You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In its current iteration, there are several object types (class 0-3, binary, analog) that are options per log. The logic to have a separate events generated for each request/response of object type is technically flawed. The issue is that there can be several object types for each transaction. So correlating all of the object types to understand the full spectrum of request/response flows is impossible. We COULD do a JOIN by root_Id or similar, but this is going to generate lots of undue work by opensearch.
Motivation and context
As stated, tracking events between DNP3 endpoints/nodes is not feasible in full scope UNLESS we only cared about one object type (class 0-3 , etc). However, we do care about all data sent/received per request/response interaction. They directly correlate to one another per transaction.
Implementation notes
Please provide details for implementation, such as:
One event generated PER transaction with all object types present (or empty if not related) per log as fields.
This also implies that WE HAVE NO FIELD VALUES FOR THESE TRANSACTIONS. There will be a separate ticket for this
This will generate fewer logs, with more fields. It should hopefully be an equal amount of work for the parser.
💡 Summary
In its current iteration, there are several object types (class 0-3, binary, analog) that are options per log. The logic to have a separate events generated for each request/response of object type is technically flawed. The issue is that there can be several object types for each transaction. So correlating all of the object types to understand the full spectrum of request/response flows is impossible. We COULD do a JOIN by root_Id or similar, but this is going to generate lots of undue work by opensearch.
Motivation and context
As stated, tracking events between DNP3 endpoints/nodes is not feasible in full scope UNLESS we only cared about one object type (class 0-3 , etc). However, we do care about all data sent/received per request/response interaction. They directly correlate to one another per transaction.
Implementation notes
Please provide details for implementation, such as:
Acceptance criteria
Example log (stripped down)
The text was updated successfully, but these errors were encountered: