admingit
/
Deploiement_Server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a480f5a4bd'
${ noResults }
Deploiement_Server/deployment-apps/DA-ITSI-CP-soar/itsi/deep_dives/da-itsi-cp-soar-splunk-app-...

729 lines
36 KiB
Raw Blame History

{
"description": "",
"earliest_time": "-4h",
"focus_id": "da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"is_named": true,
"key": "da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"lane_settings": [
{
"data_gaps": "connected",
"data_model": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"data_model_stat_op": "count",
"data_model_where_clause": "",
"distribution_stream_mode": "quantile",
"entity_add_to_summary": "yes",
"exclude_fields": [
"alert_color",
"alert_severity",
"alert_level",
"serviceid",
"kpiid",
"itsi_kpi_id",
"itsi_service_id",
"alert_error",
"alert_period",
"kpi",
"kpibasesearch",
"urgency",
"is_entity_in_maintenance",
"is_service_in_maintenance",
"is_filled_gap_event"
],
"graph_color": "#333333",
"graph_series": "SHKPI-da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"graph_type": "line",
"hide_graph": "no",
"key": "lane-31524",
"kpi_add_to_summary": "yes",
"kpi_id": "SHKPI-da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"kpi_service_id": "da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"kpi_service_title": "Splunk app for SOAR - OS Metrics",
"kpi_title": "ServiceHealthScore",
"kpi_unit": "",
"lane_overlay_settings": {
"entity_count": 5.0,
"graph_color": "AUTO",
"graph_type": "line",
"is_enabled": "no",
"metric": null,
"overlay_type": "",
"search": "* | timechart count",
"selected_entities": [],
"selection_mode": "static"
},
"lane_size": "small",
"lane_type": "kpi",
"overwrite_entity_title": "no",
"overwrite_kpi_title": "no",
"search": "`get_full_itsi_summary_service_health_events(da-itsi-cp-soar-splunk-app-for-soar-os-metrics)` | timechart avg(health_score) AS aggregate",
"search_source": "kpi",
"subtitle": "Splunk app for SOAR - OS Metrics",
"threshold_indication_enabled": "enabled",
"threshold_indication_type": "stateIndication",
"title": "ServiceHealthScore",
"vertical_axis_boundary_type": "staticValue",
"vertical_axis_scale": "linear",
"vertical_axis_static_bounds": [
0,
100
]
},
{
"data_gaps": "connected",
"data_model": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"data_model_stat_op": "count",
"data_model_where_clause": "",
"distribution_stream_mode": "quantile",
"entity_add_to_summary": "yes",
"exclude_fields": [
"alert_color",
"alert_severity",
"alert_level",
"serviceid",
"kpiid",
"itsi_kpi_id",
"itsi_service_id",
"alert_error",
"alert_period",
"kpi",
"kpibasesearch",
"urgency",
"is_entity_in_maintenance",
"is_service_in_maintenance",
"is_filled_gap_event"
],
"graph_color": "#333333",
"graph_series": "da-itsi-cp-soar-726d93f19d4fdf862badc769",
"graph_type": "line",
"hide_graph": "no",
"key": "lane-30684",
"kpi_add_to_summary": "yes",
"kpi_id": "da-itsi-cp-soar-726d93f19d4fdf862badc769",
"kpi_service_id": "da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"kpi_service_title": "Splunk app for SOAR - OS Metrics",
"kpi_title": "CPU % Idle",
"kpi_unit": "",
"lane_overlay_settings": {
"entity_count": 5.0,
"graph_color": "AUTO",
"graph_type": "line",
"is_enabled": "yes",
"metric": null,
