If you are a system administrator managing a Linux server, you want a simple tool that helps to monitor your server.
Darkstat is a cross-platform, lightweight, simple, real-time network statistics tool that captures network traffic, computes statistics concerning usage, and serves the reports over HTTP.
- For Ubuntu and Debian operating systems, run:
sudo apt-get install darkstat -y
- For CentOS and RHEL operating systems, run:
dnf install darkstat -y
- Edit the Darkstat main configuration file and define your network interface, port, and listening IP address
- Then modify on this value as follow
START_DARKSTAT=yes INTERFACE="-i ens33" DIR="/var/lib/darkstat" PORT="-p 667" BINDIP="-b 0.0.0.0" DAYLOG="--daylog darkstat.log"
Note: you can know the name of your interface with running the command below
nmcli c s
- Restart the Darkstat service
systemctl restart darkstat
Check the status of Darkstat
systemctl status darkstat
Access Darkstat via Web UI
- Darkstat is running and listening on port 667. You can check it with the following command:
ss -antpl | grep 667
- Open your web browser and access the Darkstat web interface using the URL http://Server_ip:667 as shown below
- You can reload graphs automatically by clicking on and off buttons.
- You’ll get a list of all hosts on the network that have attempted to reach the server by clicking on the hosts section
Manage Darkstat From CLI
- To collect network statistics on the ens33 interface, you can use the -i flag as below.
darkstat -i ens33
- Also to serve web pages on a specific port, include the -p flag like this.
darkstat -i ens33 -p 80
- To keep an eye on network statistics for a given service, use the -f or filter flag. The filter will capture traffic concerned with SSH service.
darkstat -i ens33 -f "port 22"
- To shutdown Darkstat, Send SIGTERM or SIGINT signal to the darkstat parent process.
1- Get the darkstat parent process ID (PPID) using the pidof command:
2- Then kill the process.
sudo kill -15 6352 OR sudo kill -SIGTERM 6352
In this guide, we showed you how to install and use Darkstat in Linux to capture network traffic over the HTTP.