The SecurityParameters contains the signature of a NSD, VLD, PNFD or VNFFGD instance together with information required to validate the signature.
Provides the signature of the signed part of the descriptor.
Identifies the algorithm used to compute the signature.
Provides a certificate or a reference to a certificate to validate the signature.
NOTE: Cardinality of 0 corresponds to the case where the certificate is provided by means outside the NSD
This primitive type defines the version of an element.
type string {
pattern
'[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}'; }
A Universally Unique IDentifier in the string representation defined in RFC 4122. The canonical representation uses lowercase characters.
The following is an example of a UUID in string representation: f81d4fae-7dec-11d0-a765-00a0c91e6bf6 ";
reference
"RFC 4122: A Universally Unique IDentifier (UUID) URN Namespace"
type string;
The uri type represents a Uniform Resource Identifier (URI) as defined by STD 66.
Objects using the uri type MUST be in US-ASCII encoding, and MUST be normalized as described by RFC 3986 Sections 6.2.1, 6.2.2.1, and 6.2.2.2. All unnecessary percent-encoding is removed, and all case-insensitive characters are set to lowercase except for hexadecimal digits, which are normalized to uppercase as described in Section 6.2.2.1.
The purpose of this normalization is to help provide unique URIs. Note that this normalization is not sufficient to provide uniqueness. Two URIs that are textually distinct after this normalization may still be equivalent.
Objects using the uri type may restrict the schemes that they permit. For example, 'data:' and 'urn:' schemes might not be appropriate.
A zero-length URI is not a valid URI. This can be used to express 'URI absent' where required.
In the value set and its semantics, this type is equivalent to the Uri SMIv2 textual convention defined in RFC 5017.
reference
"RFC 3986: Uniform Resource Identifier (URI): Generic Syntax
RFC 3305: Report from the Joint W3C/IETF URI Planning Interest Group: Uniform Resource Identifiers (URIs), URLs, and Uniform Resource Names (URNs): Clarifications and Recommendations
RFC 5017: MIB Textual Conventions for Uniform Resource Identifiers (URIs)"
Primitive type describing a rule.
This primitive type is a superset of the standard UML numbering primitives, e.g. Integer and Real.
priority - processing priority.
object - objects are model elements that represent instances of a class or of classes
key - the key datatype is a tuple which provides the name of a key along with its value and relative order.
keyName - Name of the key.
keyOrder - Relative sequence or order of the key (with respect to other keys).
keyValue - Value of the key.
Specifies the type of rule.
Defines the scope of the rule.
An ONAP event is an aggregation of a header and a message. Event messages may be published to a message broker by service instances, resource instances, or ONAP platform components. Service or resource instances may be in support of network infrastructure or customer services. Interested platforms may subscribe to events on the message broker (e.g. Centralized Testing Platform CTP) may see an event on a service VNF instance and perform an automated test as part of a closed loop management policy. Events are unique and distinguishable from one another.
ONAP event messages are serialized as a unicode ASCII character string which may be formatted as JSON, XML, etc... Appropriate schemas will be supplied.
Fields specific to fault events
Fields specific to heartbeat events
Fields specific to measurement events
Fields specific to mobility flow events
Fields specific to notification events
Fields specific to other types of events
Fields specific to pnfRegistration events
Fields specific to sipSignaling events
Fields specific to state change events
Fields specific to syslog events
Fields specific to threshold crossing alert events
Fields specific to voiceQuality events
Fields common to all events
Fields specific to fault events
Additional alarm information.
• Note1: for SNMP mapping to VES, for hash key use OID of varbind, for value use incoming data for that varbind).
• Note2: Alarm ID for 3GPP should be included (if applicable) in alarmAdditonalInformation as ‘alarmId’:’alarmIdValue’.
Could contain managed object instance as separate key:value; could add probable cause as separate key:value.
Short name of the alarm condition/problem, such as a trap name. Should not have white space (e.g., tpLgCgiNotInConfig, BfdSessionDown, linkDown, etc…)
Card, port, channel or interface name of the device generating the alarm. This could reflect managed object.
Event category, for example: ‘license’, ‘link’, ‘routing’, ‘security’, ‘signaling’
Event severity enumeration: ‘CRITICAL’, ‘MAJOR’, ‘MINOR’, ‘WARNING’, ‘NORMAL’. NORMAL is used to represent clear.
Examples: ‘card’, ‘host’, ‘other’, ‘port’, ‘portThreshold’, ‘router’, ‘slotThreshold’, ‘switch’, ‘virtualMachine’, ‘virtualNetworkFunction’. This could be managed object class.
Version of the faultFields block as “#.#” where # is a digit; see section 1 for the correct digits to use.
Description of the alarm or problem (e.g., ‘eNodeB 155197 in PLMN 310-410 with eNodeB name KYL05197 is lost’). 3GPP probable cause would be included in this field.
Virtual function status enumeration: ‘Active’, ‘Idle’, ‘Preparing to terminate’, ‘Ready to terminate’, ‘Requesting Termination’
The heartbeatFields datatype is an optional field block for fields specific to heartbeat events.
Additional expansion fields if needed.
Version of the heartbeatFields block as “#.#” where # is a digit; see section 1 for the correct digits to use.
Current heartbeatInterval in seconds.
commonEventHeader - Fields common to all events.
Event domain enumeration: ‘fault’, ‘heartbeat’, ‘measurement’, ‘mobileFlow’, ‘notification’, ‘other’, ‘pnfRegistration’, ‘sipSignaling’, ‘stateChange’, ‘syslog’, ‘thresholdCrossingAlert’, ‘voiceQuality’
Event key that is unique to the event source. The key must be unique within notification life cycle similar to EventID from 3GPP. It could be a sequential number, or a composite key formed from the event fields, such as domain_sequence. The eventId should not include whitespace. For fault events, eventId is the eventId of the initial alarm; if the same alarm is raised again for changed, acknowledged or cleared cases, eventId must be the same as the initial alarm (along with the same startEpochMicrosec but with a different sequence number). Note: see section 1.3 for eventId use case examples.
eventName - Unique event name.
