Python extension for ntop

We can use Python to extend ntop through the ntop web server. The ntop web server can execute Python scripts. At a high level, the scripts will perform the following:

  • Methods to access the state of ntop
  • The Python CGI module to process forms and URL parameters
  • Making templates that generate dynamic HTML pages
  • Each Python script can read from stdin and print out stdout/stderr
  • The stdout script is the returned HTTP page

There are several resources that come in handy with the Python integration. Under the web interface, you can click on About | Show Configuration to see the Python interpreter version as well as the directory for your Python script:

Python Version

You can also check the various directories where the Python script should reside:

Plugin Directories

Under About | Online Documentation | Python ntop Engine, there are links for the Python API as well as the tutorial:

Python ntop Documentation

As mentioned, the ntop web server directly executes the Python script placed under the designated directory:

$ pwd
/usr/share/ntop/python

We will place our first script, namely chapter8_ntop_1.py, in the directory. The Python CGI module processes forms and parses URL parameters:

# Import modules for CGI handling
import cgi, cgitb
import ntop

# Parse URL
cgitb.enable();

ntop implements three Python modules; each one of them has a specific purposes:

  • ntop: This interacts with the ntop engine
  • Host: This is used to drill down into specific hosts information
  • Interfaces: This is the information on ntop instances

In our script, we will use the ntop module to retrieve the ntop engine information as well as use the sendString() method to send the HTML body text:

form = cgi.FieldStorage();
name = form.getvalue('Name', default="Eric")

version = ntop.version()
os = ntop.os()
uptime = ntop.uptime()

ntop.printHTMLHeader('Mastering Python Networking', 1, 0)
ntop.sendString("Hello, "+ name +"<br>")
ntop.sendString("Ntop Information: %s %s %s" % (version, os, uptime))
ntop.printHTMLFooter()

We will execute the Python script using http://<ip>:3000/python/<script name>. Here is the result of our chapter8_ntop_1.py script:

We can look at another example that interacts with the interface module chapter8_ntop_2.py. We will use the API to iterate through the interfaces:

import ntop, interface, json

ifnames = []
try:
    for i in range(interface.numInterfaces()):
        ifnames.append(interface.name(i))

except Exception as inst:
    print type(inst) # the exception instance
    print inst.args # arguments stored in .args
    print inst # __str__ allows args to printed directly
...

The resulting page will display the ntop interfaces:

Besides the community version, they also offer commercial products if you need support. With the active open source community, commercial backing, and Python extensibility, ntop is a good choice for your NetFlow monitoring needs.

Next, let's take a look at NetFlow's cousin: sFlow.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.119.131.10