Re: new BGP hijack & visibility tool “BGPalerter”

Eric Lindsjö eric at emj.se
Wed Aug 14 16:45:37 UTC 2019


On 8/14/19 4:54 PM, Job Snijders wrote:
> Dear NANOG,
>
> Recently NTT investigated how to best monitor the visibility of our 
> own and our subsidiaries’ IP resources in the BGP Default-Free Zone. 
> We were specifically looking how to get near real-time alerts funneled 
> into an actionable pipeline for our NOC & Operations department when 
> BGP hijacks happen.
>
> Previously we relied on a commercial “BGP Monitoring as a Service” 
> offering, but with the advent of RIPE NCC’s “RIS Live” streaming API 
> [1] we saw greater potential for a self-hosted approach designed 
> specifically for custom integrations with various business processes. 
> We decided to write our own tool “BGPalerter” and share the source 
> code with the Internet community.
>
> BGPalerter allows operators to specify in great detail how to 
> distribute meaningful information from the firehose from various BGP 
> data sources (we call them “connectors”), through data processors 
> (called “monitors”), finally outputted through “reports” into whatever 
> mechanism is appropriate (Slack, IRC, email, or a call to your 
> ticketing system’s API).
>
> The source code is available on Github, under a liberal open source 
> license to foster community collaboration:
>
> https://github.com/nttgin/BGPalerter
>
> If you wish to contribute to the project, please use Github’s “issues” 
> or “pull request” features. Any help is welcome! We’d love suggestions 
> for new features, updates to the documentation, help with setting up a 
> CI regression testing pipeline, or packaging for common platforms.
>
> Kind regards,
>
> Job & Massimo
> NTT Ltd
>
> [1]: https://ris-live.ripe.net/

Excellent, now I don't have to write it myself. Looking forward to 
testing. Thanks for sharing the fruits of your labor with the community.


Kind regards,
Eric



More information about the NANOG mailing list