To prevent naming collisions, eventName sent as part of the commonEventHeader, should conform to the following naming convention designed to summarize the purpose and type of the event, and to ensure the uniqueness of the eventName:
{DomainAbbreviation}_{NamingCode or ApplicationPlatform}_{DescriptionOfInfoBeingConveyed}
Domain abbreviations are derived from the ‘domain’ field in the commonEventHeader, as specified below:
‘Fault’ for the fault domain
‘Heartbeat’ for the heartbeat domain
‘Measurement’ for the measurements domain
‘MobileFlow’ for the mobileFlow domain
‘Other’ for the other domain
‘PnfReg’ for the pnfRegistration domain
‘SipSignaling’ for the sipSignaling domain
‘StateChange’ for the stateChange domain
‘Syslog’ for the syslog domain
‘Tca’ for the thresholdCrossingAlert domain
‘VoiceQuality’ for the voiceQuality domain
Unique event name
For example: ‘applicationNf’, ‘guestOS’, ‘hostOS’, ‘platform’
the latest unix time aka epoch time associated with the event from any component--as microseconds elapsed since 1 Jan 1970 not including leap seconds
Network function component type: 3 characters (aligned with vfc naming standards)
Network function type: 4 characters (aligned with vnf and pnf naming standards)
Network function vendor name
Processing priority enumeration: ‘High’, ‘Medium’, ‘Normal’, ‘Low’
reportingEntityId - UUID identifying the entity reporting the event or detecting a problem in another xnf/vm or pnf which is experiencing the problem.
Note: the AT&T internal enrichment process shall ensure that this field is populated. The reportingEntityId is an id for the reportingEntityName. See reportingEntityName for more information.
UUID identifying the entity reporting the event or detecting a problem in another vnf/vm or pnf which is experiencing the problem. (Note: the AT&T internal enrichment process shall ensure that this field is populated). The reportingEntityId is an id for the reportingEntityName. See ‘reportingEntityName’ for more information.
reportingEntityName - Name of the entity reporting the event or detecting a problem in another xnf/vm or pnf which is experiencing the problem. May be the same as the sourceName. For synthetic events generated by DCAE, it is the name of the app generating the event.
Name of the entity reporting the event or detecting a problem in another vnf/vm or pnf which is experiencing the problem. May be the same as the sourceName. For synthetic events generated by DCAE, it is the name of the app generating the event.
sequence - Ordering of events communicated by an event source instance (or 0 if not needed)
Ordering of events communicated by an event source instance (or 0 if not needed)
sourceId - UUID identifying the entity experiencing the event issue, which may be detected and reported by a separate reporting entity
Note: the AT&T internal enrichment process shall ensure that this field is populate). The sourceId is an id for the sourceName. See sourceName for more information.
UUID identifying the entity experiencing the event issue, which may be detected and reported by a separate reporting entity (note: the AT&T internal enrichment process shall ensure that this field is populated). The sourceId is an id for the sourceName. See ‘sourceName’ for more information.
sourceName - Name of the entity experiencing the event issue, which may be detected and reported by a separate reporting entity. The sourceName identifies the device for which data is collected. A valid sourceName must be inventoried in A&AI. If sourceName is a xNFC or VM, then the event must be reporting data for that particular xNFC or VM. If the sourceName is a xNF, comprised of multiple xNFCs, the data must be reported/aggregated at the xNF leveI. Data for individual xNFC must not be included in the xNF sourceName event.
Name of the entity experiencing the event issue, which may be detected and reported by a separate reporting entity. The sourceName identifies the device for which data is collected. A valid sourceName must be inventoried in A&AI. If sourceName is a xNFC or VM, then the event must be reporting data for that particular xNFC or VM. If the sourceName is a xNF, comprised of multiple xNFCs, the data must be reported/aggregated at the xNF leveI. Data for individual xNFC must not be included in the xNF sourceName event.
startEpochMicrosec - the earliest unix time aka epoch time associated with the event from any component--as microseconds elapsed since 1 Jan 1970 not including leap seconds. For measurements and heartbeats, where events are collected over predefined intervals, startEpochMicrosec shall be rounded to the nearest interval boundary (e.g., the epoch equivalent of 3:00PM, 3:10PM, 3:20PM, etc…).
For fault events, startEpochMicrosec is the timestamp of the initial alarm; if the same alarm is raised again for changed, acknowledged or cleared cases, startEpochMicrosec must be the same as the initial alarm (along with the same eventId and an incremental sequence number). For devices with no timing source (clock), the default value will be 0 and DCAE collector will replace it with Collector time stamp (when event is received).
the earliest unix time aka epoch time associated with the event from any component--as microseconds elapsed since 1 Jan 1970 not including leap seconds. For measurements and heartbeats, where events are collected over predefined intervals, startEpochMicrosec shall be rounded to the nearest interval boundary (e.g., the epoch equivalent of 3:00PM, 3:10PM, 3:20PM, etc…). For fault events, startEpochMicrosec is the timestamp of the initial alarm; if the same alarm is raised again for changed, acknowledged or cleared cases, startEpoch Microsec must be the same as the initial alarm (along with the same eventId and an incremental sequence number). For devices with no timing source (clock), the default value will be 0 and the VES collector will replace it with Collector time stamp (when the event is received)
Offset to GMT to indicate local time zone for device formatted as ‘UTC+/-hh.mm’; see https://en.wikipedia.org/wiki/List_of_time_zone_abbreviations for UTC offset examples
Version of the event header as “#.#” where # is a digit; see section 1 for the correct digits to use.
Version of the ves event listener api spec that this event is compliant with (as “#” or “#.#” or “#.#.#” where # is a digit; see section 1 for the correct digits to use).
