sFlow-RT DDoS Protect
Trend DDoS attack mitigation actions implemented using BGP Flowspec and RTBH
sFlow-RT DDoS Protect
This dashboard trends DDoS attack mitigation actions performed by sFlow-RT analyzer running the ddos-protect application. The sFlow-RT analysis software collects streaming telemetry from industry standard sFlow Agents embedded in network devices. The ddos-protect application detects DDoS amplification and flood attacks and automatically mitigates them using BGP Flowspec and RTBH actions.
Use the sflow/ddos-protect image to run sFlow-RT using Docker:
docker run --net=host sflow/ddos-protect -Dddos_protect.router=<ip> -Dddos_protect.as=<ASN>Use the following Prometheus scrape configuration to collect the metrics from sFlow-RT:
scrape_configs:
- job_name: 'sflow-rt-analyzer'
metrics_path: /prometheus/analyzer/txt
static_configs:
- targets: ['sflow-rt.mysite.org:8008']
- job_name: 'sflow-rt-metrics'
metrics_path: /prometheus/metrics/ALL/ALL/txt
static_configs:
- targets: ['sflow-rt.mysite.org:8008']
metric_relabel_configs:
- source_labels: ['agent', 'datasource']
separator: ':'
target_label: instance
- job_name: 'sflow-rt-ddos'
metrics_path: /app/ddos-protect/scripts/ddos.js/prometheus/txt
scheme: http
static_configs:
- targets: ['sflow-rt.mysite.org:8008']Data source config
Collector type:
Collector plugins:
Collector config:
Revisions
Upload an updated version of an exported dashboard.json file from Grafana
| Revision | Description | Created | |
|---|---|---|---|
| Download |
Get this dashboard
Resources