1.3.3. ON Analytics
Based on the ELK Stack, ON Analytics receives the platform logs, structures, and metadata and builds the data lake to show dashboards and reports in real time allowing specific searches. When we have the 2SRA (Remote Secure Access) module, it receives the metadata of the VPN traffic processed by OpenNAC Sensor via Filebeat.
It is a mandatory component of the solution that includes non-critical components such as:
Aggregator: An enrichment of all the information generated by any OpenNAC Enterprise component.
Search Engine: Based on an elastic search engine that allows you to easily search the information generated and collected by the OpenNAC Enterprise components.
Dashboards and reports: The solution includes a set of dashboards and reports based on common technical information gathered. You can create and generate your own custom dashboards.
Note
ON Analytic is NOT a critical component for the platform, which is why it does NOT require high availability. The implementation of one or more nodes will depend on the requirements of the deployment and the final architecture design. If this component is outlined, the main functionality of OpenNAC Enterprise modules would continue to work. However, during the outlined period, we would no longer have the ability to process and display the information of the solution.
In deployments where a large amount of data is generated, it may be necessary to deploy multiple Analytics nodes to load balance the storage. ON Analytics has two types of roles, typically within the same node:
Aggregator: A role with aggregation functions that receive information through Filebeat and process logs with Logstash.
Analytics: A role with data management functions performed by ElasticSearch and visualization through Kibana.
1.3.3.1. Component flows
The following table outlines the firewall rules for the ON Analytics component:
Source |
Destination |
Port |
Service |
|---|---|---|---|
Analytics |
Princ/Worker |
TCP/80 |
HTTP |
Analytics |
Princ/Worker |
TCP/443 |
HTTPS |
Analytics |
Princ/Worker |
TCP/6379 |
Redis |
Analytics |
Princ/Worker |
UDP/25826 |
Collectd |
Analytics |
NTP Server |
UDP/123 |
NTP |
Analytics |
DNS Server |
UDP/53 |
DNS |
1.3.3.2. Sizing an ON Analytics Instance
The dimension of Network Access solution infrastructure can be directly inferred from the expected workload in terms of users, IPs, types of authentication or use cases deployed that the NAC must sustain. The workload may be complicated to estimate, but this is a crucial exercise to build an efficient NAC Architecture. In general, you can increase its capacity by adding more nodes of some components. The current user’s growth is achieved by adding more nodes in an N + 1 scheme through a load balancer.
When the network requires capturing 10 Gb, it will be necessary to implement hardware sensors with cards compatible with accelerated drivers from pFring.
The hardware specifications for ON Analytics are:
Resources |
Minimum |
Recommended |
|---|---|---|
Memory |
16 GB |
64 GB |
CPU |
8 CPU |
16 CPU |
Disk Size |
200 GB |
According to the architecture |
Disk Type |
SCSI/SATA |
SSD |
Network |
2 NIC |
2 NIC** |
Note
* It depends on the amount of information that needs to be stored.
** The 2 network interfaces are mainly for service and management (internal communication between the different nodes).
1.3.3.3. Installed Packages
This section provides a comprehensive list of installed packages on the ON Analytics component, along with their respective descriptions. These packages play a crucial role in supporting various functionalities and services, ensuring a robust and efficient operating environment.
Package Name |
Description |
|---|---|
acl |
Access control list utilities for controlling POSIX user access to files and directories. |
alsa-lib |
The Advanced Linux Sound Architecture (ALSA) provides audio and MIDI functionality to the Linux operating system. |
apr |
The Apache Portable Runtime (APR) provides a library of C data structures and routines for use by applications. |
apr-util |
The Apache Portable Runtime Utility Library (APR-Util) provides additional utility interfaces for APR. |
apr-util-bdb |
Berkeley DB driver for the Apache Portable Runtime Utility Library. |
apr-util-openssl |
OpenSSL driver for the Apache Portable Runtime Utility Library. |
atk |
The ATK library provides a set of interfaces for accessibility. |
audit |
The Linux Audit daemon provides audit logging for the system. |
audit-libs |
Libraries for the userspace interface to the Linux kernel’s audit subsystem. |
authselect |
A command-line tool to select the system’s authentication configuration. |
authselect-libs |
Libraries for the authselect package. |
avahi-libs |
Libraries for Avahi, a DNS-SD/mDNS system for service discovery. |
basesystem |
The basic package that defines the essential components of a Red Hat Enterprise Linux system. |
bash |
The GNU Bourne Again SHell (bash) is an sh-compatible shell with enhancements. |
bind-export-libs |
Exported bind libraries for dynamic DNS (DDNS) clients. |
bind-libs |
Libraries used by the BIND DNS packages. |
bind-libs-lite |
Lightweight versions of BIND libraries. |
bind-license |
License of the BIND DNS suite. |
bind-utils |
Utilities for querying DNS name servers. |
binutils |
A set of GNU Binary Utilities used for building and managing binary programs. |
biosdevname |
Udev helper for naming devices per BIOS names. |
bison |
Bison is a parser generator utility. |
bridge-utils |
Utilities for configuring the Linux Ethernet bridge. |
brotli |
Brotli is a generic-purpose lossless compression algorithm. |
bzip2-libs |
Libraries for applications using bzip2 compression. |
ca-certificates |
The Mozilla CA certificates bundle. |
cairo |
Cairo is a 2D graphics library with support for multiple output devices. |
c-ares |
A library that performs DNS requests and name resolutions asynchronously. |
chkconfig |
A system tool for maintaining the /etc/rc*.d hierarchy. |
chrony |
An implementation of the Network Time Protocol (NTP). |
collectd |
A statistics collection daemon for filling RRD files. |
collectd-disk |
Disk plugin for collectd, the statistics collection daemon. |
copy-jdk-configs |
JDKs configuration files copier. |
coreutils |
The GNU core utilities: a set of tools for file and shell tasks. |
coreutils-common |
Core utilities shared and used by a majority of the system. |
cpio |
A GNU archiving program. |
cpp |
The C Preprocessor. |
cracklib |
A password-checking library. |
cracklib-dicts |
CrackLib dictionaries. |
cronie |
Cronie is a standard UNIX daemon cron. |
cronie-anacron |
Utility for running regular jobs. |
crontabs |
Crontab files used to schedule the execution of programs. |
crypto-policies |
Crypto policies package for the libcrypto library. |
crypto-policies-scripts |
Scripts for managing crypto policies. |
cryptsetup-libs |
Cryptsetup shared library. |
cups-libs |
CUPS printing system - libraries. |
curl |
A utility for getting files from remote servers (FTP, HTTP, and others). |
cyrus-sasl-lib |
Shared libraries needed by applications which use Cyrus SASL. |
dbus |
D-Bus is a system for sending messages between applications. |
dbus-common |
Common files for D-Bus. |
dbus-daemon |
D-Bus message daemon. |
dbus-glib |
GLib bindings for D-Bus. |
dbus-libs |
Libraries for accessing D-Bus. |
dbus-tools |
D-Bus control utility. |
dejavu-fonts-common |
Common files for the Dejavu font set. |
dejavu-sans-fonts |
Sans-serif fonts family from the Dejavu project. |
device-mapper |
Device Mapper (DM) is a logical volume manager for the Linux kernel. |
device-mapper-event |
Device-mapper event daemon. |
device-mapper-event-libs |
Libraries for device-mapper-event. |
device-mapper-libs |
Device-mapper shared library. |
device-mapper-persistent-data |
Device-mapper persistent data tool. |
dhcp-client |
Provides the ISC DHCP client daemon and dhclient-script. |
dhcp-common |
Common files used by ISC DHCP client and server. |
dhcp-libs |
Libraries used by the ISC DHCP client and server. |
diffutils |
A GNU collection of diff utilities. |
dkms |
Dynamic Kernel Module Support Framework. |
dmidecode |
Tool to analyze BIOS DMI data. |
dnf |
Next-generation package manager. |
dnf-data |
Data files for DNF. |
dnf-plugins-core |
Core plugins for DNF. |
dracut |
Initramfs generator using udev. |
dracut-config-rescue |
Dracut configuration files for the rescue image. |
dracut-network |
Dracut modules to build a dracut initramfs with network support. |
dracut-squash |
Dracut modules to build a dracut initramfs with squashfs support. |
e2fsprogs |
Utilities for managing the second extended (ext2) filesystem. |
e2fsprogs-libs |
Ext2 filesystem-specific shared libraries. |
elasticsearch |
Elasticsearch is a distributed RESTful search engine. |
elfutils-debuginfod-client |
Utility to download and cache debuginfo files for binaries |
file |
A utility to determine the file type. |
file-libs |
Libraries for the file package. |
filesystem |
Basic directory layout for a Linux system. |
findutils |
The GNU find utilities. |
firewalld |
A firewall daemon with D-Bus interface. |
firewalld-filesystem |
Firewalld directory layout and default configuration files. |
flex |
A tool for generating text-scanning programs. |
fontconfig |
Font configuration and customization library. |
fontpackages-filesystem |
Directories used by font packages. |
freetype |
A font rendering library. |
fribidi |
A Free Implementation of the Unicode Bidirectional Algorithm. |
fstrm |
Frame Streams implementation in C. |
fuse |
File System in Userspace (FUSE) libraries. |
fuse-common |
Common files for File System in Userspace (FUSE). |
fuse-libs |
FUSE libraries. |
gawk |
The GNU version of the AWK text processing utility. |
gcc |
The GNU Compiler Collection - C and C++ frontends. |
gdbm |
A GNU set of database routines. |
gdbm-libs |
Libraries for the GNU database routines. |
gdk-pixbuf2 |
An image loading library. |
gdk-pixbuf2-modules |
Additional file format support for gdk-pixbuf2. |
geolite2-city |
Free version of MaxMind’s GeoIP2 City database. |
geolite2-country |
Free version of MaxMind’s GeoIP2 Country database. |
gettext |
GNU libraries and utilities for producing multi-lingual messages. |
gettext-libs |
Libraries for gettext. |
giflib |
Library for reading and writing GIF images. |
git |
