Skip to content
This repository has been archived by the owner on Jul 11, 2023. It is now read-only.

Grains: TCPv4

Jump to bottom
Peter Parkanyi edited this page Jul 27, 2018 · 2 revisions

The TCPv4 grain is based on the Kprobe interface, and traces the volume of data that each process transmits and receives over each TCP over IPv4 connection.

An example payload may look like so:

{'kind': 9,
'measurement': 65156153381,
'name': 'volume.out_byte',
'tags': {'d_ip': '0.0.0.0',
          'd_port': '5201',
          'process': 'iperf3',
          'proto': 'tcp4',
          's_ip': '0.0.0.0',
          's_port': '36344',
          'task_id': '32122060414263'},
'timestamp': 1532605463507636662}

In addition, inbound volume information is available through the volume.in_byte metrics.

Outbound connections without volumetrics can be observed through the connection.out_count metric.

{'kind': 13,
'measurement': 1,
'name': 'connection.out_count',
'tags': {'d_ip': '52.91.199.226',
          'd_port': '443',
          'process': 'Chrome_IOThread',
          'proto': 'tcp4',
          's_ip': '192.168.114.133',
          's_port': '33426',
          'task_id': '4934917424260'},
'timestamp': 1532605469086592161}
Clone this wiki locally