Emergency Notifications
No recipient configured for Emergency Alerts (alerts with Emergency severity), please configure it to receive important notifications!
Timeseries Schema Definitions
| Schema | Timeseries | Measure Unit | Description |
|---|---|---|---|
| iface:traffic_rxtx | Rcvd (bytes_rcvd), Sent (bytes_sent) | bps | Bytes sent and received per interface |
| iface:packets_rxtx | Rcvd (packets_rcvd), Sent (packets_sent) | pps | nil |
| iface:traffic_ip | IPv4 (bytes_ipv4), IPv6 (bytes_ipv6) | bps | IPv4 and IPv6 bytes per interface |
| iface:flows | Num. Flows (num_flows) | number | Number of active flows per interface |
| top:blacklist_v2:hits | Num Hits (hits) | number | Number of blacklist hits |
| iface:new_flows | Num. Flows (new_flows) | number | Number of new flows per interface |
| iface:remote2local | Bytes (bytes) | bps | Bytes from remote to local per interface |
| iface:local2remote | Bytes (bytes) | bps | Bytes from local to remote per interface |
| iface:alerted_flows | Num. Flows (num_flows) | number | Number of alerted flows per interface |
| iface:hosts | Num. Hosts (num_hosts) | number | Number of active hosts per interface |
| iface:engaged_alerts | Engaged Alerts (engaged_alerts) | number | Number of engaged alerts per interface |
| iface:dropped_alerts | Dropped Alerts (dropped_alerts) | number | Number of dropped alerts per interface |
| iface:devices | Num. Devices (num_devices) | number | Number of active devices per interface |
| iface:http_hosts | Num. Servers (num_hosts) | number | Number of active HTTP servers per interface |
| iface:traffic | Traffic (bytes) | bps | Total traffic in bytes per interface |
| iface:packets | Packets (packets) | bps | nil |
| iface:throughput_pps | Throughput (pps) | pps | Throughput in packets per second per interface |
| iface:throughput_bps | Throughput (bps) | bps | Throughput in bits per second per interface |
| iface:score | Score as Server (srv_score), Score as Client (cli_score) | number | Client and server score per interface |
| iface:packets_vs_drops | Packets (packets), Drops (drops) | number | Packets vs drops per interface |
| iface:nfq_pct | Queue Fill % (num_nfq_pct) | percentage | NFQ percentage per interface |
| iface:hosts_anomalies | Remote Hosts Anomalies (num_rem_hosts_anom), Local Hosts Anomalies (num_loc_hosts_anom) | number | Local and remote host anomalies per interface |
| iface:disc_prob_bytes | Drops (bytes) | bps | Discarded probing bytes per interface |
| iface:disc_prob_pkts | Drops (packets) | pps | Discarded probing packets per interface |
| iface:dumped_flows | Dropped Flows (dropped_flows), Exported Flows (dumped_flows) | fps | Dumped and dropped flows per interface |
| iface:zmq_recv_flows | Collected ZMQ Flows (flows) | number | ZMQ received flows per interface |
| iface:zmq_flow_coll_drops | Flow Collection Drops (drops) | number | ZMQ flow collector drops per interface |
| iface:zmq_flow_coll_udp_drops | Collection Socket Drops (drops) | number | ZMQ flow collector UDP drops per interface |
| iface:tcp_stats | TCP Retransmitted Packets (retransmissions), TCP Packets Lost (lost), TCP Packets KeepAlive (keep_alive), TCP Packets Out-Of-Order (out_of_order) | number | TCP Stats |
| iface:tcp_flags | FIN+ACK Packets (fin_ack), TCP RST Packets (rst), SYN Packets (syn), SYN+ACK Packets (syn_ack) | number | TCP Flags per interface |
| iface:zmq_rcvd_msgs | Rcvd Messages (msgs) | number | ZMQ messages received per interface |
| iface:zmq_msg_drops | Dropped Messages (msgs) | number | ZMQ messages dropped per interface |
| host:traffic | Rcvd (bytes_rcvd), Sent (bytes_sent) | bps | Bytes sent and received per host |
| host:packets | Rcvd (packets_rcvd), Sent (packets_sent) | pps | nil |
| host:score | Score as Server (score_as_srv), Score as Client (score_as_cli) | number | Client and server score per host |
| host:active_flows | Flows As Server (flows_as_server), Flows As Client (flows_as_client) | fps | Number of active flows as client and server per host |
| host:total_flows | Flows As Server (flows_as_server), Flows As Client (flows_as_client) | fps | Total flows as client and server per host |
| host:num_blacklisted_flows | Flows As Server (flows_as_server), Flows As Client (flows_as_client) | fps | Blacklisted flows as client and server per host |
| host:alerted_flows | Flows As Server (flows_as_server), Flows As Client (flows_as_client) | fps | Alerted flows as client and server per host |
