Network Monitor
This module watches for network events:
Bind: timestamp, pid, addressConnect: timestamp, pid, source, destinationAccept: timestamp, pid, source, destinationSend: timestamp, pid, source, destination, len, is_tcpReceive: timestamp, pid, source, destination, len, is_tcpClose: timestamp, pid, source, destination
This module also contains a DNS interceptor which will try to parse every UDP message:
DnsQuery: timestamp, pid, questionsDnsAnswer: timestamp, pid, questions, answers
Configuration
| Config | Type | Description |
|---|---|---|
| - | - | - |
Default configuration:
[network-monitor]
enabled=true
You disable this module with:
pulsar config --set network-monitor.enabled=false
Testing
You can try this module using the probe example:
cargo run --example probe -- network-monitor