Skip to content

Sample pktvisor Output Data

leoparente edited this page Feb 2, 2022 · 14 revisions

This page contains samples of data as it comes out of the pktvisor agent. You can find OpenAPI documentation here. There is also a list of Current Metrics.

1 Hour (60 1 Minute) JSON (pktvisor version 3.2.1)

https://github.com/ns1labs/pktvisor-website/raw/main/samples/pktvisor-data-sample-3.2.1.tar.gz

1 Minute JSON (pktvisor version 3.2.1)

http://localhost:10853/api/v1/metrics/bucket/1

{
  "1m": {
    "dns": {
      "cardinality": {
        "qname": 6
      },
      "period": {
        "length": 60,
        "start_ts": 1624888107
      },
      "rates": {
        "total": {
          "p50": 0,
          "p90": 0,
          "p95": 2,
          "p99": 6
        }
      },
      "top_nxdomain": [],
      "top_qname2": [
        {
          "estimate": 8,
          "name": ".google.com"
        },
        {
          "estimate": 4,
          "name": ".akamaiedge.net"
        },
        {
          "estimate": 2,
          "name": ".akamai.net"
        },
        {
          "estimate": 2,
          "name": ".akadns.net"
        }
      ],
      "top_qname3": [
        {
          "estimate": 6,
          "name": ".l.google.com"
        },
        {
          "estimate": 2,
          "name": ".g.akamaiedge.net"
        },
        {
          "estimate": 2,
          "name": ".dsce9.akamaiedge.net"
        },
        {
          "estimate": 2,
          "name": ".com.akadns.net"
        },
        {
          "estimate": 2,
          "name": "play.google.com"
        },
        {
          "estimate": 2,
          "name": ".w10.akamai.net"
        }
      ],
      "top_qtype": [
        {
          "estimate": 10,
          "name": "A"
        },
        {
          "estimate": 6,
          "name": "HTTPS"
        }
      ],
      "top_rcode": [
        {
          "estimate": 8,
          "name": "NOERROR"
        }
      ],
      "top_refused": [],
      "top_srvfail": [],
      "top_udp_ports": [
        {
          "estimate": 2,
          "name": "39783"
        },
        {
          "estimate": 2,
          "name": "62267"
        },
        {
          "estimate": 2,
          "name": "28914"
        },
        {
          "estimate": 2,
          "name": "12376"
        },
        {
          "estimate": 2,
          "name": "48547"
        },
        {
          "estimate": 2,
          "name": "48864"
        },
        {
          "estimate": 2,
          "name": "8050"
        },
        {
          "estimate": 2,
          "name": "39344"
        }
      ],
      "wire_packets": {
        "deep_samples": 16,
        "ipv4": 16,
        "ipv6": 0,
        "noerror": 8,
        "nxdomain": 0,
        "queries": 8,
        "refused": 0,
        "replies": 8,
        "srvfail": 0,
        "tcp": 0,
        "total": 16,
        "udp": 16
      },
      "xact": {
        "counts": {
          "timed_out": 0,
          "total": 8
        },
        "in": {
          "top_slow": [],
          "total": 0
        },
        "out": {
          "quantiles_us": {
            "p50": 19434,
            "p90": 26178,
            "p95": 26178,
            "p99": 26178
          },
          "top_slow": [],
          "total": 8
        }
      }
    },
    "packets": {
      "cardinality": {
        "dst_ips_out": 41,
        "src_ips_in": 43
      },
      "deep_samples": 3139,
      "in": 1422,
      "ipv4": 2506,
      "ipv6": 0,
      "other_l4": 637,
      "out": 1083,
      "period": {
        "length": 60,
        "start_ts": 1624888107
      },
      "rates": {
        "pps_in": {
          "p50": 12,
          "p90": 46,
          "p95": 151,
          "p99": 202
        },
        "pps_out": {
          "p50": 12,
          "p90": 41,
          "p95": 45,
          "p99": 98
        },
        "pps_total": {
          "p50": 32,
          "p90": 94,
          "p95": 205,
          "p99": 299
        }
      },
      "tcp": 549,
      "top_ASN": [
        {
          "estimate": 996,
          "name": "36236/NETACTUATE"
        },
        {
          "estimate": 636,
          "name": "6128/CABLE-NET-1"
        },
        {
          "estimate": 272,
          "name": "15169/GOOGLE"
        },
        {
          "estimate": 186,
          "name": "60068/Datacamp Limited"
        },
        {
          "estimate": 135,
          "name": "16625/AKAMAI-AS"
        },
        {
          "estimate": 88,
          "name": "14618/AMAZON-AES"
        },
        {
          "estimate": 63,
          "name": "19551/INCAPSULA"
        },
        {
          "estimate": 27,
          "name": "6461/ZAYO-6461"
        },
        {
          "estimate": 24,
          "name": "6185/APPLE-AUSTIN"
        },
        {
          "estimate": 21,
          "name": "714/APPLE-ENGINEERING"
        }
      ],
      "top_geoLoc": [
        {
          "estimate": 996,
          "name": "AS/Hong Kong/HCW/Central"
        },
        {
          "estimate": 636,
          "name": "NA/United States/TX/Austin"
        },
        {
          "estimate": 528,
          "name": "NA/United States"
        },
        {
          "estimate": 186,
          "name": "EU/Czechia/10/Prague"
        },
        {
          "estimate": 88,
          "name": "NA/United States/VA/Ashburn"
        },
        {
          "estimate": 36,
          "name": "NA/United States/NY/New York"
        },
        {
          "estimate": 10,
          "name": "NA/United States/VA"
        },
        {
          "estimate": 8,
          "name": "NA/United States/CA/Mountain View"
        },
        {
          "estimate": 4,
          "name": "NA/United States/FL"
        },
        {
          "estimate": 4,
          "name": "NA/United States/CA"
        }
      ],
      "top_ipv4": [
        {
          "estimate": 996,
          "name": "103.6.85.201"
        },
        {
          "estimate": 636,
          "name": "104.123.64.200"
        },
        {
          "estimate": 186,
          "name": "89.187.189.231"
        },
        {
          "estimate": 111,
          "name": "23.43.252.68"
        },
        {
          "estimate": 85,
          "name": "34.102.140.197"
        },
        {
          "estimate": 81,
          "name": "172.217.3.106"
        },
        {
          "estimate": 63,
          "name": "199.83.128.57"
        },
        {
          "estimate": 46,
          "name": "142.250.176.206"
        },
        {
          "estimate": 40,
          "name": "3.82.33.168"
        },
        {
          "estimate": 29,
          "name": "54.87.197.95"
        }
      ],
      "top_ipv6": [],
      "total": 3139,
      "udp": 1953
    },
    "pcap": {
      "if_drops": 0,
      "os_drops": 0,
      "period": {
        "length": 60,
        "start_ts": 1624888107
      },
      "tcp_reassembly_errors": 29
    },
    "period": {
      "length": 60,
      "start_ts": 1624888107
    }
  }
}

1 Minute Prometheus (pktvisor version 4.0.0)

http://localhost:10853/metrics

# HELP packets_rates_pps_in Rate of ingress in packets per second
# TYPE packets_rates_pps_in summary
packets_rates_pps_in{module="default-net",policy="default",quantile="0.5"} 8
packets_rates_pps_in{module="default-net",policy="default",quantile="0.9"} 24
packets_rates_pps_in{module="default-net",policy="default",quantile="0.95"} 31
packets_rates_pps_in{module="default-net",policy="default",quantile="0.99"} 47
packets_rates_pps_in_sum{module="default-net",policy="default"} 47
packets_rates_pps_in_count{module="default-net",policy="default"} 60
# HELP packets_rates_pps_out Rate of egress in packets per second
# TYPE packets_rates_pps_out summary
packets_rates_pps_out{module="default-net",policy="default",quantile="0.5"} 8
packets_rates_pps_out{module="default-net",policy="default",quantile="0.9"} 24
packets_rates_pps_out{module="default-net",policy="default",quantile="0.95"} 37
packets_rates_pps_out{module="default-net",policy="default",quantile="0.99"} 44
packets_rates_pps_out_sum{module="default-net",policy="default"} 44
packets_rates_pps_out_count{module="default-net",policy="default"} 60
# HELP packets_rates_pps_total Rate of all packets (combined ingress and egress) in packets per second
# TYPE packets_rates_pps_total summary
packets_rates_pps_total{module="default-net",policy="default",quantile="0.5"} 17
packets_rates_pps_total{module="default-net",policy="default",quantile="0.9"} 49
packets_rates_pps_total{module="default-net",policy="default",quantile="0.95"} 57
packets_rates_pps_total{module="default-net",policy="default",quantile="0.99"} 92
packets_rates_pps_total_sum{module="default-net",policy="default"} 92
packets_rates_pps_total_count{module="default-net",policy="default"} 60
# HELP packets_total Total packets processed
# TYPE packets_total gauge
packets_total{module="default-net",policy="default"} 1278
# HELP packets_deep_samples Total packets that were sampled for deep inspection
# TYPE packets_deep_samples gauge
packets_deep_samples{module="default-net",policy="default"} 1278
# HELP packets_udp Count of UDP packets
# TYPE packets_udp gauge
packets_udp{module="default-net",policy="default"} 114
# HELP packets_tcp Count of TCP packets
# TYPE packets_tcp gauge
packets_tcp{module="default-net",policy="default"} 1132
# HELP packets_other_l4 Count of packets which are not UDP or TCP
# TYPE packets_other_l4 gauge
packets_other_l4{module="default-net",policy="default"} 32
# HELP packets_ipv4 Count of IPv4 packets
# TYPE packets_ipv4 gauge
packets_ipv4{module="default-net",policy="default"} 1240
# HELP packets_ipv6 Count of IPv6 packets
# TYPE packets_ipv6 gauge
packets_ipv6{module="default-net",policy="default"} 17
# HELP packets_in Count of total ingress packets
# TYPE packets_in gauge
packets_in{module="default-net",policy="default"} 616
# HELP packets_out Count of total egress packets
# TYPE packets_out gauge
packets_out{module="default-net",policy="default"} 641
# HELP packets_cardinality_src_ips_in Source IP cardinality
# TYPE packets_cardinality_src_ips_in gauge
packets_cardinality_src_ips_in{module="default-net",policy="default"} 59
# HELP packets_cardinality_dst_ips_out Destination IP cardinality
# TYPE packets_cardinality_dst_ips_out gauge
packets_cardinality_dst_ips_out{module="default-net",policy="default"} 61
# HELP packets_top_ipv4 Top IPv4 IP addresses
# TYPE packets_top_ipv4 gauge
packets_top_ipv4{ipv4="142.251.128.78",module="default-net",policy="default"} 157
packets_top_ipv4{ipv4="172.217.28.238",module="default-net",policy="default"} 150
packets_top_ipv4{ipv4="34.120.195.249",module="default-net",policy="default"} 92
packets_top_ipv4{ipv4="20.201.28.148",module="default-net",policy="default"} 89
packets_top_ipv4{ipv4="172.217.30.163",module="default-net",policy="default"} 86
packets_top_ipv4{ipv4="20.201.28.151",module="default-net",policy="default"} 58
packets_top_ipv4{ipv4="164.163.6.3",module="default-net",policy="default"} 50
packets_top_ipv4{ipv4="239.255.255.250",module="default-net",policy="default"} 44
packets_top_ipv4{ipv4="18.231.65.122",module="default-net",policy="default"} 40
packets_top_ipv4{ipv4="142.251.128.46",module="default-net",policy="default"} 40
# HELP packets_top_ipv6 Top IPv6 IP addresses
# TYPE packets_top_ipv6 gauge
packets_top_ipv6{ipv6="ff02::fb",module="default-net",policy="default"} 8
packets_top_ipv6{ipv6="ff02::16",module="default-net",policy="default"} 4
packets_top_ipv6{ipv6="ff02::1",module="default-net",policy="default"} 3
packets_top_ipv6{ipv6="ff02::1:ff4f:53bf",module="default-net",policy="default"} 1
packets_top_ipv6{ipv6="ff02::1:ffdb:c380",module="default-net",policy="default"} 1
# HELP packets_top_geoLoc Top GeoIP locations
# TYPE packets_top_geoLoc gauge
# HELP packets_top_ASN Top ASNs by IP
# TYPE packets_top_ASN gauge
# HELP dhcp_rates_total Rate of all DHCP wire packets (combined ingress and egress) per second
# TYPE dhcp_rates_total summary
dhcp_rates_total{module="default-dhcp",policy="default",quantile="0.5"} 0
dhcp_rates_total{module="default-dhcp",policy="default",quantile="0.9"} 0
dhcp_rates_total{module="default-dhcp",policy="default",quantile="0.95"} 0
dhcp_rates_total{module="default-dhcp",policy="default",quantile="0.99"} 0
dhcp_rates_total_sum{module="default-dhcp",policy="default"} 0
dhcp_rates_total_count{module="default-dhcp",policy="default"} 134
# HELP dhcp_wire_packets_total Total DHCP wire packets
# TYPE dhcp_wire_packets_total gauge
dhcp_wire_packets_total{module="default-dhcp",policy="default"} 0
# HELP dhcp_wire_packets_deep_samples Total DHCP wire packets that were sampled for deep inspection
# TYPE dhcp_wire_packets_deep_samples gauge
dhcp_wire_packets_deep_samples{module="default-dhcp",policy="default"} 0
# HELP dhcp_wire_packets_discover Total DHCP packets with message type DISCOVER
# TYPE dhcp_wire_packets_discover gauge
dhcp_wire_packets_discover{module="default-dhcp",policy="default"} 0
# HELP dhcp_wire_packets_offer Total DHCP packets with message type OFFER
# TYPE dhcp_wire_packets_offer gauge
dhcp_wire_packets_offer{module="default-dhcp",policy="default"} 0
# HELP dhcp_wire_packets_request Total DHCP packets with message type REQUEST
# TYPE dhcp_wire_packets_request gauge
dhcp_wire_packets_request{module="default-dhcp",policy="default"} 0
# HELP dhcp_wire_packets_ack Total DHCP packets with message type ACK
# TYPE dhcp_wire_packets_ack gauge
dhcp_wire_packets_ack{module="default-dhcp",policy="default"} 0
# HELP dhcp_wire_packets_filtered Total DHCP wire packets seen that did not match the configured filter(s) (if any)
# TYPE dhcp_wire_packets_filtered gauge
dhcp_wire_packets_filtered{module="default-dhcp",policy="default"} 0
# HELP dns_rates_total Rate of all DNS wire packets (combined ingress and egress) per second
# TYPE dns_rates_total summary
dns_rates_total{module="default-dns",policy="default",quantile="0.5"} 0
dns_rates_total{module="default-dns",policy="default",quantile="0.9"} 1
dns_rates_total{module="default-dns",policy="default",quantile="0.95"} 2
dns_rates_total{module="default-dns",policy="default",quantile="0.99"} 4
dns_rates_total_sum{module="default-dns",policy="default"} 4
dns_rates_total_count{module="default-dns",policy="default"} 86
# HELP dns_wire_packets_total Total DNS wire packets
# TYPE dns_wire_packets_total gauge
dns_wire_packets_total{module="default-dns",policy="default"} 20
# HELP dns_wire_packets_deep_samples Total DNS wire packets that were sampled for deep inspection
# TYPE dns_wire_packets_deep_samples gauge
dns_wire_packets_deep_samples{module="default-dns",policy="default"} 20
# HELP dns_wire_packets_queries Total DNS wire packets flagged as query (ingress and egress)
# TYPE dns_wire_packets_queries gauge
dns_wire_packets_queries{module="default-dns",policy="default"} 14
# HELP dns_wire_packets_replies Total DNS wire packets flagged as reply (ingress and egress)
# TYPE dns_wire_packets_replies gauge
dns_wire_packets_replies{module="default-dns",policy="default"} 6
# HELP dns_wire_packets_tcp Total DNS wire packets received over TCP (ingress and egress)
# TYPE dns_wire_packets_tcp gauge
dns_wire_packets_tcp{module="default-dns",policy="default"} 0
# HELP dns_wire_packets_udp Total DNS wire packets received over UDP (ingress and egress)
# TYPE dns_wire_packets_udp gauge
dns_wire_packets_udp{module="default-dns",policy="default"} 20
# HELP dns_wire_packets_ipv4 Total DNS wire packets received over IPv4 (ingress and egress)
# TYPE dns_wire_packets_ipv4 gauge
dns_wire_packets_ipv4{module="default-dns",policy="default"} 13
# HELP dns_wire_packets_ipv6 Total DNS wire packets received over IPv6 (ingress and egress)
# TYPE dns_wire_packets_ipv6 gauge
dns_wire_packets_ipv6{module="default-dns",policy="default"} 7
# HELP dns_wire_packets_nxdomain Total DNS wire packets flagged as reply with return code NXDOMAIN (ingress and egress)
# TYPE dns_wire_packets_nxdomain gauge
dns_wire_packets_nxdomain{module="default-dns",policy="default"} 0
# HELP dns_wire_packets_refused Total DNS wire packets flagged as reply with return code REFUSED (ingress and egress)
# TYPE dns_wire_packets_refused gauge
dns_wire_packets_refused{module="default-dns",policy="default"} 0
# HELP dns_wire_packets_srvfail Total DNS wire packets flagged as reply with return code SRVFAIL (ingress and egress)
# TYPE dns_wire_packets_srvfail gauge
dns_wire_packets_srvfail{module="default-dns",policy="default"} 0
# HELP dns_wire_packets_noerror Total DNS wire packets flagged as reply with return code NOERROR (ingress and egress)
# TYPE dns_wire_packets_noerror gauge
dns_wire_packets_noerror{module="default-dns",policy="default"} 6
# HELP dns_wire_packets_filtered Total DNS wire packets seen that did not match the configured filter(s) (if any)
# TYPE dns_wire_packets_filtered gauge
dns_wire_packets_filtered{module="default-dns",policy="default"} 0
# HELP dns_cardinality_qname Cardinality of unique QNAMES, both ingress and egress
# TYPE dns_cardinality_qname gauge
dns_cardinality_qname{module="default-dns",policy="default"} 2
# HELP dns_xact_counts_total Total DNS transactions (query/reply pairs)
# TYPE dns_xact_counts_total gauge
dns_xact_counts_total{module="default-dns",policy="default"} 0
# HELP dns_xact_counts_timed_out Total number of DNS transactions that timed out
# TYPE dns_xact_counts_timed_out gauge
dns_xact_counts_timed_out{module="default-dns",policy="default"} 0
# HELP dns_xact_in_total Total ingress DNS transactions (host is server)
# TYPE dns_xact_in_total gauge
dns_xact_in_total{module="default-dns",policy="default"} 0
# HELP dns_xact_in_top_slow Top QNAMES in transactions where host is the server and transaction speed is slower than p90
# TYPE dns_xact_in_top_slow gauge
# HELP dns_xact_out_total Total egress DNS transactions (host is client)
# TYPE dns_xact_out_total gauge
dns_xact_out_total{module="default-dns",policy="default"} 0
# HELP dns_xact_out_top_slow Top QNAMES in transactions where host is the client and transaction speed is slower than p90
# TYPE dns_xact_out_top_slow gauge
# HELP dns_top_udp_ports Top UDP source port on the query side of a transaction
# TYPE dns_top_udp_ports gauge
dns_top_udp_ports{module="default-dns",policy="default",port="5353"} 20
# HELP dns_top_qname2 Top QNAMES, aggregated at a depth of two labels
# TYPE dns_top_qname2 gauge
dns_top_qname2{module="default-dns",policy="default",qname="._tcp.local"} 14
# HELP dns_top_qname3 Top QNAMES, aggregated at a depth of three labels
# TYPE dns_top_qname3 gauge
dns_top_qname3{module="default-dns",policy="default",qname="_spotify-connect._tcp.local"} 13
dns_top_qname3{module="default-dns",policy="default",qname="_scanner._tcp.local"} 1
# HELP dns_top_nxdomain Top QNAMES with result code NXDOMAIN
# TYPE dns_top_nxdomain gauge
# HELP dns_top_refused Top QNAMES with result code REFUSED
# TYPE dns_top_refused gauge
# HELP dns_top_srvfail Top QNAMES with result code SRVFAIL
# TYPE dns_top_srvfail gauge
# HELP dns_top_rcode Top result codes
# TYPE dns_top_rcode gauge
dns_top_rcode{module="default-dns",policy="default",rcode="NOERROR"} 6
# HELP dns_top_qtype Top query types
# TYPE dns_top_qtype gauge
dns_top_qtype{module="default-dns",policy="default",qtype="PTR"} 14
# HELP pcap_tcp_reassembly_errors Count of TCP reassembly errors
# TYPE pcap_tcp_reassembly_errors gauge
pcap_tcp_reassembly_errors{module="default-pcap_stats",policy="default"} 0
# HELP pcap_os_drops Count of packets dropped by the operating system (if supported)
# TYPE pcap_os_drops gauge
pcap_os_drops{module="default-pcap_stats",policy="default"} 0
# HELP pcap_if_drops Count of packets dropped by the interface (if supported)
# TYPE pcap_if_drops gauge
pcap_if_drops{module="default-pcap_stats",policy="default"} 0