Kentik¶
Kentik provides network flow analysis and anomaly detection for comprehensive network visibility.
Overview¶
| Property | Value |
|---|---|
| Type | Network incidents |
| Coverage | Global |
| Update Frequency | Real-time |
| Confidence Score | 0.85 |
| Source Identifier | kentik |
Data Provided¶
- Traffic anomalies
- DDoS detection
- Network performance degradation
- BGP route changes
Configuration¶
Requires environment variables:
KENTIK_API_TOKEN- API authentication tokenKENTIK_ENDPOINT- Custom API endpoint (optional)
API Endpoint¶
Incident Fields¶
| Field | Source |
|---|---|
id |
Generated: kentik-{alert_id} |
kind |
Always "network" |
asn |
Affected ASN |
region |
Geographic location |
summary |
Alert description |
severity |
Mapped from Kentik severity |
Example Response¶
{
"id": "kentik-alert-789",
"kind": "network",
"status": "ongoing",
"startedAt": "2025-01-15T09:30:00Z",
"confidence": 0.85,
"summary": "Traffic anomaly detected on AS12345",
"region": "North America",
"asn": "AS12345",
"source": "kentik",
"severity": "major"
}
Severity Mapping¶
| Kentik Severity | ODS Severity |
|---|---|
| Critical | major |
| Major | major |
| Minor | minor |
| Info | Not imported |
Advantages¶
- Professional network monitoring
- Deep traffic analysis
- DDoS detection
- Flow-level visibility
Limitations¶
- Requires Kentik subscription
- API token required
- Coverage limited to Kentik-monitored networks
Optional Integration¶
Kentik integration is optional. If KENTIK_API_TOKEN is not configured, the source is skipped gracefully.