BGPalerter

Self-configuring BGP monitoring tool, which allows you to monitor in real-time if:

• any of your prefixes loses visibility;
• any of your prefixes is hijacked;
• your AS is announcing RPKI invalid prefixes (e.g., not matching prefix length);
• your AS is announcing prefixes not covered by ROAs;
• any of your ROAs is expiring;
• ROAs covering your prefixes are no longer reachable;
• RPKI Trust Anchors malfunctions;
• a ROA involving any of your prefixes or ASes was deleted/added/edited;
• your AS is announcing a new prefix that was never announced before;
• an unexpected upstream (left-side) AS appears in an AS path;
• an unexpected downstream (right-side) AS appears in an AS path;
• one of the AS paths used to reach your prefix matches a specific condition defined by you.

You just run it. You don't need to provide any data source or connect it to anything in your network since it connects to public repos.

It can deliver alerts on files, email, kafka, slack, and more.

BGPalerter connects to public BGP data repos (not managed by NTT), and the entire monitoring is done directly in the application (there are no NTT servers involved).

TL;DR (1 minute setup)

This section is useful if you don't care about the source code but you just want to run the monitor. Instead, if you want to run the source code (which is completely open) or develop, please read directly the documentation.

1. Download the binary here (be sure to select the one for your OS)

2. Execute the binary (e.g., chmod +x bgpalerter-linux-x64 && ./bgpalerter-linux-x64)
   The first time you run it, the auto-configuration will start.

If something happens (e.g., a hijack) you will see the alerts in logs/reports.log. In config.yml you can find other reporting mechanisms (e.g., email, Slack, Kafka) in addition to logging on files. Please uncomment the related section and configure according to your needs.

If the installation doesn't go smoothly, read here.
Read the documentation below for more options.

Documentation

• Installation
  • Requirements
  • Run from binary
  • Run from source code
  • Run in Docker
  • Run as a Linux service
  • Command line options
• Monitored prefixes list
  • Generate prefix list
  • Prefix attributes description
• Configuration
  • Composition
  • Monitor for
    • Hijacks
    • Path neighbors (downstream/upstream peers)
    • Visibility loss
    • RPKI invalid announcements
    • RPKI ROAs diffs, ROAs expirations, and TA malfunctions
    • Announcements of more specifics
    • Announcements of new prefixes
    • Path matching
  • Send alerts to
    • File
    • E-mail
    • Slack
    • Kafka
    • Syslog
    • Alerta dashboard
    • Webex
    • HTTP URL (push)
    • Telegram
    • Mattermost
    • Pushover
    • Microsoft Teams
    • REST API (pull)
  • Test report configuration
  • Process/Uptime monitoring
  • Notification user groups
  • RPKI configuration
    • Staging/testing ROAs
  • HTTP/HTTPS proxy
• Update to latest version
• More information for developers
  • All npm commands
  • Reports/alerts templates
  • Release process and Git flow
• BGPalerter for researchers

If you are using BGPalerter, feel free to sign here: Who is using BGPalerter