|
| 1 | +// Module included in the following assemblies: |
| 2 | + |
| 3 | +// * networking/network_observability/configuring-operators.adoc |
| 4 | + |
| 5 | +:_content-type: PROCEDURE |
| 6 | +[id="network-observability-config-quick-filters_{context}"] |
| 7 | += Configuring quick filters |
| 8 | + |
| 9 | +You can modify the filters in the `FlowCollector` resource. Exact matches are possible using double-quotes around values. Otherwise, partial matches are used for textual values. The bang (!) character, placed at the end of a key, means negation. See the sample `FlowCollector` resource for more context about modifying the YAML. |
| 10 | + |
| 11 | +[NOTE] |
| 12 | +==== |
| 13 | +The filter matching types "all of" or "any of" is a UI setting that the users can modify from the query options. It is not part of this resource configuration. |
| 14 | +==== |
| 15 | + |
| 16 | +Here is a list of all available filter keys: |
| 17 | + |
| 18 | +.Filter keys |
| 19 | +[cols="1,1,1,8a",options="header"] |
| 20 | +|=== |
| 21 | + |
| 22 | +|Universal* |
| 23 | +|Source |
| 24 | +|Destination |
| 25 | +|Description |
| 26 | + |
| 27 | +|namespace |
| 28 | +|`src_namespace` |
| 29 | +|`dst_namespace` |
| 30 | +|Filter traffic related to a specific namespace. |
| 31 | + |
| 32 | +|name |
| 33 | +|`src_name` |
| 34 | +|`dst_name` |
| 35 | +|Filter traffic related to a given leaf resource name, such as a specific pod, service, or node (for host-network traffic). |
| 36 | + |
| 37 | +|kind |
| 38 | +|`src_kind` |
| 39 | +|`dst_kind` |
| 40 | +|Filter traffic related to a given resource kind. The resource kinds include the leaf resource (Pod, Service or Node), or the owner resource (Deployment and StatefulSet). |
| 41 | + |
| 42 | +|owner_name |
| 43 | +|`src_owner_name` |
| 44 | +|`dst_owner_name` |
| 45 | +|Filter traffic related to a given resource owner; that is, a workload or a set of pods. For example, it can be a Deployment name, a StatefulSet name, etc. |
| 46 | + |
| 47 | +|resource |
| 48 | +|`src_resource` |
| 49 | +|`dst_resource` |
| 50 | +|Filter traffic related to a specific resource that is denoted by its canonical name, that identifies it uniquely. The canonical notation is `kind.namespace.name` for namespaced kinds, or `node.name` for nodes. For example, `Deployment.my-namespace.my-web-server`. |
| 51 | + |
| 52 | +|address |
| 53 | +|`src_address` |
| 54 | +|`dst_address` |
| 55 | +|Filter traffic related to an IP address. IPv4 and IPv6 are supported. CIDR ranges are also supported. |
| 56 | + |
| 57 | +|mac |
| 58 | +|`src_mac` |
| 59 | +|`dst_mac` |
| 60 | +|Filter traffic related to a MAC address. |
| 61 | + |
| 62 | +|port |
| 63 | +|`src_port` |
| 64 | +|`dst_port` |
| 65 | +|Filter traffic related to a specific port. |
| 66 | + |
| 67 | +|host_address |
| 68 | +|`src_host_address` |
| 69 | +|`dst_host_address` |
| 70 | +|Filter traffic related to the host IP address where the pods are running. |
| 71 | + |
| 72 | +|protocol |
| 73 | +|N/A |
| 74 | +|N/A |
| 75 | +|Filter traffic related to a protocol, such as TCP or UDP. |
| 76 | + |
| 77 | +|=== |
| 78 | +* Universal keys filter for any of source or destination. For example, filtering `name: 'my-pod'` means all traffic from `my-pod` and all traffic to `my-pod`, regardless of the matching type used, whether *Match all* or *Match any*. |
0 commit comments