admingit
/
Deploiement_Server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Deploiement_Server/deployment-apps/DA-ITSI-CP-splunk-observabi.../default/data/ui/views/apm_overview.xml

252 lines
13 KiB
Raw Permalink Blame History

<form version="1.1">
<label>Splunk APM Overview - Splunk Observability Cloud</label>
<description>Providing quick access to R.E.D. metrics from your Splunk APM</description>
<search id="performance_search">
<query>| sim flow query="def weighted_duration(base, p, filter_, groupby):
error_durations = data(base + '.duration.ns.' + p, filter=filter_ and filter('sf_error', 'true'), rollup='max').mean(by=groupby, allow_missing=['sf_httpMethod'])
non_error_durations = data(base + '.duration.ns.' + p, filter=filter_ and filter('sf_error', 'false'), rollup='max').mean(by=groupby, allow_missing=['sf_httpMethod'])
error_counts = data(base + '.count', filter=filter_ and filter('sf_error', 'true'), rollup='sum').sum(by=groupby, allow_missing=['sf_httpMethod'])
non_error_counts = data(base + '.count', filter=filter_ and filter('sf_error', 'false'), rollup='sum').sum(by=groupby, allow_missing=['sf_httpMethod'])
error_weight = (error_durations * error_counts).sum(over='1m')
non_error_weight = (non_error_durations * non_error_counts).sum(over='1m')
total_weight = combine((error_weight if error_weight is not None else 0) + (non_error_weight if non_error_weight is not None else 0))
total = combine((error_counts if error_counts is not None else 0) + (non_error_counts if non_error_counts is not None else 0)).sum(over='1m')
return (total_weight / total)
filter_ = filter('sf_environment', '*') and filter('sf_service', '*') and filter('sf_error','*') and not filter('sf_dimensionalized', '*')
groupby = ['sf_service', 'sf_environment', 'sf_error']
weighted_duration('service.request', 'median', filter_, groupby).publish(label='medianLatency')"
| search sf_service = "$o11y_sf_service$"
| stats avg(_value) as medianLatency by sf_environment
</query>
<earliest>$earliest$</earliest>
<latest>$latest$</latest>
<sampleRatio>1</sampleRatio>
</search>
<search id="duration_search">
<query>| mstats avg(*) span=5m WHERE `itsi-cp-observability-indexes` AND sf_streamLabel="thruput_avg_rate" GROUPBY sf_service sf_environment
| rename avg(service.request.count) as "thruput_avg_rate"
| search sf_service = "$o11y_sf_service$"
| eval thruput_avg_rate = thruput_avg_rate
| timechart avg(thruput_avg_rate) by sf_service
</query>
<earliest>$earliest$</earliest>
<latest>$latest$</latest>
<sampleRatio>1</sampleRatio>
</search>
<search id="error_search">
<query>| sim flow query="filter_ = filter('sf_environment', '*') and filter('sf_service', '*') and (not filter('sf_dimensionalized', '*'))
Errors = data('service.request.count', filter=filter_ and filter('sf_error', 'true'), rollup='delta').sum(by=['sf_environment', 'sf_service']).publish(label='Errors', enable=False)
Requests = data('service.request.count', filter=filter_, rollup='delta').sum(by=['sf_environment', 'sf_service']).publish(label='Requests', enable=False)
ErrorRate = combine(100*((Errors if Errors is not None else 0) / Requests)).publish(label='ErrorRate', enable=True)"
| search sf_service = "$o11y_sf_service$"
| stats avg(_value) as ErrorRate by _time
</query>
<earliest>$earliest$</earliest>
<latest>$latest$</latest>
<sampleRatio>1</sampleRatio>
</search>
<fieldset submitButton="false" autoRun="true">
<input type="time" searchWhenChanged="true">
<label>Time</label>
<default>
<earliest>-24h@h</earliest>
<latest>now</latest>
</default>
</input>
<input type="dropdown" token="o11y_sf_service" searchWhenChanged="true">
<label>Splunk APM Service</label>
<fieldForLabel>sf_service</fieldForLabel>
<fieldForValue>sf_service</fieldForValue>
<search>
<query>| mstats avg(*) span=5m WHERE `itsi-cp-observability-indexes` AND sf_environment="*" GROUPBY sf_service
|dedup sf_service
|table sf_service
|sort sf_service asc</query>
<earliest>-15m</earliest>
<latest>now</latest>
</search>
<choice value="*">All</choice>
<initialValue>*</initialValue>
</input>
</fieldset>
<row>
<panel>
<title>RATE: Splunk APM (SINGLE VALUE)</title>
<single>
<title>Request rate</title>
<search>
