-
Notifications
You must be signed in to change notification settings - Fork 33
Sample pktvisor Output Data
leoparente edited this page Feb 2, 2022
·
14 revisions
This page contains samples of data as it comes out of the pktvisor agent. You can find OpenAPI documentation here. There is also a list of Current Metrics.
https://github.com/ns1labs/pktvisor-website/raw/main/samples/pktvisor-data-sample-3.2.1.tar.gz
http://localhost:10853/api/v1/metrics/bucket/1
{
"1m": {
"dns": {
"cardinality": {
"qname": 6
},
"period": {
"length": 60,
"start_ts": 1624888107
},
"rates": {
"total": {
"p50": 0,
"p90": 0,
"p95": 2,
"p99": 6
}
},
"top_nxdomain": [],
"top_qname2": [
{
"estimate": 8,
"name": ".google.com"
},
{
"estimate": 4,
"name": ".akamaiedge.net"
},
{
"estimate": 2,
"name": ".akamai.net"
},
{
"estimate": 2,
"name": ".akadns.net"
}
],
"top_qname3": [
{
"estimate": 6,
"name": ".l.google.com"
},
{
"estimate": 2,
"name": ".g.akamaiedge.net"
},
{
"estimate": 2,
"name": ".dsce9.akamaiedge.net"
},
{
"estimate": 2,
"name": ".com.akadns.net"
},
{
"estimate": 2,
"name": "play.google.com"
},
{
"estimate": 2,
"name": ".w10.akamai.net"
}
],
"top_qtype": [
{
"estimate": 10,
"name": "A"
},
{
"estimate": 6,
"name": "HTTPS"
}
],
"top_rcode": [
{
"estimate": 8,
"name": "NOERROR"
}
],
"top_refused": [],
"top_srvfail": [],
"top_udp_ports": [
{
"estimate": 2,
"name": "39783"
},
{
"estimate": 2,
"name": "62267"
},
{
"estimate": 2,
"name": "28914"
},
{
"estimate": 2,
"name": "12376"
},
{
"estimate": 2,
"name": "48547"
},
{
"estimate": 2,
"name": "48864"
},
{
"estimate": 2,
"name": "8050"
},
{
"estimate": 2,
"name": "39344"
}
],
"wire_packets": {
"deep_samples": 16,
"ipv4": 16,
"ipv6": 0,
"noerror": 8,
"nxdomain": 0,
"queries": 8,
"refused": 0,
"replies": 8,
"srvfail": 0,
"tcp": 0,
"total": 16,
"udp": 16
},
"xact": {
"counts": {
"timed_out": 0,
"total": 8
},
"in": {
"top_slow": [],
"total": 0
},
"out": {
"quantiles_us": {
"p50": 19434,
"p90": 26178,
"p95": 26178,
"p99": 26178
},
"top_slow": [],
"total": 8
}
}
},
"packets": {
"cardinality": {
"dst_ips_out": 41,
"src_ips_in": 43
},
"deep_samples": 3139,
"in": 1422,
"ipv4": 2506,
"ipv6": 0,
"other_l4": 637,
"out": 1083,
"period": {
"length": 60,
"start_ts": 1624888107
},
"rates": {
"pps_in": {
"p50": 12,
"p90": 46,
"p95": 151,
"p99": 202
},
"pps_out": {
"p50": 12,
"p90": 41,
"p95": 45,
"p99": 98
},
"pps_total": {
"p50": 32,
"p90": 94,
"p95": 205,
"p99": 299
}
},
"tcp": 549,
"top_ASN": [
{
"estimate": 996,
"name": "36236/NETACTUATE"
},
{
"estimate": 636,
"name": "6128/CABLE-NET-1"
},
{
"estimate": 272,
"name": "15169/GOOGLE"
},
{
"estimate": 186,
"name": "60068/Datacamp Limited"
},
{
"estimate": 135,
"name": "16625/AKAMAI-AS"
},
{
"estimate": 88,
"name": "14618/AMAZON-AES"
},
{
"estimate": 63,
"name": "19551/INCAPSULA"
},
{
"estimate": 27,
"name": "6461/ZAYO-6461"
},
{
"estimate": 24,
"name": "6185/APPLE-AUSTIN"
},
{
"estimate": 21,
"name": "714/APPLE-ENGINEERING"
}
],
"top_geoLoc": [
{
"estimate": 996,
"name": "AS/Hong Kong/HCW/Central"
},
{
"estimate": 636,
"name": "NA/United States/TX/Austin"
},
{
"estimate": 528,
"name": "NA/United States"
},
{
"estimate": 186,
"name": "EU/Czechia/10/Prague"
},
{
"estimate": 88,
"name": "NA/United States/VA/Ashburn"
},
{
"estimate": 36,
"name": "NA/United States/NY/New York"
},
{
"estimate": 10,
"name": "NA/United States/VA"
},
{
"estimate": 8,
"name": "NA/United States/CA/Mountain View"
