简单记录下pcapdb安装
https://github.com/dirtbags/pcapdb下载地址
一.安装基本包:
yum install -y mlocate python3 python3-devel numactl-devel libhugetlbfs-devel cmake gcc-c++ numactl-devel numactl-devel libhugetlbfs-devel libpcap-devel nginx openssl-devel openldap-devel
- Rabbitmq安装
去官Rabbitmq网看对应的erlang版本对应rabbitmq版本
https://www.rabbitmq.com/which-erlang.html
yum install erlang
yum -y install socat logrotate
curl -s https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.rpm.sh | sudo bash
rpm --import https://github.com/rabbitmq/signing-keys/releases/download/2.0/rabbitmq-release-signing-key.asc
rpm --import https://packagecloud.io/rabbitmq/erlang/gpgkey
rpm --import https://packagecloud.io/rabbitmq/rabbitmq-server/gpgkey
wget --content-disposition https://packagecloud.io/rabbitmq/rabbitmq-server/packages/el/7/rabbitmq-server-3.6.14-1.el7.noarch.rpm/download.rpm
rpm -Uvh rabbitmq-server-3.6.14-1.el7.noarch.rpm
//rabbitMQ///
三.安装postgresql:
yum install https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7.9-x86_64/pgdg-redhat-repo-latest.noarch.rpm -y
yum install postgresql10 -y
yum install postgresql10-server -y
yum install postgresql10-devel -y
Mkdir /usr/include/postgresql
cp /usr/pgsql-10/include/libpq-fe.h /usr/include/postgresql/
cp /usr/pgsql-10/include/postgres_ext.h /usr/include/
cp /usr/pgsql-10/include/pg_config_ext.h /usr/include/
postgresql-10-setup initdb//安装完,初始化数据库
- python安装包:
pip3 install virtualenv virtualenvwrapper
pip3 install -r ./requirements.txt
五.安装其它
/安装pfring
cd /etc/yum.repos.d/
wget https://packages.ntop.org/centos-stable/ntop.repo -O ntop.repo
rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum install -y erase zeromq3
yum clean all
yum update
yum install pfring-dkms n2disk nprobe ntopng cento
yum install pfring-drivers-zc-dkms
yum install supervisor -y
yum install mdadm -y //程序配置硬盘时用的命令
/pfring
- 编译
cd /var
Git clone https://github.com/dirtbags/pcapdb.git
Cd /var/pcapdb/indexer
cmake -DCMAKE_PREFIX_PATH=/usr/pgsql-10/
Make
Cd /var/pcapdb/
make install-search-head DESTDIR=/var/mypcaplocation
make install-capture-node DESTDIR=/var/mypcaplocation
make install-monolithic DESTDIR=/var/mypcaplocation
/var/pcapdb/core/bin/post-install.sh -c -s 192.168.6.100
七.配置nginx和uwsgi。成功
修改nginx.conf:/etc/nginx/nginx.conf
用户改成root
把配置文件/etc/nginx/conf.d/pcapdb.conf内容copy到/etc/nginx/nginx.conf中
再/var/mypcaplocation/core/settings/settings.py后加上ALLOWED_HOSTS = ['*']
八.邮箱配置
修改vim ./core/settings/common.py文件77到82行。添加发件配置
修改vim ./core/apps/search_head_api/models/auth.py。如下
查看日志得到修改密码的链接,然后修改密码。
- 启动配置页面
给硬盘分出一个区,不一挂载的。设置成index RAID。
再拿四个区做raid5当捕获盘,使能捕获盘
启动成功,采集流量 。