Skip to content

Software to monitor streams of BGP data. Pre-configured for real-time detection of visibility loss, RPKI invalid announcements, hijacks, and more.

License

Notifications You must be signed in to change notification settings

cadirol/BGPalerter

 
 

Repository files navigation

Build Status Reviewed by Hound

BGPalerter

Self-configuring BGP monitoring tool, which allows you to monitor in real-time if:

  • any of your prefixes loses visibility;
  • any of your prefixes is hijacked;
  • your AS is announcing RPKI invalid prefixes (e.g., not matching prefix length);
  • your AS is announcing prefixes not covered by ROAs;
  • any of your ROAs is expiring;
  • ROAs covering your prefixes are no longer reachable;
  • RPKI Trust Anchors malfunctions;
  • a ROA involving any of your prefixes or ASes was deleted/added/edited;
  • your AS is announcing a new prefix that was never announced before;
  • an unexpected upstream (left-side) AS appears in an AS path;
  • an unexpected downstream (right-side) AS appears in an AS path;
  • one of the AS paths used to reach your prefix matches a specific condition defined by you.

You just run it. You don't need to provide any data source or connect it to anything in your network since it connects to public repos.

It can deliver alerts on files, email, kafka, slack, and more.

BGPalerter

BGPalerter connects to public BGP data repos (not managed by NTT), and the entire monitoring is done directly in the application (there are no NTT servers involved).

TL;DR (1 minute setup)

This section is useful if you don't care about the source code but you just want to run the monitor. Instead, if you want to run the source code (which is completely open) or develop, please read directly the documentation.

  1. Download the binary here (be sure to select the one for your OS)

  2. Execute the binary (e.g., chmod +x bgpalerter-linux-x64 && ./bgpalerter-linux-x64)
    The first time you run it, the auto-configuration will start.

If something happens (e.g., a hijack) you will see the alerts in logs/reports.log. In config.yml you can find other reporting mechanisms (e.g., email, Slack, Kafka) in addition to logging on files. Please uncomment the related section and configure according to your needs.

If the installation doesn't go smoothly, read here.
Read the documentation below for more options.

Documentation

If you are using BGPalerter, feel free to sign here: Who is using BGPalerter

About

Software to monitor streams of BGP data. Pre-configured for real-time detection of visibility loss, RPKI invalid announcements, hijacks, and more.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • JavaScript 99.8%
  • Other 0.2%