Fast, scalable, distributed revision control system. |
git-core |
Core package of git with minimal functionality. |
git-core-doc |
Documentation files for git-core. |
glib2 |
A library of C routines. |
glibc |
The GNU C Library. |
glibc-all-langpacks |
All language packs for glibc. |
glibc-common |
Common binaries and locale data for glibc. |
glibc-devel |
Object files for development using standard C libraries. |
glibc-gconv-extra |
Non-ASCII-specific GB18030 and GB2312 support files for glibc. |
glibc-headers |
Header files for development using standard C libraries. |
gmp |
A GNU set of multiple-precision arithmetic routines. |
gnupg2 |
Utility for secure communication and data storage. |
gnupg2-smime |
CMS encryption and signing tool and smart card support for GnuPG. |
gnutls |
A TLS protocol implementation. |
gobject-introspection |
Introspection system for GObject-based libraries. |
gpgme |
GnuPG Made Easy is a library for making GnuPG easier to use. |
gpg-pubkey |
GPG keys of the CentOS/RHEL package signing authority. |
gpm-libs |
A library for the mouse support. |
graphite2 |
A smart font renderer for non-Roman scripts. |
grep |
The GNU versions of the grep pattern matching utilities. |
groff-base |
Parts of the groff formatting system required to display man pages. |
grub2-common |
Common files for GRUB2. |
grub2-pc |
GRUB2 for PC/BIOS. |
grub2-pc-modules |
Core GRUB2 modules necessary for booting a PC/BIOS system. |
grub2-tools |
Bootloader with support for Linux, Multiboot, and more. |
grub2-tools-efi |
EFI support for GRUB2. |
grub2-tools-extra |
Extra GRUB2 modules for special cases. |
grub2-tools-minimal |
Minimal GRUB2 configuration for use on media with simple boot needs. |
grubby |
Command-line tool for updating bootloader configurations. |
gtk2 |
The GTK+ toolkit library (version 2). |
gtk-update-icon-cache |
A program for creating icon caches. |
gzip |
The GNU data compression program. |
hardlink |
Create hardlinks in a special directory. |
harfbuzz |
An OpenType text shaping engine. |
hdparm |
A utility for displaying and/or setting hard disk parameters. |
hicolor-icon-theme |
A high-color icon theme shell from the FreeDesktop project. |
hiredis |
Minimalistic C client library for Redis. |
hostname |
Utility to set/show the host name or domain name. |
httpd |
Apache HTTP Server. |
httpd-filesystem |
The basic directory layout for the Apache HTTP Server. |
httpd-tools |
Tools for use with the Apache HTTP Server. |
hwdata |
Hardware identification and configuration data. |
ima-evm-utils |
IMA/EVM control utility and libraries. |
info |
A stand-alone TTY-based reader for GNU texinfo documentation. |
initscripts |
Scripts for initializing and shutting down the system. |
ipcalc |
A utility for performing IP subnet calculations. |
iproute |
IP routing utilities for the Linux kernel. |
iprutils |
Utilities for the IBM Power Linux RAID adapters. |
ipset |
Tools for managing IP sets. |
ipset-libs |
Development files for ipset libraries. |
iptables |
Tools for managing Linux kernel packet filtering capabilities. |
iptables-ebtables |
IPv4 packet filter using extended Berkeley packet filters. |
iptables-libs |
Libraries used by the iptables package. |
iptables-services |
SysV init scripts for iptables. |
iputils |
Network monitoring tools including ping. |
irqbalance |
A daemon to balance interrupts for SMP systems. |
isl |
Integer Set Library for the polyhedral model. |
iwl1000-firmware |
Firmware for Intel Wireless WiFi Link 1000 Series Adapters. |
iwl100-firmware |
Firmware for Intel Wireless WiFi Link 100 Series Adapters. |
iwl105-firmware |
Firmware for Intel Wireless WiFi Link 105 Series Adapters. |
iwl135-firmware |
Firmware for Intel Wireless WiFi Link 135 Series Adapters. |
iwl2000-firmware |
Firmware for Intel Wireless WiFi Link 2000 Series Adapters. |
iwl2030-firmware |
Firmware for Intel Wireless WiFi Link 2030 Series Adapters. |
iwl3160-firmware |
Firmware for Intel Wireless WiFi Link 3160 Series Adapters. |
iwl5000-firmware |
Firmware for Intel Wireless WiFi Link 5000 Series Adapters. |
iwl5150-firmware |
Firmware for Intel Wireless WiFi Link 5150 Series Adapters. |
iwl6000-firmware |
Firmware for Intel Wireless WiFi Link 6000 Series Adapters. |
iwl6000g2a-firmware |
Firmware for Intel Wireless WiFi Link 6000 Series Adapters. |
iwl6050-firmware |
Firmware for Intel Wireless WiFi Link 6050 Series Adapters. |
iwl7260-firmware |
Firmware for Intel Wireless WiFi Link 7260 Series Adapters. |
jansson |
C library for encoding, decoding, and manipulating JSON data. |
jasper-libs |
Runtime libraries for JasPer, a JPEG 2000 codec. |
java-1.8.0-openjdk |
OpenJDK Runtime Environment 1.8. |
java-1.8.0-openjdk-headless |
The headless runtime environment for OpenJDK 1.8. |
JA4 |
Provides SSH fingerprinting functionality. |
javapackages-filesystem |
Base filesystem layout for Java packages. |
jbigkit-libs |
JBIG1 lossless image compression library. |
jemalloc |
General-purpose scalable concurrent malloc(3) implementation. |
jq |
A lightweight and flexible command-line JSON processor. |
json-c |
A JSON implementation in C. |
kbd |
Tools for configuring the console (keyboard, virtual terminals, etc.). |
kbd-legacy |
Legacy tools for configuring the console. |
kbd-misc |
Miscellaneous files for the kbd package. |
kernel |
Meta-package to install the kernel and its modules. |
kernel |
The Linux kernel. |
kernel |
The Linux kernel (meta-package). |
kernel-core |
The core files needed for the Linux kernel. |
kernel-core |
The core files needed for the Linux kernel. |
kernel-core |
The core files needed for the Linux kernel. |
kernel-devel |
Development files for building kernel modules. |
kernel-devel |
Development files for building kernel modules. |
kernel-devel |
Development files for building kernel modules. |
kernel-headers |
Header files for the Linux kernel for use by glibc. |
kernel-modules |
Kernel modules to match the core kernel. |
kernel-modules |
Kernel modules to match the core kernel. |
kernel-modules |
Kernel modules to match the core kernel. |
kernel-tools |
Kernel-tools to match the core kernel. |
kernel-tools-libs |
Libraries for the kernel-tools. |
kexec-tools |
The kexec/kdump user-space component. |
keyutils-libs |
Libraries for the keyutils package. |
keyutils-libs-devel |
Development package for building kernel modules to match the core kernel. |
kibana |
Explore and visualize logs and time-stamped data. |
kmod |
Kernel module management utilities. |
kmod-libs |
Libraries for kmod. |
kpartx |
Partition device manager for device-mapper devices. |
krb5-devel |
Development files for building krb5 applications. |
krb5-libs |
The non-admin shared libraries used by Kerberos 5. |
less |
A text file viewer similar to more but with better support for large files. |
libacl |
Dynamic library for access control list support. |
libaio |
Library for asynchronous I/O access. |
libarchive |
Library for reading and writing streaming archives. |
libassuan |
GnuPG IPC library. |
libattr |
Dynamic library for extended attribute support. |
libbasicobjects |
Basic object types for C. |
libblkid |
Block device ID library. |
libbpf |
BPF shared library. |
libbsd |
Library providing BSD-compatible functions for portability. |
libcap |
Library for getting and setting POSIX.1e capabilities. |
libcap-ng |
An alternate POSIX capabilities library. |
libcollection |
Collection data-type for C. |
libcom_err |
Common error description library. |
libcom_err-devel |
Development files for libcom_err. |
libcomps |
Comps library. |
libcroco |
A CSS2 parsing library. |
libcurl |
A library for getting files from web servers. |
libdaemon |
Library for daemon-related tasks. |
libdatrie |
Double-Array Trie Library. |
libdb |
The Berkeley DB database library. |
libdb-utils |
Command-line tools for managing Berkeley DB databases. |
libdhash |
Dynamic hash tables for C. |
libdnf |
Package library providing package and repository manipulation functionality. |
libdrm |
Direct Rendering Manager runtime library. |
libedit |
The NetBSD Editline library. |
libestr |
Library for some string essentials. |
libevent |
Abstract asynchronous event notification library. |
libfastjson |
A JSON implementation in C. |
libfdisk |
Library for low-level partitioning. |
libffi |
A portable foreign function interface library. |
libfontenc |
X.Org X11 libfontenc runtime library. |
libgcc |
GCC version 10 runtime library. |
libgcrypt |
A general-purpose cryptographic library. |
libgearman |
Gearman C client library. |
libgomp |
GCC OpenMP v4.5 shared support library. |
libgpg-error |
Library for error values used by GnuPG components. |
libibverbs |
Library to use InfiniBand. |
libidn2 |
Internationalized string handling library. |
libini_config |
INI file parser for C. |
libjpeg-turbo |
SIMD-accelerated JPEG codec which replaces libjpeg. |
libkadm5 |
Kerberos 5 administrative interface library. |
libkcapi |
Linux Kernel Crypto API userspace interface library. |
libkcapi-hmaccalc |
HMAC calculation using the Linux Kernel Crypto API. |
libksba |
X.509 and CMS library. |
libldb |
An LDAP-like embedded database. |
liblzf |
Small data compression library. |
libmaxminddb |
C library for the MaxMind DB file format. |
libmd |
Library providing message digest functions. |
libmetalink |
Metalink library written in C. |
libmnl |
Minimalistic Netlink communication library. |
libmodulemd |
Library for manipulating module metadata. |
libmount |
Device mounting library. |
libmpc |
Arithmetic library for multiple-precision complex numbers. |
libmspack |
Library for Microsoft compression formats. |
libndp |
Library for Neighbor Discovery Protocol. |
libnetfilter_conntrack |
Netfilter conntrack userspace library. |
libnfnetlink |
Netfilter netlink userspace library. |
libnfsidmap |
NFSv4 ID-name mapping library. |
libnftnl |
Netfilter Library providing a low-level netlink programming interface. |
libnghttp2 |
A library implementing the HTTP/2 protocol. |
libnl3 |
Libraries providing netlink socket library. |
libnl3-cli |
Command-line utilities for working with netlink sockets. |
libnsl2 |
Public client interface library for NIS(YP) and NIS+. |
libpath_utils |
Filesystem Path Utilities. |
libpcap |
A system-independent interface for user-level packet capture. |
libpciaccess |
PCI access library. |
libpipeline |
Library for manipulating pipelines of subprocesses. |
