Data Theorem’s Network Analyzer is software that runs in your environment that analyzes network traffic from any source configured to mirror traffic to it. The Network Analyzer processes the traffic in your environment and sends only metadata about the traffic back to Data Theorem.
In most cases, the Network Analyzer will be installed automatically as a component of a specific integration. It is also possible to install the Network Analyzer by itself, independently of any integrations. This section documents the most common methods for installing the software
helm
kubectl
unzip network_analyzer_helm_chart.zip |
In the directory where the archive has been uncompressed, to start the services of the network traffic analyzer run the following command:
helm update network-analyzer \
--install \
./network_analyzer \
--create-namespace \
--namespace datatheorem |
To verify the network traffic analyzer services have started properly run the following command:
kubectl -n datatheorem get pods |
If the service has started properly you should see something mostly the same as the following:
NAME READY STATUS RESTARTS AGE analyzer-f5f97db88-ktg4v 1/1 Running 0 69s |
terraform
unzip network_analyzer.zip cp datatheorem-network-analyzer-module <your-terraform-dir>/modules |
terraform get |
terraform apply |
aws-cli
unzip network_analyzer.zip |
aws cloudformation create-stack \
--stack-name datatheorem-nework-analyzer \
--template-body file://${PWD}/deploy.yaml \
--capabilities CAPABILITY_IAM \
--parameters file://params.json |
To verify the network traffic analyzer services have started properly run the following command:
aws cloudformation describe-stacks \
--stack-name datatheorem-network-analyzer \
--query 'Stacks[0].StackStatus' |
docker
unzip network_analyzer_env.zip |
sudo docker run \ --restart unless-stopped \ --detach \ -p 8081:8081 \ --env-file dt_env \ us-central1-docker.pkg.dev/prod-api-protect-api/cloud-protect-registry/analyzer:latest |
To verify the network traffic analyzer services have started properly run the following command:
sudo docker ps |
If the service has started properly you should see something mostly the same as the following:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 250db9d1cba5 us-central1-docker.pkg.dev/prod-api-protect-api/cloud-protect-registry/analyzer:latest "supervisord -c /etc…" 1 min ago Up 1 min (healthy) 0.0.0.0:8081->8081/tcp, :::8081->8081/tcp api-protect-analyzer-1 |
podman
unzip network_analyzer_env.zip |
podman run \ --restart unless-stopped \ -p 8081:8081 \ --env-file dt_env \ us-central1-docker.pkg.dev/prod-api-protect-api/cloud-protect-registry/analyzer:latest |
To verify the network traffic analyzer services have started properly run the following command:
podman ps |
If the service has started properly you should see something mostly the same as the following:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 360db972caa9 us-central1-docker.pkg.dev/prod-api-protect-api/cloud-protect-registry/analyzer:latest "supervisord -c /etc…" 1 min ago Up 1 min (healthy) 0.0.0.0:8081->8081/tcp, :::8081->8081/tcp api-protect-analyzer-1 |
docker-compose
unzip network_analyzer.zip |
In the directory where the archive has been uncompressed, to start the services of the network traffic analyzer run the following command:
docker-compose up -d |
To verify the network traffic analyzer services have started properly run the following command:
docker-compose ps |
If the service has started properly you should see something mostly the same as the following:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 360db972caa9 us-central1-docker.pkg.dev/dev-api-protect-api/cloud-protect-registry/analyzer:latest "supervisord -c /etc…" 1 hours ago Up 1 hours (healthy) 0.0.0.0:8081->8081/tcp, :::8081->8081/tcp api-protect-analyzer-1 |