},
{
"estimate": 4,
"name": "NA/United States/FL"
},
{
"estimate": 4,
"name": "NA/United States/CA"
}
],
"top_ipv4": [
{
"estimate": 996,
"name": "103.6.85.201"
},
{
"estimate": 636,
"name": "104.123.64.200"
},
{
"estimate": 186,
"name": "89.187.189.231"
},
{
"estimate": 111,
"name": "23.43.252.68"
},
{
"estimate": 85,
"name": "34.102.140.197"
},
{
"estimate": 81,
"name": "172.217.3.106"
},
{
"estimate": 63,
"name": "199.83.128.57"
},
{
"estimate": 46,
"name": "142.250.176.206"
},
{
"estimate": 40,
"name": "3.82.33.168"
},
{
"estimate": 29,
"name": "54.87.197.95"
}
],
"top_ipv6": [],
"total": 3139,
"udp": 1953
},
"pcap": {
"if_drops": 0,
"os_drops": 0,
"period": {
"length": 60,
"start_ts": 1624888107
},
"tcp_reassembly_errors": 29
},
"period": {
"length": 60,
"start_ts": 1624888107
}
}
}
http://localhost:10853/metrics
# HELP packets_rates_pps_in Rate of ingress in packets per second
# TYPE packets_rates_pps_in summary
packets_rates_pps_in{module="default-net",policy="default",quantile="0.5"} 8
packets_rates_pps_in{module="default-net",policy="default",quantile="0.9"} 24
packets_rates_pps_in{module="default-net",policy="default",quantile="0.95"} 31
packets_rates_pps_in{module="default-net",policy="default",quantile="0.99"} 47
packets_rates_pps_in_sum{module="default-net",policy="default"} 47
packets_rates_pps_in_count{module="default-net",policy="default"} 60
# HELP packets_rates_pps_out Rate of egress in packets per second
# TYPE packets_rates_pps_out summary
packets_rates_pps_out{module="default-net",policy="default",quantile="0.5"} 8
packets_rates_pps_out{module="default-net",policy="default",quantile="0.9"} 24
packets_rates_pps_out{module="default-net",policy="default",quantile="0.95"} 37
packets_rates_pps_out{module="default-net",policy="default",quantile="0.99"} 44
packets_rates_pps_out_sum{module="default-net",policy="default"} 44
packets_rates_pps_out_count{module="default-net",policy="default"} 60
# HELP packets_rates_pps_total Rate of all packets (combined ingress and egress) in packets per second
# TYPE packets_rates_pps_total summary
packets_rates_pps_total{module="default-net",policy="default",quantile="0.5"} 17
packets_rates_pps_total{module="default-net",policy="default",quantile="0.9"} 49
packets_rates_pps_total{module="default-net",policy="default",quantile="0.95"} 57
packets_rates_pps_total{module="default-net",policy="default",quantile="0.99"} 92
packets_rates_pps_total_sum{module="default-net",policy="default"} 92
packets_rates_pps_total_count{module="default-net",policy="default"} 60
# HELP packets_total Total packets processed
# TYPE packets_total gauge
packets_total{module="default-net",policy="default"} 1278
# HELP packets_deep_samples Total packets that were sampled for deep inspection
# TYPE packets_deep_samples gauge
packets_deep_samples{module="default-net",policy="default"} 1278
# HELP packets_udp Count of UDP packets
# TYPE packets_udp gauge
packets_udp{module="default-net",policy="default"} 114
# HELP packets_tcp Count of TCP packets
# TYPE packets_tcp gauge
packets_tcp{module="default-net",policy="default"} 1132
# HELP packets_other_l4 Count of packets which are not UDP or TCP
# TYPE packets_other_l4 gauge
packets_other_l4{module="default-net",policy="default"} 32
# HELP packets_ipv4 Count of IPv4 packets
# TYPE packets_ipv4 gauge
packets_ipv4{module="default-net",policy="default"} 1240
