├── save ├── requirements.txt ├── README.md └── kibana_dump.py ├── .gitignore ├── screenshots ├── NFS-dashboard.png ├── MySql-performance.png ├── PgSql-performance.png ├── Thrift-performance.png ├── Topbeat-statistics.png ├── Packetbeat-statistics.png └── winlogbeat-dashboard.png ├── ISSUE_TEMPLATE ├── .beatconfig ├── Makefile ├── dashboards ├── visualization │ ├── Number-of-Events.json │ ├── Total-number-of-HTTP-transactions.json │ ├── Slowest-MySQL-queries.json │ ├── Slowest-PgSQL-queries.json │ ├── Slowest-Thrift-RPC-methods.json │ ├── Top-10-HTTP-requests.json │ ├── Top-slowest-MongoDB-queries.json │ ├── Most-frequent-MySQL-queries.json │ ├── Most-frequent-PgSQL-queries.json │ ├── Event-Levels.json │ ├── Mysql-response-times-percentiles.json │ ├── PgSQL-response-times-percentiles.json │ ├── Thrift-response-times-percentiles.json │ ├── NFS-operation-table.json │ ├── MySQL-throughput.json │ ├── PgSQL-throughput.json │ ├── HTTP-codes-for-the-top-queries.json │ ├── Process-status.json │ ├── Disk-usage.json │ ├── Top-Thrift-RPC-methods.json │ ├── Latency-histogram.json │ ├── Web-transactions.json │ ├── Cache-transactions.json │ ├── MySQL-Errors.json │ ├── PgSQL-Errors.json │ ├── RPC-transactions.json │ ├── Thrift-requests-per-minute.json │ ├── NFS-top-group-pie-chart.json │ ├── NFS-top-users-pie-chart.json │ ├── Top-Thrift-RPC-calls-with-errors.json │ ├── Thrift-RPC-Errors.json │ ├── NFS-clients-pie-chart.json │ ├── Top-Event-IDs.json │ ├── Navigation.json │ ├── NFS-response-times.json │ ├── Top-processes.json │ ├── DB-transactions.json │ ├── Response-times-percentiles.json │ ├── Errors-count-over-time.json │ ├── Memory-usage-per-proc.json │ ├── Memory-usage-per-process.json │ ├── Sources.json │ ├── Reads-versus-Writes.json │ ├── Response-times-repartition.json │ ├── MongoDB-in-slash-out-throughput.json │ ├── MySQL-Methods.json │ ├── PgSQL-Methods.json │ ├── System-load.json │ ├── Evolution-of-the-CPU-times-per-process.json │ ├── MongoDB-commands.json │ ├── Errors-vs-successful-transactions.json │ ├── Top10-memory.json │ ├── NFS-operations-area-chart.json │ ├── NFS-errors.json │ ├── Total-time-spent-in-each-MongoDB-collection.json │ ├── Client-locations.json │ ├── Servers.json │ ├── Top10-cpu-per-proc.json │ ├── CPU-usage-per-process.json │ ├── Top-10-processes-by-total-CPU-usage.json │ ├── CPU-usage.json │ ├── Memory-usage.json │ ├── NFS-bytes-in-slash-out.json │ ├── MongoDB-errors-per-collection.json │ ├── Number-of-MongoDB-transactions-with-writeConcern-w-equal-0.json │ ├── Disk-usage-over-time.json │ ├── Disk-utilization-over-time.json │ ├── MongoDB-response-times-and-count.json │ ├── MySQL-Reads-vs-Writes.json │ ├── PgSQL-Reads-vs-Writes.json │ ├── MongoDB-errors.json │ ├── HTTP-error-codes.json │ ├── MongoDB-response-times-by-collection.json │ ├── Number-of-Events-Over-Time-By-Event-Log.json │ └── HTTP-error-codes-evolution.json ├── search │ ├── Filesystem-stats.json │ ├── Cache-transactions.json │ ├── RPC-transactions.json │ ├── Default-Search.json │ ├── DB-transactions.json │ ├── Packetbeat-Search.json │ ├── Transactions-errors.json │ ├── Web-transactions.json │ ├── nfs.json │ ├── MySQL-Transactions.json │ ├── PgSQL-transactions.json │ ├── Thrift-transactions.json │ ├── Packetbeat-Flows-Search.json │ ├── MongoDB-transactions.json │ ├── Winlogbeat-Search.json │ ├── MongoDB-transactions-with-write-concern-0.json │ ├── HTTP-errors.json │ ├── MySQL-errors.json │ ├── PgSQL-errors.json │ ├── Thrift-errors.json │ ├── MongoDB-errors.json │ ├── Process-stats.json │ └── System-stats.json ├── dashboard │ ├── Winlogbeat-Dashboard.json │ ├── Packetbeat-HTTP.json │ ├── Packetbeat-Thrift-performance.json │ ├── Packetbeat-MySQL-performance.json │ ├── Packetbeat-PgSQL-performance.json │ ├── Packetbeat-MongoDB-performance.json │ ├── Packetbeat-Dashboard.json │ ├── Topbeat-Dashboard.json │ └── Packetbeat-NFS.json └── index-pattern │ ├── filebeat.json │ ├── winlogbeat.json │ ├── packetbeat.json │ └── topbeat.json ├── LICENSE ├── CHANGELOG.md ├── README.md ├── load.ps1 └── load.sh /save/requirements.txt: -------------------------------------------------------------------------------- 1 | elasticsearch 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.swp 2 | save/env 3 | .DS_Store 4 | -------------------------------------------------------------------------------- /screenshots/NFS-dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/beats-dashboards/master/screenshots/NFS-dashboard.png -------------------------------------------------------------------------------- /screenshots/MySql-performance.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/beats-dashboards/master/screenshots/MySql-performance.png -------------------------------------------------------------------------------- /screenshots/PgSql-performance.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/beats-dashboards/master/screenshots/PgSql-performance.png -------------------------------------------------------------------------------- /ISSUE_TEMPLATE: -------------------------------------------------------------------------------- 1 | This repository is no longer being used. All code and issues are tracked in 2 | https://github.com/elastic/beats. 3 | -------------------------------------------------------------------------------- /screenshots/Thrift-performance.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/beats-dashboards/master/screenshots/Thrift-performance.png -------------------------------------------------------------------------------- /screenshots/Topbeat-statistics.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/beats-dashboards/master/screenshots/Topbeat-statistics.png -------------------------------------------------------------------------------- /.beatconfig: -------------------------------------------------------------------------------- 1 | packetbeat-/packetbeat- 2 | filebeat-/filebeat- 3 | topbeat-/topbeat- 4 | winlogonbeat-/winlogonbeat- 5 | logstash-/logstash- -------------------------------------------------------------------------------- /screenshots/Packetbeat-statistics.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/beats-dashboards/master/screenshots/Packetbeat-statistics.png -------------------------------------------------------------------------------- /screenshots/winlogbeat-dashboard.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elastic/beats-dashboards/master/screenshots/winlogbeat-dashboard.png -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | VERSION?=$(shell git rev-parse --abbrev-ref HEAD) 2 | 3 | .PHONY: dist 4 | dist: 5 | git archive --format zip --prefix beats-dashboards-$(VERSION)/ -o ../beats-dashboards-$(VERSION).zip HEAD 6 | 7 | .PHONY: upload 8 | upload: dist 9 | aws s3 cp --acl public-read ../beats-dashboards-$(VERSION).zip s3://download.elasticsearch.org/beats/dashboards/ 10 | -------------------------------------------------------------------------------- /save/README.md: -------------------------------------------------------------------------------- 1 | Kibana4 dashboard dump tool 2 | =========================== 3 | 4 | Simple tool to dump / save / backup your Kibana4 dashboards. 5 | 6 | Install 7 | ------- 8 | 9 | virtualenv env 10 | . env/bin/activate 11 | pip install -r requirements.txt 12 | 13 | Usage example 14 | ------------- 15 | 16 | python kibana_dump.py --url 'http://localhost:9200' --dir output 17 | -------------------------------------------------------------------------------- /dashboards/visualization/Number-of-Events.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"metric\",\"params\":{\"fontSize\":60},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Number of Events", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"index\":\"winlogbeat-*\",\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}},\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/Total-number-of-HTTP-transactions.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Total number of HTTP transactions\",\"type\":\"metric\",\"params\":{\"fontSize\":\"37\",\"handleNoResults\":true},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Total number of HTTP transactions", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Web-transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2012–2016 Elasticsearch 2 | 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | -------------------------------------------------------------------------------- /dashboards/search/Filesystem-stats.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "Filesystem stats", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"topbeat-*\",\"query\":{\"query_string\":{\"query\":\"type: filesystem\",\"analyze_wildcard\":true}},\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"filter\":[]}" 12 | }, 13 | "columns": [ 14 | "_source" 15 | ] 16 | } -------------------------------------------------------------------------------- /dashboards/visualization/Slowest-MySQL-queries.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"responsetime\"}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"query\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Slowest MySQL queries", 5 | "version": 1, 6 | "savedSearchId": "MySQL-Transactions", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/Slowest-PgSQL-queries.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"responsetime\"}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"query\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Slowest PgSQL queries", 5 | "version": 1, 6 | "savedSearchId": "PgSQL-transactions", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/search/Cache-transactions.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "Cache transactions", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}}},\"filter\":[],\"query\":{\"query_string\":{\"query\":\"type: redis\",\"analyze_wildcard\":true}}}" 12 | }, 13 | "columns": [ 14 | "type", 15 | "method", 16 | "path", 17 | "responsetime", 18 | "status" 19 | ] 20 | } -------------------------------------------------------------------------------- /dashboards/search/RPC-transactions.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "RPC transactions", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}}},\"filter\":[],\"query\":{\"query_string\":{\"query\":\"type: thrift\",\"analyze_wildcard\":true}}}" 12 | }, 13 | "columns": [ 14 | "type", 15 | "method", 16 | "path", 17 | "responsetime", 18 | "status" 19 | ] 20 | } -------------------------------------------------------------------------------- /dashboards/visualization/Slowest-Thrift-RPC-methods.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"responsetime\"}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"method\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Slowest Thrift RPC methods", 5 | "version": 1, 6 | "savedSearchId": "Thrift-transactions", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/search/Default-Search.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "Default Search", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"logstash-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"fragment_size\":2147483647},\"filter\":[],\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}" 12 | }, 13 | "columns": [ 14 | "method", 15 | "type", 16 | "path", 17 | "responsetime", 18 | "status", 19 | "query" 20 | ] 21 | } -------------------------------------------------------------------------------- /dashboards/visualization/Top-10-HTTP-requests.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Top 10 HTTP requests\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"query\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Top 10 HTTP requests", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Web-transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Top-slowest-MongoDB-queries.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"percentiles\",\"schema\":\"metric\",\"params\":{\"field\":\"responsetime\",\"percents\":[99]}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"query\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1.99\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Top slowest MongoDB queries", 5 | "version": 1, 6 | "savedSearchId": "MongoDB-transactions", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/Most-frequent-MySQL-queries.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Most frequent MySQL queries\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"query\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Most frequent MySQL queries", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "MySQL-Transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Most-frequent-PgSQL-queries.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Most frequent PgSQL queries\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"query\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Most frequent PgSQL queries", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "PgSQL-transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/search/DB-transactions.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "DB transactions", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"fragment_size\":2147483647},\"filter\":[],\"query\":{\"query_string\":{\"query\":\"type: mysql or type: pgsql or type: mongodb\",\"analyze_wildcard\":true}}}" 12 | }, 13 | "columns": [ 14 | "type", 15 | "method", 16 | "path", 17 | "responsetime", 18 | "status" 19 | ] 20 | } -------------------------------------------------------------------------------- /dashboards/visualization/Event-Levels.