BGPalerter Versions Save

BGP and RPKI monitoring tool. Pre-configured for real-time detection of visibility loss, RPKI invalid announcements, hijacks, ROA misconfiguration, and more.

v1.28.3

2 years ago

[patch]

  • fixed colors in reportSlack (#626, thanks @L0wbyte)
  • fixed crashes in case of websocket stuck in connecting state while a beacon check is performed (#632)
  • fixed reportEmail not sending emails in case of missing user group declaration (#634)

v1.28.2

2 years ago

[features]

  • Introduced monitorPathNeighbors for monitoring peers. You will get notified when an unexpected downstream or upstream AS appears as peer of your AS in an AS path. Basically you can "lock" your peers (the peers you expect to see in the AS path) and get notified when these change (read more).
  • Introduced reportPullAPI a REST API to retrieve alerts (pull, instead of the usual push approach; read more);
  • Introduced feature in monitorROAS to receive notifications of expiring ROAs (read more).
  • Introduced feature in monitorROAS to monitor for TA malfunctions; e.g., many ROAs disappearing or expiring in the same TA.

All features based on ROAs expiration times are currently supported only by vrp files generated by rpki-client 7.1 To enable these features use vrpProvider: rpkiclient in your config.yml or generate your own file with rpki-client 7.1

  • Improved reliability of the WebSocket connection to RIS. In particular, added monitoring of beacon prefixes to detect "silent" sockets (https://github.com/nttgin/BGPalerter/issues/535).
  • Introduced connectorRISDump, which, at boot time, retrieves a RIS dump about the monitored resources. This allows you to get notified about events that happened before BGPalerter started (read more).
  • Introduced feature that allows you to use a remote REST API as VRP input (read more).
  • Introduced groupsFile, an external file to define user groups. This allows to edit user groups for the report modules without changing the main config file (read more).
  • Added rpki-client.org as remote vrpProvider (thanks @job, read more)
  • Introduced checkDisappearing parameter in monitorRPKI in order to enable/disable disappearing ROAs alerting (similar alerts are also produced by monitorROAS).
  • Introduced config file version check. While old config files remain valid, if BGPalerter finds out your are missing out some features due to a non up-to-date config file, it will suggest you to update it.
  • Introduced possibility to use monitorROAS on specific prefixes (in addition to monitoring the entire AS).

[minor]

  • Improved config.yml.example with more comments/documentation.
  • Updated default thresholdMinPeers after review of last quarter reports.
  • Renamed master branch to main. Updated all references.
  • Fixed exception on reportSlack in case of missing default user group configuration.
  • Fixed generate prefix list command in case of low visibility prefixes.
  • Fixed bug which was deleting the configured rules of specific prefixes during prefix list regeneration (#518)
  • Added in documentation an example of BGPalerter+Routinator integration (thanks @AlexanderBand, read more)
  • Improved documentation, including: documentation on how to stage roas for testing, reorganized reports in dedicated section, and more.
  • Improved error handling for reportTelegram, it now provides an error in case of null chatId (thanks @Antonio-Prado)
  • Refactored rest and rpki configuration to be globally valid (instead of per module).

Special thanks to:

  • @job for introducing ROA expiration data into the vrps produced by rpki-client, for helping with the definitions of monitorPathNeighbors, and expiring ROAs and TA malfunctions in monitorROAS.
  • @chrisamin for the support/patches on the RIPE RIS side.

Patches:

v1.28.1

2 years ago

[features]

  • Introduced monitorPathNeighbors for monitoring peers. You will get notified when an unexpected downstream or upstream AS appears as peer of your AS in an AS path. Basically you can "lock" your peers (the peers you expect to see in the AS path) and get notified when these change (read more).
  • Introduced reportPullAPI a REST API to retrieve alerts (pull, instead of the usual push approach; read more);
  • Introduced feature in monitorROAS to receive notifications of expiring ROAs (read more).
  • Introduced feature in monitorROAS to monitor for TA malfunctions; e.g., many ROAs disappearing or expiring in the same TA.

All features based on ROAs expiration times are currently supported only by vrp files generated by rpki-client 7.1 To enable these features use vrpProvider: rpkiclient in your config.yml or generate your own file with rpki-client 7.1

  • Improved reliability of the WebSocket connection to RIS. In particular, added monitoring of beacon prefixes to detect "silent" sockets (https://github.com/nttgin/BGPalerter/issues/535).
  • Introduced connectorRISDump, which, at boot time, retrieves a RIS dump about the monitored resources. This allows you to get notified about events that happened before BGPalerter started (read more).
  • Introduced feature that allows you to use a remote REST API as VRP input (read more).
  • Introduced groupsFile, an external file to define user groups. This allows to edit user groups for the report modules without changing the main config file (read more).
  • Added rpki-client.org as remote vrpProvider (thanks @job, read more)
  • Introduced checkDisappearing parameter in monitorRPKI in order to enable/disable disappearing ROAs alerting (similar alerts are also produced by monitorROAS).
  • Introduced config file version check. While old config files remain valid, if BGPalerter finds out your are missing out some features due to a non up-to-date config file, it will suggest you to update it.
  • Introduced possibility to use monitorROAS on specific prefixes (in addition to monitoring the entire AS).

[minor]

  • Improved config.yml.example with more comments/documentation.
  • Updated default thresholdMinPeers after review of last quarter reports.
  • Renamed master branch to main. Updated all references.
  • Fixed exception on reportSlack in case of missing default user group configuration.
  • Fixed generate prefix list command in case of low visibility prefixes.
  • Fixed bug which was deleting the configured rules of specific prefixes during prefix list regeneration (#518)
  • Added in documentation an example of BGPalerter+Routinator integration (thanks @AlexanderBand, read more)
  • Improved documentation, including: documentation on how to stage roas for testing, reorganized reports in dedicated section, and more.
  • Improved error handling for reportTelegram, it now provides an error in case of null chatId (thanks @Antonio-Prado)
  • Refactored rest and rpki configuration to be globally valid (instead of per module).

Special thanks to:

  • @job for introducing ROA expiration data into the vrps produced by rpki-client, for helping with the definitions of monitorPathNeighbors, and expiring ROAs and TA malfunctions in monitorROAS.
  • @chrisamin for the support/patches on the RIPE RIS side.

Patches:

v1.28.0

3 years ago

v1.27.1

3 years ago

[features]

  • Added monitorROAS which alerts every time a ROA involving a monitored AS/prefix is added/removed/edited
  • Added monitoring for prefixes which previously were covered by ROAs but no longer are (e.g., TA malfunction)
  • Added hijack detection filtering based on RPKI data
  • The uptime API is now able to report the status of RPKI data availability and staleness
  • Centralized RPKI configuration across modules (https://github.com/nttgin/BGPalerter/blob/master/docs/rpki.md)
  • Added feature to periodically re-generate/update prefix list
  • Added feature to automatically reload prefix list file if edited.
  • Added by default a user group called 'noc' different from the 'default' one to avoid lazy configurations in which administrative alerts (like sw updates) are propagated to the noc
  • Added option to test the configuration
  • Improved monitorPath and added possibility to add multiple matching rules
  • Added feature to force the usage of UTC in log files (default)
  • Added Cloudflare as a possible VRP provider
  • Added option to append monitoring configurations (e.g., to add another ASn to an existent configuration, https://github.com/nttgin/BGPalerter/blob/master/docs/prefixes.md#generate)

[minor]

  • Improved stability of the connection to RIPE RIS and added a better re-connection approach
  • Fixed log file rotation
  • Made prefix generation more robust in case of RIPEstat failures (#353)
  • Added documentation for automatic software updates (thanks @jcoeder)
  • Added support for alerts in Microsoft Teams with reportHTTP (thanks @arpanet-creeper)
  • Published BGPalerter in npm
  • Fixes #404, #389, #349, #402, #345, #352

Patches:

  • v1.27.1 fixed reportTelegram not falling back on default user group (#432); fixed excludeMonitors option for monitorRPKI (#441 ); fixed issue with writing the pid file on some OSes (#447); and tests migrated to GitHub actions.

v1.27.0

3 years ago

v1.26.2

3 years ago

[features]

  • Introduced proxy support (thanks @fdomain for the help).
  • Introduced volume parameter. It allows to specify a directory that will be used by BGPalerter for reading/writing all needed files.
  • Introduced persistStatus parameter. If set to true, when BGPalerter is restarted the list of alerts already sent is recovered. This avoids duplicated alerts. https://github.com/nttgin/BGPalerter/issues/103.
  • Introduced reportTelegram (thanks @denisix for the help).
  • Added the possibility to specify an external file for as VRPs list for monitorRPKI.
  • Added UDP support on reportSyslog.

[minor]

  • Fixed wrong calculation of covering ROAs in monitorRPKI.
  • Added proper error handling in monitorRPKI when the VRPs are not downloadable or not parsable.
  • Improved documentation for docker.
  • Added documentation with configuration example for reporting to Mattermost (thanks @fstolba).
  • Added documentation with configuration example for reporting to Pushover (thanks Hugo Salgado).
  • Improved test coverage for reportSyslog, monitorRPKI.
  • Added parallel tests execution.
  • Updated all dev dependencies affected by lodash 4.17.15 prototype pollution.

Patches:

  • v1.26.1 fixed bug affecting reportHTTP in case of showPaths feature active, added test coverage
  • v1.26.2 fixed bug related to the the new volume feature which was breaking configurations containing absolute paths (#308)

v1.26.1

3 years ago

v1.26.0

3 years ago

v1.25.0

4 years ago

[features]

  • Extended monitorRPKI to support monitoring of entire ASes. It alerts in case of announcements of prefixes invalid or not covered by ROAs.
  • Introduced reportHTTP. This report is able to send alerts on a generic HTTP end-point (post requests). This introduces support for Mattermost and other chat based on webhooks.

[minor]