codeaprendiz.github.io

DevOps Essentials

View on GitHub

Host Monitoring

Stats Visualization
CPU Usage Guage
Memroy Usage Guage
Load Guage
Inbound Traffic
Outbound Traffic
Packetloss
Swap Usage
Memory usage vs total
Number of processes
Disk Used
Disk Usage
CPU Usage
System Load
Memory Usage
Disk IO
Network Traffic Packets
Network Traffic Bytes
Processes By Memory
Top Processes By CPU
Interfaces By Incoming Traffic
Interfaces By Outgoing Traffic

CPU-Usage-Gauge

Aggregations

## Average ##
user = Avg(system.cpu.user.pct)

## Average ##
system = Avg(system.cpu.system.pct)

## Average ##
n = Avg(system.cpu.cores)

## Bucket Script ##
params.n > 0 ? (params.user+params.system)/params.n : null

GroupBy-Everything
COLOR EXPRESSION VALUE
GREEN : >= greater than or equal 0
ORANGE : >= greater than or equal 0.7
RED : >= greater than or equal 0.85

Memory-Usage-Gauge

Aggregation

## Average ##
a = Avg(system.memory.actual.used.pct)

GroupBy-Everything
COLOR EXPRESSION VALUE
GREEN : >= greater than or equal 0
ORANGE : >= greater than or equal 0.7
RED : >= greater than or equal 0.85

Load-Guage

Aggregation

## Average ##
a = Avg(system.load.5)

GroupBy-Everything

Inbound-Traffic

network network contains network IO metrics for a single network interface.

Aggregation

## Max ##
a = Max(system.network.in.bytes)

## Derivative ##
b = Derivative(a)/1s

## PositiveOnly ##
c = PositiveOnly(b)

## Series Agg ##
Function : Sum             # c1 + c2 + c3 ....

GroupBy-Terms : system.network.name
Top : 10
OrderBy : Doc Count (default)
Decending

Total Transferred

Aggregation

## Max ##
a = Max(system.network.in.bytes)

## Derivative ##
b = Derivative(a)/1s

## PositiveOnly ##
c = PositiveOnly(b)

## Series Agg ##
Function : Overall Sum             # c1 + c2 + c3 ....

GroupBy-Terms : system.network.name
Top : 10
OrderBy : Doc Count (default)
Decending

Outbound-Traffic

Aggregation

## Max ##
a = Max(system.network.out.bytes)

## Derivative ##
b = Derivative(a)/1s

## PositiveOnly ##
c = PositiveOnly(b)

## Series Agg ##
Function : Sum             # c1 + c2 + c3 ....

GroupBy-Terms : system.network.name
Top : 10
OrderBy : Doc Count (default)
Decending

Total Transferred

Aggregation

## Max ##
a = Max(system.network.out.bytes)

## Derivative ##
b = Derivative(a)/1s

## PositiveOnly ##
c = PositiveOnly(b)

## Series Agg ##
Function : Overall Sum             # c1 + c2 + c3 ....

GroupBy-Terms : system.network.name
Top : 10
OrderBy : Doc Count (default)
Decending

Packetloss

In Packetloss

Aggregation

## Max ##
a = Max(system.network.in.dropped)

GroupBy-Everything

Out Packetloss

Aggregation

## Max ##
a = Max(system.network.out.dropped)

GroupBy-Everything

Swap-usage

Aggregation

## Average ##
a = Avg(system.memory.swap.used.pct)

GroupBy-Everything
COLOR EXPRESSION VALUE
GREEN : >= greater than or equal 0
ORANGE : >= greater than or equal 0.7
RED : >= greater than or equal 0.85

Memory-usage-vs-total

Aggregation

## Average ##
a = Avg(system.memory.actual.used.bytes)

GroupBy-Everything

Aggregation

## Average ##
a = Avg(system.memory.total)

GroupBy-Everything

Number-of-processes

Metrics

a = UniqueCount(process.pid)

Disk-used

Aggregation

## TopHit ##
a = TopHit(system.fsstat.total_size.used)         # Size=1, Aggregate with Avg, Order By : @timastamp, Desc

## TopHit ##
b = TopHit(system.fsstat.total_size.total)        # Size=1, Aggregate with Avg, Order By : @timastamp, Desc

Expression = a/b

GroupBy-Everything
COLOR EXPRESSION VALUE
GREEN : >= greater than or equal 0
ORANGE : >= greater than or equal 0.7
RED : >= greater than or equal 0.85

Disk-Usage

Aggregation

## TopHit ##
a = TopHit(system.filesystem.used.pct)   # Size=1, Aggregate with Avg, Order By : @timastamp


GroupBy-Term : system.filesystem.mount_point
Top : 10
OrderBy : Doc Count(default)
Desc

