AWS Traffic Mirroring

Metlo supports capturing API traffic using AWS Traffic Mirroring. This VPC feature mirrors traffic from a specified network interface to Metlo.

There are some limitations on the type of instances that support mirroring. You can find more info here

1. Deploy a Metlo Mirroring Instance


2. Get AWS API Keys

To set up mirroring we need an API Key with the following permissions:

  • AmazonEC2FullAccess
  • AmazonVPCFullAccess

3. Instal Metlo's CLI Tool

You can install metlo from npm by running the following:

$ npm i -g @metlo/cli

4. Set up Traffic Mirroring

Metlo supports mirroring either Network Interfaces or EC2 Instances. To set up traffic mirroring run the following:

$ metlo traffic-mirror aws new
✔ Select your AWS region · us-west-2
✔ What type of source do you want to mirror? · instance
✔ Enter the id of your source · i-xxxxxxxxxxxxxxxxx
Finding Source...
✔ Enter the id of your Metlo Mirroring Instance:  · i-xxxxxxxxxxxxxxxxx
Creating Mirror Session...

Finding the network interface for a load balancer

You can find the network interface for your load balancer under Network & Security > Network Interfaces on the EC2 page in your console. Your load balancer's name should be in the description column for your network interface.