Community Plugin: This plugin is developed, tested, and maintained by a third-party contributor.
Cleafy protects online services against today’s targeted attacks. Cleafy patented real-time threat detection and protection technology is effective in detecting account takeover and transaction tampering leveraging Man-In-The-Browser (MITB), Man-In-The-Middle (MITM), Mobile Overlay, SIM Swap, API Abuse, and others advanced techniques.
Cleafy real-time continuous risk assessment prevents sensitive data loss and payment fraud while minimizing false positives and operational impact. Cleafy threat visibility also makes possible to implement automated threat responses and an adaptive security posture.
Cleafy is client-less and does not require any change to the monitored applications. Cleafy passively monitors application traffic by integrating into any application delivery architecture, typically at ADC or API Gateway level. Cleafy plugin for Kong allows Cleafy to smoothly integrate into any Kong-powered architecture.
For more details visit the Cleafy resources page.
Cleafy-Stream Kong plugin
Plugin installation mainly depends on where your Kong installation runs:
Once the .rock file has been obtained from your Cleafy distributor it can be installed using the luarocks package manager.
luarocks install cleafy-plugin-for-kong-VERSION.rock
Typical configuration (via curl)
Register Cleafy backend as a Kong service:
$ curl -i -X POST --url http://url-to-kong-api:8001/services/ --data 'name=cleafy' --data 'url=<url-to-cleafy-api>'
Moreover, each application you want to manage via Kong must be registered as a service:
$ curl -i -X POST --url http://url-to-kong-api:8001/services/ --data 'name=app1' --data 'url=<url-to-app1-application-server>'
For each application registered (Cleafy excluded) you must define two Kong routes: the first routing traffic to the application server and the second routing traffic to the Cleafy backend:
$ curl -i -X POST --url http://url-to-kong-api:8001/routes/ --data 'hosts=<hostname>' --data 'service.id=<cleafy-service-id>' --data 'paths=/<ingestion-prefix>'
$ curl -i -X POST --url http://url-to-kong-api:8001/routes/ --data 'hosts=<hostname>' --data 'service.id=<app-service-id>'
Then you must activate the stream plugin over each app-related route:
$ curl -i -X POST --url http://url-to-kong-api:8001/plugins/ --data 'name=stream' --data 'route_id=<app-route-id' --data 'config.api_address=<cleafy-api-address>' --data 'config.api_token=<ingestion-token>'
This plugin is compatible with DB-less mode.
Example plugin configuration
Here's a list of all the parameters which can be used in this plugin's configuration:
|The name of the plugin, in this case
|The name or ID of the route the plugin targets.
Set one of these parameters if adding the plugin to a route through the top-level
Not required if using
|Whether this plugin will be applied.
Specifies the URL pointing to the Cleafy API.
Specifies the type of encoding accepted from the backend server. This plugin does not support gzip-encoded requests.