Add document for GraphQL API connRawEvents

aicers · Dec 3, 2024 · 7477857 · 7477857
1 parent 57d8341
commit 7477857
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -29,6 +29,10 @@ Versioning](https://semver.org/spec/v2.0.0.html).
   - Changed `COMPATIBLE_VERSION_REQ` to ">=0.24.0-alpha.1,<0.25.0
   - Added migration function in `migrate_0_23_0_to_0_24_0_op_log`. This function
     performs a migration to change the `key`, `value` of `Oplog`.
+- Documentation of the following GraphQL APIs is updated:
+  - `connRawEvents`
+  - `networkRawEvents`, specifically when the response is of type
+    `ConnRawEvent`.
 
 ## [0.23.0] - 2024-11-21
 

diff --git a/src/graphql/network.rs b/src/graphql/network.rs
@@ -126,23 +126,57 @@ impl RawEventFilter for SearchFilter {
     }
 }
 
+/// Represents an event extracted from a session.
 #[derive(SimpleObject, Debug, ConvertGraphQLEdgesNode)]
 #[graphql_client_type(names = [conn_raw_events::ConnRawEventsConnRawEventsEdgesNode, network_raw_events::NetworkRawEventsNetworkRawEventsEdgesNodeOnConnRawEvent])]
 struct ConnRawEvent {
+    /// TODO: Waiting for an answer in the general repository.
     timestamp: DateTime<Utc>,
+    /// Source IP, or source IP address in long format.
     orig_addr: String,
+    /// Source port, or source port number in long format.
     orig_port: u16,
+    /// Destination IP, or destination IP address in long format.
     resp_addr: String,
+    /// Destination port, or destination port number in long format.
     resp_port: u16,
+    /// Protocol number. TCP is 6, UDP is 17.
     proto: u8,
+    /// Connection state. This is only used in TCP connections.
+    ///
+    /// The connection state is a string of letters that represent the state of the connection. The
+    /// letters are as follows:
+    ///
+    /// - S: The originator sent a SYN segment.
+    /// - h: The responder sent a SYN ACK segment.
+    /// - A: The originator sent an ACK segment.
+    /// - D: The originator sent at least one segment with payload data. In this case, that was HTTP
+    ///   over TCP.
+    /// - a: The responder replied with an ACK segment.
+    /// - d: The responder replied with at least one segment with payload data.
+    /// - F: The originator sent a FIN ACK segment.
+    /// - f: The responder replied with a FIN ACK segment.
+    /// - R: The originator sent a RST segment.
+    /// - r: The responder sent a RST segment.
+    /// - T: Timeout
+    ///
+    /// For example, `ShDdAaFf` indicates a session without packet loss.
     conn_state: String,
+    /// Duration. It is in nanoseconds.
     duration: StringNumberI64,
+    /// Service name.
     service: String,
+    /// Bytes sent, or bytes sent by source in long format.
     orig_bytes: StringNumberU64,
+    /// Bytes received, or bytes received by destination in long format.
     resp_bytes: StringNumberU64,
+    /// Packets sent, or packets sent by source in long format.
     orig_pkts: StringNumberU64,
+    /// Packets received, or packets received by destination in long format.
     resp_pkts: StringNumberU64,
+    /// Layer 2 bytes sent, or layer 2 bytes sent by source in long format.
     orig_l2_bytes: StringNumberU64,
+    /// Layer 2 bytes received, or layer 2 bytes received by destination in long format.
     resp_l2_bytes: StringNumberU64,
 }