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"table\",\"params\":{\"perPage\":5,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"level\",\"exclude\":{\"pattern\":\"\\\"\\\"\"},\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Event Levels", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"index\":\"winlogbeat-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Change Log 2 | All notable changes to this project will be documented in this file based on the 3 | [Keep a Changelog](http://keepachangelog.com/) Standard. 4 | 5 | ## [Unreleased](https://github.com/elastic/libbeat/compare/1.0.0-rc1...HEAD) 6 | 7 | ### Backward Compatibility Breaks 8 | 9 | ### Deprecated 10 | 11 | ### Added 12 | - Add a dashboard for Windows Event Log statistics with data from Winlogbeat #60 13 | 14 | ### Bugfixes 15 | 16 | ## [1.0.0-rc1](https://github.com/elastic/libbeat/compare/1.0.0-beta4...1.0.0-rc1) 17 | 18 | ### Backward Compatibility Breaks 19 | 20 | ### Deprecated 21 | 22 | ### Bugfixes 23 | 24 | ### Added 25 | - Update index patterns, dashboards after replacing timestamp with @timestamp 26 | 27 | -------------------------------------------------------------------------------- /dashboards/visualization/Mysql-response-times-percentiles.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"line\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"defaultYExtents\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"percentiles\",\"schema\":\"metric\",\"params\":{\"field\":\"responsetime\",\"percents\":[75,99,99.5]}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Mysql response times percentiles", 5 | "version": 1, 6 | "savedSearchId": "MySQL-Transactions", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/PgSQL-response-times-percentiles.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"defaultYExtents\":false,\"shareYAxis\":true},\"aggs\":[{\"id\":\"1\",\"type\":\"percentiles\",\"schema\":\"metric\",\"params\":{\"field\":\"responsetime\",\"percents\":[75,99,99.5]}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "PgSQL response times percentiles", 5 | "version": 1, 6 | "savedSearchId": "PgSQL-transactions", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/Thrift-response-times-percentiles.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"aggs\":[{\"id\":\"1\",\"params\":{\"field\":\"responsetime\",\"percents\":[75,99,99.5]},\"schema\":\"metric\",\"type\":\"percentiles\"},{\"id\":\"2\",\"params\":{\"extended_bounds\":{},\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTooltip\":true,\"defaultYExtents\":false,\"shareYAxis\":true},\"type\":\"line\"}", 3 | "description": "", 4 | "title": "Thrift response times percentiles", 5 | "version": 1, 6 | "savedSearchId": "Thrift-transactions", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/NFS-operation-table.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"NFS operation table\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"rpc.time\"}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"nfs.opcode\",\"size\":16,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"3\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "NFS operation table", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "nfs", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/MySQL-throughput.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"line\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"defaultYExtents\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"bytes_out\"}},{\"id\":\"3\",\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"bytes_in\"}},{\"id\":\"4\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "MySQL throughput", 5 | "version": 1, 6 | "savedSearchId": "MySQL-Transactions", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/PgSQL-throughput.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"line\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"defaultYExtents\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"bytes_out\"}},{\"id\":\"2\",\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"bytes_in\"}},{\"id\":\"3\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "PgSQL throughput", 5 | "version": 1, 6 | "savedSearchId": "PgSQL-transactions", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/HTTP-codes-for-the-top-queries.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"query\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"row\":false}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"http.code\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "HTTP codes for the top queries", 5 | "version": 1, 6 | "savedSearchId": "Web-transactions", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/search/Packetbeat-Search.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "Packetbeat Search", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"query_string\":{\"query\":\"NOT type: flow\",\"analyze_wildcard\":true}}}" 12 | }, 13 | "columns": [ 14 | "client_ip", 15 | "client_port", 16 | "ip", 17 | "port", 18 | "type", 19 | "query", 20 | "method", 21 | "responsetime", 22 | "status" 23 | ] 24 | } 25 | -------------------------------------------------------------------------------- /dashboards/visualization/Process-status.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"pie\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"isDonut\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"proc.pid\"}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"beat.name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"proc.state\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Process status", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Process-stats", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/search/Transactions-errors.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "Transactions errors", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"query_string\":{\"query\":\"!type: flow AND !status: OK\",\"analyze_wildcard\":true}}}" 12 | }, 13 | "columns": [ 14 | "client_ip", 15 | "client_port", 16 | "ip", 17 | "port", 18 | "type", 19 | "query", 20 | "method", 21 | "responsetime", 22 | "status" 23 | ] 24 | } -------------------------------------------------------------------------------- /dashboards/visualization/Disk-usage.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"New Visualization\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"scale\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"fs.used_p\"}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"fs.device_name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Disk usage", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Filesystem-stats", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Top-Thrift-RPC-methods.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Top Thrift-RPC methods\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":false,\"mode\":\"stacked\",\"defaultYExtents\":false,\"scale\":\"linear\",\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"method\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Top Thrift-RPC methods", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Thrift-transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/search/Web-transactions.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "Web transactions", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}}},\"filter\":[{\"meta\":{\"index\":\"packetbeat-*\",\"negate\":false,\"key\":\"type\",\"value\":\"http\",\"disabled\":false},\"query\":{\"match\":{\"type\":{\"query\":\"http\",\"type\":\"phrase\"}}}}],\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}" 12 | }, 13 | "columns": [ 14 | "type", 15 | "method", 16 | "path", 17 | "responsetime", 18 | "status" 19 | ] 20 | } -------------------------------------------------------------------------------- /dashboards/search/nfs.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "nfs", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"index\":\"packetbeat-*\",\"key\":\"type\",\"negate\":false,\"value\":\"nfs\"},\"query\":{\"match\":{\"type\":{\"query\":\"nfs\",\"type\":\"phrase\"}}}}],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}" 12 | }, 13 | "columns": [ 14 | "_source" 15 | ] 16 | } -------------------------------------------------------------------------------- /dashboards/search/MySQL-Transactions.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "MySQL Transactions", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}}},\"filter\":[{\"meta\":{\"index\":\"packetbeat-*\",\"negate\":false,\"key\":\"type\",\"value\":\"mysql\",\"disabled\":false},\"query\":{\"match\":{\"type\":{\"query\":\"mysql\",\"type\":\"phrase\"}}}}],\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}" 12 | }, 13 | "columns": [ 14 | "method", 15 | "type", 16 | "path", 17 | "responsetime", 18 | "status" 19 | ] 20 | } -------------------------------------------------------------------------------- /dashboards/search/PgSQL-transactions.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "PgSQL transactions", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}}},\"filter\":[{\"meta\":{\"index\":\"packetbeat-*\",\"negate\":false,\"key\":\"type\",\"value\":\"pgsql\",\"disabled\":false},\"query\":{\"match\":{\"type\":{\"query\":\"pgsql\",\"type\":\"phrase\"}}}}],\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}" 12 | }, 13 | "columns": [ 14 | "method", 15 | "type", 16 | "path", 17 | "responsetime", 18 | "status" 19 | ] 20 | } -------------------------------------------------------------------------------- /dashboards/search/Thrift-transactions.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "Thrift transactions", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}}},\"filter\":[{\"meta\":{\"index\":\"packetbeat-*\",\"negate\":false,\"key\":\"type\",\"value\":\"thrift\",\"disabled\":false},\"query\":{\"match\":{\"type\":{\"query\":\"thrift\",\"type\":\"phrase\"}}}}],\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"type: thrift\"}}}" 12 | }, 13 | "columns": [ 14 | "method", 15 | "type", 16 | "path", 17 | "responsetime", 18 | "status" 19 | ] 20 | } -------------------------------------------------------------------------------- /dashboards/visualization/Latency-histogram.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Latency histogram\",\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"responsetime\",\"interval\":10,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Latency histogram", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Packetbeat-Search", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Web-transactions.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Web transactions\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":false,\"mode\":\"stacked\",\"defaultYExtents\":false,\"scale\":\"linear\",\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Web transactions", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Web-transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Cache-transactions.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Cache transactions\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":false,\"mode\":\"stacked\",\"defaultYExtents\":false,\"scale\":\"linear\",\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Cache transactions", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Cache-transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/search/Packetbeat-Flows-Search.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "Packetbeat Flows Search", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647},\"query\":{\"query_string\":{\"query\":\"type: flow\",\"analyze_wildcard\":true}}}" 12 | }, 13 | "columns": [ 14 | "type", 15 | "start_time", 16 | "last_time", 17 | "source.ip", 18 | "source.port", 19 | "dest.ip", 20 | "dest.port", 21 | "source.stats.net_bytes_total", 22 | "dest.stats.net_bytes_total" 23 | ] 24 | } 25 | -------------------------------------------------------------------------------- /dashboards/visualization/MySQL-Errors.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"MySQL Errors\",\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":false,\"mode\":\"stacked\",\"defaultYExtents\":false,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "MySQL Errors", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "MySQL-errors", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/PgSQL-Errors.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"PgSQL Errors\",\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":false,\"mode\":\"stacked\",\"defaultYExtents\":false,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "PgSQL Errors", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "PgSQL-errors", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/RPC-transactions.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"RPC transactions\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":false,\"mode\":\"stacked\",\"defaultYExtents\":false,\"scale\":\"linear\",\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"type\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "RPC transactions", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "RPC-transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/search/MongoDB-transactions.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "MongoDB transactions", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"fragment_size\":2147483647},\"filter\":[{\"meta\":{\"disabled\":false,\"index\":\"packetbeat-*\",\"key\":\"type\",\"negate\":false,\"value\":\"mongodb\"},\"query\":{\"match\":{\"type\":{\"query\":\"mongodb\",\"type\":\"phrase\"}}}}],\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}" 12 | }, 13 | "columns": [ 14 | "method", 15 | "type", 16 | "path", 17 | "responsetime", 18 | "status", 19 | "query" 20 | ] 21 | } -------------------------------------------------------------------------------- /dashboards/visualization/Thrift-requests-per-minute.