Deploiement_Server/deployment-apps/DA-ITSI-CP-splunk-observability/itsi/kpi_base_searches/da-itsi-cp-splunk-observability-sim-cloud-azure-vm.json

{
    "alert_lag": 30,
    "alert_period": "5",
    "base_search": "| union \n    [| mstats avg(\"Percentage CPU\") as azure_cpu_percentage,\n    sum(\"Network In\") as azure_network_in,\n    sum(\"Network Out\") as azure_network_out \n    where \"azure_resource_name\"=* AND `itsi-cp-observability-indexes` by azure_resource_id, azure_resource_name span=15m]\n    [| mstats sum(\"Disk Read Bytes\") as azure_disk_read_bytes,\n    sum(\"Disk Write Bytes\") as azure_disk_write_bytes\n    where primary_aggregation_type=true AND resource_type=\"Microsoft.Compute/virtualMachines\" AND azure_resource_name=* AND `itsi-cp-observability-indexes` by azure_resource_id, azure_resource_name span=15m]\n| eval ITSIUniqueId = azure_resource_id + azure_resource_name|  rename azure_resource_name as ResourceName\n| table _time, ITSIUniqueId, ResourceName, azure_resource_id, azure_cpu_percentage, azure_disk_read_bytes, azure_disk_write_bytes, azure_network_in, azure_network_out",
    "description": "This gets SIM metrics in the Azure environment from Azure Monitor.",
    "entity_filter_field": "ITSIUniqueId",
    "entity_split_field": "ITSIUniqueId",
    "is_filter_entities_to_service": true,
    "is_split_by_entity": true,
    "key": "da-itsi-cp-splunk-observability-sim-cloud-azure-vm",
    "metric_qualifier": "",
    "metrics": [
        {
            "aggregate_statop": "avg",
            "entity_statop": "avg",
            "fill_gaps": "null_value",
            "gap_custom_alert_value": "0",
            "gap_severity": "unknown",
            "gap_severity_color": "#CCCCCC",
            "gap_severity_color_light": "#EEEEEE",
            "gap_severity_value": "-1",
            "key": "azure-cpu-percentage",
            "threshold_field": "azure_cpu_percentage",
            "title": "Azure CPU Percentage",
            "unit": "%"
        },
        {
            "aggregate_statop": "avg",
            "entity_statop": "avg",
            "fill_gaps": "null_value",
            "gap_custom_alert_value": "0",
            "gap_severity": "unknown",
            "gap_severity_color": "#CCCCCC",
            "gap_severity_color_light": "#EEEEEE",
            "gap_severity_value": "-1",
            "key": "azure-disk-read-bytes",
            "threshold_field": "azure_disk_read_bytes",
            "title": "Azure Disk Read Bytes",
            "unit": "b"
        },
        {
            "aggregate_statop": "avg",
            "entity_statop": "avg",
            "fill_gaps": "null_value",
            "gap_custom_alert_value": "0",
            "gap_severity": "unknown",
            "gap_severity_color": "#CCCCCC",
            "gap_severity_color_light": "#EEEEEE",
            "gap_severity_value": "-1",
            "key": "azure-disk-write-bytes",
            "threshold_field": "azure_disk_write_bytes",
            "title": "Azure Disk Write Bytes",
            "unit": "b"
        },
        {
            "aggregate_statop": "avg",
            "entity_statop": "avg",
            "fill_gaps": "null_value",
            "gap_custom_alert_value": "0",
            "gap_severity": "unknown",
            "gap_severity_color": "#CCCCCC",
            "gap_severity_color_light": "#EEEEEE",
            "gap_severity_value": "-1",
            "key": "azure-network-in",
            "threshold_field": "azure_network_in",
            "title": "Azure Network In",
            "unit": ""
        },
        {
            "aggregate_statop": "avg",
            "entity_statop": "avg",
            "fill_gaps": "null_value",
            "gap_custom_alert_value": "0",
            "gap_severity": "unknown",
            "gap_severity_color": "#CCCCCC",
            "gap_severity_color_light": "#EEEEEE",
            "gap_severity_value": "-1",
            "key": "azure-network-out",
            "threshold_field": "azure_network_out",
            "title": "Azure Network Out",
            "unit": ""
        }
    ],
    "search_alert_earliest": "15",
    "title": "SIM_cloud_azure_vm",
    "version": "0.0.38"
}