How to setup Astra Traffic Collector via Cloud Market Place

Last updated: June 10, 2026

Introduction

This guide walks you through deploying and configuring the Astra Traffic Collector using a pre-built VM image from your cloud provider's marketplace (AWS, GCP, Azure, or DigitalOcean). This is the fastest way to get the collector running without manual Docker setup.

Prerequisites

  • Access to your cloud provider's marketplace (AWS, GCP, Azure, or DigitalOcean)

  • Astra Traffic Collector integration created in the Astra dashboard with the following values saved:

    • COLLECTOR_ID

    • CLIENT_ID

    • CLIENT_SECRET

Instructions

1. Spin up a new VM instance

Go to your cloud provider's marketplace and search for the Astra Traffic Collector image. Launch a new VM instance using that image.

2. SSH into the VM

Connect to the newly created instance via SSH.

3. Locate the configuration files

Navigate to /opt/astra-traffic-collector/. You will find two editable files:

  • .env — holds authentication credentials

  • config_custom.yaml — holds collector behavior configuration

4. Update the credentials in the .env file

Open the .env file and replace the placeholder values with the credentials from your Astra dashboard:

COLLECTOR_ID=
CLIENT_ID=
CLIENT_SECRET=
TOKEN_URL=https://auth.getastra.com/realms/astra_api_scanner/protocol/openid-connect/token

Save the file. The Astra Traffic Collector container should now be running.

5. Create sensor integrations

From the Astra dashboard, create sensor integrations and connect them to your running Traffic Collector to begin monitoring API traffic.

Customizing Collector Behavior

To customize filtering, redaction, or URL templating, edit config_custom.yaml in /opt/astra-traffic-collector/. After editing, restart the Traffic Collector service to apply changes.start traffic-collector service

Upgrading

Docker container upgrade

This process updates the running container to a new version of the collector while retaining any customization you've made via configuration files, such as custom config.yaml_.

  1. **Change directory where docker-compose.yaml is present: cd /opt/astra-traffic-collector/ **

  2. Run docker-compose down on the docker-compose.yaml to stop the container

  3. Run docker-compose pull to update the image to latest

  4. Run docker-compose up to start the latest image

Image upgrade

Refers to upgrading the virtual machine image used for the Traffic Collector. This process typically involves creating a new VM image with updated software. Customizations made on the existing VM will be lost as the VM is replaced with a new image.

You can use GUI and also use cli tools like awscli, gcloud, az to pull a new VM using the Image from the cloud provider's marketplace.

  • To upgrade the image using AWS CLI:

aws ec2 describe-images --filters "Name=name,Values=YourImageName"
aws ec2 terminate-instances --instance-ids i-1234567890abcdef0
aws ec2 run-instances --image-id ami-0123456789abcdef0

  • To upgrade the image using Google Cloud CLI:

gcloud compute instances stop INSTANCE_NAME
gcloud compute instances delete INSTANCE_NAME
gcloud compute instances create INSTANCE_NAME --image-family=IMAGE_FAMILY --image-project=IMAGE_PROJECT

  • To upgrade the image using Azure CLI:

az vm deallocate --resource-group myResourceGroup --name myVM
az vm delete --resource-group myResourceGroup --name myVM
az vm create --resource-group myResourceGroup --name myVM --image IMAGE_URN

  • To upgrade the image using DigitalOcean CLI:

doctl compute droplet-action shutdown DROPLET_ID
doctl compute droplet delete DROPLET_ID
doctl compute droplet create --image IMAGE_SLUG --size droplet_size --region region_slug --ssh-keys key_id

Expected Outcome

Once configured, the Astra Traffic Collector container will run on your VM and begin forwarding API traces to the Astra platform. Endpoints will appear in your dashboard inventory as traffic flows through connected sensor integrations.

Troubleshooting

No entries in inventory and authentication errors in logs — Open /opt/astra-traffic-collector/.env and verify that COLLECTOR_ID, CLIENT_ID, and CLIENT_SECRET match the values shown in your Astra dashboard integration. Restart the Traffic Collector service after updating.

No entries in inventory but no errors in logs — The hostname sending traffic may not be registered in Astra. Go to the Target setup page and confirm the hostname is listed under Scope URI.

How to restart the Traffic Collector — Navigate to /opt/astra-traffic-collector/ and run docker compose down followed by docker compose up -d.

How to verify traces are being sent — Run docker logs astra-traffic-collector to inspect outgoing trace data from the collector.