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Thrift requests per minute\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":false,\"mode\":\"stacked\",\"defaultYExtents\":false,\"scale\":\"linear\",\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"m\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Thrift requests per minute", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Thrift-transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/NFS-top-group-pie-chart.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\n \"title\": \"New Visualization\",\n \"type\": \"pie\",\n \"params\": {\n \"shareYAxis\": true,\n \"addTooltip\": true,\n \"addLegend\": true,\n \"isDonut\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"rpc.cred.gid\",\n \"size\": 16,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}", 3 | "description": "", 4 | "title": "NFS top group pie chart", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "nfs", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\n \"filter\": []\n}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/NFS-top-users-pie-chart.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\n \"title\": \"New Visualization\",\n \"type\": \"pie\",\n \"params\": {\n \"shareYAxis\": true,\n \"addTooltip\": true,\n \"addLegend\": true,\n \"isDonut\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"rpc.cred.uid\",\n \"size\": 16,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}", 3 | "description": "", 4 | "title": "NFS top users pie chart", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "nfs", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\n \"filter\": []\n}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Top-Thrift-RPC-calls-with-errors.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\n \"type\": \"histogram\",\n \"params\": {\n \"shareYAxis\": true,\n \"addTooltip\": true,\n \"addLegend\": false,\n \"mode\": \"stacked\",\n \"defaultYExtents\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"method\",\n \"size\": 5,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}", 3 | "description": "", 4 | "title": "Top Thrift-RPC calls with errors", 5 | "version": 1, 6 | "savedSearchId": "Thrift-errors", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\n \"filter\": []\n}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/search/Winlogbeat-Search.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "Windows Event Log Search", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\n \"index\": \"winlogbeat-*\",\n \"filter\": [],\n \"highlight\": {\n \"pre_tags\": [\n \"@kibana-highlighted-field@\"\n ],\n \"post_tags\": [\n \"@/kibana-highlighted-field@\"\n ],\n \"fields\": {\n \"*\": {}\n },\n \"require_field_match\": false,\n \"fragment_size\": 2147483647\n },\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n }\n}" 12 | }, 13 | "columns": [ 14 | "record_number", 15 | "log_name", 16 | "level", 17 | "source_name", 18 | "message", 19 | "event_id", 20 | "user.name" 21 | ] 22 | } -------------------------------------------------------------------------------- /dashboards/visualization/Thrift-RPC-Errors.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Thrift RPC Errors\",\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":false,\"mode\":\"stacked\",\"defaultYExtents\":false,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Thrift RPC Errors", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Thrift-errors", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/NFS-clients-pie-chart.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\n \"title\": \"NFS clients pie chart\",\n \"type\": \"pie\",\n \"params\": {\n \"shareYAxis\": true,\n \"addTooltip\": true,\n \"addLegend\": true,\n \"isDonut\": true\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"rpc.cred.machinename\",\n \"size\": 16,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}", 3 | "description": "", 4 | "title": "NFS clients pie chart", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "nfs", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\n \"filter\": []\n}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Top-Event-IDs.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\n \"type\": \"table\",\n \"params\": {\n \"perPage\": 10,\n \"showPartialRows\": false,\n \"showMeticsAtAllLevels\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"type\": \"terms\",\n \"schema\": \"bucket\",\n \"params\": {\n \"field\": \"event_id\",\n \"size\": 5,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}", 3 | "description": "", 4 | "title": "Top Event IDs", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\n \"index\": \"winlogbeat-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/search/MongoDB-transactions-with-write-concern-0.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "MongoDB transactions with write concern 0", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"fragment_size\":2147483647},\"filter\":[{\"meta\":{\"disabled\":false,\"index\":\"packetbeat-*\",\"key\":\"type\",\"negate\":false,\"value\":\"mongodb\"},\"query\":{\"match\":{\"type\":{\"query\":\"mongodb\",\"type\":\"phrase\"}}}}],\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"request: \\\"writeConcern w 0\\\"\"}}}" 12 | }, 13 | "columns": [ 14 | "method", 15 | "type", 16 | "path", 17 | "responsetime", 18 | "status", 19 | "query" 20 | ] 21 | } -------------------------------------------------------------------------------- /dashboards/visualization/Navigation.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Navigation\",\"type\":\"markdown\",\"params\":{\"markdown\":\"### Packetbeat:\\n\\n[Dashboard](#/dashboard/Packetbeat-Dashboard)\\n\\n[Web transactions](#/dashboard/HTTP)\\n\\n[MySQL performance](#/dashboard/MySQL-performance)\\n\\n[PostgreSQL performance](#/dashboard/PgSQL-performance)\\n\\n[MongoDB performance](#/dashboard/MongoDB-performance)\\n\\n[Thrift-RPC performance](#/dashboard/Thrift-performance)\\n\\n[NFS performance](#/dashboard/NFS-packetbeat)\\n\\n### Topbeat:\\n\\n[Dashboard](#/dashboard/Topbeat-Dashboard)\\n\\n### Winlogbeat:\\n\\n[Dashboard](#/dashboard/Winlogbeat-Dashboard)\"},\"aggs\":[],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Navigation", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}},\"filter\":[]}" 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /dashboards/visualization/NFS-response-times.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"NFS response times\",\"type\":\"line\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"showCircles\":true,\"smoothLines\":false,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":\"9\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":true,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"rpc.time\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "NFS response times", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "nfs", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Top-processes.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Top processes\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"proc.cpu.total_p\"}},{\"id\":\"2\",\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"proc.mem.rss\"}},{\"id\":\"3\",\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"proc.mem.rss_p\"}},{\"id\":\"5\",\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"proc.mem.share\"}},{\"id\":\"6\",\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"proc.name\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Top processes", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Process-stats", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/DB-transactions.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"DB transactions\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"mode\":\"stacked\",\"defaultYExtents\":false,\"scale\":\"linear\",\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"type\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "DB transactions", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "DB-transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Response-times-percentiles.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"line\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"showCircles\":true,\"smoothLines\":false,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"percentiles\",\"schema\":\"metric\",\"params\":{\"field\":\"responsetime\",\"percents\":[75,95,99]}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Response times percentiles", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Packetbeat-Search", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/search/HTTP-errors.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "HTTP errors", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}}},\"filter\":[{\"meta\":{\"index\":\"packetbeat-*\",\"negate\":false,\"key\":\"type\",\"value\":\"http\",\"disabled\":false},\"query\":{\"match\":{\"type\":{\"query\":\"http\",\"type\":\"phrase\"}}}},{\"meta\":{\"negate\":true,\"index\":\"packetbeat-*\",\"key\":\"http.code\",\"value\":200,\"disabled\":false},\"query\":{\"match\":{\"http.code\":{\"query\":200,\"type\":\"phrase\"}}}}],\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}" 12 | }, 13 | "columns": [ 14 | "type", 15 | "method", 16 | "path", 17 | "responsetime", 18 | "status" 19 | ] 20 | } -------------------------------------------------------------------------------- /dashboards/search/MySQL-errors.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "MySQL errors", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}}},\"filter\":[{\"meta\":{\"disabled\":false,\"index\":\"packetbeat-*\",\"key\":\"type\",\"negate\":false,\"value\":\"mysql\"},\"query\":{\"match\":{\"type\":{\"query\":\"mysql\",\"type\":\"phrase\"}}}},{\"meta\":{\"index\":\"packetbeat-*\",\"negate\":true,\"key\":\"status\",\"value\":\"OK\",\"disabled\":false},\"query\":{\"match\":{\"status\":{\"query\":\"OK\",\"type\":\"phrase\"}}}}],\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}" 12 | }, 13 | "columns": [ 14 | "method", 15 | "type", 16 | "path", 17 | "responsetime", 18 | "status" 19 | ] 20 | } -------------------------------------------------------------------------------- /dashboards/search/PgSQL-errors.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "PgSQL errors", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}}},\"filter\":[{\"meta\":{\"disabled\":false,\"index\":\"packetbeat-*\",\"key\":\"type\",\"negate\":false,\"value\":\"pgsql\"},\"query\":{\"match\":{\"type\":{\"query\":\"pgsql\",\"type\":\"phrase\"}}}},{\"meta\":{\"index\":\"packetbeat-*\",\"negate\":true,\"key\":\"status\",\"value\":\"OK\",\"disabled\":false},\"query\":{\"match\":{\"status\":{\"query\":\"OK\",\"type\":\"phrase\"}}}}],\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}" 12 | }, 13 | "columns": [ 14 | "method", 15 | "type", 16 | "path", 17 | "responsetime", 18 | "status" 19 | ] 20 | } -------------------------------------------------------------------------------- /dashboards/visualization/Errors-count-over-time.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"New Visualization\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"scale\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"custom\",\"customInterval\":\"30s\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"type\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Errors count over time", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Transactions-errors", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/search/Thrift-errors.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "Thrift errors", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}}},\"filter\":[{\"meta\":{\"disabled\":false,\"index\":\"packetbeat-*\",\"key\":\"type\",\"negate\":false,\"value\":\"thrift\"},\"query\":{\"match\":{\"type\":{\"query\":\"thrift\",\"type\":\"phrase\"}}}},{\"meta\":{\"index\":\"packetbeat-*\",\"negate\":true,\"key\":\"status\",\"value\":\"OK\",\"disabled\":false},\"query\":{\"match\":{\"status\":{\"query\":\"OK\",\"type\":\"phrase\"}}}}],\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"type: thrift\"}}}" 12 | }, 13 | "columns": [ 14 | "method", 15 | "type", 16 | "path", 17 | "responsetime", 18 | "status" 19 | ] 20 | } -------------------------------------------------------------------------------- /dashboards/visualization/Memory-usage-per-proc.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"proc.mem.rss_p\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"proc.name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Memory usage per process", 5 | "version": 1, 6 | "savedSearchId": "Process-stats", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/Memory-usage-per-process.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"proc.mem.rss_p\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"proc.name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Memory usage per process", 5 | "version": 1, 6 | "savedSearchId": "Process-stats", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/Sources.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\n \"type\": \"pie\",\n \"params\": {\n \"shareYAxis\": true,\n \"addTooltip\": true,\n \"addLegend\": true,\n \"isDonut\": false\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"source_name\",\n \"exclude\": {\n \"pattern\": \"\\\"\\\"\"\n },\n \"size\": 7,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}", 3 | "description": "", 4 | "title": "Event Sources", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\n \"index\": \"winlogbeat-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/Reads-versus-Writes.