The Industry Standard In Infrastructure Monitoring
Configuring a Linux Server to Send Netflow Data on Nagios Network
Analyzer 2024
Configuring a Linux Server to Send Netflow Data on
Nagios Network Analyzer 2024
Considerations
In all of the following examples, we will be sending UPD traffic on a specific uncommon port.
This means that firewall issues are something to keep in mind (local firewall rules are auto-
matically created). Also, each individual Netflow source will need to be sending the data on a
different port, so you will need to be aware of which ports are currently being used for existing
Netflow sources when adding new sources.
Configuring A Linux Server To Send Information
Open a terminal session to your Linux server, CentOS 8 users will first need to enable the
PowerTools repository:
yum config-manager --set-enabled powertools
Everyone will need to run the following commands as the root user:
cd /tmp
wget https://assets.nagios.com/downloads/nagios-network-analyzer/scripts/fprobeinstall.sh
chmod +x fprobeinstall.sh
./fprobeinstall.sh
The script will install fprobe. It is an application, that allows the server to record its network
activity in Netflow format and send it to Nagios Network Analyzer.
© 2024 Nagios Enterprises, LLC. All rights reserved. Nagios, the Nagios logo, and Nagios graphics are the servicemarks,
www.nagios.com
trademarks, or registered trademarks owned by Nagios Enterprises. All other servicemarks and trademarks are the prop- Page: 1
erty of their respective owner.
� The Industry Standard In Infrastructure Monitoring
Configuring a Linux Server to Send Netflow Data on Nagios Network
Analyzer 2024
To start fprobe type the following command and press Enter (remember to replace <inter-
face> with the actual interface name, the <NetworkAnalyzer server> with the IP of the remote
machine, the <port> with the actual port number you are sending data to):
fprobe -i <interface> <NetworkAnalyzer server>:<port>
For example:
fprobe -i eth0 10.25.5.70:9915
This should be sufficient for most cases. If you have two Ethernet interfaces, you
will have to modify your command. To view the usage, run from the command
line:
man fprobe
To start fprobe on system boot, run the following command:
echo '/usr/local/sbin/fprobe -i <interface> <NetworkAnalyzer server>:<port>'
>> /etc/rc.local
For example:
echo '/usr/local/sbin/fprobe -i eth0 10.25.5.70:9915' >> /etc/rc.local
That completes the configuration for exporting Netflow data from a Linux server.
© 2024 Nagios Enterprises, LLC. All rights reserved. Nagios, the Nagios logo, and Nagios graphics are the servicemarks,
www.nagios.com
trademarks, or registered trademarks owned by Nagios Enterprises. All other servicemarks and trademarks are the prop- Page: 2
erty of their respective owner.
� The Industry Standard In Infrastructure Monitoring
Configuring a Linux Server to Send Netflow Data on Nagios Network
Analyzer 2024
Create Nagios Network Analyzer Source
You are now ready create a Source within Nagios Network Analyzer to receive the exported
Netflow data. For information about how to create a Source in Nagios Network Analyzer refer
to the following document:
Understanding Sources And Sourcegroups In Network Analyzer
Here is an example of the Source that was created for the Linux server added in the previous
step.
© 2024 Nagios Enterprises, LLC. All rights reserved. Nagios, the Nagios logo, and Nagios graphics are the servicemarks,
www.nagios.com
trademarks, or registered trademarks owned by Nagios Enterprises. All other servicemarks and trademarks are the prop- Page: 3
erty of their respective owner.