libpkgconf |
Package compiler and linker metadata toolkit. |
libpng |
A library of functions for manipulating PNG image format files. |
libpsl |
C library for the Public Suffix List. |
libpwquality |
Library for password quality checking and generation. |
libref_array |
Dynamic arrays for C. |
librepo |
Library for downloading repository metadata. |
libreport-filesystem |
Filesystem layout for libreport. |
libretls |
TLS library. |
libseccomp |
High-level interface to Linux seccomp filter. |
libsecret |
Library for storing and retrieving passwords and other secrets. |
libselinux |
SELinux library. |
libselinux-devel |
Header files and libraries used to build policy manipulation tools. |
libselinux-utils |
SELinux utility library. |
libsemanage |
SELinux binary policy manipulation library. |
libsepol |
SELinux binary policy manipulation library. |
libsepol-devel |
Header files and libraries used to build policy manipulation tools. |
libsigsegv |
Handling page faults in user mode. |
libsmartcols |
Command-line tools for column-aligned binary text in a terminal. |
libsolv |
Package dependency solver. |
libss |
Utility library for the snapshot feature of device-mapper. |
libssh |
A library implementing the SSH protocols. |
libssh-config |
Configuration files for libssh. |
libsss_autofs |
FreeIPA Autofs Library. |
libsss_certmap |
FreeIPA Certificate Mapping Library. |
libsss_idmap |
FreeIPA ID Mapping Library. |
libsss_nss_idmap |
FreeIPA NSS ID Mapper Library. |
libsss_sudo |
FreeIPA SUDO Library. |
libstdc++ |
GNU Standard C++ Library. |
libsysfs |
Library for reading and writing sysfs filesystem nodes. |
libtalloc |
Library implementing a hierarchical, reference-counted memory pool system. |
libtasn1 |
ASN.1 library. |
libtdb |
Library providing key-value storage. |
libteam |
Library for controlling team network device. |
libtevent |
Event system based on the talloc memory management library. |
libthai |
Thai language support routines. |
libtiff |
Library of functions for manipulating TIFF format image files. |
libtirpc |
Transport-independent RPC library. |
libtool-ltdl |
Runtime libraries for GNU Libtool Dynamic Module Loader. |
libunistring |
GNU Unicode string library. |
libusbx |
A library for accessing USB devices. |
libuser |
A user and group account administration library. |
libutempter |
Library for privileged processes to update utmp/wtmp entries. |
libuuid |
Universally unique ID library. |
libverto |
Main loop abstraction library. |
libverto-devel |
Development files for libverto. |
libX11 |
X.Org X11 protocol client library. |
libX11-common |
Common files for libX11. |
libXau |
X.Org X11 libXau runtime library. |
libxcb |
X.Org X11 xcb library. |
libXcomposite |
X.Org X11 libXcomposite runtime library. |
libxcrypt |
Extended crypt library for DES, MD5, and Blowfish password encryption. |
libxcrypt-devel |
Development files for libxcrypt. |
libXcursor |
X.Org X11 libXcursor runtime library. |
libXdamage |
X.Org X11 libXdamage runtime library. |
libXext |
X.Org X11 libXext runtime library. |
libXfixes |
X.Org X11 libXfixes runtime library. |
libXft |
X.Org X11 libXft runtime library. |
libXi |
X.Org X11 libXi runtime library. |
libXinerama |
X.Org X11 libXinerama runtime library. |
libxkbcommon |
X.Org X11 libxkbcommon runtime library. |
libxml2 |
Library providing XML and HTML support. |
libXrandr |
X.Org X11 libXrandr runtime library. |
libXrender |
X.Org X11 libXrender runtime library. |
libxslt |
Library providing the GNOME XSLT engine. |
libXtst |
X.Org X11 libXtst runtime library. |
libyaml |
YAML 1.1 parser and emitter written in C. |
libzstd |
Zstandard compression library. |
linux-firmware |
Firmware files used by the Linux kernel. |
lksctp-tools |
User-space access to Linux Kernel SCTP. |
lmdb-libs |
Memory-mapped key-value database library. |
lm_sensors-libs |
Libraries for sensors-3. |
logrotate |
Rotates, compresses, removes, and mails system log files. |
logstash |
An open source, server-side data processing pipeline. |
lshw |
Hardware lister. |
lsscsi |
List SCSI devices (or hosts) and associated information. |
lua |
Powerful, lightweight programming language. |
lua-libs |
Libraries for the Lua programming language. |
lvm2 |
Userland logical volume management tools. |
lvm2-libs |
Shared libraries for lvm2. |
lz4-libs |
Libraries for lz4. |
lzo |
Data compression library with very fast (de)compression. |
m4 |
The GNU macro processor. |
mailcap |
Helper application and MIME type associations for file types. |
make |
A GNU tool which simplifies the build process for users. |
man-db |
Tools for searching and reading man pages. |
mariadb-connector-c |
MariaDB database connector for C applications. |
mariadb-connector-c-config |
Configuration files for MariaDB database connector for C applications. |
memstrack |
Tracks memory usage in malloc. |
microcode_ctl |
Tool to update x86/x86-64 CPU microcode. |
mod_http2 |
Apache HTTP/2 module. |
mozjs60 |
JavaScript interpreter and libraries for SpiderMonkey. |
mpfr |
Library for multiple-precision floating-point computations. |
nagios-common |
Provides common directories, uid, and gid among nagios-related packages. |
