Emergency Notifications
No recipient configured for Emergency Alerts (alerts with Emergency severity), please configure it to receive important notifications!
Timeseries Schema Definitions
| Schema | Timeseries | Measure Unit | Description |
|---|---|---|---|
| iface:traffic_rxtx | Rcvd (bytes_rcvd), Sent (bytes_sent) | bps | Bytes sent and received per interface |
| iface:packets_rxtx | Sent (packets_sent), Rcvd (packets_rcvd) | pps | nil |
| iface:traffic_ip | IPv4 (bytes_ipv4), IPv6 (bytes_ipv6) | bps | IPv4 and IPv6 bytes per interface |
| iface:flows | Num. Flows (num_flows) | number | Number of active flows per interface |
| top:blacklist_v2:hits | Num Hits (hits) | number | Number of blacklist hits |
| iface:new_flows | Num. Flows (new_flows) | number | Number of new flows per interface |
| iface:remote2local | Bytes (bytes) | bps | Bytes from remote to local per interface |
| iface:local2remote | Bytes (bytes) | bps | Bytes from local to remote per interface |
| iface:alerted_flows | Num. Flows (num_flows) | number | Number of alerted flows per interface |
| iface:hosts | Num. Hosts (num_hosts) | number | Number of active hosts per interface |
| iface:engaged_alerts | Engaged Alerts (engaged_alerts) | number | Number of engaged alerts per interface |
| iface:dropped_alerts | Dropped Alerts (dropped_alerts) | number | Number of dropped alerts per interface |
| iface:devices | Num. Devices (num_devices) | number | Number of active devices per interface |
| iface:http_hosts | Num. Servers (num_hosts) | number | Number of active HTTP servers per interface |
| iface:traffic | Traffic (bytes) | bps | Total traffic in bytes per interface |
| iface:packets | Packets (packets) | bps | nil |
| iface:throughput_pps | Throughput (pps) | pps | Throughput in packets per second per interface |
| iface:throughput_bps | Throughput (bps) | bps | Throughput in bits per second per interface |
| iface:score | 作为客户端评分 (cli_score), 作为服务器得分 (srv_score) | number | Client and server score per interface |
| iface:packets_vs_drops | Drops (drops), Packets (packets) | number | Packets vs drops per interface |
| iface:nfq_pct | 队列填充% (num_nfq_pct) | percentage | NFQ percentage per interface |
| iface:hosts_anomalies | 本地主机异常 (num_loc_hosts_anom), 远程主机异常 (num_rem_hosts_anom) | number | Local and remote host anomalies per interface |
| iface:disc_prob_bytes | Drops (bytes) | bps | Discarded probing bytes per interface |
| iface:disc_prob_pkts | Drops (packets) | pps | Discarded probing packets per interface |
| iface:dumped_flows | 导出的流 (dumped_flows), 丢弃的流 (dropped_flows) | fps | Dumped and dropped flows per interface |
| iface:zmq_recv_flows | 收集到的 ZMQ 流 (flows) | number | ZMQ received flows per interface |
| iface:zmq_flow_coll_drops | 流收集丢失 (drops) | number | ZMQ flow collector drops per interface |
| iface:zmq_flow_coll_udp_drops | 收集套接字丢失 (drops) | number | ZMQ flow collector UDP drops per interface |
| iface:tcp_stats | TCP 数据包丢失 (lost), TCP 数据包 KeepAlive (keep_alive), TCP 重传数据包 (retransmissions), TCP 数据包乱序 (out_of_order) | number | TCP Stats |
| iface:tcp_flags | TCP FIN+ACK 数据包 (fin_ack), TCP SYN+ACK 数据包 (syn_ack), TCP RST 数据包 (rst), TCP SYN 数据包 (syn) | number | TCP Flags per interface |
| iface:zmq_rcvd_msgs | Rcvd Messages (msgs) | number | ZMQ messages received per interface |
| iface:zmq_msg_drops | Dropped Messages (msgs) | number | ZMQ messages dropped per interface |
| host:traffic | Rcvd (bytes_rcvd), Sent (bytes_sent) | bps | Bytes sent and received per host |
| host:packets | Sent (packets_sent), Rcvd (packets_rcvd) | pps | nil |
| host:score | 作为服务器得分 (score_as_srv), 作为客户端评分 (score_as_cli) | number | Client and server score per host |
| host:active_flows | Flows As Server (flows_as_server), Flows As Client (flows_as_client) | fps | Number of active flows as client and server per host |
| host:total_flows | Flows As Server (flows_as_server), Flows As Client (flows_as_client) | fps | Total flows as client and server per host |
| host:num_blacklisted_flows | Flows As Server (flows_as_server), Flows As Client (flows_as_client) | fps | Blacklisted flows as client and server per host |
| host:alerted_flows | Flows As Server (flows_as_server), Flows As Client (flows_as_client) | fps | Alerted flows as client and server per host |
