Update November 2014
The newest release of the Opmantek Virtual appliance was published on 26 Nov 2014, and can be downloaded here: nmis-8.5.4G-VM-CentOS-6.6-64bit.zip.
Highlights
- NMIS was upgraded to version 8.5.4G.
- Open-AudIT and Open-AudIT Enterprise were upgraded to version 1.5.1.
- opEvents was upgraded to version 1.2.3
- opConfig was upgraded to the new major version 2.1, which provides improved performance and much better interoperability with the other Opmantek products.
- opCharts was upgraded to version 2.0.4.
- opReports is now at version 2.6.0
- opFlow was upgraded to version 2.5.0, which features capped database sizes and uses storage more robustly.
- All CentOS 6.6 patches up to and including 25 Nov 2014 have been applied.
- Opmantek application logs and variable files have been consolidated further (in /var/log and /data, respectively).
- Numerous smaller configuration fixes, log rotation improvements and the like were made.
Update September 2014
We've released an updated Opmantek Virtual Appliance on 11 Sep 2014, which can be downloaded here: nmis-8.5.2G-VM-CentOS-6.5-64bit.zip.
Highlights
- NMIS was upgraded to 8.5.2G.
- Open-AudIT and Open-AudIT Enterprise version were upgraded to 1.4.1.
- opEvents was upgraded to 1.2.2.
- A number of file cleanup, record purging and further log rotation cron jobs have been added to the VM.
- All CentOS 6.5 patches up to the 10 Sep 2014 have been applied.
Update July 2014
The most recent update of the Opmantek Virtual Applicance was released on 21 July 2014, and can be downloaded here: nmis-8.5G-VM-plus-CentOS-6.5-64bit.zip.
Highlights
- The appliance now also includes the new products opEvents 1.2.1 and opCharts 2.0.1.
- All CentOS 6.5 updates up to the 19 July 2014 have been applied.
Update June 2014
The latest version of the Opmantek Virtual Appliance was released on 18 June 2014, and can be downloaded here: nmis-8.5G-VM-CentOS-6.5-64bit.zip
Highlights
- All CentOS 6.5 updates up to 17 June 2014 have been incorporated.
- The bundled products were upgraded to the current versions: NMIS 8.5G, Open-AudIT Community and Enterprise 1.3.2, opMaps 2.2.2, opReports 2.5.7, opFlow 2.2.2 and opConfig 1.1.9.
Update Apr 2014
The Opmantek Virtual Appliance was updated on 15 Apr 2014, and can be downloaded here: nmis-8.4.10G-VM-CentOS-6.5-64bit.zip
Highlights
- All CentOS 6.5 updates up to the 15 Apr 2014 have been incorporated. This includes the openssl patches for the Heartbleed vulnerability.
- The bundled Opmantek products have been updated to current versions: NMIS 8.4.10G, Open-AudIT Community and Enterprise 1.2.1, opMaps 2.2.2, opReports 2.5.6, opFlow 2.2.2 and opConfig 1.1.9.
Update Feb 2014
The most recent update to the Opmantek Virtual Appliance was released on 28 Feb 2014. The download link is unchanged: nmis-8.4.8G-VM-CentOS-6.5-64bit.zip.
Highlights
- All CentOS patches up to the 28 Feb 2014 have been applied.
- All bundled Opmantek products have been updated to the current versions: NMIS 8.4.8G (unchanged), Open-AudIT Community and Enterprise 1.2, opMaps 2.2.2, opReports 2.5.5, opFlow 2.3.2, opConfig 1.1.9.
- A security issue with the bundled Apache installation has been corrected, which could have been abused for denial-of-service attacks if the appliance was installed with unrestricted inbound access from the Internet.
- Please note that the licensing system has been changed for all products: to evaluate the bundled commercial products you will require a new evaluation license. Full licenses are not affected by this change.
Update Jan 2014
The Opmantek Virtual Appliance was last updated on 28 January 2014 and the documentation is related to the current release. The file is nmis-8.4.8G-VM-CentOS-6.5-64bit.zip.
