PCAP Sensor via YUM Package
Install on RPM-Based Linux Distributions via yum
Prerequisites
libpcapshould be installed from the yum repository- Admin (or
sudo) privileges on the host
1. Configure the Package Manager
Configure yum to access Levo's RPM packages using the following command:
sudo tee -a /etc/yum.repos.d/levo.repo << EOF
[levo]
name=Levo.ai
baseurl=https://us-yum.pkg.dev/projects/levoai/yum-levo
enabled=1
repo_gpgcheck=0
gpgcheck=0
EOF
2. Install the PCAP Sensor
Install the PCAP Sensor from Levo's RPM repository.
- Update the list of available packages:
sudo yum makecache
- Install the package from your repository:
sudo yum install levo-pcap-sensor-0.3.2
Enter y when prompted.
3. Start the Sensor
The Sensor runs as a Systemd Service.
Configure Satellite Address, Organization ID, and Environment
The Satellite address is configured in /etc/levo/config/pcap-sensor/config.yaml. The default Satellite URL is https://collector.levo.ai.
Edit /etc/levo/config/pcap-sensor/config.yaml and:
- Set the
satellite-urlvariable to your desiredhost:portvalue - Set the
levoai-org-idto the Organization ID retrieved from the Levo Dashboard - Set the
levoai-workspace-idto the Workspace ID retrieved from the Levo Dashboard - Set
levo-envto the desired environment name where you want to see your applications on the Levo Dashboard
##############################################################################################
# PCAP Sensor Configuration Settings (YAML Format)
# Copyright: Levo Inc., @COPYRIGHT_YEAR@
##############################################################################################
satellite-url: http://collector.levo.ai
levo-env: staging
levoai-org-id: ""
levoai-workspace-id: ""
rate-limit: 1000
trace-export-interval: 10
filter: ""
path-allow: []
host-allow: []
path-exclusions: []
host-exclusions: []
max-http-length: 10000000
stream-timeout-seconds: 10
A Sensor restart is required for configuration changes to take effect.
Additional options can be configured as follows:
trace-export-interval: Set the trace export interval in seconds (default is 10)rate-limit: Specify the number of traces per minutefilter: Add a PCAP filter string, e.g., "port 8080 and (not port 8081)"host-allow: Set a host allow regexpath-allow: Set a path allow regexhost-exclusions: Set a host exclude regexpath-exclusions: Set a path exclude regex
Start/Stop the Sensor
To enable and start the Sensor:
sudo systemctl enable levo-pcap-sensor.service
sudo systemctl start levo-pcap-sensor.service
To stop the Sensor:
sudo systemctl stop levo-pcap-sensor.service
To restart the Sensor:
sudo systemctl restart levo-pcap-sensor.service
4. Configure Sensor for Memory and CPU Resource Limits
- For normal/average use cases, use the default configuration
- For strict resource constraints, modify the configuration with the options below:
rate-limit: 100
trace-export-interval: 1
max-http-length: 1000000
stream-timeout-seconds: 2