"overlay_type": "entity",
"search": "`get_full_itsi_summary_kpi(da-itsi-cp-soar-726d93f19d4fdf862badc769)` indexed_is_service_aggregate::0 [search `get_full_itsi_summary_kpi(da-itsi-cp-soar-726d93f19d4fdf862badc769)` indexed_is_service_aggregate::0 | `escape_entity_key` | stats avg(alert_level) AS alert_level by entity_title, entity_key | sort 0 -alert_level | head 3 | fields + entity_title]| `escape_entity_key` | timechart avg(alert_value) as alert_value first(entity_id) as _entity_id by entity_title",
"selected_entities": [
"5.3.0-cluster-HA",
"5.3.0-cluster-N1",
"5.3.0-cluster-N2"
],
"selection_mode": "dynamic"
},
"lane_size": "medium",
"lane_type": "kpi",
"overwrite_entity_title": "no",
"overwrite_kpi_title": "no",
"search": "`itsi-cp-soar-indexes` source=cpu CPU=all | search [ | rest splunk_server=local report_as=text service_id=da-itsi-cp-soar-splunk-app-for-soar-os-metrics kpi_id=da-itsi-cp-soar-726d93f19d4fdf862badc769 entity_id_fields=host entity_alias_filtering_fields=host search_type= search_type=adhoc \"/servicesNS/nobody/SA-ITOA/itoa_interface/generate_entity_filter\" | return $value ] | `aggregate_raw_into_entity_time_series(latest, pctIdle, \"host\", 5)` | `aggregate_entity_into_service_time_series(min, 5)` | `assess_severity(da-itsi-cp-soar-splunk-app-for-soar-os-metrics, da-itsi-cp-soar-726d93f19d4fdf862badc769)`",
"search_source": "kpi",
"subtitle": "Splunk app for SOAR - OS Metrics",
"threshold_indication_enabled": "enabled",
"threshold_indication_type": "stateIndication",
"title": "CPU % Idle",
"vertical_axis_boundary_type": "staticValue",
"vertical_axis_scale": "linear",
"vertical_axis_static_bounds": [
0,
100
]
},
{
"data_gaps": "connected",
"data_model": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"data_model_stat_op": "count",
"data_model_where_clause": "",
"distribution_stream_mode": "quantile",
"entity_add_to_summary": "yes",
"exclude_fields": [
"alert_color",
"alert_severity",
"alert_level",
"serviceid",
"kpiid",
"itsi_kpi_id",
"itsi_service_id",
"alert_error",
"alert_period",
"kpi",
"kpibasesearch",
"urgency",
"is_entity_in_maintenance",
"is_service_in_maintenance",
"is_filled_gap_event"
],
"graph_color": "#333333",
"graph_series": "da-itsi-cp-soar-6378a249677b9404537a86db",
"graph_type": "line",
"hide_graph": "no",
"key": "lane-34084",
"kpi_add_to_summary": "yes",
"kpi_id": "da-itsi-cp-soar-6378a249677b9404537a86db",
"kpi_service_id": "da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"kpi_service_title": "Splunk app for SOAR - OS Metrics",
"kpi_title": "Disk Latency (ms)",
"kpi_unit": "ms",
"lane_overlay_settings": {
"entity_count": 5.0,
"graph_color": "AUTO",
"graph_type": "line",
"is_enabled": "yes",
"metric": null,
"overlay_type": "entity",
"search": "`get_full_itsi_summary_kpi(da-itsi-cp-soar-6378a249677b9404537a86db)` indexed_is_service_aggregate::0 [search `get_full_itsi_summary_kpi(da-itsi-cp-soar-6378a249677b9404537a86db)` indexed_is_service_aggregate::0 | `escape_entity_key` | stats avg(alert_level) AS alert_level by entity_title, entity_key | sort 0 -alert_level | head 3 | fields + entity_title]| `escape_entity_key` | timechart avg(alert_value) as alert_value first(entity_id) as _entity_id by entity_title",
"selected_entities": [
