From 862a4fd04049e1852adfb60f39f81c5e344aa355 Mon Sep 17 00:00:00 2001 From: Shivani Bhardwaj Date: Tue, 2 Apr 2024 15:27:55 +0530 Subject: [PATCH 1/2] eve/stats: add description for transactions Ticket 6434 --- etc/schema.json | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/etc/schema.json b/etc/schema.json index 24e9da1d1a02..417fdf1f749d 100644 --- a/etc/schema.json +++ b/etc/schema.json @@ -4070,111 +4070,150 @@ "type": "object", "properties": { "bittorrent-dht": { + "description": + "Number of transactions for BitTorrent DHT protocol", "type": "integer" }, "dcerpc_tcp": { + "description": "Number of transactions for DCERPC/TCP protocol", "type": "integer" }, "dcerpc_udp": { + "description": "Number of transactions for DCERPC/UDP protocol", "type": "integer" }, "dhcp": { + "description": "Number of transactions for DHCP", "type": "integer" }, "dnp3": { + "description": "Number of transactions for DNP3", "type": "integer" }, "dns_tcp": { + "description": "Number of transactions for DNS/TCP protocol", "type": "integer" }, "dns_udp": { + "description": "Number of transactions for DNS/UDP protocol", "type": "integer" }, "enip_tcp": { + "description": "Number of transactions for ENIP/TCP", "type": "integer" }, "enip_udp": { + "description": "Number of transactions for ENIP/UDP", "type": "integer" }, "ftp": { + "description": "Number of transactions for FTP", "type": "integer" }, "ftp-data": { + "description": "Number of transactions for FTP data protocol", "type": "integer" }, "http": { + "description": "Number of transactions for HTTP", "type": "integer" }, "http2": { + "description": "Number of transactions for HTTP/2", "type": "integer" }, "ike": { + "description": "Number of transactions for IKE protocol", "type": "integer" }, "ikev2": { + "description": "Number of transactions for IKE v2 protocol", "type": "integer" }, "imap": { + "description": "Number of transactions for IMAP", "type": "integer" }, "krb5_tcp": { + "description": + "Number of transactions for Kerberos v5/TCP protocol", "type": "integer" }, "krb5_udp": { + "description": + "Number of transactions for Kerberos v5/UDP protocol", "type": "integer" }, "modbus": { + "description": "Number of transactions for Modbus protocol", "type": "integer" }, "mqtt": { + "description": "Number of transactions for MQTT protocol", "type": "integer" }, "nfs_tcp": { + "description": "Number of transactions for NFS/TCP protocol", "type": "integer" }, "nfs_udp": { + "description": "Number of transactions for NFS/UDP protocol", "type": "integer" }, "ntp": { + "description": "Number of transactions for NTP", "type": "integer" }, "pgsql": { + "description": "Number of transactions for PostgreSQL protocol", "type": "integer" }, "quic": { + "description": "Number of transactions for QUIC protocol", "type": "integer" }, "rdp": { + "description": "Number of transactions for RDP", "type": "integer" }, "rfb": { + "description": "Number of transactions for RFB protocol", "type": "integer" }, "sip_udp": { + "description": "Number of transactions for SIP/UDP protocol", "type": "integer" }, "sip_tcp": { + "description": "Number of transactions for SIP/TCP protocol", "type": "integer" }, "smb": { + "description": "Number of transactions for SMB protocol", "type": "integer" }, "smtp": { + "description": "Number of transactions for SMTP", "type": "integer" }, "snmp": { + "description": "Number of transactions for SNMP", "type": "integer" }, "ssh": { + "description": "Number of transactions for SSH protocol", "type": "integer" }, "telnet": { + "description": "Number of transactions for Telnet protocol", "type": "integer" }, "tftp": { + "description": "Number of transactions for TFTP", "type": "integer" }, "tls": { + "description": "Number of transactions for TLS protocol", "type": "integer" }, "websocket": { From 77df7970afe28c1aa1a0d11ea95608b87185048e Mon Sep 17 00:00:00 2001 From: Shivani Bhardwaj Date: Tue, 2 Apr 2024 15:55:01 +0530 Subject: [PATCH 2/2] eve/stats: add description for ips Ticket 6434 --- etc/schema.json | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/etc/schema.json b/etc/schema.json index 417fdf1f749d..a13d848acda0 100644 --- a/etc/schema.json +++ b/etc/schema.json @@ -4229,63 +4229,96 @@ "type": "object", "properties": { "accepted": { + "description": "Number of accepted packets", "type": "integer" }, "blocked": { + "description": "Number of blocked packets", "type": "integer" }, "rejected": { + "description": "Number of rejected packets", "type": "integer" }, "replaced": { + "description": "Number of replaced packets", "type": "integer" }, "drop_reason": { + "description": "Number of dropped packets, grouped by drop reason", "type": "object", "properties": { "decode_error": { + "description": + "Number of packets dropped due to decoding errors", "type": "integer" }, "defrag_error": { + "description": + "Number of packets dropped due to defragmentation errors", "type": "integer" }, "defrag_memcap": { + "description": + "Number of packets dropped due to defrag memcap exception policy", "type": "integer" }, "flow_memcap": { + "description": + "Number of packets dropped due to flow memcap exception policy", "type": "integer" }, "flow_drop": { + "description": "Number of packets dropped due to dropped flows", "type": "integer" }, "applayer_error": { + "description": + "Number of packets dropped due to app-layer error exception policy", "type": "integer" }, "applayer_memcap": { + "description": + "Number of packets dropped due to applayer memcap", "type": "integer" }, "rules": { + "description": "Number of packets dropped due to rule actions", "type": "integer" }, "threshold_detection_filter": { + "description": + "Number of packets dropped due to threshold detection filter", "type": "integer" }, "stream_error": { + "description": + "Number of packets dropped due to invalid TCP stream", "type": "integer" }, "stream_memcap": { + "description": + "Number of packets dropped due to stream memcap exception policy", "type": "integer" }, "stream_midstream": { + "description": + "Number of packets dropped due to stream midstream exception policy", "type": "integer" }, "stream_reassembly": { + "description": + "Number of packets dropped due to stream reassembly exception policy", "type": "integer" }, "nfq_error": { + "description": + "Number of packets dropped due to no NFQ verdict", "type": "integer" }, "tunnel_packet_drop": { + "description": + "Number of packets dropped due to inner tunnel packet being dropped", "type": "integer" } },