nagios-plugins |
Host/service/network monitoring program plugins for Nagios. |
nagios-plugins-dig |
Nagios Plugin - check_dns. |
nagios-plugins-http |
Nagios Plugin - check_http. |
nagios-plugins-load |
Nagios Plugin - check_load. |
nagios-plugins-mysql |
Nagios Plugin - check_mysql. |
nagios-plugins-procs |
Nagios Plugin - check_procs. |
nano |
A small text editor. |
ncurses |
A CRT screen handling and optimization package. |
ncurses-base |
Descriptions of common terminal types. |
ncurses-libs |
Ncurses libraries. |
ndpi |
Open source deep packet inspection library. |
netcat |
Reads and writes data across network connections using TCP or UDP. |
net-snmp |
A collection of SNMP protocol tools and libraries. |
net-snmp-agent-libs |
Libraries for SNMP (Simple Network Management Protocol) agents. |
net-snmp-libs |
Libraries for Network management (SNMP), from the NET-SNMP project. |
net-snmp-utils |
Network management utilities using SNMP, from the NET-SNMP project. |
nettle |
Nettle cryptographic library. |
net-tools |
Basic networking tools. |
NetworkManager |
Network connection manager and user applications. |
NetworkManager-initscripts-updown |
Legacy network interface control scripts. |
NetworkManager-libnm |
Libraries for adding NetworkManager support to applications. |
NetworkManager-team |
Team device plugin for NetworkManager. |
NetworkManager-tui |
Text User Interface for NetworkManager. |
newt |
A development library for text mode user interfaces. |
nftables |
Netfilter Tables userspace utillities. |
nginx-filesystem |
The basic directory layout for the nginx server. |
nodejs |
JavaScript runtime. |
nodejs-full-i18n |
Node.js full library with internationalization (i18n) features. |
npm |
Node.js Package Manager. |
npth |
New Portable Threads Library. |
nspr |
Netscape Portable Runtime. |
nss |
Network Security Services. |
nss-softokn |
Network Security Services Softoken Module. |
nss-softokn-freebl |
Network Security Services Freebl Library. |
nss-sysinit |
System NSS Initialization. |
nss-util |
Network Security Services Utilities Library. |
ntpstat |
Utility to check status of a Network Time Protocol server. |
numactl |
Simple NUMA policy support. |
numactl-libs |
Library for running programs on NUMA hardware. |
oniguruma |
Regular expressions library. |
openldap |
LDAP support libraries. |
opennac-aggregator |
OpenNAC tools. |
opennac-analytics |
OpenNAC tools. |
opennac-gpg-key |
OpenNAC tools. |
opennac-healthcheck |
OpenNAC tools. |
openssh |
An open source SSH client/server daemon. |
openssh-clients |
The OpenSSH client applications. |
openssh-server |
The OpenSSH server daemon. |
openssl |
Utilities from the general purpose cryptography library with TLS implementation. |
openssl-devel |
Files for development of applications which will use OpenSSL. |
openssl-libs |
A general-purpose cryptography library with TLS implementation. |
openssl-pkcs11 |
PKCS#11 engine for OpenSSL. |
open-vm-tools |
Open Virtual Machine Tools for virtual machines hosted on VMware. |
os-prober |
Probes disks on the system for installed operating systems. |
p11-kit |
Provides a way to load and enumerate PKCS#11 modules. |
p11-kit-trust |
System trust module from p11-kit. |
pam |
A security tool which provides authentication for applications. |
pango |
System for layout and rendering of internationalized text. |
parted |
The GNU disk partition manipulation program. |
passwd |
An utility for setting or changing passwords using PAM. |
patch |
Utility for modifying/upgrading files. |
pciutils |
PCI bus related utilities. |
pciutils-libs |
PCI bus related utilities library. |
pcre |
Perl-compatible regular expression library. |
pcre2 |
Newer version of the PCRE library. |
pcre2-devel |
Development files for pcre2. |
pcre2-utf16 |
Unicode support for PCRE2. |
pcre2-utf32 |
Unicode support for PCRE2. |
perl-Carp |
Perl module containing alternative warn and die methods. |
perl-constant |
Perl pragma to declare constants. |
perl-Data-Dumper |
Perl module to assist in debugging perl data structures. |
perl-Digest |
Modules that calculate message digests. |
perl-Digest-MD5 |
Perl interface to the MD5 Algorithm. |
perl-Encode |
Character encodings in Perl. |
perl-Errno |
Perl module providing access to system errno constants. |
perl-Error |
Error/exception handling in an OO-ish way. |
perl-Exporter |
Perl module providing a default exporter. |
perl-File-Path |
Perl module for creating or removing directory trees. |
perl-File-Temp |
Perl module to generate temporary files or directories safely. |
perl-Getopt-Long |
Extended processing of command line options. |
perl-Git |
Perl interface to Git. |
perl-HTTP-Tiny |
A small, simple, correct HTTP/1.1 client. |
perl-interpreter |
The Perl programming language interpreter. |
perl-IO |
Perl module that provides load and dump capabilities for Perl objects. |
perl-IO-Socket-IP |
Drop-in replacement for IO::Socket::INET supporting IPv4 and IPv6. |
perl-IO-Socket-SSL |
Nearly transparent SSL encapsulation for IO::Socket::INET. |
perl-libnet |
Library for the construction and use of network servers and clients. |
perl-libs |
Perl shared library. |
perl-macros |
Macros for Perl. |
perl-MIME-Base64 |
Encoding and decoding of base64 and quoted-printable strings. |
perl-Mozilla-CA |
Mozilla’s CA cert bundle. |
perl-Net-SSLeay |
Perl extension for using OpenSSL. |
perl-parent |
Establish an ISA relationship with base classes at compile time. |
perl-PathTools |
PathTools module for Perl. |
perl-Pod-Escapes |
Perl module for resolving Pod E<…> sequences. |
perl-podlators |
Convert POD data to various output formats. |
perl-Pod-Perldoc |
Look up Perl documentation in Pod format. |
perl-Pod-Simple |
Framework for parsing Pod. |
perl-Pod-Usage |
Print a usage message from embedded pod documentation. |
perl-Scalar-List-Utils |
List utility functions. |
perl-Socket |
Networking constants and support functions. |
perl-Storable |
Persistence for Perl data structures. |
perl-Term-ANSIColor |
Color screen output using ANSI escape sequences. |
perl-Term-Cap |
Perl termcap interface. |
perl-TermReadKey |
A perl module for simple terminal control. |
perl-Text-ParseWords |
Parses text into an array of tokens or array of arrays. |
perl-Text-Tabs+Wrap |
Line wrapping to form simple paragraphs. |
perl-threads |
Perl interpreter-based threads. |
perl-threads-shared |
Perl extension for sharing data structures between threads. |
perl-Time-Local |
Non-system time library functions. |
perl-Unicode-Normalize |
Unicode Normalization Forms. |
perl-URI |
A Perl module implementing Generic URI Parsing. |
pfring |
Open source DNA matching software. |
php |
PHP scripting language for creating dynamic web sites. |
php-cli |
Command-line interface for PHP. |
php-common |
Common files for PHP. |
php-fpm |
PHP FastCGI Process Manager. |
php-mbstring |
A module for PHP applications which need multi-byte string handling. |
php-opcache |
The Zend OPcache. |
php-pdo |
A database access abstraction module for PHP applications. |
php-pecl-igbinary |
Replacement for the standard PHP serializer. |
php-pecl-msgpack |
API for communicating with Redis through msgpack serialization. |
php-pecl-redis5 |
Extension for communicating with the Redis key-value store. |
php-process |
Modules for PHP script using system process interfaces. |
php-xml |
A module for PHP applications which use XML. |
pigz |
Parallel implementation of gzip. |
pinentry |
Collection of simple PIN or passphrase entry dialogs. |
pixman |
Pixel manipulation library. |
pkgconf |
Package compiler and linker metadata toolkit. |
pkgconf-m4 |
Package compiler and linker metadata toolkit. |
pkgconf-pkg-config |
Package compiler and linker metadata toolkit. |
platform-python |
Python interpreter for the platform. |
platform-python-pip |
Installs Python packages as an end user. |
platform-python-setuptools |
Easily build and distribute Python packages. |
policycoreutils |
SELinux policy core utilities. |
polkit |
Authorization Framework. |
polkit-libs |
Libraries for polkit. |
polkit-pkla-compat |
PKLA compatibility for polkit. |
popt |
A C library for parsing command line parameters. |
prefixdevname |
udev helper for renaming network devices. |
procps-ng |
System and process monitoring utilities. |
protobuf-c |
C bindings for Google Protocol Buffers. |
psmisc |
Utilities for managing processes on your system. |
publicsuffix-list-dafsa |
Cross-vendor public domain suffix list. |
python36 |
Version 3.6 of the Python programming language. |
python39 |
Version 3.9 of the Python programming language. |
python39-devel |
Libraries and header files needed for Python 3.9 development. |
python39-libs |
Python 3.9 runtime libraries. |
python39-pip |
A tool for installing and managing Python 3.9 packages. |
python39-pip-wheel |
Wheels for the python39-pip package. |
python39-setuptools |
Easily build and distribute Python 3.9 packages. |
python39-setuptools-wheel |
Wheels for the python39-setuptools package. |
python39-six |
Python 2 and 3 compatibility utilities. |
python3-bind |
A DNS toolkit for Python. |
python3-configobj |
Config file reading, writing, and validation. |
python3-dateutil |
Powerful extensions to the standard datetime module. |
python3-dbus |
Python 3 bindings for D-Bus. |
python3-decorator |
Better living through Python with decorators. |
python3-dnf |
Python 3 interface to DNF. |
python3-dnf-plugins-core |
Core plugins for DNF. |
python3-firewall |
Python 3 bindings for firewalld. |
python3-gobject-base |
Python 3 bindings for GLib/GObject/GIO/GTK+ (base module). |
python3-gpg |
Python 3 bindings for GPG. |
python3-hawkey |
Python 3 bindings for the hawkey library. |
python3-libcomps |
Python bindings for libcomps library. |
python3-libdnf |
Python 3 bindings for libdnf. |
python3-libs |
The libraries for python3. |
python3-libselinux |
Python 3 bindings for libselinux. |
python3-linux-procfs |
Linux /proc file system support for Python 3. |
python3-nftables |
Python3 bindings for libnftables. |
python3-perf |
Python 3 bindings for perf events. |
python3-pip |
A tool for installing and managing Python3 packages. |
python3-pip-wheel |
Wheels for the python3-pip package. |
python3-ply |
Python Lex-Yacc. |
python3-pyudev |
A libudev binding. |
python3-rpm |
Python 3 bindings for apps which will manipulate RPM packages. |
python3-schedutils |
Linux scheduler python bindings. |
