Merge pull request #64764 from skrthomas/JSON-updates

skrthomas · web-flow · commit 6cf2819d8996 · 2023-09-28T15:43:39.000-04:00
JSON flows format reference updates
diff --git a/modules/network-observability-flows-format.adoc b/modules/network-observability-flows-format.adoc
@@ -1,18 +1,17 @@
-// Automatically generated by 'hack/asciidoc-flows-gen.sh'. Do not edit.
-// Module included in the following assemblies:
-// json-flows-format-reference.adoc
-
+// Automatically generated by 'hack/asciidoc-flows-gen.sh'. Do not edit, or make the NETOBSERV team aware of the editions.
 :_content-type: REFERENCE
 [id="network-observability-flows-format_{context}"]
 = Network Flows format reference
+
+This is the specification of the network flows format, used both internally and when exporting flows to Kafka.
+
 The document is organized in two main categories: _Labels_ and regular _Fields_. This distinction only matters when querying Loki. This is because _Labels_, unlike _Fields_, must be used in link:https://grafana.com/docs/loki/latest/logql/log_queries/#log-stream-selector[stream selectors].
 
-If you are reading this specification as a reference for the Kafka export feature, you must treat all _Labels_ and _Fields_ as regualr fields and ignore any distinctions between them that are specific to Loki.
+If you are reading this specification as a reference for the Kafka export feature, you must treat all _Labels_ and _Fields_ as regular fields and ignore any distinctions between them that are specific to Loki.
 
 
 == Labels
 
-'''
 
 SrcK8S_Namespace::
 
@@ -48,7 +47,7 @@ Destination owner, such as Deployment, StatefulSet, etc.
 
 FlowDirection::
 
-• *FlowDirection*: see the following section, _Enumeration: FlowDirection_ for more details.
+• *FlowDirection*: `FlowDirection` (see the following section, Enumeration: FlowDirection)
 
 Flow direction from the node observation point
 
@@ -61,9 +60,9 @@ _RecordType::
 Type of record: 'flowLog' for regular flow logs, or 'allConnections',
 'newConnection', 'heartbeat', 'endConnection' for conversation tracking
 
+
 == Fields
 
-'''
 
 SrcAddr::
 
@@ -131,15 +130,15 @@ Kind of the destination matched Kubernetes object, such as Pod name, Service nam
 
 SrcPort::
 
-• *SrcPort*: `number`
+• `Optional` *SrcPort*: `number`
 
 Source port
 
 '''
 
 DstPort::
 
-• *DstPort*: `number`
+• `Optional` *DstPort*: `number`
 
 Destination port
 
@@ -208,12 +207,28 @@ Interface::
 Network interface
 
 '''
-Packets::
 
-• *Packets*: `number`
+IfDirection::
 
-Number of packets in this flow
+• `Optional` *IfDirection*: `InterfaceDirection` (see the following section, Enumeration: InterfaceDirection)
 
+Flow direction from the network interface observation point
+
+'''
+
+Flags::
+
+• `Optional` *Flags*: `number`
+
+TCP flags
+
+'''
+
+Packets::
+
+• `Optional` *Packets*: `number`
+
+Number of packets
 
 '''
 
@@ -235,9 +250,9 @@ In conversation tracking, B to A packets counter per conversation
 
 Bytes::
 
-• *Bytes*: `number`
+• `Optional` *Bytes*: `number`
 
-Number of bytes in this flow
+Number of bytes
 
 '''
 
@@ -257,6 +272,126 @@ In conversation tracking, B to A bytes counter per conversation
 
 '''
 
+IcmpType::
+
+• `Optional` *IcmpType*: `number`
+
+ICMP type
+
+'''
+
+IcmpCode::
+
+• `Optional` *IcmpCode*: `number`
+
+ICMP code
+
+'''
+
+PktDropLatestState::
+
+• `Optional` *PktDropLatestState*: `string`
+
+Pkt TCP state for drops
+
+'''
+
+PktDropLatestDropCause::
+
+• `Optional` *PktDropLatestDropCause*: `string`
+
+Pkt cause for drops
+
+'''
+
+PktDropLatestFlags::
+
+• `Optional` *PktDropLatestFlags*: `number`
+
+Pkt TCP flags for drops
+
+'''
+
+PktDropPackets::
+
+• `Optional` *PktDropPackets*: `number`
+
+Number of packets dropped by the kernel
+
+'''
+
+PktDropPackets_AB::
+
+• `Optional` *PktDropPackets_AB*: `number`
+
+In conversation tracking, A to B packets dropped counter per conversation
+
+'''
+
+PktDropPackets_BA::
+
+• `Optional` *PktDropPackets_BA*: `number`
+
+In conversation tracking, B to A packets dropped counter per conversation
+
+'''
+
+PktDropBytes::
+
+• `Optional` *PktDropBytes*: `number`
+
+Number of bytes dropped by the kernel
+
+'''
+
+PktDropBytes_AB::
+
+• `Optional` *PktDropBytes_AB*: `number`
+
+In conversation tracking, A to B bytes dropped counter per conversation
+
+'''
+
+PktDropBytes_BA::
+
+• `Optional` *PktDropBytes_BA*: `number`
+
+In conversation tracking, B to A bytes dropped counter per conversation
+
+'''
+
+DnsId::
+
+• `Optional` *DnsId*: `number`
+
+DNS record id
+
+'''
+
+DnsFlags::
+
+• `Optional` *DnsFlags*: `number`
+
+DNS flags for DNS record
+
+'''
+
+DnsFlagsResponseCode::
+
+• `Optional` *DnsFlagsResponseCode*: `string`
+
+Parsed DNS header RCODEs name
+
+'''
+
+DnsLatencyMs::
+
+• `Optional` *DnsLatencyMs*: `number`
+
+Calculated time between response and request, in milliseconds
+
+'''
+
 TimeFlowStartMs::
 
 • *TimeFlowStartMs*: `number`
@@ -281,6 +416,14 @@ Timestamp when this flow was received and processed by the flow collector, in se
 
 '''
 
+TimeFlowRttNs::
+
+• `Optional` *TimeFlowRttNs*: `number`
+
+Flow Round Trip Time (RTT) in nanoseconds
+
+'''
+
 _HashId::
 
 • `Optional` *_HashId*: `string`
@@ -303,20 +446,28 @@ numFlowLogs::
 
 In conversation tracking, a counter of flow logs per conversation
 
+
 == Enumeration: FlowDirection
 
-'''
 
 Ingress::
 
 • *Ingress* = `"0"`
 
-Incoming traffic, from node observation point
+Incoming traffic, from the node observation point
 
 '''
 
 Egress::
 
 • *Egress* = `"1"`
 
-Outgoing traffic, from node observation point
+Outgoing traffic, from the node observation point
+
+'''
+
+Inner::
+
+• *Inner* = `"2"`
+
+Inner traffic, with the same source and destination node
