config.yml.example

connectors:
  - file: connectorRIS
    name: ris
    params:
      blacklistSources:
        - 123.0.0.1/24
        - 3453
      carefulSubscription: true
      url: ws://ris-live.ripe.net/v1/ws/
      perMessageDeflate: true
      authorizationHeader: null
      subscription:
        moreSpecific: true
        type: UPDATE
        host:
        socketOptions:
          includeRaw: false

#  - file: connectorRISDump
#    name: dmp

monitors:
  - file: monitorHijack
    channel: hijack
    name: basic-hijack-detection
    params:
      thresholdMinPeers: 3

#  - file: monitorNewPrefix
#    channel: newprefix
#    name: prefix-detection
#    params:
#      thresholdMinPeers: 3

  - file: monitorPath
    channel: path
    name: path-matching
    params:
      thresholdMinPeers: 1

  - file: monitorVisibility
    channel: visibility
    name: withdrawal-detection
    params:
      thresholdMinPeers: 40
      notificationIntervalSeconds: 3600

  - file: monitorAS
    channel: misconfiguration
    name: asn-monitor
    params:
      skipPrefixMatch: false
      thresholdMinPeers: 3

  - file: monitorRPKI
    channel: rpki
    name: rpki-monitor
    params:
      thresholdMinPeers: 3
      checkUncovered: false
      checkDisappearing: false

  - file: monitorROAS
    channel: roa
    name: rpki-diff
    params:
      enableDiffAlerts: true
      enableExpirationAlerts: true
      enableExpirationCheckTA: true
      enableDeletedCheckTA: true
      enableAdvancedRpkiStats: false
      roaExpirationAlertHours: 2
      checkOnlyASns: true
      toleranceDeletedRoasTA:
        ripe: 20
        apnic: 20
        arin: 20
        lacnic: 20
        afrinic: 50
      toleranceExpiredRoasTA:
        ripe: 20
        apnic: 20
        arin: 20
        lacnic: 20
        afrinic: 50

  - file: monitorPathNeighbors
    channel: path
    name: path-neighbors
    params:
      thresholdMinPeers: 3

reports:
  - file: reportFile
    channels:
      - hijack
      - newprefix
      - visibility
      - path
      - misconfiguration
      - rpki
      - roa
    params:
      persistAlertData: false
      alertDataDirectory: alertdata/

#  - file: reportEmail
#    channels:
#      - hijack
#      - newprefix
#      - visibility
#      - path
#      - misconfiguration
#      - rpki
#      - roa
#    params:
#      showPaths: 5 # Amount of AS_PATHs to report in the alert
#      senderEmail: bgpalerter@xxxx
#      # BGPalerter uses nodemailer.
#      # The smtp section can be configured with all the parameters available at https://nodemailer.com/smtp/
#      # the following are just the most useful one
#      smtp:
#        host: localhost
#        port: 25
#        secure: false # If true the connection will use TLS when connecting to server. If false it will be still possible doing connection upgrade via STARTTLS
#        ignoreTLS: false # If true TLS will be completely disabled, including STARTTLS. Set this to true if you see certificate errors in the logs.
#        auth:
#          user: username
#          pass: password
#          type: login
#        tls:
#          rejectUnauthorized: true  # Reject unauthorized certificates
#      notifiedEmails:
#        default:
#          - admin@example.org
#        noc:
#          - joe@example.org
#          - seb@example.org

#  - file: reportSlack
#    channels:
#      - hijack
#      - newprefix
#      - visibility
#      - path
#      - misconfiguration
#      - rpki
#      - roa
#    params:
#      showPaths: 0 # Amount of AS_PATHs to report in the alert
#      colors:
#        hijack: '#d60b1c'
#        newprefix: '#fa9548'
#        visibility: '#fad648'
#        path: '#42cbf5'
#        rpki: '#d892f0'
#        roa: '#d892f0'
#      hooks:
#        default: _YOUR_SLACK_WEBHOOK_URL_
#        noc: _YOUR_SLACK_WEBHOOK_URL_

#  - file: reportKafka
#    channels:
#      - hijack
#      - newprefix
#      - visibility
#      - path
#      - misconfiguration
#      - rpki
#      - roa
#    params:
#      host: localhost
#      port: 9092
#      topics:
#        default: bgpalerter

#  - file: reportSyslog
#    channels:
#      - hijack
#      - newprefix
#      - visibility
#      - path
#      - asn-monitor
#      - misconfiguration
#      - rpki
#      - roa
#    params:
#      host: 127.0.0.1
#      port: 514
#      transport: udp
#      templates: # See here how to write a template https://github.com/nttgin/BGPalerter/blob/main/docs/context.md
#        default: "++BGPalerter-3-${type}: ${summary}|${earliest}|${latest}"
#        hijack: "++BGPalerter-5-${type}: ${summary}|${prefix}|${description}|${asn}|${newprefix}|${neworigin}|${earliest}|${latest}|${peers}"
#        newprefix: "++BGPalerter-4-${type}: ${summary}|${prefix}|${description}|${asn}|${newprefix}|${neworigin}|${earliest}|${latest}|${peers}"
#        visibility: "++BGPalerter-5-${type}: ${summary}|${prefix}|${description}|${asn}|${earliest}|${latest}|${peers}"
#        misconfiguration: "++BGPalerter-3-${type}: ${summary}|${asn}|${prefix}|${earliest}|${latest}"

