mirror/nttgin-BGPalerter
1
0
Fork 0
mirror of https://github.com/nttgin/BGPalerter.git synced 2024-05-19 06:50:08 +00:00
Code Issues Releases Wiki Activity
Files
nttgin-BGPalerter/config.yml.example
Massimo Candela ebdb96f893 added parameter to ignore collectors' peers (#1217)
2024-01-06 20:05:14 +01:00

413 lines
11 KiB
Plaintext
Raw Blame History

connectors:
- file: connectorRIS
name: ris
params:
blacklistSources:
- 123.0.0.1/24
- 3453
carefulSubscription: true
url: ws://ris-live.ripe.net/v1/ws/
perMessageDeflate: true
authorizationHeader: null
subscription:
moreSpecific: true
type: UPDATE
host:
socketOptions:
includeRaw: false
# - file: connectorRISDump
# name: dmp
monitors:
- file: monitorHijack
channel: hijack
name: basic-hijack-detection
params:
thresholdMinPeers: 3
# - file: monitorNewPrefix
# channel: newprefix
# name: prefix-detection
# params:
# thresholdMinPeers: 3
- file: monitorPath
channel: path
name: path-matching
params:
thresholdMinPeers: 1
- file: monitorVisibility
channel: visibility
name: withdrawal-detection
params:
thresholdMinPeers: 40
notificationIntervalSeconds: 3600
- file: monitorAS
channel: misconfiguration
name: asn-monitor
params:
skipPrefixMatch: false
thresholdMinPeers: 3
- file: monitorRPKI
channel: rpki
name: rpki-monitor
params:
thresholdMinPeers: 3
checkUncovered: false
checkDisappearing: false
- file: monitorROAS
channel: roa
name: rpki-diff
params:
enableDiffAlerts: true
enableExpirationAlerts: true
enableExpirationCheckTA: true
enableDeletedCheckTA: true
enableAdvancedRpkiStats: false
roaExpirationAlertHours: 2
checkOnlyASns: true
toleranceDeletedRoasTA:
ripe: 20
apnic: 20
arin: 20
lacnic: 20
afrinic: 50
toleranceExpiredRoasTA:
ripe: 20
apnic: 20
arin: 20
lacnic: 20
afrinic: 50
- file: monitorPathNeighbors
channel: path
name: path-neighbors
params:
thresholdMinPeers: 3
reports:
- file: reportFile
channels:
- hijack
- newprefix
- visibility
- path
- misconfiguration
- rpki
- roa
params:
persistAlertData: false
alertDataDirectory: alertdata/
# - file: reportEmail
# channels:
# - hijack
# - newprefix
# - visibility
# - path
# - misconfiguration
# - rpki
# - roa
# params:
# showPaths: 5 # Amount of AS_PATHs to report in the alert
# senderEmail: bgpalerter@xxxx
# # BGPalerter uses nodemailer.
# # The smtp section can be configured with all the parameters available at https://nodemailer.com/smtp/
# # the following are just the most useful one
# smtp:
# host: localhost
# port: 25
# secure: false # If true the connection will use TLS when connecting to server. If false it will be still possible doing connection upgrade via STARTTLS
# ignoreTLS: false # If true TLS will be completely disabled, including STARTTLS. Set this to true if you see certificate errors in the logs.
# auth:
# user: username
# pass: password
# type: login
# tls:
# rejectUnauthorized: true # Reject unauthorized certificates
# notifiedEmails:
# default:
# - admin@example.org
# noc:
# - joe@example.org
# - seb@example.org
# - file: reportSlack
# channels:
# - hijack
# - newprefix
# - visibility
# - path
# - misconfiguration
# - rpki
# - roa
# params:
# showPaths: 0 # Amount of AS_PATHs to report in the alert
# colors:
# hijack: '#d60b1c'
# newprefix: '#fa9548'
# visibility: '#fad648'
# path: '#42cbf5'
# rpki: '#d892f0'
# roa: '#d892f0'
# hooks:
# default: _YOUR_SLACK_WEBHOOK_URL_
# noc: _YOUR_SLACK_WEBHOOK_URL_
# - file: reportKafka
# channels:
# - hijack
# - newprefix
# - visibility
# - path
# - misconfiguration
# - rpki
# - roa
# params:
# host: localhost
# port: 9092
# topics:
# default: bgpalerter
# - file: reportSyslog
# channels:
# - hijack
# - newprefix
# - visibility
# - path
# - asn-monitor
# - misconfiguration
# - rpki
# - roa
# params:
# host: 127.0.0.1
# port: 514
# transport: udp
# templates: # See here how to write a template https://github.com/nttgin/BGPalerter/blob/main/docs/context.md
# default: "++BGPalerter-3-${type}: ${summary}|${earliest}|${latest}"
# hijack: "++BGPalerter-5-${type}: ${summary}|${prefix}|${description}|${asn}|${newprefix}|${neworigin}|${earliest}|${latest}|${peers}"
# newprefix: "++BGPalerter-4-${type}: ${summary}|${prefix}|${description}|${asn}|${newprefix}|${neworigin}|${earliest}|${latest}|${peers}"
# visibility: "++BGPalerter-5-${type}: ${summary}|${prefix}|${description}|${asn}|${earliest}|${latest}|${peers}"
# misconfiguration: "++BGPalerter-3-${type}: ${summary}|${asn}|${prefix}|${earliest}|${latest}"
# - file: reportAlerta
# channels:
# - hijack
# - newprefix
# - visibility
# - path
# - misconfiguration
# - rpki
# - roa
# params:
# severity:
# hijack: critical
# newprefix: informational
# visibility: debug
# path: trace
# resourceTemplates: # See here how to write a template https://github.com/nttgin/BGPalerter/blob/main/docs/context.md
# default: "${type}"
# hijack: "hijack::${prefix}@@${asn}"
