You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
276 lines
23 KiB
276 lines
23 KiB
[ITSI Import Objects - Get_SIM_AWS_EC2]
|
|
action.itsi_import_objects = 1
|
|
action.itsi_import_objects.param.backfill_enabled = 0
|
|
action.itsi_import_objects.param.entity_identifier_fields = AccountID,Region
|
|
action.itsi_import_objects.param.entity_informational_fields = SignalFxRealm,entity_type,SignalFxOrganizationID,SignalFxNavigator,SignalFxCloudServiceId,SignalFxCloudRegion,SignalFxCloudAccountId,InstanceType,ImageId,Cloud
|
|
action.itsi_import_objects.param.entity_merge_field = InstanceId
|
|
action.itsi_import_objects.param.entity_title_field = InstanceId
|
|
action.itsi_import_objects.param.entity_type_field = entity_type_field
|
|
action.itsi_import_objects.param.service_enabled = 1
|
|
action.itsi_import_objects.param.service_team = default_itsi_security_group
|
|
action.itsi_import_objects.param.service_templates_config = {}
|
|
action.itsi_import_objects.param.update_type = upsert
|
|
alert.track = 0
|
|
cron_schedule = */10 * * * *
|
|
dispatch.earliest_time = -60m
|
|
dispatch.latest_time = now
|
|
enableSched = 1
|
|
disabled=1
|
|
search = | mcatalog values(_dims) where `itsi-cp-observability-indexes` AND namespace=AWS/EC2 AND aws_account_id=* AND InstanceId=* by InstanceId, aws_account_id, aws_region, aws_image_id, aws_instance_type, sf_organizationID, sf_realm | dedup InstanceId | rename InstanceId as dim.InstanceId aws_account_id as dim.AccountID aws_region as dim.Region aws_image_id as dim.ImageId aws_instance_type as dim.InstanceType sf_organizationID as dim.SignalFxOrganizationID sf_realm as dim.SignalFxRealm | fields dim.* | rename dim.* as * | eval Cloud = "AWS", entity_type="AWS EC2", entity_type_field=entity_type + ",Splunk Infrastructure Monitoring", SignalFxNavigator = "AWS%20instances", SignalFxCloudRegion = "aws_region:" + Region, SignalFxCloudServiceId = InstanceId, SignalFxCloudAccountId = "aws_account_id:" + AccountID
|
|
|
|
[ITSI Import Objects - Get_SIM_AWS_Lambdas]
|
|
action.itsi_import_objects = 1
|
|
action.itsi_import_objects.param.backfill_enabled = 0
|
|
action.itsi_import_objects.param.entity_identifier_fields = ITSIUniqueId,Region,AccountID
|
|
action.itsi_import_objects.param.entity_informational_fields = entity_type,entity_description,SignalFxRealm,SignalFxOrganizationID,SignalFxNavigator,SignalFxCloudServiceId,SignalFxCloudRegion,SignalFxCloudAccountId,Cloud
|
|
action.itsi_import_objects.param.entity_merge_field = FunctionName
|
|
action.itsi_import_objects.param.entity_title_field = FunctionName
|
|
action.itsi_import_objects.param.entity_type_field = entity_type_field
|
|
action.itsi_import_objects.param.service_enabled = 1
|
|
action.itsi_import_objects.param.service_team = default_itsi_security_group
|
|
action.itsi_import_objects.param.service_templates_config = {}
|
|
action.itsi_import_objects.param.update_type = upsert
|
|
alert.track = 0
|
|
cron_schedule = */10 * * * *
|
|
dispatch.earliest_time = -60m
|
|
dispatch.latest_time = now
|
|
enableSched = 1
|
|
disabled=1
|
|
search = | mcatalog values(_dims) where `itsi-cp-observability-indexes` AND aws_account_id=* AND namespace="AWS/Lambda" AND Resource=* by aws_function_name, aws_account_id, aws_region, sf_organizationID, sf_realm | dedup aws_function_name, aws_account_id, aws_region | rename Resource as dim.Resource aws_function_name as dim.FunctionName aws_account_id as dim.AccountID aws_region as dim.Region sf_organizationID as dim.SignalFxOrganizationID sf_realm as dim.SignalFxRealm | fields dim.* | rename dim.* as * | eval Cloud = "AWS", entity_type="AWS Lambda", entity_type_field=entity_type + ",Splunk Infrastructure Monitoring", entity_description="Function name: " + FunctionName + " in Region: " + Region + " in Account: " + AccountID, SignalFxNavigator = "lambda", SignalFxCloudRegion = "aws_region:" + Region, SignalFxCloudServiceId = FunctionName, SignalFxCloudAccountId = "aws_account_id:" + AccountID, ITSIUniqueId = AccountID + Region + FunctionName
|
|
|
|
[ITSI Import Objects - Get_SIM_Azure_Functions]
|
|
action.itsi_import_objects = 1
|
|
action.itsi_import_objects.param.backfill_enabled = 0
|
|
action.itsi_import_objects.param.entity_identifier_fields = ITSIUniqueId,Location,SubscriptionId,ResourceId
|
|
action.itsi_import_objects.param.entity_informational_fields = entity_type,entity_description,SubscriptionName,SignalFxRealm,SignalFxOrganizationID,SignalFxNavigator,SignalFxCloudServiceId,SignalFxCloudRegion,SignalFxCloudAccountId,ResourceGroupName,Cloud
|
|
action.itsi_import_objects.param.entity_merge_field = FunctionName
|
|
action.itsi_import_objects.param.entity_title_field = FunctionName
|
|
action.itsi_import_objects.param.entity_type_field = entity_type_field
|
|
action.itsi_import_objects.param.service_enabled = 1
|
|
action.itsi_import_objects.param.service_team = default_itsi_security_group
|
|
action.itsi_import_objects.param.service_templates_config = {}
|
|
action.itsi_import_objects.param.update_type = upsert
|
|
cron_schedule = */10 * * * *
|
|
dispatch.earliest_time = -60m
|
|
dispatch.latest_time = now
|
|
enableSched = 1
|
|
disabled=1
|
|
search = | mcatalog values(_dims) where `itsi-cp-observability-indexes` AND azure_resource_id=* AND is_Azure_Function=true by azure_resource_name, azure_region, azure_resource_id, azure_resource_group_name, azure_subscription_display_name, subscription_id, sf_organizationID, sf_realm | dedup azure_resource_name, azure_region, azure_resource_id | rename azure_resource_id as dim.ResourceId azure_resource_name as dim.FunctionName azure_region as dim.Location azure_resource_group_name as dim.ResourceGroupName azure_subscription_display_name as dim.SubscriptionName subscription_id as dim.SubscriptionId sf_organizationID as dim.SignalFxOrganizationID sf_realm as dim.SignalFxRealm | fields dim.* | rename dim.* as * | eval Cloud = "Azure", entity_type="Azure Functions", entity_type_field=entity_type + ",Splunk Infrastructure Monitoring", entity_description="Function name: " + FunctionName + " in Location: " + Location + " in Subscription: " + SubscriptionId, SignalFxNavigator = "azurefunctions", SignalFxCloudRegion = "azure_region:" + Location, SignalFxCloudServiceId = FunctionName, SignalFxCloudAccountId = "subscription_id:" + SubscriptionId, ITSIUniqueId = SubscriptionId + Location + FunctionName
|
|
|
|
[ITSI Import Objects - Get_SIM_GCP_Functions]
|
|
action.itsi_import_objects = 1
|
|
action.itsi_import_objects.param.backfill_enabled = 0
|
|
action.itsi_import_objects.param.entity_identifier_fields = ITSIUniqueId,Zone,ProjectId
|
|
action.itsi_import_objects.param.entity_informational_fields = entity_description,entity_type,SignalFxRealm,SignalFxOrganizationID,SignalFxNavigator,SignalFxCloudServiceId,SignalFxCloudRegion,SignalFxCloudAccountId,ProjectNumber,ProjectName,Id,Cloud
|
|
action.itsi_import_objects.param.entity_merge_field = FunctionName
|
|
