Network Monitor
This module watches for network events:
Bind:timestamp,pid,addressConnect:timestamp,pid,source,destinationAccept:timestamp,pid,source,destinationSend:timestamp,pid,source,destination,len,is_tcpReceive:timestamp,pid,source,destination,len,is_tcpClose:timestamp,pid,source,destination
This module also contains a DNS interceptor which will try to parse every UDP message:
DnsQuery:timestamp,pid,questionsDnsAnswer:timestamp,pid,questions,answers
Configuration
| Config | Type | Description |
|---|---|---|
| - | - | - |
Default configuration:
[network-monitor]
enabled=true
You disable this module with:
pulsar config --set network-monitor.enabled=false
Testing
You can try this module using the probe example:
cargo run --example probe -- network-monitor