Skip to main content

Manage Sensor Configuration

The Sensor comes pre-configured with appropriate defaults to capture API Traffic (HTTP) from your applications.

The Sensor can be customized via a

Loading...
. Examples of customization include, a) granular filtering of API traffic being captured, b) enabling debugging, c) performance tuning, etc.



Configuration File Format

The YAML configuration file (shown below) has six major sections: 1) Factory Settings, 2) Default Application Name, 3) Satellite Settings, 4) Process Filters, 5) IP Filters, & 6) URL Filters.

##############################################################################################
# eBPF Sensor Configuration Settings (YAML Format)
# Copyright: Levo Inc, 2022
##############################################################################################

# --------------------------------------------------------------------------------------------
# Factory Settings: DO NOT MODIFY
# --------------------------------------------------------------------------------------------

# --------------------------------------------------------------------------------------------

# --------------------------------------------------------------------------------------------
# Default Application Name:
# --------------------------------------------------------------------------------------------
# Auto discovered API endpoints and their OpenAPI specifications are show in the API Catalog
# grouped under this application name. The application name helps segregate and group API
# endpoints from different environments.
#
default-service-name: my-api-application
# --------------------------------------------------------------------------------------------


# --------------------------------------------------------------------------------------------
# Satellite Settings:
# --------------------------------------------------------------------------------------------
# host:port for the collector service receiving the Sensor's API traces.
collector-endpoint: localhost:4317
# --------------------------------------------------------------------------------------------


# --------------------------------------------------------------------------------------------
# Process Filters: process command names/IDs to monitor & capture API traffic.
# --------------------------------------------------------------------------------------------
## Restrict API traffic capture to specific processes identified by their command names below
monitored-commands:
# - <process command name. Example: nginx>
# - <process command name. Example: python3>

## Restrict API traffic capture to specific processes identified by their PIDs below
monitored-pids:
- <pid. Example: 123>
- <pid. Example: 45>
# --------------------------------------------------------------------------------------------


# --------------------------------------------------------------------------------------------
# IP Filters: IP/Port/Network address based granular filtering of API traffic.
# --------------------------------------------------------------------------------------------
ip-filter-list:
default-policy: <accept|drop> # Specifies default behavior which can be overridden by 'entries' below
entries: # Specific 'entries' can override the default policy
- policy: <accept|drop>
<host-ports|peer-ports|host-network|peer-network>: <appropriate value>
# --------------------------------------------------------------------------------------------


# --------------------------------------------------------------------------------------------
# URL Filters: API parameter based granular filtering of API traffic.
# --------------------------------------------------------------------------------------------
url-filter:
# 'default-url-action' specifies the default behavior which can be overridden by 'rules' below.
# This is a mandatory attribute that needs to be specified in order to use URL filters.
default-url-action: <trace|ignore>
#
# YAML array of one or more rules. Order of rules matters during evaluation
rules:
# 'action' is mandatory. At least one of 'methods', or 'request-uri', or 'host'
# MUST be specified for each rule entry
- action: <trace|ignore>
#
# YAML array list of one or more (API operations) methods: GET, POST, PUT, DELETE
# Example: [GET], or [GET, POST, PUT, DELETE]
methods: <[GET, POST, PUT, DELETE]>
#
# URI of the API endpoint. Can be a (Perl format) regex pattern. Example: /foo/bar, or /bar/*
request-uri: <URI>
#
# Hostname of the API endpoint and optionally the port. Example: levo.ai:8888, or levo.ai
host: <hostname[:port]>
#
# --------------------------------------------------------------------------------------------


Factory Settings

These settings control logging, debugging, and performance tuning functions. DO NOT modify these settings, unless specifically asked by Levo Support.



Default Application Name

Auto discovered API endpoints and their OpenAPI specifications are show in the API Catalog, grouped under an application name. The application name helps segregate and group API endpoints from different environments, similar to how file folders work in an operating system.



Satellite Settings

These are settings related to the Satellite, such as the Satellite's listen port, etc.



Process & IP Filters

These settings allow granular control over what API traffic is captured by the Sensor. Please see detailed section on API Traffic Capture Filters.



URL Filters

These settings allow granular control over what API traffic is captured by the Sensor, based on API parameter filters. Please see detailed section on API Traffic Capture Filters.



Applying Configuration Settings

Running on Kubernetes

Configuration is specified via a Helm Values file.

  • Modify the default
    Loading...
    file to suit your requirements.
  • Save the configuration values file to your current working directory.
  • Note down the Satellite's host:port address information.
  • Apply the new configuration by executing the below command from the directory where you saved the config-values.yml.
# Replace 'hostname|IP' & 'port' with the values you noted down from the Satellite install
# If Sensor is installed on same cluster as Satellite, use 'levoai-collector.levoai:4317'
#
# Specify the 'Application Name' chosen earlier in the config-values.yml file.
#
helm upgrade levoai-sensor levoai/levoai-ebpf-sensor \
--install \
--namespace levoai \
--create-namespace \
--set sensor.otel.grpcEndpoint=<hostname|IP:port> \
--values config-values.yml

You may also specify specific configuration values using helm --set. For example,

helm upgrade levoai-sensor levoai/levoai-ebpf-sensor \
--install \
--namespace levoai \
--create-namespace \
--set sensor.config.default-service-name="my-test-app-k8s-c101" \
--set "sensor.config.monitored-commands={python3,java}"

Please check the Sensor logs to ensure that the specified configuration values do not have any syntax errors, and the Sensor is running with the applied configuration.

Running via Docker

  • Modify the default
    Loading...
    to suit your requirements.
  • Save the configuration file to your current working directory.
  • Shutdown/Uninstall the Sensor if running.
  • Note down the Satellite's host:port address information.
  • Reinstall the Sensor by executing the below command from the directory where you saved config.yml. config.yml is mounted into the Sensor container as read only.
# Replace 'hostname|IP' & 'port' with the values you noted down from the Satellite install
sudo docker run --restart unless-stopped \
-v /sys/kernel/debug:/sys/kernel/debug -v /proc:/host/proc \
-v $PWD/config.yml:/etc/levo/sensor/config.yaml:ro \
--privileged --detach \
levoai/ebpf_sensor:latest \
--host-proc-path /host/proc \
--collector-endpoint <hostname|IP:port> \
--default-service-name <'Application Name' chosen earlier>

Please check the Sensor logs to ensure the configuration file does not have any syntax errors, and the Sensor is running with the applied configuration.

Running on Linux Host

Make your modifications to /etc/levo/sensor/config.yaml and save the file. Restart the sensor for the settings to take effect.

Please check the Sensor logs to ensure the configuration file does not have any syntax errors, and the Sensor is running with the applied configuration.