network events to string

cmd/flow_capture_test.go

@@ -39,9 +39,9 @@ func TestFlowTableDefaultDisplay(t *testing.T) {
 	rows := strings.Split(buf.String(), "\n")
 
 	assert.Equal(t, 4, len(rows))
-	assert.Equal(t, `Time              SrcName                                        SrcType   DstName                                        DstType   DropBytes     DropPackets   DropState             DropCause                                 DnsId   DnsLatency  DnsRCode  DnsErrno  RTT     NetworkEvents     `, rows[0])
-	assert.Equal(t, `17:25:28.703000   src-pod                                        Pod       dst-pod                                        Pod       32B           1             TCP_INVALID_STATE     SKB_DROP_REASON_TCP_INVALID_SEQUENCE      31319   1ms         NoError   0         10µs    hello             `, rows[1])
-	assert.Equal(t, `----------------  ---------------------------------------------  --------  ---------------------------------------------  --------  ------------  ------------  --------------------  ----------------------------------------  ------  ------      ------    ------    ------  ----------------  `, rows[2])
+	assert.Equal(t, `Time              SrcName                                        SrcType   DstName                                        DstType   DropBytes     DropPackets   DropState             DropCause                                 DnsId   DnsLatency  DnsRCode  DnsErrno  RTT     NetworkEvents                                                       `, rows[0])
+	assert.Equal(t, `17:25:28.703000   src-pod                                        Pod       dst-pod                                        Pod       32B           1             TCP_INVALID_STATE     SKB_DROP_REASON_TCP_INVALID_SEQUENCE      31319   1ms         NoError   0         10µs    Allowed by default allow from local node policy, direction Ingress  `, rows[1])
+	assert.Equal(t, `----------------  ---------------------------------------------  --------  ---------------------------------------------  --------  ------------  ------------  --------------------  ----------------------------------------  ------  ------      ------    ------    ------  ----------------                                                    `, rows[2])
 	assert.Empty(t, rows[3])
 }
 
@@ -129,9 +129,9 @@ func TestFlowTableAdvancedDisplay(t *testing.T) {
 	// set display without enrichment
 	rows := getRows([]string{pktDropDisplay, dnsDisplay, rttDisplay, networkEventsDisplay}, []string{noEnrichment})
 	assert.Equal(t, 4, len(rows))
-	assert.Equal(t, `Time              SrcAddr                                   SrcPort  DstAddr                                   DstPort  DropBytes     DropPackets   DropState             DropCause                                 DnsId   DnsLatency  DnsRCode  DnsErrno  RTT     NetworkEvents     `, rows[0])
-	assert.Equal(t, `17:25:28.703000   10.128.0.29                               1234     10.129.0.26                               5678     32B           1             TCP_INVALID_STATE     SKB_DROP_REASON_TCP_INVALID_SEQUENCE      31319   1ms         NoError   0         10µs    hello             `, rows[1])
-	assert.Equal(t, `----------------  ----------------------------------------  ------   ----------------------------------------  ------   ------------  ------------  --------------------  ----------------------------------------  ------  ------      ------    ------    ------  ----------------  `, rows[2])
+	assert.Equal(t, `Time              SrcAddr                                   SrcPort  DstAddr                                   DstPort  DropBytes     DropPackets   DropState             DropCause                                 DnsId   DnsLatency  DnsRCode  DnsErrno  RTT     NetworkEvents                                                       `, rows[0])
+	assert.Equal(t, `17:25:28.703000   10.128.0.29                               1234     10.129.0.26                               5678     32B           1             TCP_INVALID_STATE     SKB_DROP_REASON_TCP_INVALID_SEQUENCE      31319   1ms         NoError   0         10µs    Allowed by default allow from local node policy, direction Ingress  `, rows[1])
+	assert.Equal(t, `----------------  ----------------------------------------  ------   ----------------------------------------  ------   ------------  ------------  --------------------  ----------------------------------------  ------  ------      ------    ------    ------  ----------------                                                    `, rows[2])
 	assert.Empty(t, rows[3])
 
 	// set display to standard
@@ -173,8 +173,8 @@ func TestFlowTableAdvancedDisplay(t *testing.T) {
 	// set display to NetworkEvents
 	rows = getRows([]string{networkEventsDisplay}, []string{noEnrichment})
 	assert.Equal(t, 4, len(rows))
-	assert.Equal(t, `Time              SrcAddr                                   SrcPort  DstAddr                                   DstPort  NetworkEvents     `, rows[0])
-	assert.Equal(t, `17:25:28.703000   10.128.0.29                               1234     10.129.0.26                               5678     hello             `, rows[1])
-	assert.Equal(t, `----------------  ----------------------------------------  ------   ----------------------------------------  ------   ----------------  `, rows[2])
+	assert.Equal(t, `Time              SrcAddr                                   SrcPort  DstAddr                                   DstPort  NetworkEvents                                                       `, rows[0])
+	assert.Equal(t, `17:25:28.703000   10.128.0.29                               1234     10.129.0.26                               5678     Allowed by default allow from local node policy, direction Ingress  `, rows[1])
+	assert.Equal(t, `----------------  ----------------------------------------  ------   ----------------------------------------  ------   ----------------                                                    `, rows[2])
 	assert.Empty(t, rows[3])
 }

cmd/map_format.go

@@ -8,6 +8,7 @@ import (
 
 	"github.com/jpillora/sizestr"
 	"github.com/netobserv/flowlogs-pipeline/pkg/config"
+	ovnmodel "github.com/ovn-org/ovn-kubernetes/go-controller/observability-lib/model"
 )
 
 const (
@@ -416,6 +417,47 @@ func toTimeString(genericMap config.GenericMap, fieldName string) string {
 	return emptyText
 }
 
+func networkEventsToString(flow config.GenericMap) string {
+	if ne, found := flow["NetworkEvents"]; found {
+		if neList, isList := ne.([]any); isList {
+			var messages []string
+			for _, item := range neList {
+				if neItem, isMap := item.(map[string]any); isMap {
+					messages = append(messages, networkEventItemToString(neItem))
+				}
+			}
+			return strings.Join(messages, ", ")
+		}
+	}
+	return ""
+}
+
+func networkEventItemToString(in map[string]any) string {
+	if msg := getAsString(in, "Message"); msg != "" {
+		return msg
+	}
+	if feat := getAsString(in, "Feature"); feat == "acl" {
+		aclObj := ovnmodel.ACLEvent{
+			Action:    getAsString(in, "Action"),
+			Actor:     getAsString(in, "Type"),
+			Name:      getAsString(in, "Name"),
+			Namespace: getAsString(in, "Namespace"),
+			Direction: getAsString(in, "Direction"),
+		}
+		return aclObj.String()
+	}
+	return ""
+}
+
+func getAsString(in map[string]any, key string) string {
+	if anyV, hasKey := in[key]; hasKey {
+		if v, isStr := anyV.(string); isStr {
+			return v
+		}
+	}
+	return ""
+}
+
 func ToTableRow(genericMap config.GenericMap, cols []string) []interface{} {
 	row := []interface{}{}
 
@@ -474,6 +516,8 @@ func ToTableRow(genericMap config.GenericMap, cols []string) []interface{} {
 			row = append(row, toText(genericMap, "DnsFlagsResponseCode"))
 		case "RTT":
 			row = append(row, toDuration(genericMap, "TimeFlowRttNs", time.Nanosecond))
+		case "NetworkEvents":
+			row = append(row, networkEventsToString(genericMap))
 		default:
 			// else simply pick field value as text from column name
 			row = append(row, toText(genericMap, col))

cmd/root_test.go

@@ -44,7 +44,7 @@ const (
 		"PktDropLatestFlags":16,
 		"PktDropLatestState":"TCP_INVALID_STATE",
 		"PktDropPackets":1,
-        "NetworkEvents":["hello"],
+		"NetworkEvents":[{"Feature":"acl","Type":"NetpolNode","Action":"allow","Direction":"Ingress"}],
 		"Proto":6,
 		"SrcAddr":"10.128.0.29",
 		"SrcK8S_HostIP":"10.0.1.1",

