cgn-ec (Event Correlation) is a super fast and flexible solution which focuses on centralizing CGNAT logging. You can view the documentation here and also join the Slack community.
Here are some key features of this project:
- Flexible scaling with decoupled compute vs storage requirements.
- Up to *90% data compression compared to other DIY solutions.
- Ability to add a new vendor within minutes.
- Flexible outputs so you can preprocess CGNAT events and ship to external systems.
- Syslog, NetFlow and RADIUS Accounting collectors with multi-vendor support out of the box.
Get Started
1) Ensure docker and docker compose are installed and clone this repository:
2) Copy the config.example.yaml to config.yaml and change the configuration for the consumer as required. Sample configurations can be found here.
3) Now ensure Docker and docker compose plugin is installed and run:
Optional: If you would like to run the other collectors, then add the following profiles:
Pro Edition
We provide support/services for this project which include maintaining the software solution on-prem and can also add new vendors/outputs if you need something developed quick.
Features included in Pro edition:
- HA/Scaleout with NetFlow collector
- API Advanced Search
- Modern UI with integrated reporting
- OSS/CRM Integration
- SLA for support with direct email support
- New vendor/output integration priority
If you would like a quote then please email us at cgn-support@veesix-networks.co.uk.
Supported Vendors
| Vendor | Full / Partial | Syslog | NetFlow | RADIUS |
|---|---|---|---|---|
| NFWare | Full | |||
| 6Wind | Full | |||
| F5 BigIP | Partial | |||
| Juniper JunOS | Partial | |||
| A10 vThunder | Partial |
License
This project is licensed under Apache License Version 2.0.
Disclaimers
*When using TimescaleDB output as a time-series database, you can view the blog regarding performance here regarding the x1000 faster and the data compression up to 90% here.