Fields specific to measurement events
Additional measurement fields if needed.
Array of named hashMap if needed.
Array of JSON objects described by name, schema and other meta-information, if needed.
Peak concurrent sessions for the VM or VNF (depending on the context) over the measurementInterval.
Depending on the context over the measurementInterval: peak total number of users, subscribers, devices, adjacencies, etc., for the VM, or peak total number of subscribers, devices, etc., for the VNF
The hashMap key should identify the feature, while the value defines the number of times the identified feature was used.
Mean seconds required to respond to each request for the VM on which the VNFC reporting the event is running.
Version of the measurementFields block as “#.#” where # is a digit; see section 1 for the correct digits to use.
Interval over which measurements are being reported in seconds
Represents busy-ness of the network function from 0 to 100 as reported by the nfc.
Number of media ports in use.
Peak request rate per second, for the VM over the measurementInterval
Array of metrics on hugePages
Array of codecs in use
Usage of an array of CPUs
Usage of an array of disks
Filesystem usage of the VM on which the xNFC reporting the event is running
Array of intelligent platform management interface metrics
Array of integers representing counts of requests whose latency in milliseconds falls within per-xNF configured ranges; where latency is the duration between a service request and its fulfillment.
Array of system load metrics
Array of machine check exceptions
Memory usage of an array of VMs
Performance metrics of an array of network interface cards
Array of metrics on system processes
Fields specific to mobility flow events
additionalFields - Additional mobileFlow fields if needed.
applicationType - Application type inferred
applProtocolType - Application protocol.
applProtocolVersion - Application version.
cid - Cell Id.
connectionType - Abbreviation referencing a 3GPP reference point e.g., S1-U, S11, etc.
ecgi - Evolved Cell Global Id.
flowDirection - Flow direction, indicating if the reporting node is the source of the flow or destination for the flow.
gtpPerFlowMetrics - Mobility GTP Protocol per flow metrics.
gtpProtocolType - GTP protocol
gtpVersion - GTP protocol version.
httpHeader - HTTP request header, if the flow connects to a node referenced by HTTP.
imei - IMEI for the subscriber UE used in this flow, if the flow connects to a mobile device.
imsi - IMSI for the subscriber UE used in this flow, if the flow connects to a mobile device
ipProtocolType - IP protocol type e.g., TCP, UDP, RTP...
ipVersion - IP protocol version e.g., IPv4, IPv6
lac - Location area code.
mcc - Mobile country code.
mnc - Mobile network code.
mobileFlowFieldsVersion - Version of the mobileFlowFields block.
msisdn - MSISDN for the subscriber UE used in this flow, as an integer, if the flow connects to a mobile device.
otherEndpointIpAddress - IP address for the other endpoint, as used for the flow being reported on.
Note: current data type (String) may be changed to Common Resource Datatype L3AddressData. =[gh]=
otherEndpointPort - IP Port for the reporting entity, as used for the flow being reported on
otherFunctionalRole - Functional role of the other endpoint for the flow being reported on e.g., MME, S-GW, P-GW, PCRF...
rac - Routing area code
radioAccessTechnology - Radio Access Technology e.g., 2G, 3G, 4G and 5G. (GSM, UMTS, LTE, 5G)
reportingEndpointIpAddr - IP address for the reporting entity, as used for the flow being reported on.
Note: current data type (String) may be changed to Common Resource Datatype L3AddressData. =[gh]=
reportingEndpointPort - IP port for the reporting entity, as used for the flow being reported on.
sac - Service area code
samplingAlgorithm - Integer identifier for the sampling algorithm or rule being applied in calculating the flow metrics if metrics are calculated based on a sample of packets, or 0 if no sampling is applied.
tac - Transport area code
tunnelId - Tunnel identifier
vlanId - VLAN identifier used by this flow
Fields specific to notification events
Additional notification fields if needed.
arrayOfNamedHashMap - Array of named hashMaps
Identifier for a contact related to the change.
System or session identifier associated with the change.
Describes what has changed for the entity, for example: configuration changed, capability added, capability removed…
New state of the entity, for example: ‘inService’, ‘maintenance’, ‘outOfService’
Version of the notificationFields block as “#.#” where # is a digit; see section 1 for the correct digits to use.
Previous state of the entity.
For example: "inService", "outOfService", "maintenance"
Card or port name of the entity that changed state.
The otherFields datatype defines fields for events belonging to the 'other' domain of the commonEventHeader domain enumeration.
Array of named hashMaps
Array of name-value pairs.
Array of JSON objects described by name, schema and other meta-information.
Version of the otherFields block as “#.#” where # is a digit; see section 1 for the correct digits to use.
The pnfRegistrationFields datatype defines fields for events belonging to the 'pnfRegistration' domain of the commonEventHeader domain enumeration; it consists of the following fields:
Additional pnfRegistration fields if needed
TS 32.692 dateOfLastService = date of last service; e.g. 15022017
MAC address of OAM interface of the unit
TS 32.692 dateOfManufacture = manufacture date of the unit; 24032016
TS 32.692 versionNumber = version of the unit from vendor; e.g. AJ02. Maps to AAI equip-model
IPv4 m-plane IP address to be used by the manager to contact the PNF
IPv6 m-plane IP address to be used by the manager to contact the PNF
Version of the registrationFields block as “#.#” where # is a digit; see section 1 for the correct digits to use.
TS 32.692 serialNumber = serial number of the unit; e.g. 6061ZW3
TS 32.692 swName = active SW running on the unit; e.g. 5gDUv18.05.201
TS 32.692 vendorUnitFamilyType = general type of HW unit; e.g. BBU
TS 32.692 vendorUnitTypeNumber = vendor name for the unit; e.g. Airscale
TS 32.692 vendorName = name of manufacturer; e.g. Nokia. Maps to AAI equip-vendor
sipSignalingFields - The sipSignalingFields datatype communicates information about SIP signaling messages, parameters and signaling state.
zdditionalInformation - Additional sipSignalling fields.
compressedSip - The full SIP request/response including headers and bodies.
correlator - Constant across all events on this call.
localIpAddress - IP address on VNF.
Note: current data type (String) may be changed to Common Resource Datatype L3AddressData. =[gh]=
localPort - Port on VNF.
remoteIpAddress - IP address of peer endpoint.
Note: current data type (String) may be changed to Common Resource Datatype L3AddressData. =[gh]=
remotePort - Port of peer endpoint
sipSignalingFieldsVersion - Version of the sipSignalingFields block as “#.#” where # is a digit; see section 1 for the correct digits to use.
summarySip - The SIP Method or Response (‘INVITE’, ‘200 OK’, ‘BYE’, etc).
vendorNfNameFields - Vendor, NF and nfModule names.
Fields specific to state change events.
Additional stateChange fields if needed
New state of the entity: ‘inService’, ‘maintenance’, ‘outOfService’
Previous state of the entity: ‘inService’, ‘maintenance’, ‘outOfService’
Version of the stateChangeFields block as “#.#” where # is a digit; see section 1 for the correct digits to use.
Card or port name of the entity that changed state
Syslog’s can be classified as either Control or Session/Traffic. They differ by message content and expected volume:
• Control logs are generally free-form human-readable text used for reporting errors or warnings supporting the operation and troubleshooting of NFs. The volume of these logs is typically less than 2k per day.
• Session logs use common structured fields to report normal NF processing such as DNS lookups or firewall rules processed. The volume of these logs is typically greater than 1k per hour (and sometimes as high as 10k per second).
VES supports both classes of syslog, however VES is only recommended for control logs or for lower volume session logs, less than 60k per hour. High volume session logging should use a file-based transport solution.
Additional syslog fields if needed Ex: {“name1”: ”value1”, “name2: “value2” … }
Hostname of the device
Examples: ‘other’, ‘router’, ‘switch’, ‘host’, ‘card’, ‘port’, ‘slotThreshold’, ‘portThreshold’, ‘virtualMachine’, ‘virtualNetworkFunction’
0-32 char in format name@number,
i.e., ourSDID@32473
Numeric code from 0 to 23 for facility:
0 kernel messages
1 user-level messages
2 mail system
3 system daemons
4 security/authorization messages
5 messages generated internally by syslogd
6 line printer subsystem
7 network news subsystem
8 UUCP subsystem
9 clock daemon
10 security/authorization messages
11 FTP daemon
12 NTP subsystem
13 log audit
14 log alert
15 clock daemon (note 2)
16 local use 0 (local0)
17 local use 1 (local1)
18 local use 2 (local2)
19 local use 3 (local3)
20 local use 4 (local4)
21 local use 5 (local5)
22 local use 6 (local6)
23 local use 7 (local7 )
Version of the syslogFields block as “#.#” where # is a digit; see section 1 for the correct digits to use.
Syslog message
Hostname parsed from non-VES syslog message
0-192
Combined Severity and Facility (see rfc5424)
Identifies the application that originated the message
The process number assigned by the OS when the application was started
A <space> separated list of key=”value” pairs following the rfc5424 standard for SD-ELEMENT.
Deprecated
The entire rfc5424 syslogSData object, including square brackets [ ], SD-ID and list of SD-PARAMs
Level-of-severity text enumeration defined below:
Text Sev Description
Emergency 0 system is unusable
Alert 1 action must be taken immediately
Critical 2 critical conditions
Error 3 error conditions
Warning 4 warning conditions
Notice 5 normal but significant condition
Info 6 Informational messages
Debug 7 debug-level messages
Also known as MsgId. Brief non-spaced text indicating the type of message such as ‘TCPOUT’ or ‘BGP_STATUS_CHANGE’; ‘NILVALUE’ should be used when no other value can be provided
Timestamp parsed from non-VES syslog message
IANA assigned version of the syslog protocol specification:
0: VES
1: IANA RFC5424
The diskUsage datatype defines the usage of a disk device.
The number of bus resets in the performance interval.
Number of disk commands aborted over the measurementInterval.
Average number of commands per second over the measurementInterval.
Total flush requests of the disk cache over the measurementInterval.
Milliseconds spent on disk cache flushing over the measurementInterval.
Disk Identifier.
Milliseconds spent doing input/output operations over 1 sec; treat this metric as a device load percentage where 1000ms matches 100% load; provide the average over the measurement interval
Milliseconds spent doing input/output operations over 1 sec; treat this metric as a device load percentage where 1000ms matches 100% load; provide the last value measurement within the measurement interval.
Milliseconds spent doing input/output operations over 1 sec; treat this metric as a device load percentage where 1000ms matches 100% load; provide the maximum value measurement within the measurement interval
Milliseconds spent doing input/output operations over 1 sec; treat this metric as a device load percentage where 1000ms matches 100% load; provide the minimum value measurement within the measurement interval.
Number of logical read operations that were merged into physical read operations, e.g., two logical reads were served by one physical disk access; provide the average measurement within the measurement interval.
Number of logical read operations that were merged into physical read operations, e.g., two logical reads were served by one physical disk access; provide the last value measurement within the measurement interval.
Number of logical read operations that were merged into physical read operations, e.g., two logical reads were served by one physical disk access; provide the maximum value measurement within the measurement interval.
Number of logical read operations that were merged into physical read operations, e.g., two logical reads were served by one physical disk access; provide the minimum value measurement within the measurement interval.
Number of logical write operations that were merged into physical write operations, e.g., two logical writes were served by one physical disk access; provide the average measurement within the measurement interval
Number of logical write operations that were merged into physical write operations, e.g., two logical writes were served by one physical disk access; provide the last value measurement within the measurement interval.
