Netify Agent for Developers - Getting Started

Before we dive into getting started with the Netify Agent (netifyd), please make sure you take a look at the features and understand the basics on how netifyd works.

In a live environment, the Netify Agent needs to tap into a network to analyze network traffic. This can be done:

  • On a virtual machine
  • In a container - nspawn, Docker, etc.
  • On a dedicated Linux/BSD system
  • By installing on an existing Linux/BSD system

Network traffic is ingested via a network interface connected directly to a live network or mirror port. For batch processing, testing, and development, the Netify Agent can also ingest PCAP packet capture files directly.

Supported Firewalls and Routers

Example: mirror port on a local network

Tap into the network where you want the most visibility. The example shows the Netify Agent analyzing LAN traffic on an edge network.


For getting started, we are going to walk through how to install the Netify Agent for processing packet capture files. This type of installation can also be used for analyzing network traffic on the local development system. It's a little more involved, but we also have instructions on how to install a Netify Agent for ingesting network traffic via a switch mirror port.

Please select one of the install options below:

Packet Capture File Mode

Mirror Port Mode

Next Steps

If you have installed the Netify Agent in a mirror port environment, you can jump right into the Data Streams topic. If you have installed the Netify Agent for network capture file analysis, you can find information on how to run an analysis in the Packet Capture documentation.

Integration and Custom Solutions

Do you have any questions about integration, APIs or custom development?

Contact Us