feat(internal): enhance network event processing with subnet and impr…

…ove metrics organization
nullswan · Sep 22, 2024 · 8f6749f · 8f6749f
1 parent 0984bf6
commit 8f6749f
Show file tree

Hide file tree

Showing 3 changed files with 54 additions and 50 deletions.
diff --git a/internal/bpf/event_processor.go b/internal/bpf/event_processor.go
@@ -20,8 +20,8 @@ func ProcessNetworkEvent(
 	event.Dport = network.Ntohs(event.Dport)
 
 	// Convert IP addresses to net.IP
-	saddr := network.IntToIP(event.Saddr)
-	daddr := network.IntToIP(event.Daddr)
+	saddr := network.IntToSubnet(event.Saddr, network.SubnetMask24)
+	daddr := network.IntToSubnet(event.Daddr, network.SubnetMask24)
 
 	if log.Enabled(context.TODO(), slog.LevelDebug) {
 		log.With("pid", event.Pid).
@@ -35,7 +35,7 @@ func ProcessNetworkEvent(
 			Debug("Received network event")
 	}
 
-	if event.Protocol == 17 && event.Direction == 0 && event.Dport == 53 {
+	if event.Protocol == 17 && event.Direction == 1 && event.Dport == 53 {
 		metrics.DNSQueryCounter.WithLabelValues(container).Inc()
 	}
 

diff --git a/internal/metrics/counters.go b/internal/metrics/counters.go
@@ -0,0 +1,51 @@
+package metrics
+
+import "github.com/prometheus/client_golang/prometheus"
+
+var DNSQueryCounter = prometheus.NewCounterVec(
+	prometheus.CounterOpts{
+		Name: "dns_query_counter",
+		Help: "Number of DNS queries",
+	},
+	[]string{"container"},
+)
+
+var SyscallCounter = prometheus.NewCounterVec(
+	prometheus.CounterOpts{
+		Name: "syscall_counter",
+		Help: "Number of syscalls",
+	},
+	[]string{"syscall", "container"},
+)
+
+var NetworkReceivedBytesCounter = prometheus.NewCounterVec(
+	prometheus.CounterOpts{
+		Name: "network_received_bytes_counter",
+		Help: "Number of bytes received",
+	},
+	[]string{"container", "remote_subnet"},
+)
+
+var NetworkSentBytesCounter = prometheus.NewCounterVec(
+	prometheus.CounterOpts{
+		Name: "network_sent_bytes_counter",
+		Help: "Number of bytes sent",
+	},
+	[]string{"container", "remote_subnet"},
+)
+
+var NetworkSentPacketsCounter = prometheus.NewCounterVec(
+	prometheus.CounterOpts{
+		Name: "network_sent_packets_counter",
+		Help: "Number of packets sent",
+	},
+	[]string{"container", "remote_subnet"},
+)
+
+var NetworkReceivedPacketsCounter = prometheus.NewCounterVec(
+	prometheus.CounterOpts{
+		Name: "network_received_packets_counter",
+		Help: "Number of packets received",
+	},
+	[]string{"container", "remote_subnet"},
+)
diff --git a/internal/metrics/server.go b/internal/metrics/server.go
@@ -11,53 +11,6 @@ import (
 	"github.com/prometheus/client_golang/prometheus/promhttp"
 )
 
-var DNSQueryCounter = prometheus.NewCounterVec(
-	prometheus.CounterOpts{
-		Name: "dns_query_counter",
-		Help: "Number of DNS queries",
-	},
-	[]string{"container"},
-)
-
-var SyscallCounter = prometheus.NewCounterVec(
-	prometheus.CounterOpts{
-		Name: "syscall_counter",
-		Help: "Number of syscalls",
-	},
-	[]string{"syscall", "container"},
-)
-
-var NetworkReceivedBytesCounter = prometheus.NewCounterVec(
-	prometheus.CounterOpts{
-		Name: "network_received_bytes_counter",
-		Help: "Number of bytes received",
-	},
-	[]string{"container", "remote_ip"},
-)
-
-var NetworkReceivedPacketsCounter = prometheus.NewCounterVec(
-	prometheus.CounterOpts{
-		Name: "network_received_packets_counter",
-		Help: "Number of packets received",
-	},
-	[]string{"container", "remote_ip"},
-)
-
-var NetworkSentBytesCounter = prometheus.NewCounterVec(
-	prometheus.CounterOpts{
-		Name: "network_sent_bytes_counter",
-		Help: "Number of bytes sent",
-	},
-	[]string{"container", "remote_ip"},
-)
-
-var NetworkSentPacketsCounter = prometheus.NewCounterVec(
-	prometheus.CounterOpts{
-		Name: "network_sent_packets_counter",
-		Help: "Number of packets sent",
-	},
-	[]string{"container", "remote_ip"},
-)
 
 func StartServer(log *slog.Logger, cancel context.CancelFunc, port uint64) {
 	http.Handle("/metrics", promhttp.Handler())