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"mode\":\"grouped\",\"defaultYExtents\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"count\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"filters\",\"schema\":\"group\",\"params\":{\"filters\":[{\"input\":{\"query\":{\"query_string\":{\"query\":\"method: SELECT\",\"analyze_wildcard\":true}}}},{\"input\":{\"query\":{\"query_string\":{\"query\":\"method: INSERT or method: UPDATE or method: DELETE\",\"analyze_wildcard\":true}}}}]}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Reads versus Writes", 5 | "version": 1, 6 | "savedSearchId": "MySQL-Transactions", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/Response-times-repartition.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Response times repartition\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"scale\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"histogram\",\"schema\":\"group\",\"params\":{\"field\":\"responsetime\",\"interval\":10,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Response times repartition", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Packetbeat-Search", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/MongoDB-in-slash-out-throughput.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"line\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"showCircles\":true,\"smoothLines\":false,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"bytes_in\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"4\",\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"bytes_out\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "MongoDB in/out throughput", 5 | "version": 1, 6 | "savedSearchId": "MongoDB-transactions", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/MySQL-Methods.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"MySQL Methods\",\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"mode\":\"wiggle\",\"defaultYExtents\":false,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"method\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "MySQL Methods", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "MySQL-Transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/PgSQL-Methods.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"PgSQL Methods\",\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"mode\":\"wiggle\",\"defaultYExtents\":false,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"method\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "PgSQL Methods", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "PgSQL-transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/dashboard/Winlogbeat-Dashboard.json: -------------------------------------------------------------------------------- 1 | { 2 | "hits": 0, 3 | "timeRestore": false, 4 | "description": "", 5 | "title": "Winlogbeat Dashboard", 6 | "uiStateJSON": "{}", 7 | "panelsJSON": "[{\"col\":4,\"id\":\"Number-of-Events-Over-Time-By-Event-Log\",\"panelIndex\":1,\"row\":1,\"size_x\":9,\"size_y\":4,\"type\":\"visualization\"},{\"col\":1,\"id\":\"Number-of-Events\",\"panelIndex\":3,\"row\":1,\"size_x\":3,\"size_y\":4,\"type\":\"visualization\"},{\"col\":5,\"id\":\"Top-Event-IDs\",\"panelIndex\":4,\"row\":5,\"size_x\":4,\"size_y\":4,\"type\":\"visualization\"},{\"col\":9,\"id\":\"Event-Levels\",\"panelIndex\":5,\"row\":5,\"size_x\":4,\"size_y\":4,\"type\":\"visualization\"},{\"col\":1,\"id\":\"Sources\",\"panelIndex\":6,\"row\":5,\"size_x\":4,\"size_y\":4,\"type\":\"visualization\"}]", 8 | "optionsJSON": "{\"darkTheme\":false}", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}" 12 | } 13 | } -------------------------------------------------------------------------------- /dashboards/visualization/System-load.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"line\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"showCircles\":true,\"smoothLines\":false,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"load.load1\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"beat.name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "System load", 5 | "version": 1, 6 | "savedSearchId": "System-stats", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/Evolution-of-the-CPU-times-per-process.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"proc.cpu.user_p\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"s\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"proc.name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Evolution of the CPU times per process", 5 | "version": 1, 6 | "savedSearchId": "Processes", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/MongoDB-commands.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"MongoDB commands\",\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"smoothLines\":true,\"scale\":\"linear\",\"interpolate\":\"linear\",\"mode\":\"silhouette\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"method\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "MongoDB commands", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "MongoDB-transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Errors-vs-successful-transactions.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Errors vs successful transactions\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"scale\":\"linear\",\"mode\":\"percentage\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"status\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Errors vs successful transactions", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Packetbeat-Search", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Top10-memory.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\n \"type\": \"histogram\",\n \"params\": {\n \"shareYAxis\": true,\n \"addTooltip\": true,\n \"addLegend\": true,\n \"scale\": \"linear\",\n \"mode\": \"stacked\",\n \"times\": [],\n \"addTimeMarker\": false,\n \"defaultYExtents\": false,\n \"setYExtents\": false,\n \"yAxis\": {}\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"type\": \"avg\",\n \"schema\": \"metric\",\n \"params\": {\n \"field\": \"proc.mem.rss_p\"\n }\n },\n {\n \"id\": \"2\",\n \"type\": \"terms\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"proc.name\",\n \"size\": 10,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}", 3 | "description": "", 4 | "title": "Top 10 memory consumers", 5 | "version": 1, 6 | "savedSearchId": "Process-stats", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\n \"filter\": []\n}" 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /dashboards/visualization/NFS-operations-area-chart.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"NFS operations area chart\",\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"smoothLines\":true,\"scale\":\"linear\",\"interpolate\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"nfs.opcode\",\"size\":16,\"order\":\"desc\",\"orderBy\":\"1\"}},{\"id\":\"3\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "NFS operations area chart", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "nfs", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/search/MongoDB-errors.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "MongoDB errors", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"fragment_size\":2147483647},\"filter\":[{\"meta\":{\"disabled\":false,\"index\":\"packetbeat-*\",\"key\":\"type\",\"negate\":false,\"value\":\"mongodb\"},\"query\":{\"match\":{\"type\":{\"query\":\"mongodb\",\"type\":\"phrase\"}}}},{\"meta\":{\"negate\":true,\"index\":\"packetbeat-*\",\"key\":\"status\",\"value\":\"OK\",\"disabled\":false},\"query\":{\"match\":{\"status\":{\"query\":\"OK\",\"type\":\"phrase\"}}}}],\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}" 12 | }, 13 | "columns": [ 14 | "method", 15 | "type", 16 | "path", 17 | "responsetime", 18 | "status", 19 | "query" 20 | ] 21 | } -------------------------------------------------------------------------------- /dashboards/visualization/NFS-errors.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"NFS errors\",\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"smoothLines\":true,\"scale\":\"linear\",\"interpolate\":\"linear\",\"mode\":\"overlap\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"nfs.status\",\"exclude\":{\"pattern\":\"NFS_OK|NFSERR_NOENT\"},\"size\":12,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "NFS errors", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "nfs", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /dashboards/visualization/Total-time-spent-in-each-MongoDB-collection.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"responsetime\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"resource\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Total time spent in each MongoDB collection", 5 | "version": 1, 6 | "savedSearchId": "MongoDB-transactions", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/Client-locations.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"New Visualization\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Scaled Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatRadius\":25,\"heatBlur\":15,\"heatNormalizeData\":true,\"wms\":{\"enabled\":false,\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\",\"options\":{\"version\":\"1.3.0\",\"layers\":\"0\",\"format\":\"image/png\",\"transparent\":true,\"attribution\":\"Maps provided by USGS\",\"styles\":\"\"}}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"client_location\",\"autoPrecision\":true,\"precision\":2}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Client locations", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Packetbeat-Search", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Servers.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"table\",\"params\":{\"perPage\":10,\"showPartialRows\":false,\"showMeticsAtAllLevels\":false},\"aggs\":[{\"id\":\"1\",\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"cpu.user_p\"}},{\"id\":\"3\",\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"cpu.system_p\"}},{\"id\":\"4\",\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"mem.total\"}},{\"id\":\"5\",\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"mem.used\"}},{\"id\":\"8\",\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"mem.used_p\"}},{\"id\":\"6\",\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"mem.free\"}},{\"id\":\"9\",\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"beat.name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Servers", 5 | "version": 1, 6 | "savedSearchId": "System-stats", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/Top10-cpu-per-proc.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\n \"aggs\": [\n {\n \"id\": \"1\",\n \"params\": {\n \"field\": \"proc.cpu.total\"\n },\n \"schema\": \"metric\",\n \"type\": \"max\"\n },\n {\n \"id\": \"2\",\n \"params\": {\n \"field\": \"proc.name\",\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"size\": 10\n },\n \"schema\": \"segment\",\n \"type\": \"terms\"\n }\n ],\n \"listeners\": {},\n \"params\": {\n \"addLegend\": true,\n \"addTimeMarker\": false,\n \"addTooltip\": true,\n \"defaultYExtents\": false,\n \"mode\": \"stacked\",\n \"scale\": \"linear\",\n \"setYExtents\": false,\n \"shareYAxis\": true,\n \"times\": [],\n \"yAxis\": {}\n },\n \"type\": \"histogram\"\n}", 3 | "description": "", 4 | "title": "Top 10 processes by total CPU usage", 5 | "version": 1, 6 | "savedSearchId": "Process-stats", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\n \"filter\": []\n}" 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /dashboards/visualization/CPU-usage-per-process.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"CPU usage per process\",\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"proc.cpu.total_p\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"proc.name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "CPU usage per process", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Process-stats", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Top-10-processes-by-total-CPU-usage.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\n \"aggs\": [\n {\n \"id\": \"1\",\n \"params\": {\n \"field\": \"proc.cpu.total\"\n },\n \"schema\": \"metric\",\n \"type\": \"max\"\n },\n {\n \"id\": \"2\",\n \"params\": {\n \"field\": \"proc.name\",\n \"order\": \"desc\",\n \"orderBy\": \"1\",\n \"size\": 10\n },\n \"schema\": \"segment\",\n \"type\": \"terms\"\n }\n ],\n \"listeners\": {},\n \"params\": {\n \"addLegend\": true,\n \"addTimeMarker\": false,\n \"addTooltip\": true,\n \"defaultYExtents\": false,\n \"mode\": \"stacked\",\n \"scale\": \"linear\",\n \"setYExtents\": false,\n \"shareYAxis\": true,\n \"times\": [],\n \"yAxis\": {}\n },\n \"type\": \"histogram\"\n}", 3 | "description": "", 4 | "title": "Top 10 processes by total CPU usage", 5 | "version": 1, 6 | "savedSearchId": "Process-stats", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\n \"filter\": []\n}" 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /dashboards/visualization/CPU-usage.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"cpu.system_p\"}},{\"id\":\"2\",\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"cpu.user_p\"}},{\"id\":\"3\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"4\",\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"beat.name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"row\":true}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "CPU usage", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "System-stats", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Memory-usage.