openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 21:46:22 +01:00
Code Issues Releases Activity
Files
416fa187cda76f5a2067b4494e7a41ef1ad5e5f6
openshift-docs/modules/network-observability-flows-format.adoc
Kathryn Alexander 90d985a0bb [enterprise-4.14] changing content type attribute
2023-10-30 10:13:25 -04:00

473 lines
6.8 KiB
Plaintext
Raw Blame History

// Automatically generated by 'hack/asciidoc-flows-gen.sh'. Do not edit, or make the NETOBSERV team aware of the editions.
:_mod-docs-content-type: REFERENCE
[id="network-observability-flows-format_{context}"]
= Network Flows format reference
This is the specification of the network flows format, used both internally and when exporting flows to Kafka.
The document is organized in two main categories: _Labels_ and regular _Fields_. This distinction only matters when querying Loki. This is because _Labels_, unlike _Fields_, must be used in link:https://grafana.com/docs/loki/latest/logql/log_queries/#log-stream-selector[stream selectors].
If you are reading this specification as a reference for the Kafka export feature, you must treat all _Labels_ and _Fields_ as regular fields and ignore any distinctions between them that are specific to Loki.
== Labels
SrcK8S_Namespace::
• `Optional` *SrcK8S_Namespace*: `string`
Source namespace
'''
DstK8S_Namespace::
• `Optional` *DstK8S_Namespace*: `string`
Destination namespace
'''
SrcK8S_OwnerName::
• `Optional` *SrcK8S_OwnerName*: `string`
Source owner, such as Deployment, StatefulSet, etc.
'''
DstK8S_OwnerName::
• `Optional` *DstK8S_OwnerName*: `string`
Destination owner, such as Deployment, StatefulSet, etc.
'''
FlowDirection::
• *FlowDirection*: `FlowDirection` (see the following section, Enumeration: FlowDirection)
Flow direction from the node observation point
'''
_RecordType::
• `Optional` *_RecordType*: `RecordType`
Type of record: 'flowLog' for regular flow logs, or 'allConnections',
'newConnection', 'heartbeat', 'endConnection' for conversation tracking
== Fields
SrcAddr::
• *SrcAddr*: `string`
Source IP address (ipv4 or ipv6)
'''
DstAddr::
• *DstAddr*: `string`
Destination IP address (ipv4 or ipv6)
'''
SrcMac::
• *SrcMac*: `string`
Source MAC address
'''
DstMac::
• *DstMac*: `string`
Destination MAC address
'''
SrcK8S_Name::
• `Optional` *SrcK8S_Name*: `string`
Name of the source matched Kubernetes object, such as Pod name, Service name, etc.
'''
DstK8S_Name::
• `Optional` *DstK8S_Name*: `string`
Name of the destination matched Kubernetes object, such as Pod name, Service name, etc.
'''
SrcK8S_Type::
• `Optional` *SrcK8S_Type*: `string`
Kind of the source matched Kubernetes object, such as Pod, Service, etc.
'''
DstK8S_Type::
• `Optional` *DstK8S_Type*: `string`
Kind of the destination matched Kubernetes object, such as Pod name, Service name, etc.
'''
SrcPort::
• `Optional` *SrcPort*: `number`
Source port
'''
DstPort::
• `Optional` *DstPort*: `number`
Destination port
'''
SrcK8S_OwnerType::
• `Optional` *SrcK8S_OwnerType*: `string`
Kind of the source Kubernetes owner, such as Deployment, StatefulSet, etc.
'''
DstK8S_OwnerType::
• `Optional` *DstK8S_OwnerType*: `string`
Kind of the destination Kubernetes owner, such as Deployment, StatefulSet, etc.
