policy/frameworks/telemetry/log.zeek

Telemetry

Implementation of a telemetry.log and telemetry_histogram.log file using metrics accessible via the Telemetry module.

Namespace

Telemetry

Imports

base/frameworks/telemetry

Summary

Runtime Options

Telemetry::log_interval: interval &redef

How often metrics are reported.

Telemetry::log_prefixes: set &redef

Only metrics with prefixes in this set will be included in the telemetry.log and telemetry_histogram.log files by default.

Types

Telemetry::HistogramInfo: record

Record type used for logging histogram metrics.

Telemetry::Info: record

Record type used for logging counter and gauge metrics.

Redefinitions

Log::ID: enum

Events

Telemetry::log_telemetry: event

Event triggered for every record in the stream.

Telemetry::log_telemetry_histogram: event

Event triggered for every record in the histogram stream.

Hooks

Telemetry::log_policy: Log::PolicyHook

A default logging policy hook for the stream.

Telemetry::log_policy_histogram: Log::PolicyHook

A default logging policy hook for the histogram stream.

Detailed Interface

Runtime Options

Telemetry::log_interval
Type

interval

Attributes

&redef

Default

1.0 min

How often metrics are reported.

Telemetry::log_prefixes
Type

set [string]

Attributes

&redef

Default
{
   "process",
   "zeek"
}

Only metrics with prefixes in this set will be included in the telemetry.log and telemetry_histogram.log files by default. Setting this option to an empty set includes all prefixes.

For more fine-grained customization, setting this option to an empty set and implementing the Telemetry::log_policy and Telemetry::log_policy_histogram hooks to filter individual records is recommended.

Types

Telemetry::HistogramInfo
Type

record

ts: time &log

Timestamp of reporting.

peer: string &log

Peer that generated this log.

name: string &log

The name of the metric.

labels: vector of string &log

The names of the individual labels.

label_values: vector of string &log

The values of the labels as listed in labels.

bounds: vector of double &log

The bounds of the individual buckets

values: vector of double &log

The number of observations within each individual bucket.

sum: double &log

The sum over all observations

observations: double &log

The total number of observations.

Record type used for logging histogram metrics.

Telemetry::Info
Type

record

ts: time &log

Timestamp of reporting.

peer: string &log

Peer that generated this log.

metric_type: string &log

Contains the value “counter” or “gauge” depending on the underlying metric type.

name: string &log

The name of the metric.

labels: vector of string &log

The names of the individual labels.

label_values: vector of string &log

The values of the labels as listed in labels.

value: double &log

The value of this metric.

Record type used for logging counter and gauge metrics.

Events

Telemetry::log_telemetry
Type

event (rec: Telemetry::Info)

Event triggered for every record in the stream.

Telemetry::log_telemetry_histogram
Type

event (rec: Telemetry::HistogramInfo)

Event triggered for every record in the histogram stream.

Hooks

Telemetry::log_policy
Type

Log::PolicyHook

A default logging policy hook for the stream.

Telemetry::log_policy_histogram
Type

Log::PolicyHook

A default logging policy hook for the histogram stream.