KDE Tables

This article covers the tables of the Kentik Data Engine (KDE).

Notes:
For general information about KDE, see Kentik Data Engine.
As of May 1st, 2025, the Query SQL Method has been deprecated and is no longer supported.

About KDE Tables

KDE maintains discrete databases for customer flow records. These databases include “main tables” for flow records and associated data for each device (router or host), as well as supplemental data derived from the flow data. Data for all devices of a customer is merged into the customer’s All Devices Table.

The columns in these tables form the basis for Kentik query dimensions (see Dimensions Reference). Most dimensions are exposed in the portal UI's dimension selectors for filtering (see Dimension Selector Dialog) and group-by (see Dimension Selectors).

Universal Data Records

Universal Data Records is Kentik's technique for populating fields of KDE tables. As described in About KDE Tables, many columns of the main tables where flow data is stored correspond to fields ingested from individual devices. Rather than reserving columns for fields not used by a given device type (router, switch, firewall), UDR varies the field mapping based on device type.

This flexible schema enables Kentik to rapidly extend KDE's support for new and disparate sources, allowing a much wider range of data points about customer networks and infrastructure. Advantages of this approach are the ability to store vendor-specific flow fields (see Device-specific Dimensions), increased capacity for Custom Dimensions, and the ability to store data from flow records with non-standard fields.

Main Table Columns

Columns of the main table not exposed as filter and/or group-by dimensions in the portal UI were previously covered in this topic. These columns were available only when querying with SQL via the Query SQL Method of the Query API, which as of May 1st, 2025, has been deprecated and is no longer supported.

Using Main Tables

The use of KDE Main Table columns via the Query SQL Method has been deprecated as of May 1st, 2025, and is no longer supported.

All Devices Table

In addition to the individual table for each device, each customer’s database includes a special table named all_devices, a merge of all that customer’s device data into one table. The All Devices table includes all the fields of an individual device table, but also the following additional fields:

Column	Type	Description
i_device_id	text	Kentik-assigned unique numerical ID of the device. Used for all functions.
i_device_name	text	User-defined name for the device.
i_device_site_name	text	Name of the site to which the device has been assigned (see About Sites). If the device hasn't been assigned to a site, returns an empty string. Notes: Supported operators for WHERE clause: case-insensitive equality, LIKE, IN, and regex matching. Site assignments in the table may lag Admin settings by up to 10 minutes.
i_device_type	text	Type of device, e.g. router or host (see Supported Device Types). Note: Used only for selection (filtering with WHERE clause), not for display or GROUP_BY.

The additional fields of the All Devices table can be used to filter returned data by individual routers, or to further group by device using i_device_id.

Note: The All Devices fields above are exposed as filtering and group-by dimensions in the portal (see Dimensions Reference).