python3-setuptools |
Easily build and distribute Python 3 packages. |
python3-six |
Python 2 and 3 compatibility utilities. |
python3-slip |
Miscellaneous convenience, extension and workaround code for Python. |
python3-slip-dbus |
Convenience functions for dbus services. |
python3-syspurpose |
A library for finding out the purpose of a system. |
python3-systemd |
Python 3 bindings for systemd. |
python3-unbound |
Python 3 modules for Unbound DNS resolver. |
rdma-core |
InfiniBand/iWARP management utilities and InfiniBand diagnostic commands. |
readline |
Library for editing typed command lines. |
redis |
A persistent key-value database. |
rocky-gpg-keys |
GPG keys for Rocky Linux packages. |
rocky-logos-httpd |
Web server icons for Rocky Linux. |
rocky-release |
Release information for Rocky Linux. |
rocky-repos |
Repository configuration files for Rocky Linux. |
rootfiles |
The basic required files for the root user’s directory. |
rpm |
The RPM package management system. |
rpm-build-libs |
Libraries for building RPM packages. |
rpm-libs |
Libraries for RPM runtime support. |
rpm-plugin-selinux |
SELinux plugin for RPM. |
rpm-plugin-systemd-inhibit |
Systemd inhibit plugin for RPM. |
rsyslog |
Enhanced system logging and kernel message trapping daemon. |
ruby |
An interpreter of object-oriented scripting language. |
rubygem-bigdecimal |
BigDecimal provides arbitrary-precision floating point decimal arithmetic. |
rubygem-did_you_mean |
“Did you mean?” experience in Ruby. |
rubygem-io-console |
IO/console interface for Ruby. |
rubygem-json |
JSON implementation for Ruby. |
rubygem-openssl |
OpenSSL provides SSL, TLS, and general purpose cryptography for Ruby. |
rubygem-psych |
A libyaml wrapper for Ruby. |
rubygem-rdoc |
RDoc produces HTML and online documentation for Ruby projects. |
rubygems |
Ruby package manager. |
ruby-irb |
Interactive Ruby. |
ruby-libs |
Libraries necessary to run Ruby. |
screen |
A screen manager that supports multiple logins on one terminal. |
sed |
A GNU stream editor. |
selinux-policy |
SELinux policy configuration. |
selinux-policy-targeted |
The targeted userspace SELinux policy configuration. |
setup |
A set of system configuration and setup files. |
sg3_utils |
Utilities for devices using the SCSI command set. |
sg3_utils-libs |
Shared libraries for sg3_utils. |
shadow-utils |
Utilities for managing shadow password files and user/group accounts. |
shared-mime-info |
Shared MIME information database. |
slang |
The shared library for the S-Lang extension language. |
snappy |
A fast compressor/decompressor library. |
sqlite-libs |
Shared library for the SQLite embeddable SQL database engine. |
squashfs-tools |
Utilities for the creation of compressed squashfs images. |
sshpass |
A non-interactive SSH password authentication tool. |
sssd-client |
SSSD client libraries. |
sssd-common |
Common files for the SSSD. |
sssd-kcm |
SSSD KCM responder and client libraries. |
sssd-nfs-idmap |
SSSD NFSv4 ID Mapper. |
sudo |
Allows restricted root access for specified users. |
systemd |
A system and service manager. |
systemd-libs |
Libraries for systemd. |
systemd-pam |
PAM module for systemd. |
systemd-udev |
Rules for udev and hardware hotplug support. |
tar |
A GNU file archiving program. |
tcpdump |
A network traffic monitoring tool. |
teamd |
A daemon to control and monitor team network devices. |
telnet |
The client program for the Telnet remote login protocol. |
timedatex |
Timezone information. |
tpm2-tss |
TCG TPM2 Software Stack (TSS) with resource manager. |
trousers |
The open-source TCG Software Stack v1.2. |
trousers-lib |
The open-source TCG Software Stack v1.2 shared libraries. |
ttmkfdir |
Utility to create fonts.scale files for TrueType fonts. |
tuned |
A dynamic adaptive system tuning daemon. |
tzdata |
Timezone data. |
tzdata-java |
Timezone data for Java. |
unbound-libs |
Libraries for the Unbound DNS resolver. |
usbutils |
Linux USB utilities. |
util-linux |
A collection of basic system utilities. |
vim-common |
The common files needed by any version of the VIM editor. |
vim-enhanced |
A version of the VIM editor which includes recent enhancements. |
vim-filesystem |
VIM filesystem layout. |
vim-minimal |
A minimal version of the VIM editor. |
virt-what |
Detect if we are running in a virtual machine. |
wget |
A utility for retrieving files using the HTTP, HTTPS, and FTP protocols. |
which |
A utility to show the full path of commands. |
xfsprogs |
Utilities for managing the XFS filesystem. |
xkeyboard-config |
X Keyboard Extension configuration data. |
xmlsec1 |
Library providing support for “XML Signature” and “XML Encryption” standards. |
xmlsec1-openssl |
OpenSSL crypto plugin for XMLSec library. |
xorg-x11-fonts-Type1 |
X.Org X11 Type1 font files. |
xorg-x11-font-utils |
X.Org X11 font utilities. |
xz |
LZMA compression utilities. |
xz-libs |
Libraries for decoding LZMA compression. |
yajl |
Yet Another JSON Library. |
yum |
RPM package installer/updater/manager. |
yum-utils |
Utilities based around the yum package manager. |
zlib |
The zlib compression and decompression library. |
zlib-devel |
Header files and libraries for Zlib development. |