The VM has new disk partitioning, with a smaller /data volume and we have documented a simple process for resizing the disks, Resizing NMIS VMs. This release also incorporates all recent patches in CentOS up to version 6.5.
Introduction
So you've downloaded a virtual appliance from https://opmantek.com/network-tools-download/ and now you want to set it up and take it for a test drive to see how NMIS and the Opmantek networking modules can help you administer your network. No problem. Easy.
- Unzip the virtual appliance file
- Use the OVF (Open Virtualization Format) file (VMware and VirtualBox examples provided)
- Fire up the new VM and set the IP address
- Load NMIS in your browser
Let's assume you've got step 1 under control (unzipping) and move to step 2.
Using the OVF file
After unzipping the file you should see a folder with a structure like this:
Because the file is in an open format it should be recognized by your virtualization software or by a conversion tool provided by your virtualization software.
VMware
There are several options for VMware software. Options 2 & 3 require the VMware OVF Tool, see here for some links or hit up google or vmware's site, the other requires VMware Fusion (for Mac). Options 2 & 3 assume you have it installed and know where it is.
1. VMware Fusion
Recent versions of VMware Fusion allow importing .ovf files directly from the application. If this option does not exist or work you will need to use option # 2.
To import: Select File->Import, then "Choose File", find NMIS8-OVF/NMIS8.ovf as the file to import, then select continue. Fusion will import the file and then present you with the VM's default configuration.
1. 
2.
3. 4.
2. Convert OVF to VMX
This option is for non-Fusion (or older) VMware products that do not support the OVF format directly; in this case you have to convert the appliance into VMware's native format VMX. As mentioned above this conversion requires the VMware ovftool.
mkdir NMIS8 ovftool NMIS8-OVF/NMIS8.ovf NMIS8/NMIS8.vmx
You should now be able to import/load the vmx file with your VMware software and skip to step 3.
3. Transfer OVF to ESXi
ovftool --name="NMIS" -dm="thin" -ds=datastore_number ./NMIS8-OVF/NMIS8.ovf vi://user:password@host_ip_address
Remember to set the name you like, the datastore you want and point it at the server you want to deploy to
VirtualBox
VirtualBox will import directly from an OVF file so you can just fire up VirtualBox and select "Import Appliance..."
Browse to where you unzipped the file and select the ovf file
Select the file, you should see a screen something like this:
It should be safe to Import. The import process took a couple of minutes to complete, just enough time to grab a cup of coffee I'd say.
If you have any trouble the VirtualBox documentation is here: https://www.virtualbox.org/manual/ch01.html#ovf
Important Note regarding Ext4: if your virtualbox host is Linux and your VMs are stored on XFS or Ext4 file systems, then it is absolutely necessary that you enable the "Host I/O Cache" for all virtual disk controllers after importing the OVF file, or you run the risk of file system corruption in your guest. On one of our test systems (Linux kernel 3.14.23, Virtualbox 4.3.14) the VM wouldn't even fully get through the first boot before the virtual disks got corrupted - but with Host I/O Cache on everything is fine.
Other Hypervisors
To use OVF files with other virtualisation systems like KVM you may have to convert the OVF file to a native format; Two well-known tools for this purpose are virt-v2v (available in CentOS6/RHEL) and virt-convert (in Debian).
Hyper-V
The Windows Hyper-V technology does not fully support the OVF industry standard. Microsoft documents a complex and somewhat limited procedure on their page about converting OVF files to Hyper-V. There are third-party conversion tools available that simplify this deployment scenario, for example StarWind's free V2V Converter which worked well in our tests.