"5.3.0-cluster-HA",
"5.3.0-cluster-N1",
"5.3.0-cluster-N2"
],
"selection_mode": "dynamic"
},
"lane_size": "medium",
"lane_type": "kpi",
"overwrite_entity_title": "no",
"overwrite_kpi_title": "no",
"search": "`itsi-cp-soar-indexes` sourcetype=iostat | eval hostdev=host.\":\".Device | search [ | rest splunk_server=local report_as=text service_id=da-itsi-cp-soar-splunk-app-for-soar-os-metrics kpi_id=da-itsi-cp-soar-6378a249677b9404537a86db entity_id_fields=host entity_alias_filtering_fields=host search_type= search_type=adhoc \"/servicesNS/nobody/SA-ITOA/itoa_interface/generate_entity_filter\" | return $value ] | `aggregate_raw_into_entity_time_series(latest, avgWaitMillis, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-soar-splunk-app-for-soar-os-metrics, da-itsi-cp-soar-6378a249677b9404537a86db)`",
"search_source": "kpi",
"subtitle": "Splunk app for SOAR - OS Metrics",
"threshold_indication_enabled": "enabled",
"threshold_indication_type": "stateIndication",
"title": "Disk Latency (ms)",
"vertical_axis_boundary_type": "staticValue",
"vertical_axis_scale": "linear",
"vertical_axis_static_bounds": [
0,
150
]
},
{
"data_gaps": "connected",
"data_model": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"data_model_stat_op": "count",
"data_model_where_clause": "",
"distribution_stream_mode": "quantile",
"entity_add_to_summary": "yes",
"exclude_fields": [
"alert_color",
"alert_severity",
"alert_level",
"serviceid",
"kpiid",
"itsi_kpi_id",
"itsi_service_id",
"alert_error",
"alert_period",
"kpi",
"kpibasesearch",
"urgency",
"is_entity_in_maintenance",
"is_service_in_maintenance",
"is_filled_gap_event"
],
"graph_color": "#333333",
"graph_series": "da-itsi-cp-soar-42cf1b995abf38abcd7e8fa4",
"graph_type": "line",
"hide_graph": "no",
"key": "lane-33202",
"kpi_add_to_summary": "yes",
"kpi_id": "da-itsi-cp-soar-42cf1b995abf38abcd7e8fa4",
"kpi_service_id": "da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"kpi_service_title": "Splunk app for SOAR - OS Metrics",
"kpi_title": "Free Disk MB /",
"kpi_unit": "MB",
"lane_overlay_settings": {
"entity_count": 5.0,
"graph_color": "AUTO",
"graph_type": "line",
"is_enabled": "yes",
"metric": null,
"overlay_type": "entity",
"search": "`get_full_itsi_summary_kpi(da-itsi-cp-soar-42cf1b995abf38abcd7e8fa4)` indexed_is_service_aggregate::0 [search `get_full_itsi_summary_kpi(da-itsi-cp-soar-42cf1b995abf38abcd7e8fa4)` indexed_is_service_aggregate::0 | `escape_entity_key` | stats avg(alert_level) AS alert_level by entity_title, entity_key | sort 0 -alert_level | head 3 | fields + entity_title]| `escape_entity_key` | timechart avg(alert_value) as alert_value first(entity_id) as _entity_id by entity_title",
"selected_entities": [
"5.3.0-cluster-HA",
"5.3.0-cluster-N1",
"5.3.0-cluster-N2"
],
"selection_mode": "dynamic"
},
"lane_size": "medium",
"lane_type": "kpi",
"overwrite_entity_title": "no",
"overwrite_kpi_title": "no",
