From 6304946408d35f0549d0d5a438c2be17dcf826fc Mon Sep 17 00:00:00 2001 From: Quang Nguyen Date: Tue, 19 Mar 2024 14:04:04 -0400 Subject: [PATCH] chore: dns docs amendment --- docs/metrics/plugins/dns.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/metrics/plugins/dns.md b/docs/metrics/plugins/dns.md index 31ac7abe7f..81ec1c0f47 100644 --- a/docs/metrics/plugins/dns.md +++ b/docs/metrics/plugins/dns.md @@ -1,6 +1,6 @@ # `dns` (Linux) -Counts number of packets/bytes dropped on a Node, along with the direction and reason for drop. +Captures both incoming and outgoing DNS traffic, providing various metrics and details about the DNS queries and responses. ## Metrics @@ -8,9 +8,9 @@ See metrics for [Basic Mode](../basic.md#plugin-dns-linux) or [Advanced Mode](.. ## Architecture -The plugin utilizes eBPF to gather data. -The plugin generates Basic metrics from an eBPF result. -In Advanced mode (see [Metric Modes](../modes.md)), the plugin turns this eBPF result into an enriched `Flow` (adding Pod information based on IP), then sends the `Flow` to an external channel so that a dns module can create extra Pod-Level metrics. +This plugin fundamentally relies on [Inspektor Gadget](https://github.com/inspektor-gadget/inspektor-gadget)'s DNS Tracer for monitoring DNS traffic. It uses eBPF (Extended Berkeley Packet Filter) to efficiently track DNS events. Following the capture of these events, the plugin generates basic metrics derived from the eBPF results. + +In its Advanced mode (refer to [Metric Modes](https://retina.sh/docs/metrics/modes) for more details), the plugin further processes the eBPF results into an enriched Flow. This Flow includes additional Pod information, determined by IP. Subsequently, the Flow is transmitted to an external channel. This allows a DNS module to generate additional Pod-Level metrics. ### Code locations