Telemetry Screen for Kubernetes
The data on the telemetry panel is separated into four categories.
Network¶
The network gives information about the HTTP calls and the protocols used by our sources. It also displays specific information based on the cluster, namespace, pod, and traffic direction.
The above image is an example of the list of HTTP calls that occur on our telemetry screen. it will display the response per sec for the HTTP GET, POST and PUT requests we made at this time, and the HTTP responses per sec if its load successfully(200) or an error(404).
The above image is an example of the protocol information given by the telemetry screen. It displays the information about the network protocols (ICMPv6, ICMPv4, TCP, UDP) usage and the HTTP protocols(HTTP/1.1, HTTP/2.1) usage.
The above image is an example of the layer 7 5xx and 4xx resquests happening per second. The graph also gives the number of forwarded and dropped operation happening per second.
System¶
The system graphs gives information about the system policy logs. It shows the severity level of the logs and the action happened. It also gives specific information based on the cluster, namespace, container, pod, hostname, and the policy we applied.
The above image is an example of system policy logs on the telemetry screen which displays severity logs along with action logs.
The above image is an example of system policy logs on the telemetry screen which displays number of logs with a given operation and number of logs with a given host
The above image is an example of system policy logs on the telemetry screen which displays number of logs with a given namespace and number of logs with a given pod
The above image is an example of system policy logs on the telemetry screen which displays number of logs with a given container and number of logs with a given policy
The above image is an example of system policy logs on the telemetry screen which displays number of logs with a given type
Anomaly Detection¶
Anomaly Detection displays the information about the anomalies occurring on our sources. It displays the information about the errors that occurred and the process activities happened. It also displays specific informations based on the cluster, namespace, and container.
The above image is an example of anomaly detection telemetry occurring on the SaaS telemetry screen. It displays the count of errors or baseline that occurred at a time and it gives the count of process activities(forked, executed, killed) and total process count.
Data Protection¶
Data Protection gives information about unauthorized users trying to access sensitive sources. It also gives the information based on cluster, container, namespace, and node.
The above image is an example of data protection telemetry occurring on SaaS telemetry screens. It plots the graphs with
- Flagged destination access on sensitive data
- Unknown destination access on sensitive data
- Total number of access on each sensitive data
- Total number of alerts generated with severity