"search": "`itsi-cp-soar-indexes` source=df | eval FreePct-{MountedOn}=PercentFreeSpace | eval FreeMB-{MountedOn}=FreeMBytes | eval FreeMB-Other=if(in(MountedOn,\"/\",\"/opt\",\"/boot\"),null(), FreeMBytes) | eval FreePct-Other=if(in(MountedOn,\"/\",\"/opt\",\"/boot\"),null(), PercentFreeSpace) | search [ | rest splunk_server=local report_as=text service_id=da-itsi-cp-soar-splunk-app-for-soar-os-metrics kpi_id=da-itsi-cp-soar-42cf1b995abf38abcd7e8fa4 entity_id_fields=host entity_alias_filtering_fields=host search_type= search_type=adhoc \"/servicesNS/nobody/SA-ITOA/itoa_interface/generate_entity_filter\" | return $value ] | `aggregate_raw_into_entity_time_series(latest, FreeMB-/, \"host\", 5)` | `aggregate_entity_into_service_time_series(min, 5)` | `assess_severity(da-itsi-cp-soar-splunk-app-for-soar-os-metrics, da-itsi-cp-soar-42cf1b995abf38abcd7e8fa4)`",
"search_source": "kpi",
"subtitle": "Splunk app for SOAR - OS Metrics",
"threshold_indication_enabled": "enabled",
"threshold_indication_type": "stateIndication",
"title": "Free Disk MB /",
"vertical_axis_boundary_type": "zeroValue",
"vertical_axis_scale": "linear",
"vertical_axis_static_bounds": [
0,
36864
]
},
{
"data_gaps": "connected",
"data_model": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"data_model_stat_op": "count",
"data_model_where_clause": "",
"distribution_stream_mode": "quantile",
"entity_add_to_summary": "yes",
"exclude_fields": [
"alert_color",
"alert_severity",
"alert_level",
"serviceid",
"kpiid",
"itsi_kpi_id",
"itsi_service_id",
"alert_error",
"alert_period",
"kpi",
"kpibasesearch",
"urgency",
"is_entity_in_maintenance",
"is_service_in_maintenance",
"is_filled_gap_event"
],
"graph_color": "#333333",
"graph_series": "da-itsi-cp-soar-d7692817ec155c74374c38ae",
"graph_type": "line",
"hide_graph": "no",
"key": "lane-32363",
"kpi_add_to_summary": "yes",
"kpi_id": "da-itsi-cp-soar-d7692817ec155c74374c38ae",
"kpi_service_id": "da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"kpi_service_title": "Splunk app for SOAR - OS Metrics",
"kpi_title": "Free Disk MB /boot",
"kpi_unit": "MB",
"lane_overlay_settings": {
"entity_count": 5.0,
"graph_color": "AUTO",
"graph_type": "line",
"is_enabled": "yes",
"metric": null,
"overlay_type": "entity",
"search": "`get_full_itsi_summary_kpi(da-itsi-cp-soar-d7692817ec155c74374c38ae)` indexed_is_service_aggregate::0 [search `get_full_itsi_summary_kpi(da-itsi-cp-soar-d7692817ec155c74374c38ae)` indexed_is_service_aggregate::0 | `escape_entity_key` | stats avg(alert_level) AS alert_level by entity_title, entity_key | sort 0 -alert_level | head 3 | fields + entity_title]| `escape_entity_key` | timechart avg(alert_value) as alert_value first(entity_id) as _entity_id by entity_title",
"selected_entities": [
"5.3.0-cluster-HA",
"5.3.0-cluster-N1",
"5.3.0-cluster-N2"
],
"selection_mode": "dynamic"
},
"lane_size": "medium",
"lane_type": "kpi",
"overwrite_entity_title": "no",
"overwrite_kpi_title": "no",
"search": "`itsi-cp-soar-indexes` source=df | eval FreePct-{MountedOn}=PercentFreeSpace | eval FreeMB-{MountedOn}=FreeMBytes | eval FreeMB-Other=if(in(MountedOn,\"/\",\"/opt\",\"/boot\"),null(), FreeMBytes) | eval FreePct-Other=if(in(MountedOn,\"/\",\"/opt\",\"/boot\"),null(), PercentFreeSpace) | search [ | rest splunk_server=local report_as=text service_id=da-itsi-cp-soar-splunk-app-for-soar-os-metrics kpi_id=da-itsi-cp-soar-d7692817ec155c74374c38ae entity_id_fields=host entity_alias_filtering_fields=host search_type= search_type=adhoc \"/servicesNS/nobody/SA-ITOA/itoa_interface/generate_entity_filter\" | return $value ] | `aggregate_raw_into_entity_time_series(latest, FreeMB-/boot, \"host\", 5)` | `aggregate_entity_into_service_time_series(min, 5)` | `assess_severity(da-itsi-cp-soar-splunk-app-for-soar-os-metrics, da-itsi-cp-soar-d7692817ec155c74374c38ae)`",
