OPC UA PubSub Sniffing concepts: Difference between revisions
| Line 6: | Line 6: | ||
== Individual capture types == | == Individual capture types == | ||
(TBD) | (TBD) | ||
If the transport message cannot be parsed as an OPC UA PubSub message, the {{Style=Identifier|TransportMessage}} is the only capture emitted for the message. Otherwise, there is a {{Style=Identifier|NetworkMessage}} capture emitted following the {{Style=Identifier|TransportMessage}}, containing the network message header information specific to OPC UA PubSub. In special cases (such as with non-standard OPC UA PubSub extensions), there can even be more {{Style=Identifier|NetworkMessage}} captures for one {{Style=Identifier|TransportMessage}}. | |||
(TBD) | |||
(TBD - mapping auto-detection) | |||
== Capture type groupings == | == Capture type groupings == | ||
(TBD) | (TBD) | ||
Revision as of 08:41, 14 August 2022
Introduction
(TBD)
Capture types
(TBD)
Individual capture types
(TBD)
If the transport message cannot be parsed as an OPC UA PubSub message, the TransportMessage is the only capture emitted for the message. Otherwise, there is a NetworkMessage capture emitted following the TransportMessage, containing the network message header information specific to OPC UA PubSub. In special cases (such as with non-standard OPC UA PubSub extensions), there can even be more NetworkMessage captures for one TransportMessage.
(TBD)
(TBD - mapping auto-detection)
Capture type groupings
(TBD)
| Name | Display Name | Description |
|---|---|---|
| NetworkTraffic | Network Traffic | A grouping of capture types. Contains all network traffic messages. |
| AllPubSubMessages | All PubSub Messages | A grouping of capture types. Contains all OPC UA PubSub (terminal) messages. |
| AllDataSetMessages | All DataSet Messages | A grouping of capture types. Contains all dataset messages (parsed and unparsed). |
| AllDiscoveryMessages | All Discovery Messages | A grouping of capture types. Contains all discovery messages (probes and announcements). |
| AllDiscoveryProbes | All Discovery Probes | A grouping of capture types. Contains all (parsed and unparsed) discovery probe messages. |
| AllDiscoveryAnnouncements | All Discovery Announcements | A grouping of capture types. Contains all (parsed and unparsed) discovery announcement messages. |
| All | All | A grouping of capture types. Contains all message types (non-terminal and terminal). |
Terminal and non-terminal messages
The capture types denote either non-terminal or terminal messages.
- non-terminal message
- The message is further structured and can contain other non-terminal or terminal messages. Consequently, there can be more captures arising out of a single non-terminal message.
- terminal message
- The message is not structured (or cannot be parsed) to further sub-messages. No further capture will be emitted for the terminal message.
Parsed and unparsed messages
Normally, the capture mechanism parses all parts of the message that are necessary to collect the information provided by the message. When the message or its part is encrypted, it is possible that the capture mechanism will not be able to decrypt (and parse) the full message contents, but will still be able to determine the type of the message and some PubSub header information. Such case is indicated by one of the unparsed capture types.
For more information to when the unparsed capture types are used, see Security and sniffing.
Capture header
(TBD)
Special cases
Transport message auto-transformations
(TBD)
Security and sniffing
(TBD)
Data capture with sniffing
(TBD)
