3. Flow API¶
The flows api is only available from the Flow User Scripts.
Warning
This API is still partial and subject to change
Functions
-
function
getStatus()¶ Get the status bitmap of the flow.
- Return
- the flow status bitmap
-
function
setStatus(status_bit)¶ Set a bit into the flow status.
- Note
- This is used to indicate that the Flow has a possible problem.
- Parameters
status_bit: the status bit to set, see flow_consts.lua
-
function
clearStatus(status_bit)¶ Clear a bit into the flow status.
- Parameters
status_bit: the status bit to clear, see flow_consts.lua
-
function
triggerStatus(status_bit, alert_json = nil)¶ Sets a bit into the flow status and possibly trigger an alert.
- Note
- An alert will be triggered only for the status with the highest priority
- Parameters
status_bit: the flow status bit to setalert_json: an optional string message or json to store into the alert
-
function
isBlacklistedFlow()¶ Check if the flow is blacklisted.
- Return
- true if blacklisted, false otherwise
-
function
getInfo()¶ Get basic flow information.
- Return
- table: cli.ip: the client IP address srv.ip: the server IP address cli.port: the client port srv.port: the server port proto.l4: the L4 protocol name (e.g. TCP) proto.ndpi: the nDPI L7 protocol name (e.g. HTTP) proto.ndpi_cat: the nDPI category name (e.g. Web) cli2srv.bytes: client-to-server bytes srv2cli.bytes: server-to-client bytes cli2srv.packets: client-to-server packets srv2cli.packets: server-to-client packets
-
function
getFullInfo()¶ Get full information about the flow.
- Return
- a table with flow information, see Flow::lua
- Note
- This call is expensive and should be avoided. See flow.getInfo()
-
function
getUnicastInfo()¶ Check if flow hosts are unicast or broadcast/multicast.
- Return
- table: cli.broadmulticast: true if the client is broadcast/multicast srv.broadmulticast: true if the server is broadcast/multicast