'''
SrcK8S_HostIP::
• `Optional` *SrcK8S_HostIP*: `string`
Source node IP
'''
DstK8S_HostIP::
• `Optional` *DstK8S_HostIP*: `string`
Destination node IP
'''
SrcK8S_HostName::
• `Optional` *SrcK8S_HostName*: `string`
Source node name
'''
DstK8S_HostName::
• `Optional` *DstK8S_HostName*: `string`
Destination node name
'''
Proto::
• *Proto*: `number`
L4 protocol
'''
Interface::
• `Optional` *Interface*: `string`
Network interface
'''
IfDirection::
• `Optional` *IfDirection*: `InterfaceDirection` (see the following section, Enumeration: InterfaceDirection)
Flow direction from the network interface observation point
'''
Flags::
• `Optional` *Flags*: `number`
TCP flags
'''
Packets::
• `Optional` *Packets*: `number`
Number of packets
'''
Packets_AB::
• `Optional` *Packets_AB*: `number`
In conversation tracking, A to B packets counter per conversation
'''
Packets_BA::
• `Optional` *Packets_BA*: `number`
In conversation tracking, B to A packets counter per conversation
'''
Bytes::
• `Optional` *Bytes*: `number`
Number of bytes
'''
Bytes_AB::
• `Optional` *Bytes_AB*: `number`
In conversation tracking, A to B bytes counter per conversation
'''
Bytes_BA::
• `Optional` *Bytes_BA*: `number`
In conversation tracking, B to A bytes counter per conversation
'''
IcmpType::
• `Optional` *IcmpType*: `number`
ICMP type
'''
IcmpCode::
• `Optional` *IcmpCode*: `number`
ICMP code
'''
PktDropLatestState::
• `Optional` *PktDropLatestState*: `string`
Pkt TCP state for drops
'''
PktDropLatestDropCause::
• `Optional` *PktDropLatestDropCause*: `string`
Pkt cause for drops
'''
PktDropLatestFlags::
• `Optional` *PktDropLatestFlags*: `number`
Pkt TCP flags for drops
'''
PktDropPackets::
• `Optional` *PktDropPackets*: `number`
Number of packets dropped by the kernel
'''
PktDropPackets_AB::
• `Optional` *PktDropPackets_AB*: `number`
In conversation tracking, A to B packets dropped counter per conversation
'''
PktDropPackets_BA::
• `Optional` *PktDropPackets_BA*: `number`
In conversation tracking, B to A packets dropped counter per conversation
'''
PktDropBytes::
• `Optional` *PktDropBytes*: `number`
Number of bytes dropped by the kernel
'''
PktDropBytes_AB::
• `Optional` *PktDropBytes_AB*: `number`
In conversation tracking, A to B bytes dropped counter per conversation
'''
PktDropBytes_BA::
• `Optional` *PktDropBytes_BA*: `number`
In conversation tracking, B to A bytes dropped counter per conversation
'''
DnsId::
• `Optional` *DnsId*: `number`
DNS record id
'''
DnsFlags::
• `Optional` *DnsFlags*: `number`
DNS flags for DNS record
'''
DnsFlagsResponseCode::
• `Optional` *DnsFlagsResponseCode*: `string`
Parsed DNS header RCODEs name
'''
DnsLatencyMs::
• `Optional` *DnsLatencyMs*: `number`
Calculated time between response and request, in milliseconds
'''
TimeFlowStartMs::
• *TimeFlowStartMs*: `number`
Start timestamp of this flow, in milliseconds
'''
TimeFlowEndMs::
• *TimeFlowEndMs*: `number`
End timestamp of this flow, in milliseconds
'''
TimeReceived::
• *TimeReceived*: `number`
Timestamp when this flow was received and processed by the flow collector, in seconds
'''
TimeFlowRttNs::
• `Optional` *TimeFlowRttNs*: `number`
Flow Round Trip Time (RTT) in nanoseconds
'''
_HashId::
• `Optional` *_HashId*: `string`
In conversation tracking, the conversation identifier
'''
_IsFirst::
• `Optional` *_IsFirst*: `string`
In conversation tracking, a flag identifying the first flow
'''
numFlowLogs::
• `Optional` *numFlowLogs*: `number`
In conversation tracking, a counter of flow logs per conversation
== Enumeration: FlowDirection
Ingress::
• *Ingress* = `"0"`
Incoming traffic, from the node observation point
'''
Egress::
• *Egress* = `"1"`
Outgoing traffic, from the node observation point
'''
Inner::
• *Inner* = `"2"`
Inner traffic, with the same source and destination node
View Git Blame Copy Permalink