<query>| mstats avg(*) span=5m WHERE `itsi-cp-observability-indexes` AND sf_streamLabel="thruput_avg_rate" GROUPBY sf_service sf_environment
| rename avg(service.request.count) as "thruput_avg_rate"
| search sf_service = "$o11y_sf_service$"
| eval thruput_avg_rate = thruput_avg_rate
| stats avg(thruput_avg_rate) as DurationRate</query>
<earliest>-24h@h</earliest>
<latest>now</latest>
</search>
<option name="drilldown">none</option>
<option name="numberPrecision">0.0</option>
<option name="rangeColors">["0x53a051","0x0877a6","0xf8be34","0xf1813f","0xdc4e41"]</option>
<option name="refresh.display">progressbar</option>
<option name="unit">/s Requests</option>
<option name="useColors">0</option>
</single>
</panel>
<panel>
<title>RATE: Splunk APM</title>
<chart>
<title>Rate as throughput over time</title>
<search base="duration_search">
<query/>
</search>
<option name="charting.axisLabelsX.majorLabelStyle.overflowMode">ellipsisNone</option>
<option name="charting.axisLabelsX.majorLabelStyle.rotation">0</option>
<option name="charting.axisLabelsY.majorUnit">1</option>
<option name="charting.axisTitleX.visibility">collapsed</option>
<option name="charting.axisTitleY.visibility">collapsed</option>
<option name="charting.axisTitleY2.visibility">visible</option>
<option name="charting.axisX.scale">linear</option>
<option name="charting.axisY.minimumNumber">0</option>
<option name="charting.axisY.scale">linear</option>
<option name="charting.axisY2.enabled">0</option>
<option name="charting.axisY2.scale">inherit</option>
<option name="charting.chart">line</option>
<option name="charting.chart.bubbleMaximumSize">50</option>
<option name="charting.chart.bubbleMinimumSize">10</option>
<option name="charting.chart.bubbleSizeBy">area</option>
<option name="charting.chart.nullValueMode">connect</option>
<option name="charting.chart.showDataLabels">none</option>
<option name="charting.chart.sliceCollapsingThreshold">0.01</option>
<option name="charting.chart.stackMode">default</option>
<option name="charting.chart.style">shiny</option>
<option name="charting.drilldown">all</option>
<option name="charting.fieldColors">{"Unavailable":0xB50101,"Available":0x99D18B}</option>
<option name="charting.layout.splitSeries">0</option>
<option name="charting.layout.splitSeries.allowIndependentYRanges">0</option>
<option name="charting.legend.labelStyle.overflowMode">ellipsisMiddle</option>
<option name="charting.legend.placement">right</option>
<option name="refresh.display">progressbar</option>
</chart>
</panel>
</row>
<row>
<panel>
<title>ERROR: Splunk APM (SINGLE VALUE)</title>
<single>
<search>
<query>| sim flow query="filter_ = filter('sf_environment', '*') and filter('sf_service', '*') and (not filter('sf_dimensionalized', '*'))
Errors = data('service.request.count', filter=filter_ and filter('sf_error', 'true'), rollup='delta').sum(by=['sf_environment', 'sf_service']).publish(label='Errors', enable=False)
Requests = data('service.request.count', filter=filter_, rollup='delta').sum(by=['sf_environment', 'sf_service']).publish(label='Requests', enable=False)
ErrorRate = combine(100*((Errors if Errors is not None else 0) / Requests)).publish(label='ErrorRate', enable=True)"
| search sf_service = "$o11y_sf_service$"
| stats avg(_value) as ErrorRate
</query>
</search>
<option name="drilldown">none</option>
<option name="numberPrecision">0.0</option>
<option name="rangeColors">["0x53a051","0x0877a6","0xf8be34","0xf1813f","0xdc4e41"]</option>
<option name="unit">% Total Errors</option>
<option name="unitPosition">after</option>
<option name="useThousandSeparators">0</option>
</single>
</panel>
<panel>
<title>ERROR: Splunk APM</title>
<chart>
<title>Error percentage over time</title>
<search base="error_search">
<query>
</query>
</search>
<option name="charting.axisTitleX.visibility">visible</option>
<option name="charting.axisTitleY.visibility">collapsed</option>
<option name="charting.axisX.scale">linear</option>
<option name="charting.axisY.scale">linear</option>
<option name="charting.chart">line</option>
<option name="charting.chart.bubbleSizeBy">area</option>
<option name="charting.chart.nullValueMode">connect</option>
<option name="charting.chart.showDataLabels">none</option>