"search_source": "kpi",
"subtitle": "Splunk app for SOAR - OS Metrics",
"threshold_indication_enabled": "enabled",
"threshold_indication_type": "stateIndication",
"title": "Free Disk MB /boot",
"vertical_axis_boundary_type": "zeroValue",
"vertical_axis_scale": "linear",
"vertical_axis_static_bounds": [
0,
852
]
},
{
"data_gaps": "connected",
"data_model": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"data_model_stat_op": "count",
"data_model_where_clause": "",
"distribution_stream_mode": "quantile",
"entity_add_to_summary": "yes",
"exclude_fields": [
"alert_color",
"alert_severity",
"alert_level",
"serviceid",
"kpiid",
"itsi_kpi_id",
"itsi_service_id",
"alert_error",
"alert_period",
"kpi",
"kpibasesearch",
"urgency",
"is_entity_in_maintenance",
"is_service_in_maintenance",
"is_filled_gap_event"
],
"graph_color": "#333333",
"graph_series": "da-itsi-cp-soar-019712037b657be24815987d",
"graph_type": "line",
"hide_graph": "no",
"key": "lane-35058",
"kpi_add_to_summary": "yes",
"kpi_id": "da-itsi-cp-soar-019712037b657be24815987d",
"kpi_service_id": "da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"kpi_service_title": "Splunk app for SOAR - OS Metrics",
"kpi_title": "Memory % Free",
"kpi_unit": "",
"lane_overlay_settings": {
"entity_count": 5.0,
"graph_color": "AUTO",
"graph_type": "line",
"is_enabled": "yes",
"metric": null,
"overlay_type": "entity",
"search": "`get_full_itsi_summary_kpi(da-itsi-cp-soar-019712037b657be24815987d)` indexed_is_service_aggregate::0 [search `get_full_itsi_summary_kpi(da-itsi-cp-soar-019712037b657be24815987d)` indexed_is_service_aggregate::0 | `escape_entity_key` | stats avg(alert_level) AS alert_level by entity_title, entity_key | sort 0 -alert_level | head 3 | fields + entity_title]| `escape_entity_key` | timechart avg(alert_value) as alert_value first(entity_id) as _entity_id by entity_title",
"selected_entities": [
"5.3.0-cluster-HA",
"5.3.0-cluster-N1",
"5.3.0-cluster-N2"
],
"selection_mode": "dynamic"
},
"lane_size": "medium",
"lane_type": "kpi",
"overwrite_entity_title": "no",
"overwrite_kpi_title": "no",
"search": "`itsi-cp-soar-indexes` source=vmstat | search [ | rest splunk_server=local report_as=text service_id=da-itsi-cp-soar-splunk-app-for-soar-os-metrics kpi_id=da-itsi-cp-soar-019712037b657be24815987d entity_id_fields=host entity_alias_filtering_fields=host search_type= search_type=adhoc \"/servicesNS/nobody/SA-ITOA/itoa_interface/generate_entity_filter\" | return $value ] | `aggregate_raw_into_entity_time_series(latest, memFreePct, \"host\", 5)` | `aggregate_entity_into_service_time_series(min, 5)` | `assess_severity(da-itsi-cp-soar-splunk-app-for-soar-os-metrics, da-itsi-cp-soar-019712037b657be24815987d)`",
"search_source": "kpi",
"subtitle": "Splunk app for SOAR - OS Metrics",
"threshold_indication_enabled": "enabled",
"threshold_indication_type": "stateIndication",
"title": "Memory % Free",
"vertical_axis_boundary_type": "staticValue",
"vertical_axis_scale": "linear",
"vertical_axis_static_bounds": [
0,