| host:unreachable_flows | Flows As Server (flows_as_server), Flows As Client (flows_as_client) | fps | Unreachable flows as client and server per host |
| host:host_unreachable_flows | Flows As Server (flows_as_server), Flows As Client (flows_as_client) | fps | Host-unreachable flows as client and server per host |
| host:contacts | As Server (num_as_server), As Client (num_as_clients) | fps | Contacts as client and server per host |
| host:contacts_behaviour | Lower Bound (lower_bound), Score (value), Upper Bound (upper_bound) | number | Host contacts behaviour per host |
| host:total_alerts | TCP RST Packets (alerts) | number | Alerts per host |
| host:engaged_alerts | TCP RST Packets (alerts) | number | Engaged alerts per host |
| host:dns_qry_sent_rsp_rcvd | Error Pkts. (replies_error_pkts), Pkts. Queries (queries_pkts), Ok Pkts. (replies_ok_pkts) | number | DNS query packets, OK replies and error replies received per host |
| host:dns_qry_rcvd_rsp_sent | Error Pkts. (replies_error_pkts), Pkts. Queries (queries_pkts), Ok Pkts. (replies_ok_pkts) | number | DNS query packets, OK replies and error replies sent per host |
| host:tcp_rx_stats | O. of O. Pkts (out_of_order_pkts) | pps | Retransmitted, out-of-order and lost TCP packets received per host |
| host:tcp_tx_stats | O. of O. Pkts (out_of_order_pkts) | pps | Retransmitted, out-of-order and lost TCP packets sent per host |
| host:echo_reply_packets | Rcvd (packets_rcvd), Sent (packets_sent) | pps | ICMP echo-reply packets sent and received per host |
| host:echo_packets | Rcvd (packets_rcvd), Sent (packets_sent) | pps | ICMP echo-request packets sent and received per host |
| host:udp_sent_unicast | Sent Uni. (bytes_sent_unicast), Sent non Uni. (bytes_sent_non_uni) | bps | UDP unicast vs non-unicast bytes per host |
| host:dscp | Rcvd (bytes_rcvd), Sent (bytes_sent) | bps | DSCP class bytes sent and received per host |
| host:host_tcp_unidirectional_flows | Flows As Server (flows_as_server), Flows As Client (flows_as_client) | fps | Unidirectional TCP flows as client and server per host |
| mac:traffic | Rcvd (bytes_rcvd), Sent (bytes_sent) | bps | Bytes sent and received per MAC |
| subnet:traffic | Egress (bytes_egress), Ingress (bytes_ingress), Inner (bytes_inner) | bps | Bytes egress, ingress and inner per subnet |
| subnet:broadcast_traffic | Egress (bytes_egress), Ingress (bytes_ingress), Inner (bytes_inner) | bps | Broadcast bytes egress, ingress and inner per subnet |
| subnet:engaged_alerts | Engaged Alerts (alerts) | number | Engaged alerts per subnet |
| subnet:score | Score (score), Score As Client (scoreAsClient), Score As Server (scoreAsServer) | number | Score, as client and server per subnet |
| subnet:tcp_retransmissions | Ingress Packets (packets_ingress), Egress Packets (packets_egress), Inner Packets (packets_inner) | number | TCP retransmitted packets ingress, egress and inner per subnet |
| subnet:tcp_out_of_order | Ingress Packets (packets_ingress), Egress Packets (packets_egress), Inner Packets (packets_inner) | number | TCP out-of-order packets ingress, egress and inner per subnet |
| subnet:tcp_lost | Ingress Packets (packets_ingress), Egress Packets (packets_egress), Inner Packets (packets_inner) | number | TCP lost packets ingress, egress and inner per subnet |
| subnet:tcp_keep_alive | Ingress Packets (packets_ingress), Egress Packets (packets_egress), Inner Packets (packets_inner) | number | TCP keep-alive packets ingress, egress and inner per subnet |
| subnet:rtt | RTT (millis_rtt) | ms | Round-trip time per subnet |
| asn:traffic | Rcvd (bytes_rcvd), Sent (bytes_sent) | bps | Bytes sent and received per ASN |
| asn:rtt | RTT (millis_rtt) | ms | Round-trip time per ASN |
| asn:traffic_sent | Sent (bytes) | bps | Bytes sent per ASN |
| asn:traffic_rcvd | Rcvd (bytes) | bps | Bytes received per ASN |
| asn:score | Score (score), Client Score (scoreAsClient), Server Score (scoreAsServer) | number | Score per ASN (total, client and server score) |
| asn:tcp_retransmissions | Rcvd (packets_rcvd), Sent (packets_sent) | number | TCP retransmitted packets sent and received per ASN |
| asn:tcp_keep_alive | Rcvd (packets_rcvd), Sent (packets_sent) | number | TCP keep-alive packets sent and received per ASN |
| asn:tcp_out_of_order | Rcvd (packets_rcvd), Sent (packets_sent) | number | TCP out-of-order packets sent and received per ASN |
