Documentation
¶
Overview ¶
Package database keeps track of flow information
Index ¶
Constants ¶
const ( OpEqual = 0 OpUnequal = 1 OpSmaller = 2 OpGreater = 3 FieldTimestamp = 0 FieldRouter = 1 FieldSrcAddr = 2 FieldDstAddr = 3 FieldProtocol = 4 FieldIntIn = 5 FieldIntOut = 6 FieldNextHop = 7 FieldSrcAs = 8 FieldDstAs = 9 FieldNextHopAs = 10 FieldSrcPfx = 11 FieldDstPfx = 12 FieldSrcPort = 13 FieldDstPort = 14 )
These constants are used in communication with the frontend
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BreakDownMap ¶
type BreakDownMap struct {
Router bool
Family bool
SrcAddr bool
DstAddr bool
Protocol bool
IntIn bool
IntOut bool
NextHop bool
SrcAsn bool
DstAsn bool
NextHopAsn bool
SrcPfx bool
DstPfx bool
SrcPort bool
DstPort bool
}
BreakDownMap defines by what fields data should be broken down in a query
type ConditionExt ¶
ConditionExt is external representation of a query condition
type ConditionsExt ¶
type ConditionsExt []ConditionExt
ConditionsExt is external representation of conditions of a query
type FlowDatabase ¶
FlowDatabase represents a flow database object
func New ¶
func New(aggregation int64, maxAge int64, numAddWorker int, samplerate int, debug int, compLevel int, storage string, anonymize bool) *FlowDatabase
New creates a new FlowDatabase and returns a pointer to it
func (*FlowDatabase) Add ¶
func (fdb *FlowDatabase) Add(fl *netflow.Flow)
Add adds flow `fl` to database fdb
func (*FlowDatabase) CleanUp ¶
func (fdb *FlowDatabase) CleanUp()
CleanUp deletes all flows from database `fdb` that are older than `maxAge` seconds
func (*FlowDatabase) Dumper ¶
func (fdb *FlowDatabase) Dumper()
Dumper dumps all flows in `fdb` to hard drive that haven't been dumped yet
type FlowsByTimeRtr ¶
FlowsByTimeRtr holds all keys (and thus is the only way) to our flows
type LockGroup ¶
type LockGroup struct {
Any sync.RWMutex
SrcAddr sync.RWMutex
DstAddr sync.RWMutex
Protocol sync.RWMutex
IntIn sync.RWMutex
IntOut sync.RWMutex
NextHop sync.RWMutex
SrcAs sync.RWMutex
DstAs sync.RWMutex
NextHopAs sync.RWMutex
SrcPfx sync.RWMutex
DstPfx sync.RWMutex
SrcPort sync.RWMutex
DstPort sync.RWMutex
}
LockGroup is a group of locks suitable to lock any particular member of TimeGroup
type Query ¶
type Query struct {
Cond Conditions
Breakdown BreakDownMap
TopN int
}
Query is the internal representation of a query
type QueryExt ¶
type QueryExt struct {
Cond ConditionsExt
Breakdown BreakDownMap
TopN int
}
QueryExt represents a query in the way it is received from the frontend
type TimeGroup ¶
type TimeGroup struct {
Any map[int]*avltree.Tree // Workaround: Why a map? Because: cannot assign to flows[fl.Timestamp][rtr].Any
SrcAddr map[string]*avltree.Tree
DstAddr map[string]*avltree.Tree
Protocol map[uint32]*avltree.Tree
IntIn map[uint32]*avltree.Tree
IntOut map[uint32]*avltree.Tree
NextHop map[string]*avltree.Tree
SrcAs map[uint32]*avltree.Tree
DstAs map[uint32]*avltree.Tree
NextHopAs map[uint32]*avltree.Tree
SrcPfx map[string]*avltree.Tree
DstPfx map[string]*avltree.Tree
SrcPort map[uint32]*avltree.Tree
DstPort map[uint32]*avltree.Tree
Locks *LockGroup
}
TimeGroup groups all indices to flows of a particular router at a particular time into one object
Source Files