# HELP packets_ipv6 Count of IPv6 packets
# TYPE packets_ipv6 gauge
packets_ipv6{module="default-net",policy="default"} 17
# HELP packets_in Count of total ingress packets
# TYPE packets_in gauge
packets_in{module="default-net",policy="default"} 616
# HELP packets_out Count of total egress packets
# TYPE packets_out gauge
packets_out{module="default-net",policy="default"} 641
# HELP packets_cardinality_src_ips_in Source IP cardinality
# TYPE packets_cardinality_src_ips_in gauge
packets_cardinality_src_ips_in{module="default-net",policy="default"} 59
# HELP packets_cardinality_dst_ips_out Destination IP cardinality
# TYPE packets_cardinality_dst_ips_out gauge
packets_cardinality_dst_ips_out{module="default-net",policy="default"} 61
# HELP packets_top_ipv4 Top IPv4 IP addresses
# TYPE packets_top_ipv4 gauge
packets_top_ipv4{ipv4="142.251.128.78",module="default-net",policy="default"} 157
packets_top_ipv4{ipv4="172.217.28.238",module="default-net",policy="default"} 150
packets_top_ipv4{ipv4="34.120.195.249",module="default-net",policy="default"} 92
packets_top_ipv4{ipv4="20.201.28.148",module="default-net",policy="default"} 89
packets_top_ipv4{ipv4="172.217.30.163",module="default-net",policy="default"} 86
packets_top_ipv4{ipv4="20.201.28.151",module="default-net",policy="default"} 58
packets_top_ipv4{ipv4="164.163.6.3",module="default-net",policy="default"} 50
packets_top_ipv4{ipv4="239.255.255.250",module="default-net",policy="default"} 44
packets_top_ipv4{ipv4="18.231.65.122",module="default-net",policy="default"} 40
packets_top_ipv4{ipv4="142.251.128.46",module="default-net",policy="default"} 40
# HELP packets_top_ipv6 Top IPv6 IP addresses
# TYPE packets_top_ipv6 gauge
packets_top_ipv6{ipv6="ff02::fb",module="default-net",policy="default"} 8
packets_top_ipv6{ipv6="ff02::16",module="default-net",policy="default"} 4
packets_top_ipv6{ipv6="ff02::1",module="default-net",policy="default"} 3
packets_top_ipv6{ipv6="ff02::1:ff4f:53bf",module="default-net",policy="default"} 1
packets_top_ipv6{ipv6="ff02::1:ffdb:c380",module="default-net",policy="default"} 1
# HELP packets_top_geoLoc Top GeoIP locations
# TYPE packets_top_geoLoc gauge
# HELP packets_top_ASN Top ASNs by IP
# TYPE packets_top_ASN gauge
# HELP dhcp_rates_total Rate of all DHCP wire packets (combined ingress and egress) per second
# TYPE dhcp_rates_total summary
dhcp_rates_total{module="default-dhcp",policy="default",quantile="0.5"} 0
dhcp_rates_total{module="default-dhcp",policy="default",quantile="0.9"} 0
dhcp_rates_total{module="default-dhcp",policy="default",quantile="0.95"} 0
dhcp_rates_total{module="default-dhcp",policy="default",quantile="0.99"} 0
dhcp_rates_total_sum{module="default-dhcp",policy="default"} 0
dhcp_rates_total_count{module="default-dhcp",policy="default"} 134
# HELP dhcp_wire_packets_total Total DHCP wire packets
# TYPE dhcp_wire_packets_total gauge
dhcp_wire_packets_total{module="default-dhcp",policy="default"} 0
# HELP dhcp_wire_packets_deep_samples Total DHCP wire packets that were sampled for deep inspection
# TYPE dhcp_wire_packets_deep_samples gauge
dhcp_wire_packets_deep_samples{module="default-dhcp",policy="default"} 0
# HELP dhcp_wire_packets_discover Total DHCP packets with message type DISCOVER
# TYPE dhcp_wire_packets_discover gauge
dhcp_wire_packets_discover{module="default-dhcp",policy="default"} 0