Number of logical write operations that were merged into physical write operations, e.g., two logical writes were served by one physical disk access; provide the maximum value measurement within the measurement interval.
Number of logical write operations that were merged into physical write operations, e.g., two logical writes were served by one physical disk access; provide the minimum value measurement within the measurement interval.
Number of octets per second read from a disk or partition; provide the average measurement within the measurement interval.
Number of octets per second read from a disk or partition; provide the last measurement within the measurement interval
Number of octets per second read from a disk or partition; provide the maximum measurement within the measurement interval.
Number of octets per second read from a disk or partition; provide the minimum measurement within the measurement interval.
Number of octets per second written to a disk or partition; provide the average measurement within the measurement interval.
Number of octets per second written to a disk or partition; provide the last measurement within the measurement interval.
Number of octets per second written to a disk or partition; provide the maximum measurement within the measurement interval.
Number of octets per second written to a disk or partition; provide the minimum measurement within the measurement interval.
Number of read operations per second issued to the disk; provide the average measurement within the measurement interval.
Number of read operations per second issued to the disk; provide the last measurement within the measurement interval.
Number of read operations per second issued to the disk; provide the maximum measurement within the measurement interval.
Number of read operations per second issued to the disk; provide the minimum measurement within the measurement interval.
Number of write operations per second issued to the disk; provide the average measurement within the measurement interval.
Number of write operations per second issued to the disk; provide the last measurement within the measurement interval.
Number of write operations per second issued to the disk; provide the maximum measurement within the measurement interval.
Number of write operations per second issued to the disk; provide the minimum measurement within the measurement interval.
Queue size of pending I/O operations per second; provide the average measurement within the measurement interval.
Queue size of pending I/O operations per second; provide the last measurement within the measurement interval.
Queue size of pending I/O operations per second; provide the maximum measurement within the measurement interval.
diskPendingOperationsMin - Queue size of pending I/O operations per second; provide the minimum measurement within the measurement interval.
Average number of read commands issued per second to the disk over the measurementInterval.
Nanoseconds spent on disk cache reads/writes within the measurementInterval.
Milliseconds a read operation took to complete; provide the average measurement within the measurement interval.
Milliseconds a read operation took to complete; provide the last measurement within the measurement interval.
Milliseconds a read operation took to complete; provide the maximum measurement within the measurement interval.
Milliseconds a read operation took to complete; provide the minimum measurement within the measurement interval.
Milliseconds a write operation took to complete; provide the average measurement within the measurement interval.
Milliseconds a write operation took to complete; provide the last measurement within the measurement interval.
Milliseconds a write operation took to complete; provide the maximum measurement within the measurement interval.
Milliseconds a write operation took to complete; provide the minimum measurement within the measurement interval.
The average amount of time taken for a read from the perspective of a Guest OS. This is the sum of Kernel Read Latency and Physical Device Read Latency in milliseconds over the measurement interval.
The average amount of time taken for a write from the perspective of a Guest OS. This is the sum of Kernel Write Latency and Physical Device Write Latency in milliseconds over the measurement interval.
Measure in ms over 1 sec of both I/O completion time and the backlog that may be accumulating. Value is the average within the collection interval.
Measure in ms over 1 sec of both I/O completion time and the backlog that may be accumulating. Value is the last within the collection interval.
Measure in ms over 1 sec of both I/O completion time and the backlog that may be accumulating. Value is the maximum within the collection interval.
Measure in ms over 1 sec of both I/O completion time and the backlog that may be accumulating. Value is the minimum within the collection interval.
Average number of write commands issued per second to the disk over the measurementInterval
Average number of write commands issued per second to the disk during the collection interval.
The codecsInUse datatype consists of the following fields describing the number of times an identified codec was used over the measurementInterval
Description of the codec.
Number of such codecs in use.
The thresholdCrossingAlertFields datatype consists of the following fields:
additionalFields - Additional pnfRegistration fields if needed.
Array of performance counters
Enumeration: ‘SET’, ‘CONT’, ‘CLEAR’
Unique short alert description (e.g., NE-CPUMEM)
Enumeration: ‘CARD-ANOMALY’, ‘INTERFACE-ANOMALY’, ELEMENT-ANOMALY’, ‘SERVICE-ANOMALY’
Calculated API value (if applicable)
List of eventIds associated with the event being reported
Time when the performance collector picked up the data; with RFC 2822 compliant format: ‘Sat, 13 Mar 2010 11:29:05 -0800’
Specific performance collector instance used
Type of network element (internal AT&T field)
Event severity or priority enumeration: ‘CRITICAL’, ‘MAJOR’, ‘MINOR’, ‘WARNING’, ‘NORMAL’
Time closest to when the measurement was made; with RFC 2822 compliant format: ‘Sat, 13 Mar 2010 11:29:05 -0800’
Physical or logical port or card (if applicable
Network name (internal AT&T field)
Reserved for future use
Version of the thresholdCrossingAlertFields block as “#.#” where # is a digit; see section 1 for the correct digits to use.
The voiceQuality class provides statistics related to customer facing voice products; consists of the following fields:
Additional voice quality fields
Callee codec for the call
Caller codec for the call
Constant across all events on this call
Phone number associated with the correlator
Base64 encoding of the binary RTCP data (excluding Eth/IP/UDP headers)
Version of the voiceQualityFields block as “#.#” where # is a digit; see section 1 for the correct digits to use.
End of call voice quality metric summaries
Vendor, NF and nfModule names
The cpuUsage datatype defines the usage of an identifier CPU and consists of the following fields:
The amount of time the CPU cannot run due to contention, in milliseconds over the measurementInterval
The total CPU time that the NF/NFC/VM could use if there was no contention, in milliseconds over the measurementInterval
CPU demand in MHz
CPU demand as a percentage of the provisioned capacity
CPU Identifier
Percentage of CPU time spent in the idle task
cpuDemandAvg - The total CPU time that the VNF/VNFC/VM could use if there is no contention, in milliseconds.
The overhead demand above available allocations and reservations, in milliseconds over the measurementInterval
Swap wait time, in milliseconds over the measurementInterval
Percentage of time spent servicing interrupts
Percentage of time spent running user space processes that have been niced
Percentage of time spent handling soft irq interrupts
Percentage of time spent in involuntary wait which is neither user, system or idle time and is effectively time that went missing
Percentage of time spent on system tasks running the kernel
Percentage of time spent running un-niced user space processes
Percentage of CPU time spent waiting for I/O operations to complete
Aggregate cpu usage of the virtual machine on which the xNFC reporting the event is running
The filesystemUsage datatype consists of the following fields:
Configured block storage capacity in GB.
Block storage input-output operations per second.
Used block storage capacity in GB.
Configured ephemeral storage capacity in GB.
Ephemeral storage input-output operations per second.
Used ephemeral storage capacity in GB.
File system name.
The hugePages datatype provides metrics on system hugePages
Number of free hugePages in bytes.
Number of used hugePages in bytes.
HugePages identifier
Number of free hugePages in percent.
Number of used hugePages in percent.
Number of free hugePages in numbers.
Number of used hugePages in numbers.
The ipmi (Intelligent Platform Management Interface) datatype provides intelligent platform management interface metrics; it consists of the following fields:
System fan exit air flow temperature in Celsius
Front panel temp in Celsius
Io module temp in Celsius
Airflow in cubic feet per minute (cfm)
Array of ipmiBaseboard Temperature objects
Array of ipmiBaseboard VoltageRegulator objects
Array of ipmiBattery objects
Array of ipmiFan objects
ipmi global aggregate temperature margin
Array of ipmiHsbp objects
Array of ipmiNic objects
Array of ipmiPowerSupply objects
Array of ipmiProcessor objects
The ipmiBaseboardTemperature datatype consists of the following fields which describe ipmi baseboard temperature metrics:
Field Type Required? Description
Baseboard temperature in celsius
Identifier for the location where the temperature is taken
The ipmiBaseboardVoltageRegulator datatype consists of the following fields which describe ipmi baseboard voltage regulator metrics:
Identifier for the baseboard voltage regulator
Voltage regulator temperature in celsius
The ipmiBattery datatype consists of the following fields which describe ipmi battery metrics:
Identifier for the battery
Type of battery
Battery voltage level
The ipmiFan datatype consists of the following fields which describe ipmi fan metrics:
Identifier for the fan
Fan speed in revolutions per minute (rpm)
The ipmiGlobalAggregateTemperatureMargin datatype consists of the following fields:
Temperature margin in Celsius relative to a throttling thermal trip point
Identifier for the ipmi global aggregate temperature margin metrics
The ipmiHsbp datatype provides ipmi hot swap backplane power metrics; it consists of the following fields:
Identifier for the hot swap backplane power unit
Hot swap backplane power temperature in celsius
The ipmiNic datatype provides network interface control care metrics; it consists of the following fields:
Identifier for the network interface control card
nic temperature in Celsius
The ipmiPowerSupply datatype provides ipmi power supply metrics; it consists of the following fields:
Current output voltage as a percentage of the design specified level
Identifier for the power supply
Input power in watts
Power supply temperature in Celsius
The ipmiProcessor datatype provides ipmi processor metrics
Io module temperatue in celsius
Front panel temperature in celsius
Array of processorDimmAggregate ThermalMargin objects
Identifier for the power supply
The latencyBucketMeasure datatype consists of the following fields which describe the number of counts falling within a defined latency bucket
Number of counts falling within a defined latency bucket
High end of bucket range (typically in ms)
Low end of bucket range (typically in ms)
The load datatype provides metrics on system cpu and io utilization obtained using /proc/loadavg
number of jobs in the run queue (state R, cpu utilization) or waiting for disk I/O (state D, io utilization) averaged over 15 minutes using /proc/loadavg
number of jobs in the run queue (state R, cpu utilization) or waiting for disk I/O (state D, io utilization) averaged over 5 minutes using /proc/loadavg
number of jobs in the run queue (state R, cpu utilization) or waiting for disk I/O (state D, io utilization) averaged over 1 minute using /proc/loadavg
The machineCheckException datatype describes machine check exceptions
Total hardware errors that were corrected by the hardware (e.g. data corruption corrected via ECC) over the measurementInterval. These errors do not require immediate software actions, but are still reported for accounting and predictive failure analysis
Total hardware errors that were corrected by the hardware over the last one hour
processIdentifier
Total uncorrected hardware errors that were detected by the hardware (e.g., causing data corruption) over the measurementInterval. These errors require a software response.
Total uncorrected hardware errors that were detected by the hardware over the last one hour
The memoryUsage datatype defines the memory usage of a virtual machine and consists of the following fields:
Kibibytes of temporary storage for raw disk blocks
Kibibytes of memory used for cache
Kibibytes of memory configured in the virtual machine on which the xNFC reporting the event is running
Host demand in kibibytes
Kibibytes of physical RAM left unused by the system
Percentage of time the VM is waiting to access swapped or compressed memory
Shared memory in kilobytes
The part of the slab that can be reclaimed such as caches measured in kibibytes
The part of the slab that cannot be reclaimed even when lacking memory measure in kibibytes
Amount of memory swapped-in from host cache in kibibytes
Rate at which memory is swapped from disk into active memory during the interval in kilobytes per second
Amount of memory swapped-out to host cache in kibibytes
Rate at which memory is being swapped from active memory to disk during the current interval in kilobytes per second
Space used for caching swapped pages in the host cache in kibibytes
Total memory minus the sum of free, buffered, cached and slab memory measured in kibibytes
Percentage of memory usage; value = (memoryUsed / (memoryUsed + memoryFree) x 100 if denomintor is nonzero, or 0, if otherwise.
