Fixed bug where discovered intents were dropped in the mapper when collecting and parsing data from the sniffer #295
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
zohar7ch
force-pushed
the
zohar7ch/tcp-dest-resolve-fix-always-report
branch
from
739bd65 to
396628a
Compare
The `model.Destination` type has 2 fields that contains the destination - the `Destination` and `DestinationIP`. We want to use `DestinationIP` if it is defined. Since this fix may resolve in a lot of new detected discovered intents, we also send with this intent some metadata (under the intent -> server -> resolution data), so that could would be able to identify whether this new intent was created by this fix, and to handle this differently if it wishes.
zohar7ch
force-pushed
the
zohar7ch/tcp-dest-resolve-fix-always-report
branch
from
396628a to
7ae3962
Compare
zohar7ch
changed the title
zohar7ch
changed the title
zohar7ch
changed the title
its only source We might discover an intent using multiple methods (for example, socket-scan and tcp-syn-sniffing). We want to make sure that if we discovered an intent in a way that is not related to the bugfix - we would keep the intent that way. This is crucial since Otterize cloud might drop intents that were discovered only thanks to the bugfix (in order to control the fix rollout).
zohar7ch
force-pushed
the
zohar7ch/tcp-dest-resolve-fix-always-report
branch
from
db0c8a0 to
b65ef9d
Compare
omris94
approved these changes
Apr 27, 2025
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Before this fix, we sometimes didn't resolve the destination properly, which result in dropping discovered intents in the mapper.
The cause of the error is that the sniffer sometimes pass on the destination the hostname of the workload it detects, and not the ip, while the mapper tries to resolve the destination assuming it is an ip address.
So in cases we do have the IP set from the sniffer - we want to use it to resolve the workload that is attached to the address.
Testing
Describe how this can be tested by reviewers. Be specific about anything not tested and reasons why. If this library has unit and/or integration testing, tests should be added for new functionality and existing tests should complete without errors.
Please include any manual steps for testing end-to-end or functionality not covered by unit/integration tests.
Also include details of the environment this PR was developed in (language/platform/browser version).
Checklist