#  - file: reportAlerta
#    channels:
#      - hijack
#      - newprefix
#      - visibility
#      - path
#      - misconfiguration
#      - rpki
#      - roa
#    params:
#      severity:
#        hijack: critical
#        newprefix: informational
#        visibility: debug
#        path: trace
#      resourceTemplates: # See here how to write a template https://github.com/nttgin/BGPalerter/blob/main/docs/context.md
#        default: "${type}"
#        hijack: "hijack::${prefix}@@${asn}"
#        newprefix: "newprefix::${prefix}@@${asn}"
#        visibility: "visibility::${prefix}@@${asn}"
#      urls:
#        default: _YOUR_ALERTA_API_URL_
#        noc: _YOUR_ALERTA_API_URL_

#  - file: reportWebex
#    channels:
#      - hijack
#      - newprefix
#      - visibility
#      - path
#      - misconfiguration
#      - rpki
#      - roa
#    params:
#      hooks:
#        default: _YOUR_WEBEX_WEBHOOK_URL_
#        noc: _YOUR_WEBEX_WEBHOOK_URL_

#  - file: reportHTTP
#    channels:
#      - hijack
#      - newprefix
#      - visibility
#      - path
#      - misconfiguration
#      - rpki
#      - roa
#    params:
#      method: post
#      templates: # See here how to write a template https://github.com/nttgin/BGPalerter/blob/main/docs/context.md
#        default: '{"text": "${summary}"}'
#      headers:
#      isTemplateJSON: true
#      showPaths: 0 # Amount of AS_PATHs to report in the alert
#      hooks:
#        default: _YOUR_WEBHOOK_URL_
#        noc: _YOUR_WEBHOOK_URL_

#  - file: reportTelegram
#    channels:
#      - hijack
#      - newprefix
#      - visibility
#      - path
#      - misconfiguration
#      - rpki
#      - roa
#    params:
#      showPaths: 0 # Amount of AS_PATHs to report in the alert
#      botUrl: https://api.telegram.org/bot<_BOT_ID_>/sendMessage
#      chatIds:
#        default: _CHAT_ID_
#        noc: _CHAT_ID_

#  - file: reportPullAPI
#    channels:
#      - hijack
#      - newprefix
#      - visibility
#      - path
#      - misconfiguration
#      - rpki
#      - roa
#    params:
#      maxAlertsAmount: 25

#  - file: reportMatrix
#    channels:
#      - hijack
#      - newprefix
#      - visibility
#      - path
#      - misconfiguration
#      - rpki
#      - roa
#    params:
#      showPaths: 0 # Amount of AS_PATHs to report in the alert
#      homeserverUrl: https://matrix.org
#      accessToken: _ACCESS_TOKEN_ 
#      roomIds:
#        default: _ROOM_ID_
#        noc: _ROOM_ID_



############################
# Notification settings:
# - notificationIntervalSeconds
#       Defines the amount of seconds after which an alert can be repeated. An alert is repeated only if the event that
#       triggered it is not yet solved.
# - persistStatus
#       Persist the status of BGPalerter. If the process is restarted, the list of alerts already sent is recovered
#       and they are not repeated. The process must be able to write on disc, this option will create a file inside .cache/

notificationIntervalSeconds: 86400
persistStatus: true


############################
# REST API settings:
# - rest.host
#       The IP address the server will listen. The default value is localhost, this means the API will not be reachable
#       from another host. To make it public use null or 0.0.0.0.
# - rest.port
#       The port the server will listen

rest:
  host: localhost
  port: 8011

logging:
  directory: logs
  logRotatePattern: YYYY-MM-DD
  maxRetainedFiles: 10
  maxFileSizeMB: 15
  compressOnRotation: false
  useUTC: true
  
checkForUpdatesAtBoot: true
generatePrefixListEveryDays: 0

############################
# Process monitoring settings:
# Uncomment or add classes under processMonitors if you want to monitor or send logs about the status of the BGPalerter process

#processMonitors:
#  - file: uptimeApi
#    params:
#      useStatusCodes: true
#
#  - file: uptimeHealthcheck
#    params:
#      url: url_to_poll
#      intervalSeconds: 300
#      method: get
#
#  - file: sentryModule
#    params:
#      dsn: https://<key>@sentry.io/<project>


############################
# The files containing the monitored prefixes. Please see prefixes.yml for an example.
# This is an array (use new lines and dashes!)

monitoredPrefixesFiles:
  - prefixes.yml

############################
# The file containing the user groups.
# User groups can be specified
# 1) directly above, in each report module; or
# 2) inside an external file, as specified below (disabled by default).
# Using an external file allows BGPalerter to auto-reload the user group definitions
# when the external file is changed.

# groupsFile: groups.yml.example

############################
# HTTP proxy setting:
# Allow to run BGPalerter behind an HTTP/HTTPS proxy.
# You can also specify which module can bypass the proxy.
# More information here: https://github.com/nttgin/BGPalerter/blob/main/docs/http-proxy.md

# httpProxy: http://username:password@127.0.0.1:9000


############################
# RPKI settings:
# Global RPKI settings shared across all monitors requiring RPKI data
# More information here: https://github.com/nttgin/BGPalerter/blob/main/docs/rpki.md
#
# To enable ROA expiration alerts, you need VRPs including expiration timestamps.
# "rpkiclient" is the default vrpProvider since is the only one supporting ROAs expiration data.

rpki:
  vrpProvider: rpkiclient
  preCacheROAs: true
  refreshVrpListMinutes: 15
  markDataAsStaleAfterMinutes: 120


############################
# Advanced settings (Don't touch here!)
# Please, refer to the documentation to know the meaning of the following parameters.

alertOnlyOnce: false
fadeOffSeconds: 360
checkFadeOffGroupsSeconds: 30
pidFile: bgpalerter.pid
maxMessagesPerSecond: 6000
multiProcess: false
environment: production
configVersion: 2