| host:unreachable_flows | Flows As Server (flows_as_server), Flows As Client (flows_as_client) | fps | Unreachable flows as client and server per host |
| host:host_unreachable_flows | Flows As Server (flows_as_server), Flows As Client (flows_as_client) | fps | Host-unreachable flows as client and server per host |
| host:contacts | As Client (num_as_clients), As Server (num_as_server) | fps | Contacts as client and server per host |
| host:contacts_behaviour | 分数 (value), Upper Bound (upper_bound), Lower Bound (lower_bound) | number | Host contacts behaviour per host |
| host:total_alerts | TCP RST 数据包 (alerts) | number | Alerts per host |
| host:engaged_alerts | TCP RST 数据包 (alerts) | number | Engaged alerts per host |
| host:dns_qry_sent_rsp_rcvd | Ok Pkts. (replies_ok_pkts), Pkts. Queries (queries_pkts), Error Pkts. (replies_error_pkts) | number | DNS query packets, OK replies and error replies received per host |
| host:dns_qry_rcvd_rsp_sent | Ok Pkts. (replies_ok_pkts), Pkts. Queries (queries_pkts), Error Pkts. (replies_error_pkts) | number | DNS query packets, OK replies and error replies sent per host |
| host:tcp_rx_stats | O. of O. Pkts (out_of_order_pkts) | pps | Retransmitted, out-of-order and lost TCP packets received per host |
| host:tcp_tx_stats | O. of O. Pkts (out_of_order_pkts) | pps | Retransmitted, out-of-order and lost TCP packets sent per host |
| host:echo_reply_packets | Sent (packets_sent), Rcvd (packets_rcvd) | pps | ICMP echo-reply packets sent and received per host |
| host:echo_packets | Sent (packets_sent), Rcvd (packets_rcvd) | pps | ICMP echo-request packets sent and received per host |
| host:udp_sent_unicast | Sent Uni. (bytes_sent_unicast), Sent non Uni. (bytes_sent_non_uni) | bps | UDP unicast vs non-unicast bytes per host |
| host:dscp | Rcvd (bytes_rcvd), Sent (bytes_sent) | bps | DSCP class bytes sent and received per host |
| host:host_tcp_unidirectional_flows | Flows As Server (flows_as_server), Flows As Client (flows_as_client) | fps | Unidirectional TCP flows as client and server per host |
| mac:traffic | Rcvd (bytes_rcvd), Sent (bytes_sent) | bps | Bytes sent and received per MAC |
| subnet:traffic | 内部 (bytes_inner), 入口 (bytes_ingress), 出口 (bytes_egress) | bps | Bytes egress, ingress and inner per subnet |
| subnet:broadcast_traffic | 内部 (bytes_inner), 入口 (bytes_ingress), 出口 (bytes_egress) | bps | Broadcast bytes egress, ingress and inner per subnet |
| subnet:engaged_alerts | Engaged Alerts (alerts) | number | Engaged alerts per subnet |
| subnet:score | 分数 (score), 作为客户端得分 (scoreAsClient), 作为服务器得分 (scoreAsServer) | number | Score, as client and server per subnet |
| subnet:tcp_retransmissions | 出口数据包 (packets_egress), 入口数据包 (packets_ingress), Inner Packets (packets_inner) | number | TCP retransmitted packets ingress, egress and inner per subnet |
| subnet:tcp_out_of_order | 出口数据包 (packets_egress), 入口数据包 (packets_ingress), Inner Packets (packets_inner) | number | TCP out-of-order packets ingress, egress and inner per subnet |
| subnet:tcp_lost | 出口数据包 (packets_egress), 入口数据包 (packets_ingress), Inner Packets (packets_inner) | number | TCP lost packets ingress, egress and inner per subnet |
| subnet:tcp_keep_alive | 出口数据包 (packets_egress), 入口数据包 (packets_ingress), Inner Packets (packets_inner) | number | TCP keep-alive packets ingress, egress and inner per subnet |
| subnet:rtt | RTT (millis_rtt) | ms | Round-trip time per subnet |
| asn:traffic | Rcvd (bytes_rcvd), Sent (bytes_sent) | bps | Bytes sent and received per ASN |
| asn:rtt | RTT (millis_rtt) | ms | Round-trip time per ASN |
| asn:traffic_sent | Sent (bytes) | bps | Bytes sent per ASN |
| asn:traffic_rcvd | Rcvd (bytes) | bps | Bytes received per ASN |
| asn:score | Score (score), Client Score (scoreAsClient), Server Score (scoreAsServer) | number | Score per ASN (total, client and server score) |
| asn:tcp_retransmissions | Sent (packets_sent), Rcvd (packets_rcvd) | number | TCP retransmitted packets sent and received per ASN |
| asn:tcp_keep_alive | Sent (packets_sent), Rcvd (packets_rcvd) | number | TCP keep-alive packets sent and received per ASN |
| asn:tcp_out_of_order | Sent (packets_sent), Rcvd (packets_rcvd) | number | TCP out-of-order packets sent and received per ASN |
