Skip to content

NETOBSERV-2455 - add DNS Name #406

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

NETOBSERV-2455 - add DNS Name #406

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 16 additions & 0 deletions cmd/config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -552,6 +552,15 @@ columns:
default: false
width: 5
feature: dnsTracking
- id: DNSName
group: DNS
name: DNS Name
tooltip: DNS name.
field: DnsName
filter: dns_name
default: false
width: 15
feature: dnsTracking
- id: DNSLatency
group: DNS
name: DNS Latency
Expand Down Expand Up @@ -1019,6 +1028,10 @@ filters:
name: DNS Id
component: number
hint: Specify a single DNS Id.
- id: dns_name
name: DNS Name
component: text
hint: Specify a single DNS name.
- id: dns_latency
name: DNS Latency
component: number
Expand Down Expand Up @@ -1382,6 +1395,9 @@ fields:
- name: DnsId
type: number
description: DNS record id
- name: DnsName
type: string
description: DNS queried name
- name: DnsLatencyMs
type: number
description: Time between a DNS request and response, in milliseconds
Expand Down
9 changes: 5 additions & 4 deletions cmd/flow_db.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,7 @@ func createFlowsDBTable(db *sql.DB) error {
"PktDropBytes" INTEGER,
"PktDropPackets" INTEGER,
"DnsId" INTEGER,
"DnsName" TEXT,
"DnsFlagsResponseCode" TEXT,
"DnsLatencyMs" TIMESTAMP,
"TimeFlowRTTNs" TIMESTAMP
Expand Down Expand Up @@ -99,13 +100,13 @@ func insertFlowToDB(db *sql.DB, buf []byte) error {
switch {
case flow["PktDropPackets"] != 0 && flow["DnsId"] != 0:
flowSQL =
`INSERT INTO flow(DnsErrno, Dscp, DstAddr, DstPort, Interface, Proto, SrcAddr, SrcPort, Bytes, Packets, PktDropLatestDropCause, PktDropBytes, PktDropPackets, DnsId, DnsFlagsResponseCode, DnsLatencyMs, TimeFlowRttNs) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
`INSERT INTO flow(DnsErrno, Dscp, DstAddr, DstPort, Interface, Proto, SrcAddr, SrcPort, Bytes, Packets, PktDropLatestDropCause, PktDropBytes, PktDropPackets, DnsId, DnsName, DnsFlagsResponseCode, DnsLatencyMs, TimeFlowRttNs) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
case flow["PktDropPackets"] != 0:
flowSQL =
`INSERT INTO flow(DnsErrno, Dscp, DstAddr, DstPort, Interface, Proto, SrcAddr, SrcPort, Bytes, Packets, PktDropLatestDropCause, PktDropBytes, PktDropPackets, TimeFlowRttNs) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
case flow["DnsId"] != 0:
flowSQL =
`INSERT INTO flow(DnsErrno, Dscp, DstAddr, DstPort, Interface, Proto, SrcAddr, SrcPort, Bytes, Packets, DnsId, DnsFlagsResponseCode, DnsLatencyMs, TimeFlowRttNs) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
`INSERT INTO flow(DnsErrno, Dscp, DstAddr, DstPort, Interface, Proto, SrcAddr, SrcPort, Bytes, Packets, DnsId, DnsName, DnsFlagsResponseCode, DnsLatencyMs, TimeFlowRttNs) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
default:
flowSQL =
`INSERT INTO flow(DnsErrno, Dscp, DstAddr, DstPort, Interface, Proto, SrcAddr, SrcPort, Bytes, Packets, TimeFlowRttNs) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)`
Expand All @@ -123,7 +124,7 @@ func insertFlowToDB(db *sql.DB, buf []byte) error {
flow["DNSErrno"], flow["Dscp"], flow["DstAddr"], flow["DstPort"], flow["Interface"],
flow["Proto"], flow["SrcAddr"], flow["SrcPort"], flow["Bytes"], flow["Packets"],
flow["PktDropLatestDropCause"], flow["PktDropBytes"], flow["PktDropPackets"],
flow["DnsId"], flow["DnsFlagsResponseCode"], flow["DnsLatencyMs"],
flow["DnsId"], flow["DnsName"], flow["DnsFlagsResponseCode"], flow["DnsLatencyMs"],
flow["TimeFlowRttNs"])
case flow["PktDropLatestDropCause"] != 0:
_, err = statement.Exec(
Expand All @@ -135,7 +136,7 @@ func insertFlowToDB(db *sql.DB, buf []byte) error {
_, err = statement.Exec(
flow["DNSErrno"], flow["Dscp"], flow["DstAddr"], flow["DstPort"], flow["Interface"],
flow["Proto"], flow["SrcAddr"], flow["SrcPort"], flow["Bytes"], flow["Packets"],
flow["DnsId"], flow["DnsFlagsResponseCode"], flow["DnsLatencyMs"],
flow["DnsId"], flow["DnsName"], flow["DnsFlagsResponseCode"], flow["DnsLatencyMs"],
flow["TimeFlowRttNs"])
default:
_, err = statement.Exec(
Expand Down
8 changes: 4 additions & 4 deletions cmd/flow_display_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -114,8 +114,8 @@ func TestFlowDisplayAdvancedDisplay(t *testing.T) {
// set display without enrichment
rows := getRows(allOptions, []string{pktDropFeature, dnsFeature, rttFeature, networkEventsDisplay}, noOptions, []string{})
assert.Equal(t, 2, len(rows))
assert.Equal(t, "End Time Src IP Src Port Dst IP Dst Port Interfaces Interface Dirs Drop BytesDrop… Drop State Drop Cause Drop Flags DNS Id DNS… DNS RCode DNS Error Flow RTT Network Events ", rows[0])
assert.Equal(t, "17:25:28.703000 10.128.0.29 1234 10.129.0.26 5678 f18b970c2ce8fddEgress 32B 1 TCP_INVALID… SKB_DROP… 16 31319 1ms NoError 0 10µs Allowed by default… ", rows[1])
assert.Equal(t, "End Time Src IP Src Port Dst IP Dst Port Interfaces Interface Dirs Drop BytesDrop… Drop State Drop Cause Drop Flags DNS Id DNS Name DNS… DNS RCode DNS Error Flow RTT Network Events ", rows[0])
assert.Equal(t, "17:25:28.703000 10.128.0.29 1234 10.129.0.26 5678 f18b970c2ce8fddEgress 32B 1 TCP_INVALID… SKB_DROP… 16 31319 example.com 1ms NoError 0 10µs Allowed by default… ", rows[1])

