Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

packetbeat/{beater,protos/tcp,protos/udp,sniffer}: add initial metrics for TCP/UDP traffic #33833

Merged
merged 10 commits into from Jan 10, 2023
Merged

packetbeat/{beater,protos/tcp,protos/udp,sniffer}: add initial metrics for TCP/UDP traffic #33833

merged 10 commits into from Jan 10, 2023

Conversation

efd6
Copy link
Contributor

@efd6 efd6 commented Nov 28, 2022
edited

What does this PR do?

This adds metrics for TCP/UDP packet count and total bytes, and histograms
for time required to process TCP/UDP packets prior to acking from a
publication and time between TCP/UDP packet arrivals.

Why is it important?

This allows us to help users configure their systems to match the requirements that they have.

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

Author's Checklist

  • [ ]

How to test this PR locally

Related issues

Use cases

Screenshots

Logs

@efd6 efd6 self-assigned this Nov 28, 2022
@botelastic botelastic bot added needs_team Indicates that the issue/PR needs a Team:* label and removed needs_team Indicates that the issue/PR needs a Team:* label labels Nov 28, 2022
@efd6 efd6 force-pushed the st-5524 branch 2 times, most recently from e999e2a to aa0b2d0 Compare November 28, 2022 03:37
@elasticmachine
Copy link
Collaborator

elasticmachine commented Nov 28, 2022
edited by jenkins-beats-ci bot

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2023-01-06T05:33:10.930+0000

  • Duration: 47 min 17 sec

Test stats 🧪

Test Results
Failed 0
Passed 1721
Skipped 19
Total 1740

💚 Flaky test report

Tests succeeded.

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • /package : Generate the packages and run the E2E tests.

  • /beats-tester : Run the installation tests with beats-tester.

  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@efd6 efd6 marked this pull request as ready for review November 28, 2022 06:08
@efd6 efd6 requested a review from a team as a code owner November 28, 2022 06:08
@elasticmachine
Copy link
Collaborator

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@efd6 efd6 force-pushed the st-5524 branch 2 times, most recently from 6e516a8 to a09db19 Compare November 29, 2022 04:26
@efd6 efd6 changed the title packetbeat/{beater,protos/udp,sniffer}: add initial metrics for UDP traffic packetbeat/{beater,protos/tcp,protos/udp,sniffer}: add initial metrics for UDP traffic Nov 29, 2022
@efd6 efd6 force-pushed the st-5524 branch 3 times, most recently from 4c73cd2 to 5f42b79 Compare November 30, 2022 00:37
@mergify
Copy link
Contributor

mergify bot commented Dec 1, 2022

This pull request is now in conflicts. Could you fix it? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b st-5524 upstream/st-5524
git merge upstream/main
git push upstream st-5524

@efd6
packetbeat/protos/udp: clean up source order and error lint
0790458
@efd6
packetbeat/{beater,protos/udp,sniffer}: add initial metrics for UDP t…
a91d8f5 
…raffic

This adds metrics for UDP packet count and total bytes, and histograms
for time required to process UDP packets prior to acking from a
publication and time between UDP packet arrivals.
@efd6 efd6 force-pushed the st-5524 branch 2 times, most recently from 46640ad to 2fa2494 Compare December 1, 2022 04:57
@efd6 efd6 changed the title packetbeat/{beater,protos/tcp,protos/udp,sniffer}: add initial metrics for UDP traffic packetbeat/{beater,protos/tcp,protos/udp,sniffer}: add initial metrics for TCP/UDP traffic Dec 1, 2022
@efd6
use monitoring/inputmon helper type
2255155
@efd6
packetbeat/protos/tcp: clean up source order and error lint
2d86e6a
@efd6
packetbeat/{protos/tcp,sniffer}: add initial metrics for TCP traffic
adbd718 
This adds metrics for TCP packet count and total bytes, and histograms
for time required to process TCP packets prior to acking from a
publication and time between TCP packet arrivals.
@efd6
address related pr comments
ef6bc07 
device retained in registration ID to prevent collision:

	panic: name 68DD99D548B50928 already used

	goroutine 157 [running]:
	github.com/elastic/elastic-agent-libs/monitoring.panicErr(...)
		/var/lib/jenkins/workspace/PR-33833-10-4f1d82ee-c0da-4414-bc63-8fa79cc6cbf5/pkg/mod/github.com/elastic/elastic-agent-libs@v0.2.13/monitoring/registry.go:257
	github.com/elastic/elastic-agent-libs/monitoring.(*Registry).Add(0xc000569fc0, {0xc00071ae50, 0x10654fd}, {0x35b8160, 0xc0001f8440}, 0x78)
		/var/lib/jenkins/workspace/PR-33833-10-4f1d82ee-c0da-4414-bc63-8fa79cc6cbf5/pkg/mod/github.com/elastic/elastic-agent-libs@v0.2.13/monitoring/registry.go:155 +0xda
	github.com/elastic/elastic-agent-libs/monitoring.(*Registry).NewRegistry(0xc000569fc0, {0xc00071ae50, 0x10}, {0x0?, 0x35adc60?, 0x1?})
		/var/lib/jenkins/workspace/PR-33833-10-4f1d82ee-c0da-4414-bc63-8fa79cc6cbf5/pkg/mod/github.com/elastic/elastic-agent-libs@v0.2.13/monitoring/registry.go:94 +0x158
	github.com/elastic/beats/v7/libbeat/monitoring/inputmon.NewInputRegistry({0x3107792, 0x3}, {0xc00071ae50, 0x10}, 0xc00070ff50?)
		/var/lib/jenkins/workspace/PR-33833-10-4f1d82ee-c0da-4414-bc63-8fa79cc6cbf5/src/github.com/elastic/beats/libbeat/monitoring/inputmon/input.go:43 +0x99
	github.com/elastic/beats/v7/packetbeat/protos/udp.newInputMetrics({0xc00071ae50?, 0x0?}, {0x0, 0x0})
		/var/lib/jenkins/workspace/PR-33833-10-4f1d82ee-c0da-4414-bc63-8fa79cc6cbf5/src/github.com/elastic/beats/packetbeat/protos/udp/udp.go:155 +0x7c
	github.com/elastic/beats/v7/packetbeat/protos/udp.NewUDP({0x35d9388, 0xc000314420}, {0xc00071ae50, 0x10}, {0x0, 0x0})
		/var/lib/jenkins/workspace/PR-33833-10-4f1d82ee-c0da-4414-bc63-8fa79cc6cbf5/src/github.com/elastic/beats/packetbeat/protos/udp/udp.go:57 +0x9d
	github.com/elastic/beats/v7/packetbeat/sniffer.DecodersFor.func1(0x0?, {0x0, 0x0})
		/var/lib/jenkins/workspace/PR-33833-10-4f1d82ee-c0da-4414-bc63-8fa79cc6cbf5/src/github.com/elastic/beats/packetbeat/sniffer/decoders.go:69 +0x22f
	github.com/elastic/beats/v7/packetbeat/sniffer.(*sniffer).sniffStatic(0xc0002e64b0, {0x35d6f68, 0xc0005695c0}, {0x0, 0x0})
		/var/lib/jenkins/workspace/PR-33833-10-4f1d82ee-c0da-4414-bc63-8fa79cc6cbf5/src/github.com/elastic/beats/packetbeat/sniffer/sniffer.go:282 +0x159
	github.com/elastic/beats/v7/packetbeat/sniffer.(*Sniffer).Run.func1()
		/var/lib/jenkins/workspace/PR-33833-10-4f1d82ee-c0da-4414-bc63-8fa79cc6cbf5/src/github.com/elastic/beats/packetbeat/sniffer/sniffer.go:202 +0x1be
	golang.org/x/sync/errgroup.(*Group).Go.func1()
		/var/lib/jenkins/workspace/PR-33833-10-4f1d82ee-c0da-4414-bc63-8fa79cc6cbf5/pkg/mod/golang.org/x/sync@v0.0.0-20220819030929-7fc1605a5dde/errgroup/errgroup.go:75 +0x64
	created by golang.org/x/sync/errgroup.(*Group).Go
		/var/lib/jenkins/workspace/PR-33833-10-4f1d82ee-c0da-4414-bc63-8fa79cc6cbf5/pkg/mod/golang.org/x/sync@v0.0.0-20220819030929-7fc1605a5dde/errgroup/errgroup.go:72 +0xa5
@efd6 efd6 force-pushed the st-5524 branch 2 times, most recently from 2cea13b to e928577 Compare December 2, 2022 04:24
@efd6
don't panic when reading pcap files
a07435c 
When reading pcap files the device is empty, so we can end up with a
metric ID collision. We don't need to record metrics when reading from
pcap files, so don't return a metric collector when this is the case.
@sonarcloud
Copy link

sonarcloud bot commented Dec 2, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 2 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

andrewkroh
andrewkroh reviewed Jan 4, 2023
View reviewed changes
Copy link
Member

@andrewkroh andrewkroh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm assuming that you can't access /inputs/ in Packetbeat to retrieve these metrics yet. You'll need to register the handler to make them available like in

beats/filebeat/beater/filebeat.go

Lines 121 to 125 in 9249566

if b.API != nil {
if err = inputmon.AttachHandler(b.API.Router()); err != nil {
return nil, fmt.Errorf("failed attach inputs api to monitoring endpoint server: %w", err)
}
}
.

@efd6 efd6 requested a review from andrewkroh January 6, 2023 05:28
@efd6 efd6 merged commit a5a375b into elastic:main Jan 10, 2023
chrisberkhout pushed a commit that referenced this pull request Jun 1, 2023
@efd6 @chrisberkhout
packetbeat/{beater,protos/tcp,protos/udp,sniffer}: add initial metric…
2c9abc8 
…s for TCP/UDP traffic (#33833)

This adds metrics for TCP/UDP packet count and total bytes, and histograms
for time required to process TCP/UDP packets prior to acking from a
publication and time between TCP/UDP packet arrivals.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewkroh andrewkroh andrewkroh approved these changes

Assignees

@efd6 efd6

Labels
8.7-candidate backport-skip Skip notification from the automated backport with mergify enhancement Packetbeat
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@efd6 @elasticmachine @andrewkroh