action.itsi_import_objects.param.entity_title_field = FunctionName
|
|
action.itsi_import_objects.param.entity_type_field = entity_type_field
|
|
action.itsi_import_objects.param.service_enabled = 1
|
|
action.itsi_import_objects.param.service_team = default_itsi_security_group
|
|
action.itsi_import_objects.param.service_templates_config = {}
|
|
action.itsi_import_objects.param.update_type = upsert
|
|
cron_schedule = */10 * * * *
|
|
dispatch.earliest_time = -60m
|
|
dispatch.latest_time = now
|
|
enableSched = 1
|
|
disabled=1
|
|
search = | mcatalog values(_dims) where `itsi-cp-observability-indexes` AND function_name=* AND gcp_id=* by gcp_id, function_name, region, project_id, gcp_project_number, gcp_project_name, sf_organizationID, sf_realm | dedup gcp_id | rename gcp_id as dim.Id function_name as dim.FunctionName region as dim.Zone project_id as dim.ProjectId gcp_project_number as dim.ProjectNumber gcp_project_name as dim.ProjectName sf_organizationID as dim.SignalFxOrganizationID sf_realm as dim.SignalFxRealm | fields dim.* | rename dim.* as * | eval Cloud = "GCP", entity_type="GCP Cloud Functions", entity_type_field=entity_type + ",Splunk Infrastructure Monitoring", entity_description="Project: " + ProjectId + ", Function name: " + FunctionName + ", Zone: " + Zone, SignalFxNavigator = "gcp%20cloudfunctions", SignalFxCloudRegion = "zone:" + Zone, SignalFxCloudServiceId = FunctionName, SignalFxCloudAccountId = "project_id:" + ProjectId, ITSIUniqueId = ProjectId + Zone + FunctionName
|
|
|
|
[ITSI Import Objects - Splunk-APM Application Entity Search]
|
|
action.itsi_import_objects = 1
|
|
action.itsi_import_objects.param.backfill_enabled = 0
|
|
action.itsi_import_objects.param.entity_description_fields = description
|
|
action.itsi_import_objects.param.entity_informational_fields = SplunkApmEntity,sf_environment,type,sf_organizationID,sf_realm,splunkAPMLinkUrl,splunkApmLinkbase,splunkApmLinkFilters1,splunkApmLinkFilters2,splunkApmLinkFilters3,splunkApmLinkSelectedNode,splunkApmLinkSelectedNodeTags,splunkApmLinkSelectedNodeTagValue,endTime,startTime
|
|
action.itsi_import_objects.param.entity_merge_field = SplunkApmEntity
|
|
action.itsi_import_objects.param.entity_title_field = sf_service
|
|
action.itsi_import_objects.param.entity_type_field = entityType
|
|
action.itsi_import_objects.param.service_enabled = 1
|
|
action.itsi_import_objects.param.service_team = default_itsi_security_group
|
|
action.itsi_import_objects.param.service_templates_config = {}
|
|
action.itsi_import_objects.param.update_type = upsert
|
|
alert.track = 0
|
|
cron_schedule = 0 * * * *
|
|
dispatch.earliest_time = -60m@m
|
|
dispatch.latest_time = now
|
|
enableSched = 1
|
|
disabled=1
|
|
schedule_window = auto
|
|
search = | mstats avg(*) span=5m WHERE `itsi-cp-observability-indexes` AND sf_environment="*" GROUPBY sf_environment sf_service sf_streamLabel sf_organizationID sf_realm \
|
|
| eval entityType="SplunkAPM", description="Splunk Application Performance Monitoring (APM)", type="SplunkAPM", SplunkApmEntity = sf_service + "-" + sf_environment + "-" + sf_organizationID + "-" + sf_realm \
|
|
| table SplunkApmEntity sf_service sf_environment entityType description type sf_organizationID sf_realm
|
|
|
|
[ITSI Import Objects - Get_OS_Hosts]
|
|
action.itsi_import_objects = 1
|
|
action.itsi_import_objects.param.backfill_enabled = 0
|
|
action.itsi_import_objects.param.entity_identifier_fields = ITSIUniqueId
|
|
action.itsi_import_objects.param.entity_informational_fields = extracted_host,entity_type,SignalFxRealm,SignalFxOrganizationID,SignalFxNavigator,SignalFxCloudServiceId,Cloud,computationId
|
|
action.itsi_import_objects.param.entity_merge_field = host_name
|
|
action.itsi_import_objects.param.entity_title_field = host_name
|
|
action.itsi_import_objects.param.entity_type_field = entity_type
|
|
action.itsi_import_objects.param.service_enabled = 1
|
|
action.itsi_import_objects.param.service_team = default_itsi_security_group
|
|
action.itsi_import_objects.param.service_templates_config = {}
|
|
action.itsi_import_objects.param.update_type = upsert
|
|
alert.track = 0
|
|
cron_schedule = */10 * * * *
|
|
dispatch.earliest_time = -60m
|
|
dispatch.latest_time = now
|
|
enableSched = 1
|
|
disabled=1
|
|
search = | mcatalog values(_dims) where `itsi-cp-observability-indexes` AND cluster!=* AND host.name=* by host.name,extracted_host, computationId, sf_organizationID, sf_realm | dedup host.name | rename host.name as dim.host_name extracted_host as dim.extracted_host computationId as dim.computationId sf_organizationID as dim.SignalFxOrganizationID sf_realm as dim.SignalFxRealm | fields dim.* | rename dim.* as * | eval Cloud = "My Data Center Hosts", entity_type="OS Hosts", SignalFxNavigator = "OS%20Host", SignalFxCloudServiceId = host_name, ITSIUniqueId = host_name + "_" + computationId
|
|
|
|
[ITSI Import Objects - Get_SIM_GCP_Compute]
|
|
action.itsi_import_objects = 1
|
|
action.itsi_import_objects.param.backfill_enabled = 0
|
|
action.itsi_import_objects.param.entity_identifier_fields = ProjectId,Zone,InstanceId,InstanceName,ITSIUniqueId
|
|
action.itsi_import_objects.param.entity_informational_fields = Cloud,service,entity_type,entity_description_field,SignalFxRealm,SignalFxOrganizationID,SignalFxNavigator,SignalFxCloudServiceId,SignalFxCloudRegion,SignalFxCloudAccountId,ProjectNumber,ProjectName,MachineType
|
|
action.itsi_import_objects.param.entity_merge_field = gcp_id
|
|
action.itsi_import_objects.param.entity_title_field = gcp_id
|
|
action.itsi_import_objects.param.entity_type_field = entity_type_field
|
|
action.itsi_import_objects.param.service_enabled = 1
|
|
action.itsi_import_objects.param.service_team = default_itsi_security_group
|
|
action.itsi_import_objects.param.service_templates_config = {}
|
|
action.itsi_import_objects.param.update_type = upsert
|
|
cron_schedule = */10 * * * *
|
|
dispatch.earliest_time = -60m
|
|
dispatch.latest_time = now
|
|
enableSched = 1
|
|
disabled=1
|
|
search = | mcatalog values(_dims) where `itsi-cp-observability-indexes` AND gcp_id=* AND service=compute by gcp_id, service, instance_id, instance_name, zone, project_id, gcp_project_number, gcp_project_name, gcp_machine_type, sf_organizationID, sf_realm | dedup instance_id | rename gcp_id as dim.gcp_id service as dim.service instance_id as dim.InstanceId instance_name as dim.InstanceName zone as dim.Zone project_id as dim.ProjectId gcp_project_number as dim.ProjectNumber gcp_project_name as dim.ProjectName gcp_machine_type as dim.MachineType sf_organizationID as dim.SignalFxOrganizationID sf_realm as dim.SignalFxRealm | fields dim.* | rename dim.* as * | eval Cloud = "GCP", entity_type="GCP Compute Engine", entity_type_field=entity_type + ",Splunk Infrastructure Monitoring", entity_description_field="Project ID: " + ProjectId + ", Instance name: " + InstanceName, SignalFxNavigator = "gcp%20compute", SignalFxCloudRegion = "zone:" + Zone, SignalFxCloudServiceId = gcp_id, SignalFxCloudAccountId = "gcp_project_number:" + ProjectNumber, ITSIUniqueId = ProjectId + InstanceName
|
|
|
|
[ITSI Import Objects - Get_SIM_Azure_VM]
|
|
action.itsi_import_objects = 1
|
|
action.itsi_import_objects.param.backfill_enabled = 0
|
|
action.itsi_import_objects.param.entity_identifier_fields = ResourceId,ITSIUniqueId,Location,SubscriptionId
|
|
action.itsi_import_objects.param.entity_informational_fields = entity_type,Cloud,ResourceGroupName,SignalFxCloudAccountId,SignalFxCloudRegion,SignalFxCloudServiceId,SignalFxNavigator,SignalFxOrganizationID,SignalFxRealm,SubscriptionName,entity_description
|
|
action.itsi_import_objects.param.entity_merge_field = ResourceName
|
|
action.itsi_import_objects.param.entity_title_field = ResourceName
|
|
action.itsi_import_objects.param.entity_type_field = entity_type_field
|
|
action.itsi_import_objects.param.service_enabled = 1
|
|
action.itsi_import_objects.param.service_team = default_itsi_security_group
|
|
action.itsi_import_objects.param.service_templates_config = {}
|
|
action.itsi_import_objects.param.update_type = upsert
|
|
alert.track = 0
|
|
cron_schedule = */10 * * * *
|
|
dispatch.earliest_time = -15m
|
|
dispatch.latest_time = now
|
|
enableSched = 1
|
|
disabled=1
|
|
search = | mcatalog values(_dims) where `itsi-cp-observability-indexes` AND azure_resource_id=* AND (resource_type="Microsoft.Compute/virtualMachines" OR resource_type="Microsoft.ClassicCompute/virtualMachines" OR resource_type="Microsoft.Compute/virtualMachineScaleSets/virtualMachines") by azure_resource_id, azure_resource_name, azure_region, azure_resource_group_name, azure_subscription_display_name, subscription_id, sf_organizationID, sf_realm | dedup azure_resource_id, azure_resource_name | rename azure_resource_id as dim.ResourceId azure_resource_name as dim.ResourceName azure_region as dim.Location azure_resource_group_name as dim.ResourceGroupName azure_subscription_display_name as dim.SubscriptionName subscription_id as dim.SubscriptionId sf_organizationID as dim.SignalFxOrganizationID sf_realm as dim.SignalFxRealm | fields dim.* | rename dim.* as * | eval Cloud="Azure", entity_type="Azure VM", entity_type_field=entity_type + ",Splunk Infrastructure Monitoring", entity_description="Resource ID: " + ResourceId + ", Resource name: " + ResourceName, SignalFxNavigator = "azurevirtualmachines", SignalFxCloudRegion = "azure_region:" + Location, SignalFxCloudServiceId = ResourceName, SignalFxCloudAccountId = "subscription_id:" + SubscriptionId, ITSIUniqueId = ResourceId + ResourceName
|
|
|
|
[ITSI Import Objects - Get_RUM_APPS]
|
|
action.itsi_import_objects = 1
|
|
action.itsi_import_objects.param.backfill_enabled = 0
|
|
action.itsi_import_objects.param.entity_identifier_fields = app,sf_environment,app_version,os_name
|
|
action.itsi_import_objects.param.entity_informational_fields = computationId,sf_organizationID,sf_product,sf_realm,entity_type_field
|
|
action.itsi_import_objects.param.entity_merge_field = app_identifier
|
|
action.itsi_import_objects.param.entity_title_field = app_identifier
|
|
action.itsi_import_objects.param.entity_type_field = entity_type
|
|
action.itsi_import_objects.param.service_enabled = 1
|
|
action.itsi_import_objects.param.service_team = default_itsi_security_group
|
|
action.itsi_import_objects.param.service_templates_config = {}
|
|
action.itsi_import_objects.param.update_type = upsert
|
|
cron_schedule = */10 * * * *
|
|
dispatch.earliest_time = -4h
|
|
dispatch.latest_time = now
|
|
enableSched = 1
|
|
disabled=1
|
|
search = | mcatalog values(_dims) where `itsi-cp-observability-indexes` AND app=* AND (os.name=Android OR os.name=iOS) by app, app.version, computationId, sf_environment, sf_organizationID, sf_product, sf_realm, os.name | eval app_version='app.version', os_name='os.name' | eval entity_type="RUM App Metrics", entity_type_field=entity_type+", Real User Monitoring", app_identifier= app +":"+ app_version +":"+ os_name +":"+ sf_environment +":"+ sf_organizationID | dedup app_identifier
|
|
|
|
[ITSI Import Objects - Get_RUM_BROWSER]
|
|
action.itsi_import_objects = 1
|
|
action.itsi_import_objects.param.backfill_enabled = 0
|
|
action.itsi_import_objects.param.entity_description_fields = entity_type_field
|
|
action.itsi_import_objects.param.entity_identifier_fields = app,sf_environment,sf_ua_browsername,sf_ua_osname
|
|
action.itsi_import_objects.param.entity_informational_fields = computationId,sf_organizationID,sf_product,sf_realm
|
|
action.itsi_import_objects.param.entity_merge_field = browsers
|
|
action.itsi_import_objects.param.entity_title_field = browsers
|
|
action.itsi_import_objects.param.entity_type_field = entity_type
|
|
action.itsi_import_objects.param.service_enabled = 1
|
|
action.itsi_import_objects.param.service_team = default_itsi_security_group
|
|
action.itsi_import_objects.param.service_templates_config = {}
|
|
action.itsi_import_objects.param.update_type = upsert
|
|
cron_schedule = */10 * * * *
|
|
dispatch.earliest_time = -4h
|
|
dispatch.latest_time = now
|
|
enableSched = 1
|
|
disabled=1
|
|
search = | mcatalog values(_dims) where `itsi-cp-observability-indexes` AND app=* AND (sf_ua_osname=Linux OR sf_ua_osname=Windows OR sf_ua_osname="Mac OS X") by app, computationId, sf_environment, sf_organizationID, sf_product, sf_realm, sf_ua_browsername, sf_ua_osname | eval entity_type="RUM Browser Metrics", entity_type_field=entity_type+", Real User Monitoring", browsers= sf_ua_browsername +":"+ app +":"+ sf_ua_osname | dedup browsers
|
|
|
|
[ITSI Import Objects - Get_RUM_SYNTHETICS]
|
|
action.itsi_import_objects = 1
|
|
action.itsi_import_objects.param.backfill_enabled = 0
|
|
action.itsi_import_objects.param.entity_description_fields = entity_type_field
|
|
action.itsi_import_objects.param.entity_identifier_fields = app,sf_environment,sf_ua_browsername,sf_ua_osname
|
|
action.itsi_import_objects.param.entity_informational_fields = computationId,sf_organizationID,sf_product,sf_realm
|
|
action.itsi_import_objects.param.entity_merge_field = syn_browsers
|
|
action.itsi_import_objects.param.entity_title_field = syn_browsers
|
|
action.itsi_import_objects.param.entity_type_field = entity_type
|
|
action.itsi_import_objects.param.service_enabled = 1
|
|
action.itsi_import_objects.param.service_team = default_itsi_security_group
|
|
action.itsi_import_objects.param.service_templates_config = {}
|
|
action.itsi_import_objects.param.update_type = upsert
|
|
cron_schedule = */10 * * * *
|
|
dispatch.earliest_time = -60m
|
|
dispatch.latest_time = now
|
|
enableSched = 1
|
|
disabled=1
|
|
search = | mcatalog values(_dims) where `itsi-cp-observability-indexes` AND app=* AND (sf_ua_osname=Rigor) by app, computationId, sf_environment, sf_organizationID, sf_product, sf_realm, sf_ua_browsername, sf_ua_osname | eval entity_type="RUM Synthetic Metrics", entity_type_field=entity_type+", Real User Monitoring", syn_browsers=sf_ua_browsername +":"+ app +":"+ sf_ua_osname | dedup syn_browsers