<option name="charting.legend.placement">right</option>
<option name="refresh.display">progressbar</option>
<option name="refresh.time.visible">0</option>
</chart>
</panel>
</row>
<row>
<panel>
<title>DURATION: Splunk APM (SINGLE VALUE)</title>
<single>
<search>
<query>| sim flow query="def weighted_duration(base, p, filter_, groupby):
error_durations = data(base + '.duration.ns.' + p, filter=filter_ and filter('sf_error', 'true'), rollup='max').mean(by=groupby, allow_missing=['sf_httpMethod'])
non_error_durations = data(base + '.duration.ns.' + p, filter=filter_ and filter('sf_error', 'false'), rollup='max').mean(by=groupby, allow_missing=['sf_httpMethod'])
error_counts = data(base + '.count', filter=filter_ and filter('sf_error', 'true'), rollup='sum').sum(by=groupby, allow_missing=['sf_httpMethod'])
non_error_counts = data(base + '.count', filter=filter_ and filter('sf_error', 'false'), rollup='sum').sum(by=groupby, allow_missing=['sf_httpMethod'])
error_weight = (error_durations * error_counts).sum(over='1m')
non_error_weight = (non_error_durations * non_error_counts).sum(over='1m')
total_weight = combine((error_weight if error_weight is not None else 0) + (non_error_weight if non_error_weight is not None else 0))
total = combine((error_counts if error_counts is not None else 0) + (non_error_counts if non_error_counts is not None else 0)).sum(over='1m')
return (total_weight / total)
filter_ = filter('sf_environment', '*') and filter('sf_service', '*') and filter('sf_error','*') and not filter('sf_dimensionalized', '*')
groupby = ['sf_service', 'sf_environment', 'sf_error']
weighted_duration('service.request', 'median', filter_, groupby).publish(label='medianLatency')"
| search sf_service = "$o11y_sf_service$"
| stats avg(_value) as medianLatency
| eval medianLatency=medianLatency/100000000/300</query>
<earliest>-24h@h</earliest>
<latest>now</latest>
</search>
<option name="drilldown">none</option>
<option name="numberPrecision">0.0</option>
<option name="rangeColors">["0x53a051","0x0877a6","0xf8be34","0xf1813f","0xdc4e41"]</option>
<option name="refresh.display">progressbar</option>
<option name="unit">ms Latency</option>
<option name="useThousandSeparators">0</option>
</single>
</panel>
<panel>
<title>DURATION: Splunk APM</title>
<chart>
<title>Duration as median latency by environment</title>
<search base="performance_search">
<query>| eval medianLatency=medianLatency/10000000</query>
</search>
<option name="charting.axisLabelsX.majorLabelStyle.overflowMode">ellipsisNone</option>
<option name="charting.axisLabelsX.majorLabelStyle.rotation">0</option>
<option name="charting.axisLabelsY.majorUnit">1</option>
<option name="charting.axisTitleX.visibility">visible</option>
<option name="charting.axisTitleY.visibility">visible</option>
<option name="charting.axisTitleY2.visibility">visible</option>
<option name="charting.axisX.scale">linear</option>
<option name="charting.axisY.minimumNumber">0</option>
<option name="charting.axisY.scale">linear</option>
<option name="charting.axisY2.enabled">0</option>
<option name="charting.axisY2.scale">inherit</option>
<option name="charting.chart">line</option>
<option name="charting.chart.bubbleMaximumSize">50</option>
<option name="charting.chart.bubbleMinimumSize">10</option>
<option name="charting.chart.bubbleSizeBy">area</option>
<option name="charting.chart.nullValueMode">gaps</option>
<option name="charting.chart.showDataLabels">none</option>
<option name="charting.chart.sliceCollapsingThreshold">0.01</option>
<option name="charting.chart.stackMode">stacked</option>
<option name="charting.chart.style">shiny</option>
<option name="charting.drilldown">all</option>
<option name="charting.fieldColors">{"Unavailable":0xB50101,"Available":0x99D18B}</option>
<option name="charting.layout.splitSeries">0</option>
<option name="charting.layout.splitSeries.allowIndependentYRanges">0</option>
<option name="charting.legend.labelStyle.overflowMode">ellipsisMiddle</option>
<option name="charting.legend.placement">right</option>
<option name="refresh.display">progressbar</option>
<option name="trellis.enabled">0</option>
</chart>
</panel>
</row>
</form>
Reference in new issue View Git Blame Copy Permalink