...
Code Block | ||
---|---|---|
| ||
cd /usr/local tar xvf ~/opFlow-Linux-x86_64-<version>.tar.gz cd opmantek/ cp install/opCommon.nmis conf/ cp install/opFlow.nmis conf/ bin/opfixperms.pl cp install/01opmantek.conf /etc/httpd/conf.d/ service httpd restart |
Considerations for NetFlow Data Storage
Anchor | ||||
---|---|---|---|---|
|
NetFlow data can get away on you, there could be several Gigabytes of NetFlow data each hour, day or month, this is all very dependant on where you are generating netflow from, the number of active users and the types of applications they are using. A longer discussion on this will be written up, but in summary, if you are expecting large amounts of NetFlow data, then you will want to consider storing the MongoDB database and the NetFlow data into a filesystem with 50 gigabytes or more. During development we found 20gigabytes was enough for our purposes, but caused problems with the flow files mainly.
...
The following commands get MongoDB running (before doing this make sure to read the section above on considerations for storage). The last command here starts MongoDB, the first time it runs it can take some time to do its pre-allocation of database and journal files. This will depend on the performance of your storage.
...
Code Block | ||
---|---|---|
| ||
/usr/local/opmantek/bin/opflow_setup.pl setup=cron
######################################################
# opFlow Cronfig
######################################################
# Run the DNS resolution every 15 minutes
*/15 * * * * /usr/local/opmantek/bin/opflowd.pl type=endpoints
# Purge the old Flows every 24 hours
0 0 * * * /usr/local/opmantek/bin/opflowd.pl type=purge
######################################################
# Check to rotate the logs 4:05AM every day
5 4 * * * /usr/sbin/logrotate /usr/local/opmantek/conf/oplogrotate.conf
crontab -e
Insert the above text, then save and quit. |
Configuring mongod on a remote server
Anchor | ||||
---|---|---|---|---|
|
If you not are running your mongo db server on the same server as opFlow mongo database authentication will need to be done manually.
Ensure mongod is not running with the --auth switch, if you are using the mongod.init.d script included in opFlow run
Code Block /etc/init.d/mongod stop; /etc/init.d/mongod start_no_auth;
Create the user, currently the opFlow user requires access to both the admin database and it's own. Start up the mongo shell and type these commands:
Code Block use admin; db.addUser('opUserRW', 'op42flow42'); // these are the defaults, change them as well as your opFlow.nmis file use nmis; // again this is a default, it doesn't need to be changed db.addUser('opUserRW', 'op42flow42'); // these are the defaults, change them as well as your opFlow.nmis file, it should match the above user command
Restart the mongo server with authentication, --auth
Code Block /etc/init.d/mongod stop; /etc/init.d/mongod start;
Starting the opFlow Daemon
...