Generate test traffic
Two ways to make the dashboard light up without recruiting a real agent.
Path A — synthetic events straight to the cloud
The fastest way to "see something on the dashboard." This skips the collector entirely and POSTs synthetic decision events directly to the cloud ingest endpoint. Good for showing the UI to a customer who hasn't installed a collector yet.
bash
cd /path/to/agentfw
KILASEC_TOKEN=$(ssh kilasec.com 'cat /opt/agentfw/data/collector-token.txt') \
EVENTS=200 SPREAD_HOURS=4 \
python3 dev/generate-traffic.pyOutput:
==> sending 200 events to https://kilasec.com/api in batches of 20
timestamps spread across the last 4.0h
20/200 ingested=20 ok=True
40/200 ingested=20 ok=True
...
==> done.Knobs (env vars):
EVENTS— how many to push (default 60).SPREAD_HOURS— time-window the events get bucketed into (default 2).BURST— events per POST batch (default 10).DRY_RUN=1— print one sample event, send nothing.KILASEC_BASE— point at a non-prod endpoint (defaulthttps://kilasec.com/api).KILASEC_ENROLL— exchange an enrollment code for a per-collector token instead of usingKILASEC_TOKEN.
What the generator simulates:
- 7 distinct agents — a mix of
userandagentprincipal types. - 3 action kinds:
http_request,tool_call,llm_prompt. - ~8 destinations including
internal.acme.corp(which the UI flags as shadow). - Verdict distribution roughly: 72% allow, 13% log, 8% redact, 4% approve, 3% deny.
- Source-IP metadata baked in so the Agents page clusters cleanly.
Path B — real traffic through a real collector
The end-to-end test that matters most. Three machines (or three terminals on the same Mac for a loopback test):
┌──────────────┐ HTTPS_PROXY ┌──────────────────────┐ ┌─────────────────┐
│ agent host │ ────────────────► │ collector (LAN) │ ──ingest──► kilasec.com │
│ (this Mac) │ http://lan:8080 │ mitmdump :8080 │ │ /api/v1/ingest │
│ │ + mitm CA │ agentfw.proxy :8000 │ └─────────────────┘
└──────────────┘ └──────────────────────┘On the collector machine
bash
cd ~/Downloads/Projects/agentfw
./ui-v2/scripts/run-collector.shThe script:
- Reads the cloud ingest token from the VM via SSH.
- Starts
mitmdumpon0.0.0.0:8080with the agentfw addon. - Starts
agentfw.proxyon0.0.0.0:8000withAGENTFW_CLOUD_URL=https://kilasec.com/apiset. - Prints a readiness banner with the cert path.
On the agent host (this Mac)
bash
# Trust the collector's mitmproxy CA (macOS):
scp <collector-user>@<collector-ip>:~/.mitmproxy/mitmproxy-ca-cert.pem ~/
sudo security add-trusted-cert -d -p ssl \
-k /Library/Keychains/System.keychain ~/mitmproxy-ca-cert.pem
# Route HTTPS through the collector + set an agent name.
export HTTPS_PROXY=http://<collector-ip>:8080
export HTTP_PROXY=http://<collector-ip>:8080
export SSL_CERT_FILE=~/mitmproxy-ca-cert.pem
export AGENTFW_AGENT=my_test_agent
export ANTHROPIC_API_KEY=sk-ant-…
# Drive any agent:
python my_anthropic_script.py
# or
python agents/synthetic_loop.pyEvery request that goes through HTTPS_PROXY lands on the collector, gets a verdict, and shows up on the dashboard's Live Traffic.
Screenshot: Live Traffic with real agent rows arrivingdocs/public/screenshots/live-traffic-real.png
Common gotchas
- Connection pill stays red after sending events. That's expected when you use Path A — there's no collector, only ingest. The pill goes green when a collector actually heartbeats.
- TLS handshake failures from the agent host. The mitmproxy CA isn't trusted. Re-install it (macOS Keychain Access → System keychain → CA cert → Get Info → "Always Trust").
- Decisions show up with
unknown_agent. You didn't setAGENTFW_AGENTon the agent host, and the network didn't resolve a hostname. See Naming agents. - 403 from
/api/v1/ingest/events. Tenant token is wrong or revoked. Confirm withcurl -H "Authorization: Bearer $KILASEC_TOKEN" https://kilasec.com/api/healthz.
→ When the synthetic batch isn't enough and you want a live "tail", run the generator with a tight window:
bash
EVENTS=20 SPREAD_HOURS=0.05 python3 dev/generate-traffic.py # 20 events in the last 3 minutes