum utils
yum install yum-utils
# install remi release
yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
# enable the repository for PHP 7.2
yum-config-manager --enable remi-php72
# install packages
yum install git httpd mod_php nfdump php72 php72-php-devel php-devel php-pear php-pecl-rrd rrdtool rrdtool-devel
# configure virtual host to read .htaccess files
vim /etc/httpd/conf/httpd.conf # set AllowOverride All for /var/www/html
# start httpd service
systemctl start httpd
# enable httpd service
systemctl enable httpd
# install nfsen-ng
cd /var/www/html # or wherever
git clone https://github.com/mbolli/nfsen-ng
chown -R apache:apache .
chmod +x nfsen-ng/backend/cli.php
# next step: configuration

CentOS 8:

# run following commands as root
# update packages
dnf update
# enable EPEL repo and update epel-release package
dnf -y install epel-release && dnf -y update epel-release
# install dnf-utils
dnf -y install dnf-utils
# enable PowerTools repo
dnf config-manager --set-enabled PowerTools
# install packages
dnf -y install git httpd make mod_php nfdump php php-devel php-json php-pear rrdtool rrdtool-devel
# install rrd library for php
pecl install rrd
# create rrd library mod entry for php
echo "extension=rrd.so" > /etc/php.d/rrd.ini
# configure virtual host to read .htaccess files
vim /etc/httpd/conf/httpd.conf # set AllowOverride All for /var/www/html
# start httpd service
systemctl start httpd
# enable httpd service
systemctl enable httpd
# install nfsen-ng
cd /var/www/html # or wherever
git clone https://github.com/mbolli/nfsen-ng
chown -R apache:apache .
chmod +x nfsen-ng/backend/cli.php
# next step: configuration

Configuration

Note: nfsen-ng expects the profiles-data folder structure to be PROFILES_DATA_PATH/PROFILE/SOURCE/YYYY/MM/DD/nfcapd.YYYYMMDDHHII, e.g. /var/nfdump/profiles_data/live/source1/2018/12/01/nfcapd.201812010225.

The default settings file is backend/settings/settings.php.dist. Copy it to backend/settings/settings.php and start modifying it. Example values are in italic:

  • general

    • ports: (array(80, 23, 22, …)) The ports to examine. Note: If you use RRD as datasource and want to import existing data, you might keep the number of ports to a minimum, or the import time will be measured in moon cycles…
    • sources: (array(‘source1’, …)) The sources to scan.
    • db: (RRD) The name of the datasource class (case-sensitive).
  • frontend

    • reload_interval: Interval in seconds between graph reloads.
  • nfdump

    • binary: (/usr/bin/nfdump) The location of your nfdump executable
    • profiles-data: (/var/nfdump/profiles_data) The location of your nfcapd files
    • profile: (live) The profile folder to use
    • max-processes: (1) The maximum number of concurrently running nfdump processes. Note: Statistics and aggregations can use lots of system resources, even to aggregate one week of data might take more than 15 minutes. Put this value to > 1 if you want nfsen-ng to be usable while running another query.
  • db If the used data source needs additional configuration, you can specify it here, e.g. host and port.
  • log

CLI

The command line interface is used to initially scan existing nfcapd.* files, or to administer the daemon.
Usage:
./cli.php [ options ] import
or for the daemon
./cli.php start|stop|status

  • Options:

    • -v Show verbose output
    • -p Import ports data as well Note: Using RRD this will take quite a bit longer, depending on the number of your defined ports.
    • -ps Import ports per source as well Note: Using RRD this will take quite a bit longer, depending on the number of your defined ports.
    • -f Force overwriting database and start fresh
  • Commands:

    • import Import existing nfdump data to nfsen-ng. Note: If you have existing nfcapd files, better do this overnight.
    • start Start the daemon for continuous reading of new data
    • stop Stop the daemon
    • status Get the daemon’s status
  • Examples:

    • ./cli.php -f import
      Imports fresh data for sources
    • ./cli.php -f -p -ps import
      Imports all data
    • ./cli.php start
      Starts the daemon

API

The API is used by the frontend to retrieve data.

/api/config

  • URL
    /api/config
  • Method:
    GET
  • URL Params
    none
  • Success Response:

    • Code: 200
      Content:

      {
        "sources": [ "gate", "swi6" ],
        "ports": [ 80, 22, 23 ],
        "stored_output_formats": [], 
        "stored_filters": [],
        "daemon_running": true
      }
  • Error Response:

    • Code: