Send Less Traffic to Akita

Every API is different, and you have unique insight into what is important to your team and organization, so it is likely that you will want to customize what you see in the Akita console at some point.

By default, the Akita Agent captures all unencrypted HTTP traffic it observes. If the same host is serving multiple APIs, the trace may capture all of them.

Packet filters help filter out traffic so the Akita agent doesn't send that traffic to the Akita Cloud.

Identifying inbound traffic

To limit the trace to a single API, specify the port number on which that API is being served using the the --filter option. The --filter option takes a Traceroute-style packet filter.

Users most commonly specify a TCP port number, like --filter "port 80", which instructs the Akita Agent to treat any network traffic to or from port 80 as "incoming" traffic, and any HTTP requests between other port numbers as "outgoing" traffic.

You can also specify a particular IP address, so that only traffic to or from that IP address is treated as inbound traffic. Multiple filters should be combined with "and" or "or". For example, a complicated filter might look like this on the command line:

akita apidump --filter "(port 80 or port 8080) and host 10.43.27.1" ...

The --filter option does not limit which traffic appears in the trace; it only identifies "inbound" traffic from which the model is built.

Limiting a trace to only a particular path or host

The Akita Agent also provides some HTTP-specific filtering, which cause particular hosts or paths to be removed from the trace entirely. You may want to remove particular hosts or paths in order to lower the size of the model, and help you focus on a particular service or set of endpoints.

Each filter takes a Go-style regular expression string, and it is sufficient to specify a literal string. The following filters are available:

  • --host-allow RE: capture an HTTP request only if the host portion of the request URL contains a match for "RE". If multiple --host-allow arguments are specified, the request is captured if any of them match. The "host" portion of the URL may include a port number.

  • --path-allow RE: capture an HTTP request only if the path portion of the request URL contains a match for "RE". If multiple --host-allow arguments are specified, the request is captured if any of them match.

  • --host-exclusions RE: do not capture an HTTP request if the host portion of the request URL contains a match for "RE". If multiple --host-exclusions arguments are specified, then a request will not be traced if it matches any of the arguments.

  • --path-exclusions RE: do not capture an HTTP request if the path portion of the request URL contains a match for "RE". If multiple --path-exclusions arguments are specified, then a request will not be traced if it matches any of the arguments.

Each type of filter is applied independently, so any request which matches both an allow and an exclusions flag is excluded. If you specify both a --host-allow and a --path-allow filter, then the request must match both.

🚧

Customizations only apply to new traffic

Akita builds your API model based on the behavior we see from your API. When you add customizations to your packet capture, it applies to all new behavior from the moment it is implemented but is not backported to apply to the endpoints already captured.