# HELP dhcp_wire_packets_offer Total DHCP packets with message type OFFER
# TYPE dhcp_wire_packets_offer gauge
dhcp_wire_packets_offer{module="default-dhcp",policy="default"} 0
# HELP dhcp_wire_packets_request Total DHCP packets with message type REQUEST
# TYPE dhcp_wire_packets_request gauge
dhcp_wire_packets_request{module="default-dhcp",policy="default"} 0
# HELP dhcp_wire_packets_ack Total DHCP packets with message type ACK
# TYPE dhcp_wire_packets_ack gauge
dhcp_wire_packets_ack{module="default-dhcp",policy="default"} 0
# HELP dhcp_wire_packets_filtered Total DHCP wire packets seen that did not match the configured filter(s) (if any)
# TYPE dhcp_wire_packets_filtered gauge
dhcp_wire_packets_filtered{module="default-dhcp",policy="default"} 0
# HELP dns_rates_total Rate of all DNS wire packets (combined ingress and egress) per second
# TYPE dns_rates_total summary
dns_rates_total{module="default-dns",policy="default",quantile="0.5"} 0
dns_rates_total{module="default-dns",policy="default",quantile="0.9"} 1
dns_rates_total{module="default-dns",policy="default",quantile="0.95"} 2
dns_rates_total{module="default-dns",policy="default",quantile="0.99"} 4
dns_rates_total_sum{module="default-dns",policy="default"} 4
dns_rates_total_count{module="default-dns",policy="default"} 86
# HELP dns_wire_packets_total Total DNS wire packets
# TYPE dns_wire_packets_total gauge
dns_wire_packets_total{module="default-dns",policy="default"} 20
# HELP dns_wire_packets_deep_samples Total DNS wire packets that were sampled for deep inspection
# TYPE dns_wire_packets_deep_samples gauge
dns_wire_packets_deep_samples{module="default-dns",policy="default"} 20
# HELP dns_wire_packets_queries Total DNS wire packets flagged as query (ingress and egress)
# TYPE dns_wire_packets_queries gauge
dns_wire_packets_queries{module="default-dns",policy="default"} 14
# HELP dns_wire_packets_replies Total DNS wire packets flagged as reply (ingress and egress)
# TYPE dns_wire_packets_replies gauge
dns_wire_packets_replies{module="default-dns",policy="default"} 6
# HELP dns_wire_packets_tcp Total DNS wire packets received over TCP (ingress and egress)
# TYPE dns_wire_packets_tcp gauge
dns_wire_packets_tcp{module="default-dns",policy="default"} 0
# HELP dns_wire_packets_udp Total DNS wire packets received over UDP (ingress and egress)
# TYPE dns_wire_packets_udp gauge
dns_wire_packets_udp{module="default-dns",policy="default"} 20
# HELP dns_wire_packets_ipv4 Total DNS wire packets received over IPv4 (ingress and egress)
# TYPE dns_wire_packets_ipv4 gauge
dns_wire_packets_ipv4{module="default-dns",policy="default"} 13
# HELP dns_wire_packets_ipv6 Total DNS wire packets received over IPv6 (ingress and egress)
# TYPE dns_wire_packets_ipv6 gauge
dns_wire_packets_ipv6{module="default-dns",policy="default"} 7
# HELP dns_wire_packets_nxdomain Total DNS wire packets flagged as reply with return code NXDOMAIN (ingress and egress)
# TYPE dns_wire_packets_nxdomain gauge
dns_wire_packets_nxdomain{module="default-dns",policy="default"} 0
# HELP dns_wire_packets_refused Total DNS wire packets flagged as reply with return code REFUSED (ingress and egress)
# TYPE dns_wire_packets_refused gauge
dns_wire_packets_refused{module="default-dns",policy="default"} 0
# HELP dns_wire_packets_srvfail Total DNS wire packets flagged as reply with return code SRVFAIL (ingress and egress)
# TYPE dns_wire_packets_srvfail gauge
dns_wire_packets_srvfail{module="default-dns",policy="default"} 0
