https://github.com/stefanszasz/network-logger
Network traffic capture using gopacket
https://github.com/stefanszasz/network-logger
aws bpf cloudwatch-logs gopacket traffic vizceral vpc-flow-logs
Last synced: 4 months ago
JSON representation
Network traffic capture using gopacket
- Host: GitHub
- URL: https://github.com/stefanszasz/network-logger
- Owner: stefanszasz
- Created: 2017-06-10T12:44:06.000Z (about 9 years ago)
- Default Branch: master
- Last Pushed: 2018-10-31T12:18:10.000Z (over 7 years ago)
- Last Synced: 2024-06-20T01:50:28.549Z (about 2 years ago)
- Topics: aws, bpf, cloudwatch-logs, gopacket, traffic, vizceral, vpc-flow-logs
- Language: Go
- Size: 330 KB
- Stars: 4
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Network logger
Simple network traffic capture utility that relies on gopacket/libpcap and AWS Flow Logs to visualize network
traffic.
## Goal
Create [Vizceral](https://github.com/Netflix/vizceral "Vizceral") network traffic visualizations using [BPF filters](http://biot.com/capstats/bpf.html)
and [AWS VPC Flow Logs](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html). The tool build a JSON model
that is read by Vizceral to visualize traffic.
## Usage
The program's VPC FlowLogs exporter works only if the targeted instances' VPC have flow logs enabled and the logs are in CloudWatch Logs
Run: `go build` in the current directory, then run it using the parameter and environment variables configuration:
* params: `./network-logger --fileowner=OWNER
--out=.....vizceral-example/dist/generated.json`. This will case the `generated.json` file
to be exported in the location specified by the parameter
* environment variables:
- SOURCE: `vpc-flowlog` or `bpf-filter` - bpf-filter implementation is in progress
- AWS_REGIONS: comma separated AWS region values to fetch VPC flow logs from
- INSTANCE_IDS: comma separated EC2 instance IDs
- AWS_REGION: sdk region
- AWS_PROFILE: sdk profile

## Notes
1. BPF exporter is in progress
2. No tests