-
Notifications
You must be signed in to change notification settings - Fork 34
Current Metrics
Shannon Weyrick edited this page Jun 1, 2021
·
9 revisions
Last updated: 6/1/2021
- Count of UDP packets
- Count of TCP packets
- Count of packets which are not UDP or TCP
- Count of IPv4 packets
- Count of IPv6 packets
- Count of total ingress packets
- Count of total egress packets
- Count of total packets processed
- Count of total packets that were sampled for deep inspection
- Rate of ingress in packets per second
- Rate of egress in packets per second
- Rate of all packets (combined ingress and egress) in packets per second
- Source IP cardinality
- Destination IP cardinality
- Top GeoIP locations
- Top ASNs by IP
- Top IPv4 IP addresses
- Top IPv6 IP addresses
, queries("dns", {"wire_packets", "queries"}, "Total DNS wire packets flagged as query (ingress and egress)")
, replies("dns", {"wire_packets", "replies"}, "Total DNS wire packets flagged as reply (ingress and egress)")
, UDP("dns", {"wire_packets", "udp"}, "Total DNS wire packets received over UDP (ingress and egress)")
, TCP("dns", {"wire_packets", "tcp"}, "Total DNS wire packets received over TCP (ingress and egress)")
, IPv4("dns", {"wire_packets", "ipv4"}, "Total DNS wire packets received over IPv4 (ingress and egress)")
, IPv6("dns", {"wire_packets", "ipv6"}, "Total DNS wire packets received over IPv6 (ingress and egress)")
, NX("dns", {"wire_packets", "nxdomain"}, "Total DNS wire packets flagged as reply with return code NXDOMAIN (ingress and egress)")
, REFUSED("dns", {"wire_packets", "refused"}, "Total DNS wire packets flagged as reply with return code REFUSED (ingress and egress)")
, SRVFAIL("dns", {"wire_packets", "srvfail"}, "Total DNS wire packets flagged as reply with return code SRVFAIL (ingress and egress)")
, NOERROR("dns", {"wire_packets", "noerror"}, "Total DNS wire packets flagged as reply with return code NOERROR (ingress and egress)")
set_num_events_info("dns", {"wire_packets", "total"}, "Total DNS wire packets");
set_num_sample_info("dns", {"wire_packets", "deep_samples"}, "Total DNS wire packets that were sampled for deep inspection");
, _dns_qnameCard("dns", {"cardinality", "qname"}, "Cardinality of unique QNAMES, both ingress and egress")
set_event_rate_info("dns", {"rates", "total"}, "Rate of all DNS wire packets (combined ingress and egress) per second");
: xacts_total("dns", {"xact", "counts", "total"}, "Total DNS transactions (query/reply pairs)")
, xacts_in("dns", {"xact", "in", "total"}, "Total ingress DNS transactions (host is server)")
, xacts_out("dns", {"xact", "out", "total"}, "Total egress DNS transactions (host is client)")
, xacts_timed_out("dns", {"xact", "counts", "timed_out"}, "Total number of DNS transactions that timed out")
: _dnsXactFromTimeUs("dns", {"xact", "out", "quantiles_us"}, "Quantiles of transaction timing (query/reply pairs) when host is client, in microseconds")
, _dnsXactToTimeUs("dns", {"xact", "in", "quantiles_us"}, "Quantiles of transaction timing (query/reply pairs) when host is server, in microseconds")
, _dns_slowXactIn("dns", {"xact", "in", "top_slow"}, "Top QNAMES in transactions where host is the server and transaction speed is slower than p90")
, _dns_slowXactOut("dns", {"xact", "out", "top_slow"}, "Top QNAMES in transactions where host is the client and transaction speed is slower than p90"
, _dns_topQname2("dns", {"top_qname2"}, "Top QNAMES, aggregated at a depth of two labels")
, _dns_topQname3("dns", {"top_qname3"}, "Top QNAMES, aggregated at a depth of three labels")
, _dns_topNX("dns", {"top_nxdomain"}, "Top QNAMES with result code NXDOMAIN")
, _dns_topREFUSED("dns", {"top_refused"}, "Top QNAMES with result code REFUSED")
, _dns_topSRVFAIL("dns", {"top_srvfail"}, "Top QNAMES with result code SRVFAIL")
, _dns_topUDPPort("dns", {"top_udp_ports"}, "Top UDP source port on the query side of a transaction")
, _dns_topQType("dns", {"top_qtype"}, "Top query types")
, _dns_topRCode("dns", {"top_rcode"}, "Top result codes")