mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-07 00:48:01 +01:00
472af27b2e
no-1.5 integration with main OSDOCS-7593: Netobserv RTT OSDOCS-8465: Updates to Network Traffic Overview OSDOCS-8253: Improved LokiStack integration OSDOCS-8253: API version updates Dashboard enhancements for lokiless use OCPBUGS-22397: clarify netobserv network policy OSDOCS-9419: Adding zones to Overview Re-adding removed RTT overview info OSDOCS-8701: Update resource considerations table Network Observability API documentation updates Update to JSON flows format Network Observability 1.5 release notes no-1.5 integration with main
49 lines
2.3 KiB
Plaintext
49 lines
2.3 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// network_observability/observing-network-traffic.adoc
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="network-observability-dns-tracking_{context}"]
|
|
= Working with DNS tracking
|
|
Using DNS tracking, you can monitor your network, conduct security analysis, and troubleshoot DNS issues. You can track DNS by editing the `FlowCollector` to the specifications in the following YAML example.
|
|
|
|
[IMPORTANT]
|
|
====
|
|
CPU and memory usage increases are observed in the eBPF agent when this feature is enabled.
|
|
====
|
|
.Procedure
|
|
. In the web console, navigate to *Operators* -> *Installed Operators*.
|
|
. Under the *Provided APIs* heading for *Network Observability*, select *Flow Collector*.
|
|
. Select *cluster* then select the *YAML* tab.
|
|
. Configure the `FlowCollector` custom resource. A sample configuration is as follows:
|
|
+
|
|
[id="network-observability-flowcollector-configuring-dns_{context}"]
|
|
.Configure `FlowCollector` for DNS tracking
|
|
[source, yaml]
|
|
----
|
|
apiVersion: flows.netobserv.io/v1beta2
|
|
kind: FlowCollector
|
|
metadata:
|
|
name: cluster
|
|
spec:
|
|
namespace: netobserv
|
|
deploymentModel: Direct
|
|
agent:
|
|
type: eBPF
|
|
ebpf:
|
|
features:
|
|
- DNSTracking <1>
|
|
sampling: 1 <2>
|
|
----
|
|
<1> You can set the `spec.agent.ebpf.features` parameter list to enable DNS tracking of each network flow in the web console.
|
|
<2> You can set `sampling` to a value of `1` for more accurate metrics.
|
|
|
|
. When you refresh the *Network Traffic* page, there are new DNS representations you can choose to view in the *Overview* and *Traffic Flow* views and new filters you can apply.
|
|
.. Select new DNS choices in *Manage panels* to display graphical visualizations and DNS metrics in the *Overview*.
|
|
.. Select new choices in *Manage columns* to add DNS columns to the *Traffic Flows* view.
|
|
.. Filter on specific DNS metrics, such as *DNS Id*, *DNS Error* *DNS Latency* and *DNS Response Code*, and see more information from the side panel. The *DNS Latency* and *DNS Response Code* columns are shown by default.
|
|
|
|
[NOTE]
|
|
====
|
|
TCP handshake packets do not have DNS headers. TCP protocol flows without DNS headers are shown in the traffic flow data with *DNS Latency*, *ID*, and *Response code* values of "n/a". You can filter out flow data to view only flows that have DNS headers using the *Common* filter "DNSError" equal to "0".
|
|
==== |