Fire up the VM and set the IP Address
At this point the VM has DHCP enabled so the easiest way to access it is from the VM software terminal. We will set the IP so we can easily login from any terminal. So go ahead and boot the VM, after the VM is finished booting you will be welcomed by a login prompt, login:
User: root
Password: NM1$88
Root's home directory contains 2 example network configurations, one for static IP's and one for DHCP. Copy the one you require (because we already have dhcp enabled the example sets up a static IP address):
cp ifcfg-eth0.static /etc/sysconfig/network-scripts/ifcfg-eth0
Now set the IP, netmask, gateway, and DNS if you like ( to add DNS you can add two lines, one for each server: DNS1=ip , DNS2=ip)
Alternately
You could also install a text based UI to help you:
yum install netconfig # after installation complete: system-config-network
Troubleshooting Network Problems
The most common problem is with how CentOS 6 handles interface discovery, it wants to hang onto MAC addresses which of course in a virtual environment you want managed by the Hypervisor.
Run the command "ifconfig -a", the result should look like this:
[root@nmis64 ~]# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:0C:29:E8:CF:F9
inet addr:192.168.1.42 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: 2001:470:1f05:5a0:20c:29ff:fee8:cff9/64 Scope:Global
inet6 addr: fe80::20c:29ff:fee8:cff9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6640287 errors:0 dropped:0 overruns:0 frame:0
TX packets:4282058 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:974072080 (928.9 MiB) TX bytes:606513312 (578.4 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2337305 errors:0 dropped:0 overruns:0 frame:0
TX packets:2337305 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:371309377 (354.1 MiB) TX bytes:371309377 (354.1 MiB)
If you do not see an interface called eth0 then run this command and reboot your VM.
rm -f /etc/udev/rules.d/70-persistent-net.rules reboot
Accessing the NMIS8 and Open-AudIT VM
The VM will boot with DHCP, and once you determine the hostname or IP address of the VM you can access it a web browser using a URL like:
http://nmis.domain.com/ or http://192.168.1.8/
You will be presented with a menu of the installed tools, NMIS and Open-AudIT.
You can either use this menu, or navigate directly to NMIS: open your favourite web browser and navigate to:
http://vm_ip_address/cgi-nmis8/nmiscgi.pl
User: nmis
Password: nm1888
Configuring Modules
The first step to using a module is knowing how to open it, the next is to get a license for it. This process is simple and painless, if you would just like to try the software trial licenses are available!
Before you begin we will make sure all the permissions are correct so everything goes smoothly, this is very important:
/usr/local/opmantek/bin/opfixperms.pl
Should produce the following output:
opfixperms.pl Version 1.0 Copyright (C) 2012 Opmantek Limited (www.opmantek.com) This program comes with ABSOLUTELY NO WARRANTY; See www.opmantek.com or email contact@opmantek.com This script will fix the permissions for Opmantek based on the configuration /usr/local/opmantek/bin/../conf/opCommon.nmis The directory to be processed is: /usr/local/opmantek The user will be set to: nmis The group will be set to: nmis
Now let's get started!
Opening a module
There are two ways to open the modules, by using the drop-down in the NMIS page (make sure you do not have pop-up's blocked for this page):
or by manually entering the url into your browser:
http://vm_ip_address/cgi-omk/opFlow.pl
Getting a trial license
opFlow, opMaps and opReports will present you with a page that looks like the following when not registered:
You will now need to get a license key and enter it into the licensing system, the easiest way to do this is by clicking "View and Entere Licenses" button. This will open a new tab/page containing the opLicensing module. On this page you will again need to click a button, it's time to choose if you want a trial license or if you would like to buy a license.
This will bring you to https://opmantek.com/trial, select the products you would like to try and click "Get Trials". If you are not logged in you will need to do so now, you can join our community if you haven't already done so by clicking the "Join Now!" link in the login window.
After logging in and clicking "Get Trials" you should see a page notifying you that you have sucessfully added a trial to your account. To activate a license for a module click the "Activate" button for that module.
Enter your company name and then select "Activate"
You will now be presented with your license key for the product you selected. You will now want to select the key text (right click -> select all) and copy it to the clipboard (right click on selected text -> copy)
Now it's time to return to the opLicense tab and click "Enter a License Key"
Paste the license key into the textbox provided and click "Add License". IMPORTANT: before you click "Add License" make sure you have done this step:
/usr/local/opmantek/bin/opfixperms.pl
You should now have a sucessfully installed key!