// set display to standard
rows = getRows(standardDisplay, []string{}, noOptions, []string{})
Expand All @@ -135,8 +135,8 @@ func TestFlowDisplayAdvancedDisplay(t *testing.T) {
rows = getRows("DNS", []string{dnsFeature}, noOptions, []string{})

assert.Equal(t, 2, len(rows))
assert.Equal(t, "End Time Src IP Src Port Dst IP Dst Port Interfaces Interface Dirs DNS Id DNS… DNS RCode DNS Error ", rows[0])
assert.Equal(t, "17:25:28.703000 10.128.0.29 1234 10.129.0.26 5678 f18b970c2ce8fddEgress 31319 1ms NoError 0 ", rows[1])
assert.Equal(t, "End Time Src IP Src Port Dst IP Dst Port Interfaces Interface Dirs DNS Id DNS Name DNS… DNS RCode DNS Error ", rows[0])
assert.Equal(t, "17:25:28.703000 10.128.0.29 1234 10.129.0.26 5678 f18b970c2ce8fddEgress 31319 example.com 1ms NoError 0 ", rows[1])

// set display to RTT
rows = getRows("RTT", []string{rttFeature}, noOptions, []string{})
Expand Down
1 change: 1 addition & 0 deletions cmd/root_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ const (
"DnsFlags":34176,
"DnsFlagsResponseCode":"NoError",
"DnsId":31319,
"DnsName":"example.com",
"DnsLatencyMs":1,
"Dscp":0,
"DstAddr":"10.129.0.26",
Expand Down