Comment on page
Connect Akto with GCP Packet Mirroring
Learn how to deploy Akto in GCP and add traffic to Akto using GCP Packet Mirroring
Packet Mirroring is a GCP feature that clones the traffic of specified instances in your Virtual Private Cloud (VPC) network and forwards it to Akto. Packet Mirroring captures all traffic and packet data, including payloads and headers. The capture can be configured for both egress and ingress traffic, only ingress traffic, or only egress traffic.
Packet mirroring is our recommended way to receive data as it is completely non-intrusive. Akto's traffic analyzer analyzes this traffic to create your application's APIs request and response, understand API metadata and find misconfigurations. Akto can work with high traffic scale though you can always configure the amount of traffic you want to send to Akto dashboard.
You can deploy Akto using the
Akto's GCP packet mirroring template. Here are the steps to deploy:
- 2.Change the permissions so that you can execute it
- chmod +x gcp-mirroring-template.sh
- 3.This will create a template with name
- 4.Make sure you are in the project where you want to create resources.
- 5.Create a
.txt filewith name
inputs.txtwith the following input parameters.
Here is an example of the txt file below:
- 6.Go to the instances you want to mirror and add network tag 'mirror' to them.
- 7.Now start creating resources by writing this command
./gcp-mirroring-template.sh create <inputs.txt
Troubleshoot: if you get permission denied error, type and enter the commandchmod +x gcp-mirroring-template.sh
- 8.The above command will create the following resources:
- A load balancer
- An auto scaled instance group added to the load balancer which receives mirrored packets
- One instance with mongo
- One instance with Akto dashboard
- 9.Once all the resources are created, go to VM instances in your google cloud.
- 10.Click on the
akto-dashboard-instanceand find the IP.
- 11.Copy and paste this IP in your browser and add port 8080 to it ( http://yourip:8080)
- 12.You can now signup on Akto dashboard.
In case you are done using Akto and want to uninstall, follow these steps:
- 1.Create delete.txt with the following inputs:<your-project-id><region>akto<zone>y
- 2.To delete all the resources you created with 'akto' prefix, run the command
./gcp-mirroring-template.sh delete <delete.txt
Does the mirroring have any performance impact on my traffic ?
I need to monitor a lot of traffic. Can this handle the scale of my network traffic ?
Akto is built keeping in mind the needs of large enterprises. We use instances in autoscaling groups which deploy instances based on the incoming traffic, to ensure that we log all your traffic. In times of low network traffic, the autoscaling group would automatically, reduce instances to save resources.
Where can I find the project-id in GCP ?
Watch this video to see how to find project-id in GCP.
Project Id in GCP
Where can I find region, network and subnet ?
Watch this video to know how to find region, netwrok and subnet in GCP.
Where can I find the region zone ?
I cannot access Akto after installing it successfully.
Check if the Akto IP is accessible by your machine. It may be possible that it is behind your organization’s VPN. If so, enable it and try again.
If accessing Akto IP from a public network, allow HTTP traffic on the akto dashboard instance.
I cannot see my traffic being mirrored after installing Akto.
- 1.Check if mirroring sessions have been created for the desired instances. You can check this at VPC > Packet mirroring
- 2.Check if the VM ports at which your traffic is being generated is open in the Akto runtime machines. Say, if the traffic is being generated at port 3000 on the VM, open the same port on the akto runtime machine.
- 3.The Akto runtime processes traffic data every 15-20 minutes, so the traffic logged may not be visible instantly on the akto dashboard.
There are multiple ways to request support from Akto. We are 24X7 available on the following: