Open wenhuwang opened 1 year ago
We have thought of a method where we can first locate TCP Flows with high traffic (based on byte_rx, byte_tx, etc.) in the flow log (l4_flow_log) list. After clicking on one flow log, all the request logs within this TCP flow will be displayed in the request log (l7_flow_log) list below.
This approach avoids reliance on complex TCP segmentation reassembly. The reassembly consumes more resources and the benefits obtained are not significant.
@liqian1834 will attempt to create such a Dashboard.
Search before asking
Description
The current version of the deepflow-agent can't identify whether the network packets belong to the same mysql response after tcp segmentation, and according to the characteristic that the ACK numbers of all response packets corresponding to the same request in the TCP protocol are the same, we can use the TCP ack number field to aggregate data related to network packets of the same response, including but not limited to throughput, delay, etc.
Use case
Obtain the throughput and delay data of the l7 protocol based on the request response
Related issues
No response
Are you willing to submit a PR?
Code of Conduct