Efficient analysis and collection of deeply inspected, high throughput network traffic is hard… especially as the trend towards globally distributed applications continues.
pktvisor is a free and open source analytics agent designed to address this challenge. It combines embedded stream processing pipelines with traffic analysis and data sketch algorithms to efficiently extract counts, top-k heavy hitters, set cardinality, quantiles and other key information from data streams directly on the edge, resulting in lightweight time series metrics.
Orb is an open source companion project that acts as a control tower for a distributed fleet of pktvisor agents, providing fleet and configuration management along with data collection and sinking functionality, accessible via web UI and REST API.
Together their goal is to deliver immediately actionable insights local to the traffic source and simultaneously collected and integrated into global result sets.
This talk will introduce the origin of the tools, discuss the goals and status of the projects, and look to the future as they extend beyond traffic analysis and into general streaming analytics embedded at the edge.