[SANOG] Fwd: [apops] new BGP hijack & visibility tool “BGPalerter”

[Srinivas Chendi]

-------- Forwarded Message --------
Subject: 	[apops] new BGP hijack & visibility tool “BGPalerter”
Date: 	Wed, 14 Aug 2019 17:06:59 +0200
From: 	Job Snijders <job at ntt.net>
To: 	Massimo Candela <massimo at us.ntt.net>, apops at apops.net <apops at apops.net>



Dear APOPS,

Recently NTT investigated how to best monitor the visibility of our own 
and our subsidiaries’ IP resources in the BGP Default-Free Zone. We were 
specifically looking how to get near real-time alerts funneled into an 
actionable pipeline for our NOC & Operations department when BGP hijacks 
happen.

Previously we relied on a commercial “BGP Monitoring as a Service” 
offering, but with the advent of RIPE NCC’s “RIS Live” streaming API [1] 
we saw greater potential for a self-hosted approach designed 
specifically for custom integrations with various business processes. We 
decided to write our own tool “BGPalerter” and share the source code 
with the Internet community.

BGPalerter allows operators to specify in great detail how to distribute 
meaningful information from the firehose from various BGP data sources 
(we call them “connectors”), through data processors (called 
“monitors”), finally outputted through “reports” into whatever mechanism 
is appropriate (Slack, IRC, email, or a call to your ticketing system’s 
API).

The source code is available on Github, under a liberal open source 
license to foster community collaboration:

https://github.com/nttgin/BGPalerter

If you wish to contribute to the project, please use Github’s “issues” 
or “pull request” features. Any help is welcome! We’d love suggestions 
for new features, updates to the documentation, help with setting up a 
CI regression testing pipeline, or packaging for common platforms.

Kind regards,

Job & Massimo
NTT Ltd

[1]: https://ris-live.ripe.net/