This service is currently available as a beta release. Functionality may be subject to change.
Soracom Peek is a managed packet capture service which collects the IP packets of traffic from devices that use Soracom Air for Cellular SIM cards. Peek gives you the ability to inspect the network behavior of your devices, even if your device or server doesn't support packet capturing. Peek allows you to capture packets quickly and easily, without setting up any servers to mirror or inspect traffic.
Peek works by capturing the packets of all IP traffic that passes through a Virtual Private Gateway (VPG). After creating a VPG and assigning SIMs to it, all cellular network traffic to and from the devices will be routed through the VPG.
Then, when you request packet capture, Peek will create a packet capture session which will collect all IP traffic in the VPG throughout the duration of the session.
Peek provides a simple and secure way to capture packets, and can be used in many situations where you are typically unable to inspect your devices network behavior:
- Troubleshoot abnormal device behavior - If your device suddenly stops communicating with your server, or behaves abnormally, using Peek to capture packets will allow you to inspect the network traffic between cellular and IP networks and understand whether a problem occured on the device or cellular network (if a packet never arrived), or afterwards (if a packet arrived but doesn't make it to your server).
- Debug network architecture - When building your application, there are many parts of its network architecture to check, such which transmission protocol the device uses, what servers the device connects to, and whether or not data is encrypted. Using Peek to capture packets will allow you to perform detailed analysis to verify that your device is behaving according to your design.
- Identify the source of high data usage - While Soracom's SIM management tools let you easily check the data usage of each SIM, you can only check how much data was used, not what the data usage was for. By capturing packets with Peek, you can quickly find out what requests your device is making, and which servers it is communicating with.
- Improve security - Similarly, your application may have strict requirements to ensure that data is not sent to an unauthorized destination. Peek will allow you to perform an audit of your device and check for any packets that are being sent to an unrecognized server. You can then update the Outbound Filter setting of your VPG to quickly block these unauthorized requests.
- With Peek, you can capture packets on-demand without setting up any servers.
- Peek can be enabled directly in the User Console or via the Soracom API or Soracom CLI.
- Packets transiting through a VPG are captured during the duration you specify (up to 24 hours).
- Packet files are stored as a
pcapfile, which can be analyzed many common network traffic analyzers.
- Packet capture files are stored securely on Soracom platform and are automatically deleted after 7 days. You can also manually delete them.
- A temporary signed URL is generated each time you request to download the results of a packet capture session.
- Peek does not affect network latency or throughput during capturing.
To capture packets using Peek:
- Your device must be connected using a Soracom Air SIM and online.
- The SIM should belong to VPG.
Before using Peek, please be aware of the following limitations:
- Peek is only available for Type-E and Type-F VPGs. If you are using a Type-C or Type-D VPG, you must migrate them to either Type-E or Type-F in order to use Peek.
- When you start a packet capture session, there is a short delay of a few seconds to a few minutes as Peek initializes packet capturing. You should allow for a sufficient window in order to ensure the desired traffic is captured. Once a packet capture session has started, its status will change to
- The maximum amount of data that can be captured in one packet capture session is 5 GB.
- A packet capture session can continue for up to 24 hours.
- Once started, a packet capture session cannot be cancelled.
- Packet capture files are automatically deleted after 7 days. You can also delete it manually.
- For security, when requesting to download a packet capture file, a secure URL will be generated and is valid for 5 minutes. As long as you start downloading the file before the URL expires, your download will not be interrupted even if it takes longer than 5 minutes to download.
- The Prefix used for a packet capture session can only consist of numbers, letters, underscores, and hyphens, and must be 100 characters or less.
- Peek is only available for Type-E and Type-F VPGs.
Compared to Junction
While Peek provides similar packet capturing functionality as Junction, there are some important differences.
Peek automatically creates a
pcap file after a packet capture session finishes. Unlike Junction, you cannot download or inspect packets while they are being captured.
The maximum duration of a Peek packet capture session is limited to 24 hours.
Soracom Junction does not have these limitations, and is therefore better suited if you need real-time monitoring or the ability to capture packets for durations longer than 24 hours.