Virtual Machine identifier associated with the memory metrics
The nicPerformance datatype consists of the following fields which describe the performance and errors of an of an identified virtual network interface card
Administrative state: enum: ‘inService’, ‘outOfService’
Network interface card identifier
Operational state: enum: ‘inService’, ‘outOfService’
Cumulative count of broadcast packets received as read at the end of the measurement interval
Count of broadcast packets received within the measurement interval
Cumulative count of discarded packets received as read at the end of the measurement interval
Count of discarded packets received within the measurement interval
Cumulative count of error packets received as read at the end of the measurement interval
Count of error packets received within the measurement interval
Cumulative count of multicast packets received as read at the end of the measurement interval
Count of multicast packets received within the measurement interval
Cumulative count of octets received as read at the end of the measurement interval
Count of octets received within the measurement interval
Percentage of discarded packets received; value = (receivedDiscardedPacketsDelta / receivedTotalPacketsDelta) x 100, if denominator is nonzero, or 0, if otherwise.
Percentage of error packets received; value = (receivedErrorPacketsDelta / receivedTotalPacketsDelta) x 100, if denominator is nonzero, or 0, if otherwise.
Cumulative count of all packets received as read at the end of the measurement interval
Count of all packets received within the measurement interval
Cumulative count of unicast packets received as read at the end of the measurement interval
Count of unicast packets received within the measurement interval
Percentage of utilization received; value = (receivedOctetsDelta / (speed x (lastEpochMicrosec - startEpochMicrosec))) x 100, if denominator is nonzero, or 0, if otherwise.
Speed configured in mbps.
Cumulative count of broadcast packets transmitted as read at the end of the measurement interval
Count of broadcast packets transmitted within the measurement interval
Cumulative count of discarded packets transmitted as read at the end of the measurement interval
Count of discarded packets transmitted within the measurement interval
Cumulative count of error packets transmitted as read at the end of the measurement interval
Count of error packets transmitted within the measurement interval
Cumulative count of multicast packets transmitted as read at the end of the measurement interval
Count of multicast packets transmitted within the measurement interval
Cumulative count of octets transmitted as read at the end of the measurement interval
Count of octets transmitted within the measurement interval
Percentage of discarded packets transmitted; value = (transmittedDiscardedPacketsDelta / transmittedTotalPacketsDelta) x 100, if denominator is nonzero, or 0, if otherwise.
Percentage of error packets received; value = (transmittedErrorPacketsDelta / transmittedTotalPacketsDelta) x 100, if denominator is nonzero, or 0, if otherwise.
Cumulative count of all packets transmitted as read at the end of the measurement interval
Count of all packets transmitted within the measurement interval
Cumulative count of unicast packets transmitted as read at the end of the measurement interval
Count of unicast packets transmitted within the measurement interval
Percentage of utilization transmitted; value = (transmittedOctetsDelta / (speed x (lastEpochMicrosec - startEpochMicrosec))) x 100, if denominator is nonzero, or 0, if otherwise.
Enumeration: ‘true’ or ‘false’. If ‘true’ then the vNicPerformance values are likely inaccurate due to counter overflow or other conditions.
The processorDimmAggregateThermalMargin datatype provides intelligent platform management interface (ipmi) processor dual inline memory module aggregate thermal margin metrics; it consists of the following fields:
identifier for the aggregate thermal margin metrics from the processor dual inline memory module
the difference between the DIMM's current temperature, in celsius, and the DIMM's throttling thermal trip point
The processStats datatype provides metrics on system processes; it consists of the following fields:
The number of threads created since the last reboot
processIdentifier
The number of processes in a blocked state
The number of processes in a paging state
The number of processes in a running state
The number of processes in a sleeping state
The number of processes in a stopped state
The number of processes in a zombie state
Average bit error rate
Average packet delay variation or jitter in milliseconds for received packets: Average difference between the packet timestamp and time received for all pairs of consecutive packets
Average delivery latency
Average receive throughput
Average transmit throughput
Duration of failed state in milliseconds, computed as the cumulative time between a failed echo request and the next following successful error request, over this reporting interval
Duration of errored state, computed as the cumulative time between a tunnel error indicator and the next following non-errored indicator, over this reporting interval
Endpoint activating the flow
Time the connection is activated in the flow (connection) being reported on, or transmission time of the first packet if activation time is not available
Integer microseconds for the start of the flow connection
Time the connection is activated in the flow being reported on, or transmission time of the first packet if activation time is not available; with RFC 2822 compliant format: ‘Sat, 13 Mar 2010 11:29:05 -0800’
Endpoint deactivating the flow
Time for the start of the flow connection, in integer UTC epoch time aka UNIX time
Integer microseconds for the start of the flow connection
Transmission time of the first packet in the flow connection being reported on; with RFC 2822 compliant format: ‘Sat, 13 Mar 2010 11:29:05 -0800’
Connection status at reporting time as a working / inactive / failed indicator value
Current connection state at reporting time
Current tunnel state at reporting time
Array of key: value pairs where the keys are drawn from the IP Type-of-Service identifiers which range from '0' to '255', and the values are the count of packets that had those ToS identifiers in the flow
Array of unique IP Type-of-Service values observed in the flow where values range from '0' to '255'
large packet round trip time
large packet threshold being applied
Maximum packet delay variation or jitter in milliseconds for received packets: Maximum of the difference between the packet timestamp and time received for all pairs of consecutive packets
