CaptAgent vs Native HEP Agents

[idanam-del]

What are the Differences between them?

I already know from opening an issue here that current version CaptAgent supports ssl encryption by default and for Native HEP Agents, it is needed to set up a stunnel.

So my question is what else?

thanks

[lmangani]

Passive agents (heplify, captagent, etc) offer the HEP functionality without impacting the monitored application and they're generally more flexible, but they do NOT support tls encryption. Native agents (siptrace, res_hep, and any other native HEP client) are variable in flexibility, but they are able to report both clear and encrypted traffic without compromising security. The two can be mixed freely to achieve the desired architecture.

The transport either native or passive agent uses for HEP is agnostic to the choice and there are no stunnels required, unless one wants to deliver HEP over a secure connection to a remote collector.

Hope this answers your question.