# newprefix: "newprefix::${prefix}@@${asn}"
# visibility: "visibility::${prefix}@@${asn}"
# urls:
# default: _YOUR_ALERTA_API_URL_
# noc: _YOUR_ALERTA_API_URL_
# - file: reportWebex
# channels:
# - hijack
# - newprefix
# - visibility
# - path
# - misconfiguration
# - rpki
# - roa
# params:
# hooks:
# default: _YOUR_WEBEX_WEBHOOK_URL_
# noc: _YOUR_WEBEX_WEBHOOK_URL_
# - file: reportHTTP
# channels:
# - hijack
# - newprefix
# - visibility
# - path
# - misconfiguration
# - rpki
# - roa
# params:
# method: post
# templates: # See here how to write a template https://github.com/nttgin/BGPalerter/blob/main/docs/context.md
# default: '{"text": "${summary}"}'
# headers:
# isTemplateJSON: true
# showPaths: 0 # Amount of AS_PATHs to report in the alert
# hooks:
# default: _YOUR_WEBHOOK_URL_
# noc: _YOUR_WEBHOOK_URL_
# - file: reportTelegram
# channels:
# - hijack
# - newprefix
# - visibility
# - path
# - misconfiguration
# - rpki
# - roa
# params:
# showPaths: 0 # Amount of AS_PATHs to report in the alert
# botUrl: https://api.telegram.org/bot<_BOT_ID_>/sendMessage
# chatIds:
# default: _CHAT_ID_
# noc: _CHAT_ID_
# - file: reportPullAPI
# channels:
# - hijack
# - newprefix
# - visibility
# - path
# - misconfiguration
# - rpki
# - roa
# params:
# maxAlertsAmount: 25
# - file: reportMatrix
# channels:
# - hijack
# - newprefix
# - visibility
# - path
# - misconfiguration
# - rpki
# - roa
# params:
# showPaths: 0 # Amount of AS_PATHs to report in the alert
# homeserverUrl: https://matrix.org
# accessToken: _ACCESS_TOKEN_
# roomIds:
# default: _ROOM_ID_
# noc: _ROOM_ID_
############################
# Notification settings:
# - notificationIntervalSeconds
# Defines the amount of seconds after which an alert can be repeated. An alert is repeated only if the event that
# triggered it is not yet solved.
# - persistStatus
# Persist the status of BGPalerter. If the process is restarted, the list of alerts already sent is recovered
# and they are not repeated. The process must be able to write on disc, this option will create a file inside .cache/
notificationIntervalSeconds: 86400
persistStatus: true
############################
# REST API settings:
# - rest.host
# The IP address the server will listen. The default value is localhost, this means the API will not be reachable
# from another host. To make it public use null or 0.0.0.0.
# - rest.port
# The port the server will listen
rest:
host: localhost
port: 8011
logging:
directory: logs
logRotatePattern: YYYY-MM-DD
maxRetainedFiles: 10
maxFileSizeMB: 15
compressOnRotation: false
useUTC: true
checkForUpdatesAtBoot: true
generatePrefixListEveryDays: 0
############################
# Process monitoring settings:
# Uncomment or add classes under processMonitors if you want to monitor or send logs about the status of the BGPalerter process
#processMonitors:
# - file: uptimeApi
# params:
# useStatusCodes: true
#
# - file: uptimeHealthcheck
# params:
# url: url_to_poll
# intervalSeconds: 300
# method: get
#
# - file: sentryModule
# params:
# dsn: https://<key>@sentry.io/<project>
############################
# The files containing the monitored prefixes. Please see prefixes.yml for an example.
# This is an array (use new lines and dashes!)
monitoredPrefixesFiles:
- prefixes.yml
############################
# The file containing the user groups.
# User groups can be specified
# 1) directly above, in each report module; or
# 2) inside an external file, as specified below (disabled by default).
# Using an external file allows BGPalerter to auto-reload the user group definitions
# when the external file is changed.
# groupsFile: groups.yml.example
############################
# HTTP proxy setting:
# Allow to run BGPalerter behind an HTTP/HTTPS proxy.
# You can also specify which module can bypass the proxy.
# More information here: https://github.com/nttgin/BGPalerter/blob/main/docs/http-proxy.md
# httpProxy: http://username:password@127.0.0.1:9000
############################
# RPKI settings:
# Global RPKI settings shared across all monitors requiring RPKI data
# More information here: https://github.com/nttgin/BGPalerter/blob/main/docs/rpki.md
#
# To enable ROA expiration alerts, you need VRPs including expiration timestamps.
# "rpkiclient" is the default vrpProvider since is the only one supporting ROAs expiration data.
rpki:
vrpProvider: rpkiclient
preCacheROAs: true
refreshVrpListMinutes: 15
markDataAsStaleAfterMinutes: 120
############################
# Advanced settings (Don't touch here!)
# Please, refer to the documentation to know the meaning of the following parameters.
alertOnlyOnce: false
fadeOffSeconds: 360
checkFadeOffGroupsSeconds: 30
pidFile: bgpalerter.pid
maxMessagesPerSecond: 6000
multiProcess: false
environment: production
configVersion: 2
Reference in New Issue View Git Blame Copy Permalink