Coder Social home page Coder Social logo

vxcap's Introduction

vxcap

Travis-CI Report card

Capture and dump VXLAN encapsulated traffic. Main focus is AWS VPC traffic mirroring.

arch

Setup

Prerequisite

  • Go >= 1.11.1

Install

go install github.com/m-mizutani/vxcap

Getting started

Capture traffic and save packet to file as pcap format

vxcap -d pcap -e fs --fs-filename your_dump_file.pcap

Capture traffic and save packet to AWS S3 Bucket as json record

vxcap -d json -e s3 --aws-region ap-northeast-1 --aws-s3-bucket your-bucket-name

Capture traffic and send packet data to AWS Firehose

vxcap -d json -e firehose --aws-region ap-northeast-1 --aws-firehose-name your-hose-name

Options

  • Base options
    • --emitter <value>, -e <value>: Destination to save data [fs,s3,firehose] (default: "fs")
    • --dumper <value>, -d <value>: Write format [pcap,json] (default: "pcap")
    • --log-level <value>: Log level [trace,debug,info,warn,error] (default: "info")
  • Options for UDP server to receive VXLAN packet
    • --port <value>, -p <value>: UDP port of VXLAN receiver (default: 4789)
    • --receiver-queue-size <value>: Queue size between UDP server and packet processor (default: 1024)
  • Options for file system emitter (fs)
    • --fs-filename <value>: Base file name for FS emitter (default: "dump")
    • --fs-dirpath <value>: Output directory for FS emitter (default: ".")
  • Options for AWS service emitter (s3 and firehose)
    • --aws-region <value>: AWS region for emitter to AWS
    • --aws-s3-bucket <value>: AWS S3 bucket name for S3 emitter
    • --aws-s3-prefix <value>: Prefix of AWS S3 object key for S3 emitter
    • --aws-s3-add-time-key: Enable to add time key to S3 object key for S3 emitter
    • --aws-s3-flush-count <value>: Threshold of record number to flush object to AWS S3 bucket
    • --aws-s3-flush-interval <value>: Flush interval (seconds) to AWS S3 bucket
    • --aws-firehose-name <value>: Name of AWS Firehose for Firehose emitter
    • --aws-firehose-flush-size <value> Threshold of record size to flush object to AWS Firehose
    • --aws-firehose-flush-interval <value>: Flush interval (seconds) to AWS Firehose
  • Options for JSON format
    • --enable-json-text: Enable human readable application layer payload in json format
    • --enable-json-raw: Enable raw application layer payload (base64 encoded) in json format

Test

go test ./...

Author and License

vxcap's People

Contributors

m-mizutani avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.