| asn:tcp_lost | Rcvd (packets_rcvd), Sent (packets_sent) | number | TCP lost packets sent and received per ASN |
| top:asn:traffic | Bytes (bytes) | bps | Bytes sent and received per ASN |
| country:traffic | Egress (bytes_egress), Ingress (bytes_ingress), Inner (bytes_inner) | bps | Bytes egress, ingress and inner per country |
| country:score | Score (score), Score As Client (scoreAsClient), Score As Server (scoreAsServer) | number | Score per country (total, client and server score) |
| os:traffic | Egress (bytes_egress), Ingress (bytes_ingress) | bps | Bytes sent and received per operating system |
| vlan:traffic | Rcvd (bytes_rcvd), Sent (bytes_sent) | bps | Bytes sent and received per VLAN |
| vlan:score | Score (score), Score As Client (scoreAsClient), Score As Server (scoreAsServer) | number | Score per VLAN (total, client and server score) |
| host_pool:traffic | Rcvd (bytes_rcvd), Sent (bytes_sent) | bps | Bytes sent and received per host pool |
| host_pool:throughput_bps | Throughput (bps) | bps | Interface Throughput (bps) |
| host_pool:blocked_flows | Num. Flows (num_flows) | number | Blocked flows per host pool |
| host_pool:hosts | Num. Hosts (num_hosts) | number | Active hosts per host pool |
| host_pool:devices | Num. Devices (num_devices) | number | Active devices per host pool |
| pod:num_flows | Flows As Server (as_server), Flows As Client (as_client) | fps | Active flows as client and server per pod |
| pod:num_containers | Num. Containers (num_containers) | number | Number of containers per pod |
| pod:rtt | RTT as Server (as_server), RTT as Client (as_client) | ms | Round-trip time as client and server per pod |
| pod:rtt_variance | Variance as Server (as_server), Variance as Client (as_client) | ms | RTT variance as client and server per pod |
| container:num_flows | Flows As Server (as_server), Flows As Client (as_client) | fps | Active flows as client and server per container |
| container:rtt | RTT as Server (as_server), RTT as Client (as_client) | ms | Round-trip time as client and server per container |
| container:rtt_variance | Variance as Server (as_server), Variance as Client (as_client) | ms | RTT variance as client and server per container |
| ht:state | active entries (num_active), idle entries (num_idle) | percentage | CPU load hash idle and active entries |
| ht:state | active entries (num_active), idle entries (num_idle) | number | HostHash idle and active entries |
| ht:state | active entries (num_active), idle entries (num_idle) | number | MacHash idle and active entries |
| ht:state | active entries (num_active), idle entries (num_idle) | number | FlowHash idle and active entries |
| ht:state | active entries (num_active), idle entries (num_idle) | number | AutonomousSystemHash idle and active entries |
| ht:state | active entries (num_active), idle entries (num_idle) | number | ObservationPointHash idle and active entries |
| ht:state | active entries (num_active), idle entries (num_idle) | number | VlanHash idle and active entries |
| system:cpu_states | idle (idle_pct), active (active_pct), iowait (iowait_pct) | percentage | I/O wait, idle and active CPU percentage |
| process:resident_memory | Bytes (resident_bytes) | bytes | Process resident memory in bytes |
| process:num_alerts | Queries (alerts_queries), Stored (written_alerts), Dropped (dropped_alerts) | alertps | Process written, queried and dropped alerts |
| profile:traffic | Bytes (bytes) | bps | Bytes per profile |
| redis:memory | Bytes (resident_bytes) | bytes | Redis memory usage in bytes |
| redis:keys | Keys (num_keys) | number | Number of Redis keys |
| redis:reads_writes_v2 | Reads (num_reads), Writes (num_writes) | number | Redis read and write operations count |
| influxdb:storage_size | Bytes (disk_bytes) | bytes | InfluxDB storage utilization in bytes |
| influxdb:memory_size | Bytes (mem_bytes) | bytes | InfluxDB memory usage in bytes |
| influxdb:write_successes | Num. Points (points) | number | InfluxDB write successes (points) |
| influxdb:exports | Exports (num_exports) | number | Number of InfluxDB exports |
| influxdb:exported_points | Num. Points (points) | number | Number of points exported by InfluxDB |
| influxdb:dropped_points | Num. Points (points) | number | Number of points dropped by InfluxDB |
| influxdb:rtt | Server Response Time ms (millis_rtt) | ms | InfluxDB round-trip time in milliseconds |