Now return to the tab/window of the module you were activating and click "License Entered, Continue"
Accept the EULA:
And you're Done! The next step is to make sure the configuration for the module you activated is correct & complete.
opFlow Configuration
Mongo
The first step to get opFlow working is to start the mongo database. The VM already has mongo installed and all the scripts are ready to go, first we will add the mongo script to the VM's startup routine, and then we will start the daemon.
chkconfig mongod on service mongod start
Note: the first time you start mongo it may take a while to return to the command prompt, don't worry about it, just let mongo run and it will eventually come back, if it doesn't CTRL+C and start it again.
Flowd
flowd should be running, but to be sure we will take the same steps as we did with mongo.
chkconfig flowd on service flowd start
When you run the start command you will likely see an error like the following which tells you it's already running, of course you could always use ps to find out as well
Starting flowd: bind: Address already in use Listener setup of [0.0.0.0]:12345 failed
opFlowd
opflowd also needs the same treatment:
chkconfig opflowd on service opflowd start
Configure your Cisco Router
I will discuss a very basic configuration.
On the interface you want to collect flow traffic from, add:
ip flow ingress ip flow egress
Now that you have an interface setup to gather netflow information you have to tell the router to send it somewhere:
ip flow-export version 9 # replace the ip address in the following line with your VM's ip address ip flow-export destination 192.168.0.10 12345
If you enable that configuration netflow traffic should now be sent to your VM.
By default netflow will send information about flows after they are finished, if you would like to see information more often you can set the flow-cache timeout, in minutes, so this will send flow info every minute (see the docs for more details):
ip flow-cache timeout active 1
Run setup script
./opflow_setup.pl setup=all
opFlow will now be displaying your data! Visit http://vm_ip_address/cgi-omk/opFlow.pl and take a look! (also make sure you have a license)
ps. Authentication info for Opmantek modules is the same as it is for NMIS, the default is:
username: nmis
password: nm1888
For more information and help with opFlow see it's community homepage
opMaps Configuration
Configuration of opMaps is a short process.
First we need to get the locations of each group you have configured in NMIS into the file that opMaps will use to function. When you start off this file will exist, in order to make sure you can migrate your groups without problems we will first delete the existing file.
rm /usr/local/opmantek/conf/GroupLocations.nmis
Now we will convert your groups to a GroupLocations.nmis file
cd /usr/local/opmantek/bin/ ./configmaps.pl /usr/local/nmis8/conf/Nodes.nmis /usr/local/opmantek/conf/GroupLocations.nmis
This file can be edited using vi or your favourite editor to adjust the fields to your liking.
The next step is to get a google maps api key. If you don’t already have one, please follow these steps from Google to acquire one. Next we will put this key into the opMaps configuration file:
vi /usr/local/opmantek/conf/Maps.nmis
#Find the following line under 'mapview' => 'googleApiKey' => '' #Replace the defaultAPI with your own Google API KEY eg: 'googleApiKey' => 'AIzaSyBfa5791NQUs3N7x--ueD3DwQPmscElk-8'
There are several other parameters that can be configured in the Maps.conf file to adjust the view to suit your needs. For more information on setting up and configuring opMaps see it's community homepage.
One troubleshooting note:
If you are trying to view the map in NMIS and getting a licensing error even though you have entered the license (something like the following):
It is most likely that you have not accepted the EULA. Open opMaps from the NMIS Modules drop down:
This should pop-up opMaps in a new page (make sure you have pop-ups disabled for this host) and accept the EULA. If you now go back to the NMIS page and refresh the map should appear properly.
Once again, for more information on setting up and configuring opMaps see it's community homepage.
opReports Configuration
To configure opReports all that is needed is to enter a license key using the instructions above. For more information on setting up and configuring opReports see its community page.