Skip to content

BGP and RPKI monitoring tool. Pre-configured for real-time detection of visibility loss, RPKI invalid announcements, hijacks, ROA misconfiguration, and more.

License

Notifications You must be signed in to change notification settings

nttgin/BGPalerter

Repository files navigation

Build Status Reviewed by Hound

BGPalerter

Self-configuring BGP monitoring tool, which allows you to monitor in real-time if:

  • any of your prefixes loses visibility;
  • any of your prefixes is hijacked;
  • your AS is announcing RPKI invalid prefixes (e.g., not matching prefix length);
  • your AS is announcing prefixes not covered by ROAs;
  • any of your ROAs is expiring;
  • ROAs covering your prefixes are no longer reachable;
  • RPKI Trust Anchors malfunctions;
  • a ROA involving any of your prefixes or ASes was deleted/added/edited;
  • your AS is announcing a new prefix that was never announced before;
  • an unexpected upstream (left-side) AS appears in an AS path;
  • an unexpected downstream (right-side) AS appears in an AS path;
  • one of the AS paths used to reach your prefix matches a specific condition defined by you.

You just run it. You don't need to provide any data source or connect it to anything in your network since it connects to public repos.

It can deliver alerts on files, email, kafka, slack, and more.

BGPalerter

BGPalerter connects to public BGP data repos (not managed by NTT), and the entire monitoring is done directly in the application (there are no NTT servers involved).

TL;DR (1 minute setup)

This section is useful if you don't care about the source code, but you just want to start monitoring. Instead, if you want to run the source code or develop, skip to the documentation below.

  1. Download the binary here (be sure to select the one for your OS)

  2. Execute the binary (e.g., chmod +x bgpalerter-linux-x64 && ./bgpalerter-linux-x64)
    The first time you run it, the auto-configuration will start.

If something happens (e.g., a hijack) you will see the alerts in logs/reports.log. In config.yml you can find other reporting mechanisms (e.g., email, Slack, Kafka) in addition to logging on files. Uncomment the related section and configure according to your needs.

If the installation doesn't go smoothly, read here. Read the documentation below for more options.

If you are looking for a BGP and RPKI monitoring service based on BGPalerter, try PacketVis

Documentation

If you are using BGPalerter, feel free to sign here: Who is using BGPalerter

About

BGP and RPKI monitoring tool. Pre-configured for real-time detection of visibility loss, RPKI invalid announcements, hijacks, ROA misconfiguration, and more.

Topics

Resources

License

Stars

Watchers

Forks

Languages