CPU-Usage

Aggregation

## Average ##
a = Avg(system.cpu.user.pct)

GroupBy-Everything

Aggregation

## Average ##
a = Avg(system.cpu.system.pct)

GroupBy-Everything

Aggregation

## Average ##
a = Avg(system.cpu.nice.pct)

GroupBy-Everything
## Average ##
a = Avg(system.cpu.irq.pct)

GroupBy-Everything

Aggregation

## Average ##
a = Avg(system.cpu.softirq.pct)

GroupBy-Everything
## Average ##
a = Avg(system.cpu.iowait.pct)

GroupBy-Everything

System-Load

Aggregation

## Average ##
a = Avg(system.load.1)

GroupBy-Everything

Aggregation

## Average ##
a = Avg(system.load.5)

GroupBy-Everything

Aggregation

## Average ##
a = Avg(system.load.15)

GroupBy-Everything

Memory-Usage

Used Memory

Aggregation

## Average ##
a = Avg(system.memory.actual.used.bytes)

GroupBy-Everything

Free Momory

Aggregation

## Average ##
a = Avg(system.memory.free)

GroupBy-Everything

Cache

Aggregation

## Bucket Script ##
actual = Avg(system.memory.actual.used.bytes)
used   = Avg(system.memory.used.bytes)

params.actual != null && params.used != null ? params.used - params.actual : null

GroupBy(everything)

Disk-IO

Reads

Aggregation

## Max ##
a = Max(system.diskio.read.bytes)

## Derivative ##
b = Derivative(a)/1s   

## PositiveOnly ##
c = PositiveOnly(b)

GroupBy-Everything

Writes

Aggregation

## Max ##
a = Max(system.diskio.write.bytes)

## Derivative ##
rate = Derivative(a)/1s   

## Bucket Script ##
params.rate > 0 ? params.rate * -1 : 0

GroupBy-Everything

Aggregation

rate = Derivative(a)/1s

Aggregation

Bucket Script params.rate > 0 ? params.rate * -1 : 0

GroupBy(Everything)

Network-Traffic-Packets

Inbound

Aggregation

## Max ##
a = Max(system.network.in.packets)

## Derivative ##
b = Derivative(a)/1s

## PositiveOnly ##
c = PositiveOnly(b)

## Series Agg ##
Function : Sum         # c1 + c2 + ...

GroupBy-Terms : system.network.name
Top : 10
OrderBy : Doc Count (default)
Desc

Outbound

Aggregations

## Max ## 
a = Max(system.network.out.packets)

## Derivative ##
rate = Derivative(system.network.out.packets)/1s

## Bucket Script ##
params.rate != null && params.rate > 0 ? params.rate * -1 : null

## Serives Agg ##
Function : Sum            # params.rate1 + params.rate2 + ...

GroupBy-Term  :  system.network.name
Top : 10
Order By : Doc Count(default) 
Desc

Network-Traffic-Bytes

Inbound

Aggregations

## Max ##
a = Max(system.network.in.bytes)

## Derivative ##
b = Derivative(a)/1s

## PositiveOnly ##
c = PositiveOnly(b)

## Series Agg ##
Function : Sum                  #  c1 + c2 + c3 + c4

GroupBy-Terms : system.network.name
Top : 10
OrderBy : DocCount(default)
Desc

Outbound

Aggregations

## Max ##
a = Max(system.network.out.bytes)

## Derivative ##
rate = Derivative(a)/1s

## Bucket Script ## 
params.rate != null && params.rate > 0 ? params.rate * -1 : null

## Series Agg ##
Function : Sum                  #  params.rate1 + params.rate2 ...

GroupBy-Terms : system.network.name
Top : 10
OrderBy : DocCount(default)
Desc

Processes-By-Memory

Aggregations

## Average ##
a = Avg(system.process.memory.rss.pct)

GroupBy-Terms: process.name
Top : 10
OrderBy : a
Desc
COLOR EXPRESSION VALUE
GREEN : >= greater than or equal 0
ORANGE : >= greater than or equal 0.7
RED : >= greater than or equal 0.85

Top-Processes-By-CPU

Aggregations

## Avegage ##
a = Avg(system.process.cpu.total.pct)

GroupBy-Terms: process.name
Top : 10
OrderBy : a
Descending

Interfaces-By-Incoming-Traffic

Aggregation

## Average ##
a = Avg(system.network.in.bytes)

GroupBy-Terms: system.network.name
Top : 10
OrderBy : a
Descending

Interfaces-By-Outgoing-Traffic

Aggregation

## Average ##
a = Avg(system.network.out.bytes)

GroupBy-Terms: system.network.name
Top : 10
OrderBy : a
Descending