dwatch-json-net.conf

# vi: set filetype=sh :: Vi/ViM
############################################################ IDENT(1)
#
# $Title: Configuration file for `dwatch -X json-net-config[-raw] ...' $
# $Copyright: 2018 Devin Teske. All rights reserved. $
# $FrauBSD: dwatch-json/dwatch-json-net.conf 2018-10-01 16:22:27 -0700 freebsdfrau $
#
############################################################ INFORMATION
#
# Output sample:
# {"report_type":"$REPORT_TYPE","hostname":"$HOSTNAME","epoch":1538360226,
#  "tcp_rcvd":12,"tcp_sent":34,"udp_rcvd":56,"udp_sent":78[,...]}
#
############################################################ DEFAULTS

#
# DTrace probe
# Default: profile-10s
#
#PROBE=

#
# Report handle for kafka consumer
# Default: ${PROFILE%-raw}
#
#REPORT_TYPE=

#
# Hostname for kafka consumer
# Default: $HOSTNAME
#
#HOSTNAME=

#
# DTrace predicate for all stats
# Default: (set by `-k name' and/or `-t test' dwatch options)
# Example: execname == "sshd"
#
#EVENT_TEST=

############################################################ ENDPOINTS

#
# For each variable, you will get:
# 	<name>_tcp_rcvd
# 	<name>_tcp_sent
# 	<name>_udp_rcvd
# 	<name>_udp_sent
# Counting the bytes for specific conditions.
#
# Any bytes matching $EVENT_TEST that fail to match the DTrace clause defined
# in each variable will increment the {tcp,udp}_{rcvd,sent} globals.
# 

#hostA='this->remote == "1.2.3.4"'
#hostB='this->remote == "2.3.4.5"'
#hostC='this->remote == "3.4.5.6"'

#serviceA='this->lport == 22'
#serviceB='this->lport == 80 || this->lport == 443'
#serviceC='this->local == "1.2.3.4" && this->lport == 8080'

#jail0="jid == 0" # not a jail but the host
#jail1="jid == $( jls -j jail1 jid )" || exit
#jail2="jid == $( jls -j jail2 jid ) && execname == \"sshd\"" || exit

################################################################################
# END
################################################################################