# HELP dns_wire_packets_noerror Total DNS wire packets flagged as reply with return code NOERROR (ingress and egress)
# TYPE dns_wire_packets_noerror gauge
dns_wire_packets_noerror{module="default-dns",policy="default"} 6
# HELP dns_wire_packets_filtered Total DNS wire packets seen that did not match the configured filter(s) (if any)
# TYPE dns_wire_packets_filtered gauge
dns_wire_packets_filtered{module="default-dns",policy="default"} 0
# HELP dns_cardinality_qname Cardinality of unique QNAMES, both ingress and egress
# TYPE dns_cardinality_qname gauge
dns_cardinality_qname{module="default-dns",policy="default"} 2
# HELP dns_xact_counts_total Total DNS transactions (query/reply pairs)
# TYPE dns_xact_counts_total gauge
dns_xact_counts_total{module="default-dns",policy="default"} 0
# HELP dns_xact_counts_timed_out Total number of DNS transactions that timed out
# TYPE dns_xact_counts_timed_out gauge
dns_xact_counts_timed_out{module="default-dns",policy="default"} 0
# HELP dns_xact_in_total Total ingress DNS transactions (host is server)
# TYPE dns_xact_in_total gauge
dns_xact_in_total{module="default-dns",policy="default"} 0
# HELP dns_xact_in_top_slow Top QNAMES in transactions where host is the server and transaction speed is slower than p90
# TYPE dns_xact_in_top_slow gauge
# HELP dns_xact_out_total Total egress DNS transactions (host is client)
# TYPE dns_xact_out_total gauge
dns_xact_out_total{module="default-dns",policy="default"} 0
# HELP dns_xact_out_top_slow Top QNAMES in transactions where host is the client and transaction speed is slower than p90
# TYPE dns_xact_out_top_slow gauge
# HELP dns_top_udp_ports Top UDP source port on the query side of a transaction
# TYPE dns_top_udp_ports gauge
dns_top_udp_ports{module="default-dns",policy="default",port="5353"} 20
# HELP dns_top_qname2 Top QNAMES, aggregated at a depth of two labels
# TYPE dns_top_qname2 gauge
dns_top_qname2{module="default-dns",policy="default",qname="._tcp.local"} 14
# HELP dns_top_qname3 Top QNAMES, aggregated at a depth of three labels
# TYPE dns_top_qname3 gauge
dns_top_qname3{module="default-dns",policy="default",qname="_spotify-connect._tcp.local"} 13
dns_top_qname3{module="default-dns",policy="default",qname="_scanner._tcp.local"} 1
# HELP dns_top_nxdomain Top QNAMES with result code NXDOMAIN
# TYPE dns_top_nxdomain gauge
# HELP dns_top_refused Top QNAMES with result code REFUSED
# TYPE dns_top_refused gauge
# HELP dns_top_srvfail Top QNAMES with result code SRVFAIL
# TYPE dns_top_srvfail gauge
# HELP dns_top_rcode Top result codes
# TYPE dns_top_rcode gauge
dns_top_rcode{module="default-dns",policy="default",rcode="NOERROR"} 6
# HELP dns_top_qtype Top query types
# TYPE dns_top_qtype gauge
dns_top_qtype{module="default-dns",policy="default",qtype="PTR"} 14
# HELP pcap_tcp_reassembly_errors Count of TCP reassembly errors
# TYPE pcap_tcp_reassembly_errors gauge
pcap_tcp_reassembly_errors{module="default-pcap_stats",policy="default"} 0
# HELP pcap_os_drops Count of packets dropped by the operating system (if supported)
# TYPE pcap_os_drops gauge
pcap_os_drops{module="default-pcap_stats",policy="default"} 0
# HELP pcap_if_drops Count of packets dropped by the interface (if supported)
# TYPE pcap_if_drops gauge
pcap_if_drops{module="default-pcap_stats",policy="default"} 0