100
]
},
{
"data_gaps": "connected",
"data_model": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"data_model_stat_op": "count",
"data_model_where_clause": "",
"distribution_stream_mode": "quantile",
"entity_add_to_summary": "yes",
"exclude_fields": [
"alert_color",
"alert_severity",
"alert_level",
"serviceid",
"kpiid",
"itsi_kpi_id",
"itsi_service_id",
"alert_error",
"alert_period",
"kpi",
"kpibasesearch",
"urgency",
"is_entity_in_maintenance",
"is_service_in_maintenance",
"is_filled_gap_event"
],
"graph_color": "#333333",
"graph_series": "da-itsi-cp-soar-66c35e8e527644f1ed11dd03",
"graph_type": "line",
"hide_graph": "no",
"key": "lane-36785",
"kpi_add_to_summary": "yes",
"kpi_id": "da-itsi-cp-soar-66c35e8e527644f1ed11dd03",
"kpi_service_id": "da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"kpi_service_title": "Splunk app for SOAR - OS Metrics",
"kpi_title": "Min Free Disk, Other",
"kpi_unit": "MB",
"lane_overlay_settings": {
"entity_count": 5.0,
"graph_color": "AUTO",
"graph_type": "line",
"is_enabled": "yes",
"metric": null,
"overlay_type": "entity",
"search": "`get_full_itsi_summary_kpi(da-itsi-cp-soar-66c35e8e527644f1ed11dd03)` indexed_is_service_aggregate::0 [search `get_full_itsi_summary_kpi(da-itsi-cp-soar-66c35e8e527644f1ed11dd03)` indexed_is_service_aggregate::0 | `escape_entity_key` | stats avg(alert_level) AS alert_level by entity_title, entity_key | sort 0 -alert_level | head 3 | fields + entity_title]| `escape_entity_key` | timechart avg(alert_value) as alert_value first(entity_id) as _entity_id by entity_title",
"selected_entities": [
"5.3.0-cluster-HA",
"5.3.0-cluster-N1",
"5.3.0-cluster-N2"
],
"selection_mode": "dynamic"
},
"lane_size": "medium",
"lane_type": "kpi",
"overwrite_entity_title": "no",
"overwrite_kpi_title": "no",
"search": "`itsi-cp-soar-indexes` source=df | eval FreePct-{MountedOn}=PercentFreeSpace | eval FreeMB-{MountedOn}=FreeMBytes | eval FreeMB-Other=if(in(MountedOn,\"/\",\"/opt\",\"/boot\"),null(), FreeMBytes) | eval FreePct-Other=if(in(MountedOn,\"/\",\"/opt\",\"/boot\"),null(), PercentFreeSpace) | search [ | rest splunk_server=local report_as=text service_id=da-itsi-cp-soar-splunk-app-for-soar-os-metrics kpi_id=da-itsi-cp-soar-66c35e8e527644f1ed11dd03 entity_id_fields=host entity_alias_filtering_fields=host search_type= search_type=adhoc \"/servicesNS/nobody/SA-ITOA/itoa_interface/generate_entity_filter\" | return $value ] | `aggregate_raw_into_entity_time_series(min, FreeMB-Other, \"host\", 5)` | `aggregate_entity_into_service_time_series(min, 5)` | `assess_severity(da-itsi-cp-soar-splunk-app-for-soar-os-metrics, da-itsi-cp-soar-66c35e8e527644f1ed11dd03)`",
"search_source": "kpi",
"subtitle": "Splunk app for SOAR - OS Metrics",
"threshold_indication_enabled": "enabled",
"threshold_indication_type": "stateIndication",
"title": "Min Free Disk, Other",
"vertical_axis_boundary_type": "zeroValue",
"vertical_axis_scale": "linear",
"vertical_axis_static_bounds": [
0,
982
]
},
{
"data_gaps": "connected",
"data_model": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"data_model_stat_op": "count",
"data_model_where_clause": "",
"distribution_stream_mode": "quantile",
"entity_add_to_summary": "yes",
"exclude_fields": [
"alert_color",
"alert_severity",