go.mod

@@ -10,7 +10,8 @@ require (
 	github.com/google/gopacket v1.1.19
 	github.com/jpillora/sizestr v1.0.0
 	github.com/mattn/go-sqlite3 v1.14.24
-	github.com/netobserv/flowlogs-pipeline v1.6.1-crc0
+	github.com/netobserv/flowlogs-pipeline v1.7.0-community.0.20241203095621-9592b66e80cc
+	github.com/ovn-org/ovn-kubernetes/go-controller v0.0.0-20241126140656-c95491e46334
 	github.com/rodaine/table v1.3.0
 	github.com/ryankurte/go-pcapng v0.0.0-20170712041429-73fd1a63fab4
 	github.com/sirupsen/logrus v1.9.3
@@ -21,17 +22,35 @@ require (
 
 require (
 	github.com/blang/semver/v4 v4.0.0 // indirect
+	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
+	github.com/cenkalti/hub v1.0.1 // indirect
+	github.com/cenkalti/rpc2 v0.0.0-20210604223624-c1acbc6ec984 // indirect
+	github.com/containernetworking/cni v1.1.2 // indirect
+	github.com/containernetworking/plugins v1.2.0 // indirect
+	github.com/coreos/go-iptables v0.6.0 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect
 	github.com/evanphx/json-patch/v5 v5.9.0 // indirect
 	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/gorilla/websocket v1.5.0 // indirect
 	github.com/klauspost/compress v1.17.9 // indirect
 	github.com/moby/spdystream v0.4.0 // indirect
 	github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
-	github.com/netobserv/netobserv-ebpf-agent v1.6.1-crc2.0.20240913155426-6ac7c5ccbf59 // indirect
+	github.com/netobserv/netobserv-ebpf-agent v1.7.0-community.0.20241206141054-2ab577a88c12 // indirect
+	github.com/ovn-org/libovsdb v0.7.1-0.20240820095311-ce1951614a20 // indirect
+	github.com/russross/blackfriday/v2 v2.1.0 // indirect
+	github.com/safchain/ethtool v0.3.1-0.20231027162144-83e5e0097c91 // indirect
+	github.com/urfave/cli/v2 v2.27.2 // indirect
+	github.com/vishvananda/netlink v1.3.0 // indirect
+	github.com/vishvananda/netns v0.0.4 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
-	k8s.io/component-base v0.30.2 // indirect
-	sigs.k8s.io/controller-runtime v0.18.4 // indirect
+	github.com/xrash/smetrics v0.0.0-20240312152122-5f08fbb34913 // indirect
+	gopkg.in/gcfg.v1 v1.2.3 // indirect
+	gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
+	gopkg.in/warnings.v0 v0.1.2 // indirect
+	k8s.io/component-base v0.31.1 // indirect
+	sigs.k8s.io/controller-runtime v0.19.0 // indirect
 )
 
 require (
@@ -62,7 +81,7 @@ require (
 	github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
-	github.com/prometheus/client_golang v1.20.3 // indirect
+	github.com/prometheus/client_golang v1.20.5 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect
 	github.com/prometheus/common v0.55.0 // indirect
 	github.com/prometheus/procfs v0.15.1 // indirect
@@ -72,15 +91,15 @@ require (
 	github.com/xdg-go/pbkdf2 v1.0.0 // indirect
 	github.com/xdg-go/scram v1.1.2 // indirect
 	github.com/xdg-go/stringprep v1.0.4 // indirect
-	golang.org/x/net v0.26.0 // indirect
-	golang.org/x/oauth2 v0.21.0 // indirect
-	golang.org/x/sys v0.25.0 // indirect
-	golang.org/x/term v0.21.0 // indirect
-	golang.org/x/text v0.16.0 // indirect
+	golang.org/x/net v0.28.0 // indirect
+	golang.org/x/oauth2 v0.22.0 // indirect
+	golang.org/x/sys v0.26.0 // indirect
+	golang.org/x/term v0.23.0 // indirect
+	golang.org/x/text v0.17.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240528184218-531527333157 // indirect
-	google.golang.org/grpc v1.65.0 // indirect
-	google.golang.org/protobuf v1.34.2 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240822170219-fc7c04adadcd // indirect
+	google.golang.org/grpc v1.67.1 // indirect
+	google.golang.org/protobuf v1.35.1 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect