Skip to content

nids-io/ampt-monitor

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ampt-monitor

Sensor alert reader for the AMPT passive network tools monitor.

AMPT is a practical framework designed to aid those who operate network IDS sensors and similar passive security monitoring systems. A tailored approach is needed to actively monitor the health and functionality of devices that provide a service based on capturing and inspecting network traffic. AMPT supports these types of systems by allowing operators to validate traffic visibility and event logging on monitored network segments. Examples of systems that can benefit from this type of monitoring are:

See AMPT for more information on the AMPT framework and the problems it solves.

ampt-monitor functions as a healthcheck event reporting component in the AMPT framework. It runs on network sensors or other hosts that have access to event logs for monitored network segments and reports healthcheck alerts to the AMPT manager. It is implemented in Python and is simple to deploy.

Plugins

ampt-monitor is modular. The core monitor provides basic runtime functionality, communication with the AMPT manager, and configuration handling. Plugins read alert logs or related data for a given sensor technology to extract AMPT healthcheck probe alerts.

ampt-monitor plugins can be found in the nids.io repositories under the ampt-monitor-plugin topic.

Currently available plugins from the nids-io project:

Installation and usage

This repository carries the ampt-monitor core. This package as well as one or more monitor plugins should be installed.

See the Wiki for further documentation.

Other AMPT components include:

  • ampt-manager - Management service for the AMPT passive network tools monitor
  • ampt-generator - Healthcheck packet generator for the AMPT passive network tools monitor

About

Sensor alert monitor for the AMPT passive network tools monitor

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages