Here's how to configure Astra Traffic Collector for traffic monitoring inside a Windows machine.

Quick Installation using astra-cli

To quickly install Astra Traffic Collector using astra-cli, please refer to the article below

📄 How to Setup Astra Proxy Service Integration using astra-cli

Docker Based manual Installation [Deprecated Section]

Manual Installation (Used for reference)

1. SSH into the VM.

2. Pre-requisite

• Install Docker Desktop version 4.34 or later in your machine by following the official doc.

• Follow these five steps to enable host network mode which is essential

  • Sign in to your Docker account in Docker Desktop.

  • Navigate to Settings.

  • Under the Resources tab, select Network.

  • Check the Enable host networking option.

  • Select Apply and restart.

3. Create a directory for the Astra Traffic Collector

mkdir C:\astra-traffic-collector
cd C:\astra-traffic-collector

4. ** Create docker-compose.yaml file**

version: '3.3' 
services:
  my-service-init:
    image: busybox:1.35.0-uclibc
    user: root
    volumes:
      - "collector-message:/tmp/message_data"
    command: chown -R 10001:10001 /tmp/message_data
  otel-sensor:
    image: docker.io/getastra/traffic-collector
    container_name: astra-traffic-collector
    volumes:
      - "collector-message:/var/lib/otelcol/file_storage:z"
      - "C:/astra-traffic-collector/config_custom.yaml:/etc/otelcol-contrib/config_custom.yaml:ro"
    network_mode: host
    env_file:
      - .env
    restart: always
    depends_on:
      - my-service-init
volumes:
  collector-message:

5. Create .env file

• Replace with the COLLECTOR_ID displayed during the creation of astra traffic collector integration.

• Replace with the CLIENT_ID displayed during the creation of astra traffic collector integration.

• Replace with the CLIENT_SECRET displayed during the creation of astra traffic collector integration.

COLLECTOR_ID=
CLIENT_ID=
CLIENT_SECRET=
TOKEN_URL=https://auth.getastra.com/realms/astra_api_scanner/protocol/openid-connect/token
REMOTE_ADDR_IDENTIFIER_HEADER=x-forwarded-for

6. Create config_custom.yaml file

processors:
  
  # https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/processor/filterprocessor
  filter/custom:
    error_mode: ignore
    traces:
      span:
        ## allowing traces based on hostname regex pattern. Following will drop all traces originated from host other than: localhost*
        # - IsMatch(attributes["url.host"], "localhost*") == false
        ## excluding traces based on hostname regex pattern. Following will drop all traces originated from host: localhost*
        # - IsMatch(attributes["url.host"], "localhost*")
        ## excluding traces based on template regex pattern. Following will drop all traces having url_template: _wdt*
        # - IsMatch(attributes["url.template"], "_wdt*")
        ## exclude traces with method set to OPTIONS. Comment below line to allow the traces with http method OPTIONS
        - ConvertCase(attributes["http.method"], "upper") == "OPTIONS"
  
  # https://github.com/open-telemetry/opentelemetry-collector-contrib/tree/main/processor/transformprocessor
  transform/custom:
    error_mode: ignore
    trace_statements:
      - context: span
        statements:
          ## Templatize url path regex pattern by keyword: "slug". Following will templatize the url Path: /api/v1/chinchikrqwertyuiop/ -> /api/v1/{{slug}}/
          - replace_pattern(attributes["url.template"], "chinchikrqwertyuiop", "{{slug}}")
          ## Redact MasterCard credit card number 
          #- replace_all_patterns(attributes, "value", "^5[1-5][0-9]{14}$", "{{card}}")

7. Manage the service by using docker compose command

• To start the service, run: docker compose up -d

• To stop the service, run: docker compose down

• To check the status, run: docker ps -a

• To check the logs, run: docker logs astra-traffic-collector