| asn:tcp_lost | Sent (packets_sent), Rcvd (packets_rcvd) | number | TCP lost packets sent and received per ASN |
| top:asn:traffic | Bytes (bytes) | bps | Bytes sent and received per ASN |
| country:traffic | 内部 (bytes_inner), 入口 (bytes_ingress), 出口 (bytes_egress) | bps | Bytes egress, ingress and inner per country |
| country:score | 分数 (score), 作为客户端得分 (scoreAsClient), 作为服务器得分 (scoreAsServer) | number | Score per country (total, client and server score) |
| os:traffic | 入口 (bytes_ingress), 出口 (bytes_egress) | bps | Bytes sent and received per operating system |
| vlan:traffic | Rcvd (bytes_rcvd), Sent (bytes_sent) | bps | Bytes sent and received per VLAN |
| vlan:score | 分数 (score), 作为客户端得分 (scoreAsClient), 作为服务器得分 (scoreAsServer) | number | Score per VLAN (total, client and server score) |
| host_pool:traffic | Rcvd (bytes_rcvd), Sent (bytes_sent) | bps | Bytes sent and received per host pool |
| host_pool:throughput_bps | Throughput (bps) | bps | Interface Throughput (bps) |
| host_pool:blocked_flows | Num. Flows (num_flows) | number | Blocked flows per host pool |
| host_pool:hosts | Num. Hosts (num_hosts) | number | Active hosts per host pool |
| host_pool:devices | Num. Devices (num_devices) | number | Active devices per host pool |
| pod:num_flows | Flows As Client (as_client), Flows As Server (as_server) | fps | Active flows as client and server per pod |
| pod:num_containers | Num. Containers (num_containers) | number | Number of containers per pod |
| pod:rtt | RTT as Client (as_client), RTT as Server (as_server) | ms | Round-trip time as client and server per pod |
| pod:rtt_variance | Variance as Client (as_client), Variance as Server (as_server) | ms | RTT variance as client and server per pod |
| container:num_flows | Flows As Client (as_client), Flows As Server (as_server) | fps | Active flows as client and server per container |
| container:rtt | RTT as Client (as_client), RTT as Server (as_server) | ms | Round-trip time as client and server per container |
| container:rtt_variance | Variance as Client (as_client), Variance as Server (as_server) | ms | RTT variance as client and server per container |
| ht:state | active entries (num_active), idle entries (num_idle) | percentage | CPU load hash idle and active entries |
| ht:state | active entries (num_active), idle entries (num_idle) | number | HostHash idle and active entries |
| ht:state | active entries (num_active), idle entries (num_idle) | number | MacHash idle and active entries |
| ht:state | active entries (num_active), idle entries (num_idle) | number | FlowHash idle and active entries |
| ht:state | active entries (num_active), idle entries (num_idle) | number | AutonomousSystemHash idle and active entries |
| ht:state | active entries (num_active), idle entries (num_idle) | number | ObservationPointHash idle and active entries |
| ht:state | active entries (num_active), idle entries (num_idle) | number | VlanHash idle and active entries |
| system:cpu_states | 空闲 (idle_pct), 活动的 (active_pct), iowait (iowait_pct) | percentage | I/O wait, idle and active CPU percentage |
| process:resident_memory | Bytes (resident_bytes) | bytes | Process resident memory in bytes |
| process:num_alerts | 丢弃 (dropped_alerts), 已储存 (written_alerts), 查询 (alerts_queries) | alertps | Process written, queried and dropped alerts |
| profile:traffic | Bytes (bytes) | bps | Bytes per profile |
| redis:memory | Bytes (resident_bytes) | bytes | Redis memory usage in bytes |
| redis:keys | Keys (num_keys) | number | Number of Redis keys |
| redis:reads_writes_v2 | Writes (num_writes), Reads (num_reads) | number | Redis read and write operations count |
| influxdb:storage_size | Bytes (disk_bytes) | bytes | InfluxDB storage utilization in bytes |
| influxdb:memory_size | Bytes (mem_bytes) | bytes | InfluxDB memory usage in bytes |
| influxdb:write_successes | Num. Points (points) | number | InfluxDB write successes (points) |
| influxdb:exports | 导出 (num_exports) | number | Number of InfluxDB exports |
| influxdb:exported_points | Num. Points (points) | number | Number of points exported by InfluxDB |
| influxdb:dropped_points | Num. Points (points) | number | Number of points dropped by InfluxDB |
| influxdb:rtt | RTT 时间 ms (millis_rtt) | ms | InfluxDB round-trip time in milliseconds |