maximum receive bit rate"
maximum transmit bit rate
array of key: value pairs where the keys are drawn from LTE QCI or UMTS class of service strings, and the values are the count of packets that had those strings in the flow
Array of unique LTE QCI or UMTS class-of-service values observed in the flow
Number of failed activation requests, as observed by the reporting node
number of errored bits
number of bytes received, including retransmissions
number of bytes transmitted, including retransmissions
number of received packets dropped due to errors per virtual interface
Number of Echo request path failures where failed paths are defined in 3GPP TS 29.281 sec 7.2.1 and 3GPP TS 29.060 sec. 11.2
Number of tunnel error indications where errors are defined in 3GPP TS 29.281 sec 7.3.1 and 3GPP TS 29.060 sec. 11.1
Http error count
number of tunneled layer 7 bytes received, including retransmissions
number of tunneled layer 7 bytes received, including retransmissions
number of tunneled layer 7 bytes received, including retransmissions
number of out-of-order packets
number of errored packets
number of packets received, excluding retransmission
number of packets received, including retransmission
number of packets transmitted, including retransmissions
number of packet retrie
number of packet timeouts
number of tunneled layer 7 bytes received, excluding retransmissions
Round Trip time
Array of key: value pairs where the keys are drawn from TCP Flags and the values are the count of packets that had that TCP Flag in the flow
Array of unique TCP Flags observed in the flow
Time in milliseconds between the connection activation and first byte received
Adjacency name
Endpoint average jitter
Enumeration: ‘Caller’, ‘Callee’
Endpoint maximum jitter
Endpoint RTP octets discarded
Endpoint RTP octets lost
Endpoint RTP octets received
Endpoint RTP octets sent
Endpoint RTP packets discarded
Endpoint RTP packets lost
Endpoint RTP packets received
Endpoint RTP packets sent
Local average jitter
Local average jitter buffer delay
Local maximum jitter
Local max jitter buffer delay
Local RTP octets discarded
Local RTP octets lost
Local RTP octets received
Local RTP octets sent
Local RTP packets discarded
Local RTP packets lost
Local RTP packets received
Local RTP packets sent
Decimal range from 1 to 5 (1 decimal place)
one-way path delay in milliseconds
Calculated percentage packet loss based on endpoint RTP packets lost (as reported in RTCP) and local RTP packets sent. Direction is based on endpoint description (Caller, Callee). Decimal (2 decimal places)
rFactor from 0 to 100
Round trip delay in milliseconds
vendorNfNameFields - The vendorNfNameFields provides vendor, nf and nfModule identifying information.
nfModuleName - Name of the nfModule generating the event.
nfName - Name of the network function generating the event
vendorName - Network function vendor name.
eventBody, if it exists, will contain exactly one of the following depending on the type of event as specified by the eventHeader domain field.
- faultField
- heartbeat
- measurementFields
- mobileFlowFIelds
- notificationFields
- otherfields
- pnfRegistrationFields
- sipSignalingFields
- stateChangeFields
- syslogFields
- thresholdCrosssingAlertFields
- voiceQualityFields
Fields specific to fault events.
Fields specific to heartbeat events.
Note: For heardbeat events, an event body is not required.
Fields specific to measurement events.
Fields specific to mobilityFlow events.
Fields specific to notification events.
Fields specific to other types of events.
Fields specific to pnfRegistration events.
Fields specific to sipSignaling events.
Fields specific to state change events.
Fields specific to syslog events.
Fields specific to thresholdCrossingAlert events.
Fields specific to voiceQuality events.
Fields common to all events
namedHashMap [ ] - The namedHashmap datatype is a hashMap which is associated with and described by a name.
name - Name for the array of name-value pairs.
arrayOfFields - Name-value pairs.
Note: in ATTServiceSpecification - VesEventListener v5.4.1 type = field [].
Event severity enumeration: ‘CRITICAL’, ‘MAJOR’, ‘MINOR’, ‘WARNING’, ‘NORMAL’. NORMAL is used to represent clear.
Virtual function status enumeration: ‘Active’, ‘Idle’, ‘Preparing to terminate’, ‘Ready to terminate’, ‘Requesting Termination’
lastEpochMicrosec - the latest unix time aka epoch time associated with the event from any component--as microseconds elapsed since 1 Jan 1970 not including leap seconds
Defines the network address type.
Array of named hashMaps
Array of named hashMaps
jsonObject - The jsonObject datatype provides a JSON object schema, name and other meta-information along with one or more object instances that conform to the schema.
objectInstances - Contains one or more instances of the JSON object.
objectName - Name of the json object.
objectSchema - JSON schema for the object.
objectSchemaUrl - URL to the JSON schema for the object.
nfSubscribedObjectName - Name of the object associated with the nfSubscriptionId.
nfSubscriptionId - Identifies an OpenConfig telemetry subscription on a network function, which configures the network function to send complex object data associated with the jsonObject.
jsonObjectInstance [ ] - The jsonObjectInstance datatype provides meta-information about an instance of a jsonObject along with the actual object instance.
jsonObject - Optional recursive specification on jsonObject
objectInstance - Contains an instance conforming to the jsonObject schema
objectInstanceEpochMicrosec - the unix time, aka epoch time, associated with this objectInstance--as microseconds elapsed since 1 Jan 1970 not including leap seconds.
objectKeys - An ordered set of keys that identifies this particular instance of jsonObject (e.g., that places it in a hierarchy).
domain - Event domain enumeration:
‘fault’, ‘heartbeat’, ‘measurementsForVfScaling’, ‘mobileFlow’, ‘other’, ‘sipSignaling’, ‘stateChange’, ‘syslog’, ‘thresholdCrossingAlert’, ‘voiceQuality’
arrayOfJsonObject - The arrayOfJsonObject datatype provides an array of json objects, each of which is described by name, schema and other meta-information.
arrayOfJsonObject - arrayOfJsonObject datatype provides an array of json objects, each of which is described by name, schema and other meta-information.
Possible alertActions within thresholdCrossingAlertFields
Possible values for ThresholdCrossingAlertFIelds alertType attribute.
namedHashMap [ ] - The namedHashmap datatype is a hashMap which is associated with and described by a name.
name - Name for the array of name-value pairs.
hashMap - One or more key:value pairs.
Note: in ATTServiceSpecification - VesEventListener v5.4.1 type = field [].