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"mode\":\"stacked\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"mem.used_p\"}},{\"id\":\"2\",\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"swap.used_p\"}},{\"id\":\"3\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"4\",\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"beat.name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"row\":true}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Memory usage", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "System-stats", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/NFS-bytes-in-slash-out.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"NFS bytes in / out\",\"type\":\"line\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"showCircles\":true,\"smoothLines\":false,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"rpc.call_size\"}},{\"id\":\"2\",\"type\":\"sum\",\"schema\":\"metric\",\"params\":{\"field\":\"rpc.reply_size\"}},{\"id\":\"3\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "NFS bytes in / out", 5 | "uiStateJSON": "{\"vis\":{\"colors\":{\"Sum of rpc.reply_size\":\"#7EB26D\"}}}", 6 | "version": 1, 7 | "savedSearchId": "nfs", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/MongoDB-errors-per-collection.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"MongoDB errors per collection\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"radiusRatio\":9,\"scale\":\"linear\",\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"spyPerPage\":10,\"times\":[],\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"resource\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "MongoDB errors per collection", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "MongoDB-errors", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Number-of-MongoDB-transactions-with-writeConcern-w-equal-0.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"Number of MongoDB transactions with writeConcern w=0\",\"type\":\"line\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"showCircles\":true,\"smoothLines\":false,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"count\",\"schema\":\"radius\",\"params\":{}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Number of MongoDB transactions with writeConcern w=0", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "MongoDB-transactions-with-write-concern-0", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/search/Process-stats.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "Proc-stats", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\n \"index\": \"topbeat-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"highlight\": {\n \"pre_tags\": [\n \"@kibana-highlighted-field@\"\n ],\n \"post_tags\": [\n \"@/kibana-highlighted-field@\"\n ],\n \"fields\": {\n \"*\": {}\n },\n \"require_field_match\": false,\n \"fragment_size\": 2147483647\n },\n \"filter\": [\n {\n \"meta\": {\n \"negate\": false,\n \"index\": \"topbeat-*\",\n \"key\": \"type\",\n \"value\": \"process\",\n \"disabled\": false,\n \"alias\": null\n },\n \"query\": {\n \"match\": {\n \"type\": {\n \"query\": \"process\",\n \"type\": \"phrase\"\n }\n }\n },\n \"$state\": {\n \"store\": \"appState\"\n }\n }\n ]\n}" 12 | }, 13 | "columns": [ 14 | "_source" 15 | ] 16 | } -------------------------------------------------------------------------------- /dashboards/search/System-stats.json: -------------------------------------------------------------------------------- 1 | { 2 | "sort": [ 3 | "@timestamp", 4 | "desc" 5 | ], 6 | "hits": 0, 7 | "description": "", 8 | "title": "System-stats", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\n \"index\": \"topbeat-*\",\n \"query\": {\n \"query_string\": {\n \"analyze_wildcard\": true,\n \"query\": \"*\"\n }\n },\n \"highlight\": {\n \"pre_tags\": [\n \"@kibana-highlighted-field@\"\n ],\n \"post_tags\": [\n \"@/kibana-highlighted-field@\"\n ],\n \"fields\": {\n \"*\": {}\n },\n \"require_field_match\": false,\n \"fragment_size\": 2147483647\n },\n \"filter\": [\n {\n \"$state\": {\n \"store\": \"appState\"\n },\n \"meta\": {\n \"alias\": null,\n \"disabled\": false,\n \"index\": \"topbeat-*\",\n \"key\": \"type\",\n \"negate\": false,\n \"value\": \"system\"\n },\n \"query\": {\n \"match\": {\n \"type\": {\n \"query\": \"system\",\n \"type\": \"phrase\"\n }\n }\n }\n }\n ]\n}" 12 | }, 13 | "columns": [ 14 | "_source" 15 | ] 16 | } -------------------------------------------------------------------------------- /dashboards/visualization/Disk-usage-over-time.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"mode\":\"overlap\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"fs.used_p\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"beat.name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"row\":true}},{\"id\":\"4\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"fs.mount_point\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Disk utilization over time", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Filesystem-stats", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/Disk-utilization-over-time.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"mode\":\"overlap\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"fs.used_p\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"beat.name\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\",\"row\":true}},{\"id\":\"4\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"fs.mount_point\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "Disk utilization over time", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "Filesystem-stats", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/MongoDB-response-times-and-count.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"type\":\"line\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"showCircles\":true,\"smoothLines\":false,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":false,\"radiusRatio\":\"9\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"percentiles\",\"schema\":\"metric\",\"params\":{\"field\":\"responsetime\",\"percents\":[99]}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"resource\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1.99\"}},{\"id\":\"4\",\"type\":\"sum\",\"schema\":\"radius\",\"params\":{\"field\":\"count\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "MongoDB response times and count", 5 | "version": 1, 6 | "savedSearchId": "MongoDB-transactions", 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[]}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/MySQL-Reads-vs-Writes.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"MySQL Reads vs Writes\",\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"mode\":\"stacked\",\"defaultYExtents\":false,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"filters\",\"schema\":\"group\",\"params\":{\"filters\":[{\"input\":{\"query\":{\"query_string\":{\"query\":\"method: SELECT\",\"analyze_wildcard\":true}}}},{\"input\":{\"query\":{\"query_string\":{\"query\":\"method: INSERT or method: UPDATE or method: DELETE\",\"analyze_wildcard\":true}}}}]}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "MySQL Reads vs Writes", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "MySQL-Transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/PgSQL-Reads-vs-Writes.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"PgSQL Reads vs Writes\",\"type\":\"area\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"mode\":\"stacked\",\"defaultYExtents\":false,\"smoothLines\":false,\"scale\":\"linear\",\"interpolate\":\"linear\",\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"filters\",\"schema\":\"group\",\"params\":{\"filters\":[{\"input\":{\"query\":{\"query_string\":{\"query\":\"method: SELECT\",\"analyze_wildcard\":true}}}},{\"input\":{\"query\":{\"query_string\":{\"query\":\"method: INSERT or method: UPDATE or method: DELETE\",\"analyze_wildcard\":true}}}}]}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "PgSQL Reads vs Writes", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "PgSQL-transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/MongoDB-errors.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"MongoDB errors\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"defaultYExtents\":false,\"drawLinesBetweenPoints\":true,\"interpolate\":\"linear\",\"radiusRatio\":9,\"scale\":\"linear\",\"setYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"spyPerPage\":10,\"times\":[],\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"resource\",\"size\":3,\"order\":\"desc\",\"orderBy\":\"1\",\"row\":true}},{\"id\":\"4\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"method\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "MongoDB errors", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "MongoDB-errors", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/visualization/HTTP-error-codes.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"HTTP error codes\",\"type\":\"histogram\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":false,\"mode\":\"stacked\",\"defaultYExtents\":false,\"scale\":\"linear\",\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"type\"}},{\"id\":\"2\",\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"http.code\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "HTTP error codes", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"disabled\":false,\"index\":\"packetbeat-*\",\"key\":\"type\",\"negate\":false,\"value\":\"http\",\"alias\":null},\"query\":{\"match\":{\"type\":{\"query\":\"http\",\"type\":\"phrase\"}}}}],\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}}},\"query\":{\"query_string\":{\"query\":\"http.code: [300 TO *]\",\"analyze_wildcard\":true}}}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/visualization/MongoDB-response-times-by-collection.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"MongoDB response times by collection\",\"type\":\"line\",\"params\":{\"shareYAxis\":true,\"addTooltip\":true,\"addLegend\":true,\"showCircles\":true,\"smoothLines\":false,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":false,\"radiusRatio\":\"9\",\"times\":[],\"addTimeMarker\":false,\"defaultYExtents\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"percentiles\",\"schema\":\"metric\",\"params\":{\"field\":\"responsetime\",\"percents\":[99]}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"resource\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1.99\"}},{\"id\":\"4\",\"type\":\"count\",\"schema\":\"radius\",\"params\":{}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "MongoDB response times by collection", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "savedSearchId": "MongoDB-transactions", 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[]}" 10 | } 11 | } -------------------------------------------------------------------------------- /dashboards/dashboard/Packetbeat-HTTP.json: -------------------------------------------------------------------------------- 1 | { 2 | "hits": 0, 3 | "timeRestore": false, 4 | "description": "", 5 | "title": "Packetbeat HTTP", 6 | "uiStateJSON": "{}", 7 | "panelsJSON": "[{\"col\":4,\"id\":\"Web-transactions\",\"row\":1,\"size_x\":9,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":1},{\"col\":1,\"id\":\"HTTP-error-codes\",\"row\":8,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\",\"panelIndex\":2},{\"col\":7,\"id\":\"HTTP-error-codes-evolution\",\"row\":8,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\",\"panelIndex\":3},{\"col\":1,\"id\":\"Navigation\",\"row\":1,\"size_x\":3,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":4},{\"col\":1,\"id\":\"Total-number-of-HTTP-transactions\",\"row\":5,\"size_x\":3,\"size_y\":3,\"type\":\"visualization\",\"panelIndex\":5},{\"col\":4,\"id\":\"HTTP-codes-for-the-top-queries\",\"row\":5,\"size_x\":9,\"size_y\":3,\"type\":\"visualization\",\"panelIndex\":6},{\"id\":\"Top-10-HTTP-requests\",\"type\":\"visualization\",\"size_x\":12,\"size_y\":5,\"col\":1,\"row\":11,\"panelIndex\":7}]", 8 | "optionsJSON": "{\"darkTheme\":false}", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}" 12 | } 13 | } -------------------------------------------------------------------------------- /dashboards/dashboard/Packetbeat-Thrift-performance.json: -------------------------------------------------------------------------------- 1 | { 2 | "hits": 0, 3 | "timeRestore": false, 4 | "description": "", 5 | "title": "Packetbeat Thrift performance", 6 | "uiStateJSON": "{}", 7 | "panelsJSON": "[{\"col\":1,\"id\":\"Navigation\",\"row\":1,\"size_x\":3,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":1},{\"col\":4,\"id\":\"Thrift-requests-per-minute\",\"row\":1,\"size_x\":5,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":2},{\"col\":9,\"id\":\"Thrift-RPC-Errors\",\"row\":1,\"size_x\":4,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":3},{\"col\":1,\"id\":\"Slowest-Thrift-RPC-methods\",\"row\":5,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\",\"panelIndex\":4},{\"col\":7,\"id\":\"Thrift-response-times-percentiles\",\"row\":5,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\",\"panelIndex\":5},{\"col\":1,\"id\":\"Top-Thrift-RPC-methods\",\"row\":8,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":6},{\"col\":7,\"id\":\"Top-Thrift-RPC-calls-with-errors\",\"row\":8,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":7}]", 8 | "optionsJSON": "{\"darkTheme\":false}", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}" 12 | } 13 | } -------------------------------------------------------------------------------- /dashboards/dashboard/Packetbeat-MySQL-performance.json: -------------------------------------------------------------------------------- 1 | { 2 | "hits": 0, 3 | "timeRestore": false, 4 | "description": "", 5 | "title": "Packetbeat MySQL performance", 6 | "uiStateJSON": "{}", 7 | "panelsJSON": "[{\"col\":4,\"id\":\"MySQL-Errors\",\"row\":1,\"size_x\":5,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":1},{\"col\":9,\"id\":\"MySQL-Methods\",\"row\":1,\"size_x\":4,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":2},{\"col\":1,\"id\":\"Navigation\",\"row\":1,\"size_x\":3,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":3},{\"col\":7,\"id\":\"MySQL-throughput\",\"row\":8,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\",\"panelIndex\":4},{\"col\":1,\"id\":\"Most-frequent-MySQL-queries\",\"row\":11,\"size_x\":6,\"size_y\":6,\"type\":\"visualization\",\"panelIndex\":5},{\"col\":7,\"id\":\"Slowest-MySQL-queries\",\"row\":11,\"size_x\":6,\"size_y\":6,\"type\":\"visualization\",\"panelIndex\":6},{\"col\":1,\"id\":\"Mysql-response-times-percentiles\",\"row\":5,\"size_x\":12,\"size_y\":3,\"type\":\"visualization\",\"panelIndex\":7},{\"id\":\"MySQL-Reads-vs-Writes\",\"type\":\"visualization\",\"size_x\":6,\"size_y\":3,\"col\":1,\"row\":8,\"panelIndex\":8}]", 8 | "optionsJSON": "{\"darkTheme\":false}", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}" 12 | } 13 | } -------------------------------------------------------------------------------- /dashboards/dashboard/Packetbeat-PgSQL-performance.json: -------------------------------------------------------------------------------- 1 | { 2 | "hits": 0, 3 | "timeRestore": false, 4 | "description": "", 5 | "title": "Packetbeat PgSQL performance", 6 | "uiStateJSON": "{}", 7 | "panelsJSON": "[{\"col\":1,\"id\":\"Navigation\",\"row\":1,\"size_x\":3,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":1},{\"col\":4,\"id\":\"PgSQL-Errors\",\"row\":1,\"size_x\":5,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":2},{\"col\":9,\"id\":\"PgSQL-Methods\",\"row\":1,\"size_x\":4,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":3},{\"col\":1,\"id\":\"PgSQL-response-times-percentiles\",\"row\":5,\"size_x\":12,\"size_y\":3,\"type\":\"visualization\",\"panelIndex\":4},{\"col\":7,\"id\":\"PgSQL-throughput\",\"row\":8,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\",\"panelIndex\":5},{\"col\":1,\"id\":\"PgSQL-Reads-vs-Writes\",\"row\":8,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\",\"panelIndex\":6},{\"id\":\"Most-frequent-PgSQL-queries\",\"type\":\"visualization\",\"size_x\":6,\"size_y\":6,\"col\":1,\"row\":11,\"panelIndex\":7},{\"id\":\"Slowest-PgSQL-queries\",\"type\":\"visualization\",\"size_x\":6,\"size_y\":6,\"col\":7,\"row\":11,\"panelIndex\":8}]", 8 | "optionsJSON": "{\"darkTheme\":false}", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}" 12 | } 13 | } -------------------------------------------------------------------------------- /dashboards/visualization/Number-of-Events-Over-Time-By-Event-Log.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\n \"type\": \"histogram\",\n \"params\": {\n \"shareYAxis\": true,\n \"addTooltip\": true,\n \"addLegend\": true,\n \"scale\": \"linear\",\n \"mode\": \"stacked\",\n \"times\": [],\n \"addTimeMarker\": false,\n \"defaultYExtents\": false,\n \"setYExtents\": false,\n \"yAxis\": {}\n },\n \"aggs\": [\n {\n \"id\": \"1\",\n \"type\": \"count\",\n \"schema\": \"metric\",\n \"params\": {}\n },\n {\n \"id\": \"2\",\n \"type\": \"date_histogram\",\n \"schema\": \"segment\",\n \"params\": {\n \"field\": \"@timestamp\",\n \"interval\": \"auto\",\n \"customInterval\": \"2h\",\n \"min_doc_count\": 1,\n \"extended_bounds\": {}\n }\n },\n {\n \"id\": \"3\",\n \"type\": \"terms\",\n \"schema\": \"group\",\n \"params\": {\n \"field\": \"log_name\",\n \"size\": 6,\n \"order\": \"desc\",\n \"orderBy\": \"1\"\n }\n }\n ],\n \"listeners\": {}\n}", 3 | "description": "", 4 | "title": "Number of Events Over Time By Event Log", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\n \"index\": \"winlogbeat-*\",\n \"query\": {\n \"query_string\": {\n \"query\": \"*\",\n \"analyze_wildcard\": true\n }\n },\n \"filter\": []\n}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/dashboard/Packetbeat-MongoDB-performance.json: -------------------------------------------------------------------------------- 1 | { 2 | "hits": 0, 3 | "timeRestore": false, 4 | "description": "", 5 | "title": "Packetbeat MongoDB performance", 6 | "uiStateJSON": "{}", 7 | "panelsJSON": "[{\"col\":1,\"id\":\"Navigation\",\"row\":1,\"size_x\":3,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":1},{\"col\":4,\"id\":\"MongoDB-errors\",\"row\":1,\"size_x\":5,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":2},{\"col\":9,\"id\":\"MongoDB-commands\",\"row\":1,\"size_x\":4,\"size_y\":4,\"type\":\"visualization\",\"panelIndex\":3},{\"col\":1,\"id\":\"MongoDB-errors-per-collection\",\"row\":5,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\",\"panelIndex\":4},{\"col\":5,\"id\":\"MongoDB-in-slash-out-throughput\",\"row\":5,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\",\"panelIndex\":5},{\"col\":1,\"id\":\"MongoDB-response-times-by-collection\",\"row\":8,\"size_x\":8,\"size_y\":5,\"type\":\"visualization\",\"panelIndex\":6},{\"col\":9,\"id\":\"Top-slowest-MongoDB-queries\",\"row\":8,\"size_x\":4,\"size_y\":5,\"type\":\"visualization\",\"panelIndex\":7},{\"id\":\"Number-of-MongoDB-transactions-with-writeConcern-w-equal-0\",\"type\":\"visualization\",\"size_x\":4,\"size_y\":3,\"col\":9,\"row\":5,\"panelIndex\":8}]", 8 | "optionsJSON": "{\"darkTheme\":false}", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}" 12 | } 13 | } -------------------------------------------------------------------------------- /dashboards/dashboard/Packetbeat-Dashboard.json: -------------------------------------------------------------------------------- 1 | { 2 | "hits": 0, 3 | "timeRestore": false, 4 | "description": "", 5 | "title": "Packetbeat Dashboard", 6 | "panelsJSON": "[{\"col\":1,\"id\":\"Web-transactions\",\"row\":5,\"size_x\":3,\"size_y\":2,\"type\":\"visualization\"},{\"col\":4,\"id\":\"DB-transactions\",\"row\":5,\"size_x\":3,\"size_y\":2,\"type\":\"visualization\"},{\"col\":7,\"id\":\"Cache-transactions\",\"row\":5,\"size_x\":3,\"size_y\":2,\"type\":\"visualization\"},{\"col\":10,\"id\":\"RPC-transactions\",\"row\":5,\"size_x\":3,\"size_y\":2,\"type\":\"visualization\"},{\"col\":1,\"id\":\"Response-times-percentiles\",\"row\":10,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\"},{\"col\":1,\"id\":\"Errors-count-over-time\",\"row\":13,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\"},{\"col\":7,\"id\":\"Errors-vs-successful-transactions\",\"row\":10,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\"},{\"col\":7,\"id\":\"Latency-histogram\",\"row\":13,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\"},{\"col\":4,\"id\":\"Client-locations\",\"row\":1,\"size_x\":9,\"size_y\":4,\"type\":\"visualization\"},{\"col\":1,\"id\":\"Response-times-repartition\",\"row\":7,\"size_x\":12,\"size_y\":3,\"type\":\"visualization\"},{\"id\":\"Navigation\",\"type\":\"visualization\",\"size_x\":3,\"size_y\":4,\"col\":1,\"row\":1}]", 7 | "version": 1, 8 | "kibanaSavedObjectMeta": { 9 | "searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}" 10 | } 11 | } -------------------------------------------------------------------------------- /save/kibana_dump.py: -------------------------------------------------------------------------------- 1 | from elasticsearch import Elasticsearch 2 | import argparse 3 | import os 4 | import json 5 | 6 | 7 | def dump_objects(es, output_directory, index, doc_type): 8 | res = es.search( 9 | index=index, 10 | doc_type=doc_type, 11 | size=1000) 12 | 13 | dir = os.path.join(output_directory, doc_type) 14 | if not os.path.exists(dir): 15 | os.makedirs(dir) 16 | 17 | for doc in res['hits']['hits']: 18 | filepath = os.path.join(dir, doc['_id'] + '.json') 19 | with open(filepath, 'w') as f: 20 | json.dump(doc['_source'], f, indent=2) 21 | print("Written {}".format(filepath)) 22 | 23 | 24 | def main(): 25 | parser = argparse.ArgumentParser( 26 | description="Dumps Kibana dashboards, vizualization and " + 27 | "searches in json files") 28 | parser.add_argument("--url", help="Elasticsearch URL. E.g. " + 29 | "http://localhost:9200.", required=True) 30 | parser.add_argument("--dir", help="Output directory", default="saved") 31 | parser.add_argument("--index", help="Kibana index", default=".kibana") 32 | 33 | args = parser.parse_args() 34 | 35 | es = Elasticsearch(args.url) 36 | dump_objects(es, args.dir, args.index, "dashboard") 37 | dump_objects(es, args.dir, args.index, "visualization") 38 | dump_objects(es, args.dir, args.index, "search") 39 | dump_objects(es, args.dir, args.index, "index-pattern") 40 | 41 | if __name__ == "__main__": 42 | main() 43 | -------------------------------------------------------------------------------- /dashboards/visualization/HTTP-error-codes-evolution.json: -------------------------------------------------------------------------------- 1 | { 2 | "visState": "{\"title\":\"HTTP error codes evolution\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"defaultYExtents\":false,\"shareYAxis\":true,\"showCircles\":true,\"smoothLines\":false,\"interpolate\":\"linear\",\"scale\":\"linear\",\"drawLinesBetweenPoints\":true,\"radiusRatio\":9,\"times\":[],\"addTimeMarker\":false,\"setYExtents\":false,\"yAxis\":{}},\"aggs\":[{\"id\":\"1\",\"type\":\"cardinality\",\"schema\":\"metric\",\"params\":{\"field\":\"type\"}},{\"id\":\"2\",\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"http.code\",\"size\":5,\"order\":\"desc\",\"orderBy\":\"1\"}}],\"listeners\":{}}", 3 | "description": "", 4 | "title": "HTTP error codes evolution", 5 | "uiStateJSON": "{}", 6 | "version": 1, 7 | "kibanaSavedObjectMeta": { 8 | "searchSourceJSON": "{\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"disabled\":false,\"index\":\"packetbeat-*\",\"key\":\"type\",\"negate\":false,\"value\":\"http\",\"alias\":null},\"query\":{\"match\":{\"type\":{\"query\":\"http\",\"type\":\"phrase\"}}}}],\"index\":\"packetbeat-*\",\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}}},\"query\":{\"query_string\":{\"query\":\"!http.code: [200 TO 299]\",\"analyze_wildcard\":true}}}" 9 | } 10 | } -------------------------------------------------------------------------------- /dashboards/dashboard/Topbeat-Dashboard.json: -------------------------------------------------------------------------------- 1 | { 2 | "hits": 0, 3 | "timeRestore": false, 4 | "description": "", 5 | "title": "Topbeat-Dashboard", 6 | "uiStateJSON": "{}", 7 | "panelsJSON": "[{\"col\":1,\"id\":\"Navigation\",\"panelIndex\":1,\"row\":1,\"size_x\":3,\"size_y\":4,\"type\":\"visualization\"},{\"col\":4,\"id\":\"System-load\",\"panelIndex\":2,\"row\":1,\"size_x\":9,\"size_y\":4,\"type\":\"visualization\"},{\"col\":8,\"id\":\"Process-status\",\"panelIndex\":4,\"row\":5,\"size_x\":5,\"size_y\":4,\"type\":\"visualization\"},{\"col\":1,\"id\":\"Memory-usage\",\"panelIndex\":5,\"row\":9,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"},{\"col\":7,\"id\":\"CPU-usage\",\"panelIndex\":7,\"row\":9,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"},{\"col\":1,\"id\":\"CPU-usage-per-process\",\"panelIndex\":8,\"row\":13,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"},{\"col\":7,\"id\":\"Memory-usage-per-process\",\"panelIndex\":9,\"row\":13,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"},{\"col\":1,\"id\":\"Top-processes\",\"panelIndex\":10,\"row\":17,\"size_x\":6,\"size_y\":5,\"type\":\"visualization\"},{\"col\":1,\"id\":\"Servers\",\"panelIndex\":11,\"row\":5,\"size_x\":7,\"size_y\":4,\"type\":\"visualization\"},{\"col\":7,\"id\":\"Disk-utilization-over-time\",\"panelIndex\":12,\"row\":17,\"size_x\":6,\"size_y\":5,\"type\":\"visualization\"}]", 8 | "optionsJSON": "{\"darkTheme\":false}", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}" 12 | } 13 | } -------------------------------------------------------------------------------- /dashboards/index-pattern/filebeat.json: -------------------------------------------------------------------------------- 1 | { 2 | "fields": "[{\"name\":\"offset\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"line\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":false},{\"name\":\"message\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":true,\"doc_values\":false},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":false},{\"name\":\"beat.name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"count\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"source\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true}]", 3 | "timeFieldName": "@timestamp", 4 | "title": "filebeat-*" 5 | } -------------------------------------------------------------------------------- /dashboards/dashboard/Packetbeat-NFS.json: -------------------------------------------------------------------------------- 1 | { 2 | "hits": 0, 3 | "timeRestore": false, 4 | "description": "", 5 | "title": "Packetbeat NFS", 6 | "uiStateJSON": "{\"P-1\":{\"vis\":{\"legendOpen\":true}},\"P-4\":{\"spy\":{\"mode\":{\"fill\":false,\"name\":null}},\"vis\":{\"legendOpen\":true}},\"P-5\":{\"vis\":{\"legendOpen\":true}},\"P-6\":{\"vis\":{\"legendOpen\":false}},\"P-9\":{\"vis\":{\"legendOpen\":true}}}", 7 | "panelsJSON": "[{\"col\":5,\"id\":\"NFS-clients-pie-chart\",\"panelIndex\":1,\"row\":1,\"size_x\":4,\"size_y\":5,\"type\":\"visualization\"},{\"col\":1,\"id\":\"NFS-operations-area-chart\",\"panelIndex\":3,\"row\":12,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"},{\"col\":9,\"id\":\"NFS-top-group-pie-chart\",\"panelIndex\":4,\"row\":1,\"size_x\":4,\"size_y\":2,\"type\":\"visualization\"},{\"col\":9,\"id\":\"NFS-top-users-pie-chart\",\"panelIndex\":5,\"row\":3,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":7,\"id\":\"NFS-response-times\",\"panelIndex\":6,\"row\":6,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\"},{\"col\":7,\"id\":\"NFS-errors\",\"panelIndex\":7,\"row\":9,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\"},{\"col\":7,\"id\":\"NFS-operation-table\",\"panelIndex\":8,\"row\":12,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"},{\"col\":1,\"id\":\"NFS-bytes-in-slash-out\",\"panelIndex\":9,\"row\":6,\"size_x\":6,\"size_y\":6,\"type\":\"visualization\"},{\"id\":\"Navigation\",\"type\":\"visualization\",\"panelIndex\":10,\"size_x\":4,\"size_y\":5,\"col\":1,\"row\":1}]", 8 | "optionsJSON": "{\"darkTheme\":false}", 9 | "version": 1, 10 | "kibanaSavedObjectMeta": { 11 | "searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}" 12 | } 13 | } -------------------------------------------------------------------------------- /dashboards/index-pattern/winlogbeat.json: -------------------------------------------------------------------------------- 1 | { 2 | "fields": "[{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"message\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":true,\"doc_values\":false},{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"record_number\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"user.name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"user.domain\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"source_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"computer_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"log_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"level\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"count\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"beat.name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"beat.hostname\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"event_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"user.type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"user.identifier\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"message_error\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"category\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false}]", 3 | "timeFieldName": "@timestamp", 4 | "title": "winlogbeat-*" 5 | } -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Beats dashboards 2 | ================ 3 | 4 | This repository contains sample Kibana4 dashboards for visualizing the data 5 | gathered by the Elastic [Beats](https://www.elastic.co/products/beats). 6 | 7 | Installation 8 | ------------- 9 | 10 | To load the dashboards, execute the script pointing to the Elasticsearch HTTP 11 | URL: 12 | 13 | # Unix 14 | ./load.sh -url "http://localhost:9200" 15 | 16 | # Windows 17 | .\load.ps1 -url "http://localhost:9200" 18 | 19 | If you want to use HTTP authentication for Elasticsearch, you can specify the 20 | credentials as a second parameter: 21 | 22 | # Unix 23 | ./load.sh -url "http://localhost:9200" -user "admin:secret" 24 | 25 | # Windows 26 | .\load.ps1 -url "http://localhost:9200" -user "admin:secret" 27 | 28 | Technical details 29 | ----------------- 30 | The `dashboards` folder contains the JSON files as exported from Kibana, by 31 | using the simple python tool from the `save` directory. The loader is a simple 32 | shell script so that you don't need python installed when loading the 33 | dashboards. 34 | 35 | 36 | Create a new dashboard 37 | ---------------------- 38 | 39 | If you added support for a new protocol in Packetbeat or a module in 40 | Metricbeat, it would be nice to create a dedicated Kibana dashboard to 41 | visualize your data. 42 | The Kibana dashboards are saved in a special index in Elasticsearch. By default 43 | it's `.kibana`, but it can be configured to anything else. 44 | 45 | The first step in creating your own Kibana dashboard is to get a fresh 46 | installation of the Kibana dashboards/visualizations/searches/index patterns, 47 | that you can use as a starting point for your own dashboard. You can use the 48 | `load.sh` script on Unix and `load.ps1` on Windows for loading the sample 49 | dashboards/visualizations/searches/index patterns in Kibana. The usage of this 50 | script is described above. 51 | 52 | Note: Make sure you are using the latest Kibana version to create and download 53 | the dashboards. 54 | 55 | Then, you can create the dashboard together with the necessary 56 | visualizations and searches in Kibana. After the dashboard is ready, you can download 57 | all the dashboards using the `save/kibana_dump.py` script. 58 | 59 | Before executing the save/kibana_dump.py script, make sure you have python and virtualenv 60 | installed: 61 | 62 | # Prepare the environment 63 | virtualenv env 64 | . env/bin/activate 65 | pip install -r requirements.txt 66 | 67 | # go to save directory 68 | cd save 69 | 70 | # Download all Kibana dashboards to your host 71 | python kibana_dump.py --url 'http://localhost:9200' --dir output 72 | 73 | where `url` points to the Elasticsearch URL, and `dir` is the directory where 74 | you want to save the Kibana dashboards. 75 | 76 | Finally, copy the related dashboards, visualizations, searches and 77 | eventually index patterns to the `dashboards` directory, and send us a pull request. 78 | 79 | 80 | 81 | Screenshots 82 | ----------- 83 | 84 | ![Packetbeat Statistics](/screenshots/Packetbeat-statistics.png) 85 | ![MySql performance](/screenshots/MySql-performance.png) 86 | ![Thrift performance](/screenshots/Thrift-performance.png) 87 | ![Windows Event Log Statistics](/screenshots/winlogbeat-dashboard.png) 88 | ![NFS traffic Statistics](/screenshots/NFS-dashboard.png) 89 | -------------------------------------------------------------------------------- /load.ps1: -------------------------------------------------------------------------------- 1 | param( 2 | [String] $l, [String] $url, 3 | [String] $u, [String] $user, 4 | [String] $i, [String] $index, 5 | [switch] $h = $false, [switch] $help = $false 6 | ) 7 | 8 | # The default value of the variable. Initialize your own variables here 9 | $ELASTICSEARCH="http://localhost:9200" 10 | $CURL="Invoke-RestMethod" 11 | $KIBANA_INDEX=".kibana" 12 | $SCRIPT=$MyInvocation.MyCommand.Name 13 | 14 | # Verify that Invoke-RestMethod is present. It was added in PS 3. 15 | if (!(Get-Command $CURL -errorAction SilentlyContinue)) 16 | { 17 | Write-Error "$CURL cmdlet was not found. You may need to upgrade your PowerShell version." 18 | exit 1 19 | } 20 | 21 | function print_usage() { 22 | echo @" 23 | 24 | Load the dashboards, visualizations and index patterns into the given 25 | Elasticsearch instance. 26 | 27 | Usage: 28 | $SCRIPT -url $ELASTICSEARCH -user admin -index $KIBANA_INDEX 29 | Options: 30 | -h | -help 31 | Print the help menu. 32 | -l | -url 33 | Elasticseacrh URL. By default is $ELASTICSEARCH. 34 | -u | -user 35 | Username and password for authenticating to Elasticsearch using Basic 36 | Authentication. The username and password should be separated by a 37 | colon (i.e. "user:secret"). By default no username and password are 38 | used. 39 | -i | -index 40 | Kibana index pattern where to save the dashboards, visualizations, 41 | index patterns. By default is $KIBANA_INDEX. 42 | 43 | "@ 44 | } 45 | 46 | if ($help -or $h) { 47 | print_usage 48 | exit 0 49 | } 50 | if ($args -ne "") { 51 | Write-Error "Error: Unknown option $args" 52 | print_usage 53 | exit 1 54 | } 55 | 56 | if ($l -ne "" ) { 57 | $ELASTICSEARCH=$l 58 | } 59 | if ($url -ne "") { 60 | $ELASTICSEARCH=$url 61 | } 62 | if ($ELASTICSEARCH -eq "") { 63 | Write-Error "Error: Missing Elasticsearch URL" 64 | print_usage 65 | exit 1 66 | } 67 | 68 | if ($u -ne "" ){ 69 | $user = $u 70 | } 71 | if ($user -ne "") { 72 | $base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}" -f $user))) 73 | $headers=@{Authorization=("Basic $base64AuthInfo")} 74 | } 75 | 76 | if ($i -ne "") { 77 | $KIBANA_INDEX=$i 78 | } 79 | if ($index -ne "") { 80 | $KIBANA_INDEX=$index 81 | } 82 | if ($KIBANA_INDEX -eq "") { 83 | Write-Error "Error: Missing Kibana index pattern" 84 | print_usage 85 | exit 1 86 | } 87 | 88 | $DIR="./dashboards" 89 | echo "Loading dashboards to $ELASTICSEARCH in $KIBANA_INDEX" 90 | 91 | &$CURL -Headers $headers -Uri "$ELASTICSEARCH/$KIBANA_INDEX" -Method PUT 92 | &$CURL -Headers $headers -Uri "$ELASTICSEARCH/$KIBANA_INDEX/_mapping/search" -Method PUT -Body '{"search": {"properties": {"hits": {"type": "integer"}, "version": {"type": "integer"}}}}' 93 | 94 | ForEach ($file in Get-ChildItem "$DIR/search/" -Filter *.json) { 95 | $name = [io.path]::GetFileNameWithoutExtension($file.Name) 96 | echo "Loading search $($name):" 97 | &$CURL -Headers $headers -Uri "$ELASTICSEARCH/$KIBANA_INDEX/search/$name" -Method PUT -Body $(Get-Content "$DIR/search/$file") 98 | } 99 | 100 | ForEach ($file in Get-ChildItem "$DIR/visualization/" -Filter *.json) { 101 | $name = [io.path]::GetFileNameWithoutExtension($file.Name) 102 | echo "Loading visualization $($name):" 103 | &$CURL -Headers $headers -Uri "$ELASTICSEARCH/$KIBANA_INDEX/visualization/$name" -Method PUT -Body $(Get-Content "$DIR/visualization/$file") 104 | } 105 | 106 | ForEach ($file in Get-ChildItem "$DIR/dashboard/" -Filter *.json) { 107 | $name = [io.path]::GetFileNameWithoutExtension($file.Name) 108 | echo "Loading dashboard $($name):" 109 | &$CURL -Headers $headers -Uri "$ELASTICSEARCH/$KIBANA_INDEX/dashboard/$name" -Method PUT -Body $(Get-Content "$DIR/dashboard/$file") 110 | } 111 | 112 | ForEach ($file in Get-ChildItem "$DIR/index-pattern/" -Filter *.json) { 113 | $json = Get-Content "$DIR/index-pattern/$file" -Raw | ConvertFrom-Json 114 | $name = $json.title 115 | echo "Loading index-pattern $($name):" 116 | &$CURL -Headers $headers -Uri "$ELASTICSEARCH/$KIBANA_INDEX/index-pattern/$name" -Method PUT -Body $(Get-Content "$DIR/index-pattern/$file") 117 | } 118 | -------------------------------------------------------------------------------- /load.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Usage examples: 4 | # env KIBANA_INDEX='.kibana_env1' ./load.sh 5 | # ./load.sh -url http://test.com:9200 6 | # ./load.sh -url http://test.com:9200 -user admin:secret 7 | # ./load.sh -url http://test.com:9200 -index .kibana-test 8 | 9 | # The default value of the variable. Initialize your own variables here 10 | ELASTICSEARCH=http://localhost:9200 11 | CURL=curl 12 | KIBANA_INDEX=".kibana" 13 | BEAT_CONFIG=".beatconfig" 14 | 15 | print_usage() { 16 | echo " 17 | 18 | Load the dashboards, visualizations and index patterns into the given 19 | Elasticsearch instance. 20 | 21 | Usage: 22 | $(basename "$0") -url ${ELASTICSEARCH} -user admin:secret -index ${KIBANA_INDEX} 23 | 24 | Options: 25 | -h | -help 26 | Print the help menu. 27 | -l | -url 28 | Elasticseacrh URL. By default is ${ELASTICSEARCH}. 29 | -u | -user 30 | Username and password for authenticating to Elasticsearch using Basic 31 | Authentication. The username and password should be separated by a 32 | colon (i.e. "admin:secret"). By default no username and password are 33 | used. 34 | -i | -index 35 | Kibana index pattern where to save the dashboards, visualizations, 36 | index patterns. By default is ${KIBANA_INDEX}. 37 | 38 | " >&2 39 | } 40 | 41 | while [ "$1" != "" ]; do 42 | case $1 in 43 | -l | -url ) 44 | ELASTICSEARCH=$2 45 | if [ "$ELASTICSEARCH" = "" ]; then 46 | echo "Error: Missing Elasticsearch URL" 47 | print_usage 48 | exit 1 49 | fi 50 | ;; 51 | 52 | -u | -user ) 53 | USER=$2 54 | if [ "$USER" = "" ]; then 55 | echo "Error: Missing username" 56 | print_usage 57 | exit 1 58 | fi 59 | CURL="${CURL} --user ${USER}" 60 | ;; 61 | 62 | -i | -index ) 63 | KIBANA_INDEX=$2 64 | if [ "$KIBANA_INDEX" = "" ]; then 65 | echo "Error: Missing Kibana index pattern" 66 | print_usage 67 | exit 1 68 | fi 69 | ;; 70 | 71 | -h | -help ) 72 | print_usage 73 | exit 0 74 | ;; 75 | 76 | *) 77 | echo "Error: Unknown option $2" 78 | print_usage 79 | exit 1 80 | ;; 81 | 82 | esac 83 | shift 2 84 | done 85 | 86 | if [ -f ${BEAT_CONFIG} ]; then 87 | for ln in `cat ${BEAT_CONFIG}`; do 88 | BUILD_STRING="${BUILD_STRING}s/${ln}/g;" 89 | done 90 | SED_STRING=`echo ${BUILD_STRING} | sed 's/;$//'` 91 | fi 92 | # Failsafe 93 | if [ -z ${SED_STRING} ]; then 94 | SED_STRING="s/packetbeat-/packetbeat-/g;s/filebeat-/filebeat-/g;s/topbeat-/topbeat-/g;s/winlogonbeat-/winlogonbeat-/g" 95 | fi 96 | 97 | DIR=dashboards 98 | echo "Loading dashboards to ${ELASTICSEARCH} in ${KIBANA_INDEX}" 99 | 100 | # Workaround for: https://github.com/elastic/beats-dashboards/issues/94 101 | ${CURL} -XPUT "${ELASTICSEARCH}/${KIBANA_INDEX}" 102 | ${CURL} -XPUT "${ELASTICSEARCH}/${KIBANA_INDEX}/_mapping/search" -d'{"search": {"properties": {"hits": {"type": "integer"}, "version": {"type": "integer"}}}}' 103 | 104 | TMP_SED_FILE="${DIR}/search/tmp_search.json" 105 | for file in ${DIR}/search/*.json 106 | do 107 | NAME=`basename ${file} .json` 108 | echo "Loading search ${NAME}:" 109 | sed ${SED_STRING} ${file} > ${TMP_SED_FILE} 110 | ${CURL} -XPUT ${ELASTICSEARCH}/${KIBANA_INDEX}/search/${NAME} \ 111 | -d @${TMP_SED_FILE} || exit 1 112 | echo 113 | done 114 | rm ${TMP_SED_FILE} 115 | 116 | for file in ${DIR}/visualization/*.json 117 | do 118 | NAME=`basename ${file} .json` 119 | echo "Loading visualization ${NAME}:" 120 | ${CURL} -XPUT ${ELASTICSEARCH}/${KIBANA_INDEX}/visualization/${NAME} \ 121 | -d @${file} || exit 1 122 | echo 123 | done 124 | 125 | for file in ${DIR}/dashboard/*.json 126 | do 127 | NAME=`basename ${file} .json` 128 | echo "Loading dashboard ${NAME}:" 129 | ${CURL} -XPUT ${ELASTICSEARCH}/${KIBANA_INDEX}/dashboard/${NAME} \ 130 | -d @${file} || exit 1 131 | echo 132 | done 133 | 134 | for file in ${DIR}/index-pattern/*.json 135 | do 136 | NAME=`awk '$1 == "\"title\":" {gsub(/[",]/, "", $2); print $2}' ${file}` 137 | echo "Loading index pattern ${NAME}:" 138 | 139 | ${CURL} -XPUT ${ELASTICSEARCH}/${KIBANA_INDEX}/index-pattern/${NAME} \ 140 | -d @${file} || exit 1 141 | echo 142 | done 143 | -------------------------------------------------------------------------------- /dashboards/index-pattern/packetbeat.json: -------------------------------------------------------------------------------- 1 | { 2 | "fields": "[{\"name\":\"mysql.error_message\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"path\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"client_ip\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"dest.ip_location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"dest.ipv6_location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"mysql.num_fields\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"method\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"query\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"ip\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"params\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":false},{\"name\":\"beat.name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"start_time\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"source.ipv6_location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"port\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"dest.outer_ipv6_location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"status\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"mysql.error_code\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"server\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"request\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":false},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"client_port\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"client_location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"last_time\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"responsetime\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"source.outer_ipv6_location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"mysql.insert_id\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"proc\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"dest.outer_ip_location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"source.outer_ip_location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"client_proc\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"source.ip_location\",\"type\":\"geo_point\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"beat.hostname\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"client_server\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"mysql.num_rows\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"mysql.affected_rows\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"response\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":false},{\"name\":\"mysql.iserror\",\"type\":\"boolean\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"flow_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"source.ip\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"dest.port\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"dest.ip\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"transport\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"source.port\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"connection_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"final\",\"type\":\"boolean\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"source.stats.net_packets_total\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"dest.stats.net_packets_total\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"dest.stats.net_bytes_total\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"bytes_out\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"bytes_in\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"source.stats.net_bytes_total\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"rpc.call_size\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"nfs.status\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"rpc.xid\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"rpc.time_str\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"rpc.auth_flavor\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"rpc.cred.machinename\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"rpc.cred.stamp\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"rpc.cred.gid\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"rpc.cred.gids\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"rpc.cred.uid\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"rpc.reply_size\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"nfs.opcode\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"rpc.status\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"rpc.time\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true}]", 3 | "fieldFormatMap": "{\"rpc.reply_size\":{\"id\":\"bytes\"},\"rpc.call_size\":{\"id\":\"bytes\"},\"rpc.time\":{\"id\":\"number\",\"params\":{\"pattern\":\"\\\"0,0\\\"\"}},\"dest.stats.net_bytes_total\":{\"id\":\"bytes\"},\"bytes_out\":{\"id\":\"bytes\"},\"bytes_in\":{\"id\":\"bytes\"},\"source.stats.net_bytes_total\":{\"id\":\"bytes\"},\"rpc.cred.uid\":{\"id\":\"number\",\"params\":{\"pattern\":\"0\"}},\"rpc.cred.gid\":{\"id\":\"number\",\"params\":{\"pattern\":\"0\"}}}", 4 | "timeFieldName": "@timestamp", 5 | "title": "packetbeat-*" 6 | } 7 | -------------------------------------------------------------------------------- /dashboards/index-pattern/topbeat.json: -------------------------------------------------------------------------------- 1 | { 2 | "fields": "[{\"name\":\"proc.cpu.total\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"swap.used_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"_source\",\"type\":\"_source\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"count\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"proc.cpu.user\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"proc.mem.share\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"proc.ppid\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpu.system_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"load.load15\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"fs.used_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"beat.hostname\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"proc.mem.size\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"proc.mem.rss\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"load.load5\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"proc.name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"proc.cpu.start_time\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"proc.mem.rss_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"load.load1\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"proc.pid\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"_index\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"swap.actual_used_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpu.user_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"mem.actual_used_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"proc.state\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"@timestamp\",\"type\":\"date\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"beat.name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"proc.cpu.system\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"mem.used_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu1.system\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu3.user\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu3.steal\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu3.idle\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu3.system_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu2.system\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpu.irq\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"mem.used\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu2.user\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu2.softirq\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu1.nice\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"mem.total\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu0.idle\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"swap.used\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpu.steal\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpu.system\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu0.system\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"swap.total\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu1.system_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu3.iowait\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu2.nice\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu1.steal\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"mem.actual_used\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpu.softirq\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu3.nice\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"mem.actual_free\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu2.idle\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu3.user_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu2.iowait\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu3.irq\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"swap.free\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu2.system_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu0.user\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu0.steal\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu1.irq\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpu.idle\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpu.iowait\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu0.irq\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu0.user_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpu.nice\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu3.softirq\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu2.steal\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu1.idle\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu0.system_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu2.user_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu1.user\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu0.iowait\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"mem.free\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpu.user\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu1.iowait\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu2.irq\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu3.system\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu1.softirq\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu0.nice\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu0.softirq\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"cpus.cpu1.user_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"fs.files\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"fs.free_files\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"fs.device_name\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"fs.used\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"fs.avail\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"fs.free\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"fs.total\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"fs.mount_point\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"swap.actual_used\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"swap.actual_free\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"proc.cpu.total_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true},{\"name\":\"_id\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"_type\",\"type\":\"string\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"_score\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":false,\"analyzed\":false,\"doc_values\":false},{\"name\":\"proc.cpu.user_p\",\"type\":\"number\",\"count\":0,\"scripted\":false,\"indexed\":true,\"analyzed\":false,\"doc_values\":true}]", 3 | "fieldFormatMap": "{\"proc.mem.share\":{\"id\":\"bytes\"},\"proc.mem.size\":{\"id\":\"bytes\"},\"proc.mem.rss\":{\"id\":\"bytes\"},\"swap.free\":{\"id\":\"bytes\"},\"swap.used_p\":{\"id\":\"percent\"},\"mem.used\":{\"id\":\"bytes\"},\"load.load15\":{\"id\":\"number\"},\"cpu.system_p\":{\"id\":\"percent\"},\"mem.total\":{\"id\":\"bytes\"},\"fs.used_p\":{\"id\":\"percent\"},\"proc.mem.rss_p\":{\"id\":\"percent\"},\"load.load1\":{\"id\":\"number\"},\"load.load5\":{\"id\":\"number\"},\"cpu.user_p\":{\"id\":\"percent\"},\"swap.used\":{\"id\":\"bytes\"},\"mem.free\":{\"id\":\"bytes\"},\"mem.used_p\":{\"id\":\"percent\"},\"mem.actual_free\":{\"id\":\"bytes\"},\"mem.actual_used\":{\"id\":\"bytes\"},\"fs.used\":{\"id\":\"bytes\"},\"fs.avail\":{\"id\":\"bytes\"},\"fs.free\":{\"id\":\"bytes\"},\"fs.total\":{\"id\":\"bytes\"},\"swap.total\":{\"id\":\"bytes\"},\"proc.cpu.total_p\":{\"id\":\"percent\"}}", 4 | "timeFieldName": "@timestamp", 5 | "title": "topbeat-*" 6 | } --------------------------------------------------------------------------------