|
|
|
|
# Added in v3.0.0
|
|
[ITSI Import Objects - SSM_get_entities_api]
|
|
action.itsi_import_objects = 1
|
|
action.itsi_import_objects.param.backfill_enabled = 0
|
|
action.itsi_import_objects.param.entity_identifier_fields = test_id
|
|
action.itsi_import_objects.param.entity_informational_fields = sf_realm
|
|
action.itsi_import_objects.param.entity_merge_field = test
|
|
action.itsi_import_objects.param.entity_title_field = test
|
|
action.itsi_import_objects.param.entity_type_field = test_type
|
|
action.itsi_import_objects.param.service_enabled = 1
|
|
action.itsi_import_objects.param.service_team = default_itsi_security_group
|
|
action.itsi_import_objects.param.service_templates_config = {}
|
|
action.itsi_import_objects.param.update_type = upsert
|
|
cron_schedule = 15 * * * *
|
|
disabled = 1
|
|
dispatch.earliest_time = -60m
|
|
dispatch.latest_time = now
|
|
enableSched = 1
|
|
search = | mstats count(_value) as mval WHERE `itsi-cp-observability-indexes` AND metric_name=* AND test_type=api BY test, test_type, test_id, sf_realm | eval test_type="Synthetic API Test" | table test, test_id, test_type, sf_realm
|
|
|
|
[ITSI Import Objects - SSM_get_entities_browser]
|
|
action.itsi_import_objects = 1
|
|
action.itsi_import_objects.param.backfill_enabled = 0
|
|
action.itsi_import_objects.param.entity_identifier_fields = test_id
|
|
action.itsi_import_objects.param.entity_informational_fields = sf_realm
|
|
action.itsi_import_objects.param.entity_merge_field = test
|
|
action.itsi_import_objects.param.entity_title_field = test
|
|
action.itsi_import_objects.param.entity_type_field = test_type
|
|
action.itsi_import_objects.param.service_enabled = 1
|
|
action.itsi_import_objects.param.service_team = default_itsi_security_group
|
|
action.itsi_import_objects.param.service_templates_config = {}
|
|
action.itsi_import_objects.param.update_type = upsert
|
|
cron_schedule = 15 * * * *
|
|
disabled = 1
|
|
dispatch.earliest_time = -60m
|
|
dispatch.latest_time = now
|
|
enableSched = 1
|
|
search = | mstats count(_value) as mval WHERE `itsi-cp-observability-indexes` AND metric_name=* AND test_type=browser BY test, test_type, test_id, sf_realm | eval test_type="Synthetic Browser Test" | table test, test_id, test_type, sf_realm
|
|
|
|
[ITSI Import Objects - SSM_get_entities_http]
|
|
action.itsi_import_objects = 1
|
|
action.itsi_import_objects.param.backfill_enabled = 0
|
|
action.itsi_import_objects.param.entity_identifier_fields = test_id
|
|
action.itsi_import_objects.param.entity_informational_fields = sf_realm
|
|
action.itsi_import_objects.param.entity_merge_field = test
|
|
action.itsi_import_objects.param.entity_title_field = test
|
|
action.itsi_import_objects.param.entity_type_field = test_type
|
|
action.itsi_import_objects.param.service_enabled = 1
|
|
action.itsi_import_objects.param.service_team = default_itsi_security_group
|
|
action.itsi_import_objects.param.service_templates_config = {}
|
|
action.itsi_import_objects.param.update_type = upsert
|
|
cron_schedule = 15 * * * *
|
|
disabled = 1
|
|
dispatch.earliest_time = -60m
|
|
dispatch.latest_time = now
|
|
enableSched = 1
|
|
search = | mstats count(_value) as mval WHERE `itsi-cp-observability-indexes` AND metric_name=* AND test_type=http BY test, test_type, test_id, sf_realm | eval test_type="Synthetic HTTP Test" | table test, test_id, test_type, sf_realm |