Network Analyzer Deployment

Owned by John Gerlock
Last updated: May 01, 2024
6 min read

Overview

Data Theorem’s Network Analyzer is software that runs in your environment that analyzes network traffic from any source configured to mirror traffic to it. The Network Analyzer processes the traffic in your environment and sends only metadata about the traffic back to Data Theorem.

 

NetworkAnalyzer.drawio.svg

 

Deployment

In most cases, the Network Analyzer will be installed automatically as a component of a specific integration. It is also possible to install the Network Analyzer by itself, independently of any integrations. This section documents the most common methods for installing the software

 

Deploy to Kubernetes via Helm Chart

Requirements

  • helm

  • kubectl

 

Step 1: Extract the Helm Chart

unzip network_analyzer_helm_chart.zip

Step 2: Deploy the Helm Chart

In the directory where the archive has been uncompressed, to start the services of the network traffic analyzer run the following command:

helm update network-analyzer \ --install \ ./network_analyzer \ --create-namespace \ --namespace datatheorem

Verify Deployment

To verify the network traffic analyzer services have started properly run the following command:

kubectl -n datatheorem get pods

If the service has started properly you should see something mostly the same as the following:

 

Deploy as AWS AppRunner Service via Terraform

Requirements

  • terraform

Step 1: Extract the Terraform module and copy it to your Terraform modules folder

Step 2: Install the module

Step 3: Deploy the Terraform module

 

Deploy as AWS AppRunner Service via CloudFormation Template

Requirements

  • aws-cli

Step 1: Extract the CloudFormation template

Step 2: Deploy the the CloudFormation template

Verify Deployment

To verify the network traffic analyzer services have started properly run the following command:

 

Deploy Docker Container

Requirements

  • docker

Step 1: Extract the env archive

Step 2: Start the container

Verify Deployment

To verify the network traffic analyzer services have started properly run the following command:

If the service has started properly you should see something mostly the same as the following:

 

Deploy Podman Container

Requirements

  • podman

Step 1: Extract the env archive

Step 2: Start the container

Verify Deployment

To verify the network traffic analyzer services have started properly run the following command:

If the service has started properly you should see something mostly the same as the following:

 

Deploy as Docker Compose Service

Requirements

  • docker-compose

Step 1: Extract the archive

Step 2: Start the Docker Compose Service

In the directory where the archive has been uncompressed, to start the services of the network traffic analyzer run the following command:

Verify Deployment

To verify the network traffic analyzer services have started properly run the following command:

If the service has started properly you should see something mostly the same as the following:

 

Deploy Podman Container With Packet Capture Support

Requirements

  • podman

  • tcpdump

  • vim

Step 1: Download or create analyzer_env_file in /usr/share/containers/systemd/

Step 2: Start the container

Verify Deployment

To verify the network traffic analyzer services have started properly run the following command:

If the service has started properly you should see something mostly the same as the following:

 

Stop container and replace with systemd service in next step

 

Step 3: Create systemd unit file /usr/share/containers/systemd/analyzer.container

 

Verify systemd service