"alert_level",
"serviceid",
"kpiid",
"itsi_kpi_id",
"itsi_service_id",
"alert_error",
"alert_period",
"kpi",
"kpibasesearch",
"urgency",
"is_entity_in_maintenance",
"is_service_in_maintenance",
"is_filled_gap_event"
],
"graph_color": "#333333",
"graph_series": "da-itsi-cp-soar-09440a3db6517c5a9d3ececd",
"graph_type": "line",
"hide_graph": "no",
"key": "lane-35946",
"kpi_add_to_summary": "yes",
"kpi_id": "da-itsi-cp-soar-09440a3db6517c5a9d3ececd",
"kpi_service_id": "da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"kpi_service_title": "Splunk app for SOAR - OS Metrics",
"kpi_title": "Network RCV KBps",
"kpi_unit": "",
"lane_overlay_settings": {
"entity_count": 5.0,
"graph_color": "AUTO",
"graph_type": "line",
"is_enabled": "yes",
"metric": null,
"overlay_type": "entity",
"search": "`get_full_itsi_summary_kpi(da-itsi-cp-soar-09440a3db6517c5a9d3ececd)` indexed_is_service_aggregate::0 [search `get_full_itsi_summary_kpi(da-itsi-cp-soar-09440a3db6517c5a9d3ececd)` indexed_is_service_aggregate::0 | `escape_entity_key` | stats avg(alert_level) AS alert_level by entity_title, entity_key | sort 0 -alert_level | head 3 | fields + entity_title]| `escape_entity_key` | timechart avg(alert_value) as alert_value first(entity_id) as _entity_id by entity_title",
"selected_entities": [
"5.3.0-cluster-HA",
"5.3.0-cluster-N1",
"5.3.0-cluster-N2"
],
"selection_mode": "dynamic"
},
"lane_size": "medium",
"lane_type": "kpi",
"overwrite_entity_title": "no",
"overwrite_kpi_title": "no",
"search": "`itsi-cp-soar-indexes` sourcetype=bandwidth | search [ | rest splunk_server=local report_as=text service_id=da-itsi-cp-soar-splunk-app-for-soar-os-metrics kpi_id=da-itsi-cp-soar-09440a3db6517c5a9d3ececd entity_id_fields=host entity_alias_filtering_fields=host search_type= search_type=adhoc \"/servicesNS/nobody/SA-ITOA/itoa_interface/generate_entity_filter\" | return $value ] | `aggregate_raw_into_entity_time_series(latest, rxKB_PS, \"host\", 5)` | `aggregate_entity_into_service_time_series(sum, 5)` | `assess_severity(da-itsi-cp-soar-splunk-app-for-soar-os-metrics, da-itsi-cp-soar-09440a3db6517c5a9d3ececd)`",
"search_source": "kpi",
"subtitle": "Splunk app for SOAR - OS Metrics",
"threshold_indication_enabled": "enabled",
"threshold_indication_type": "stateIndication",
"title": "Network RCV KBps",
"vertical_axis_boundary_type": "value",
"vertical_axis_scale": "linear",
"vertical_axis_static_bounds": [
0.65,
3369.14
]
},
{
"data_gaps": "connected",
"data_model": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"data_model_stat_op": "count",
"data_model_where_clause": "",
"distribution_stream_mode": "quantile",
"entity_add_to_summary": "yes",
"exclude_fields": [
"alert_color",
"alert_severity",
"alert_level",
"serviceid",
"kpiid",
"itsi_kpi_id",
"itsi_service_id",
"alert_error",
"alert_period",
"kpi",
"kpibasesearch",
"urgency",
"is_entity_in_maintenance",
"is_service_in_maintenance",
"is_filled_gap_event"
],
"graph_color": "#333333",
"graph_series": "da-itsi-cp-soar-bcff695c16507896c1c7ef7e",
"graph_type": "line",
"hide_graph": "no",
"key": "lane-37624",
"kpi_add_to_summary": "yes",
"kpi_id": "da-itsi-cp-soar-bcff695c16507896c1c7ef7e",
"kpi_service_id": "da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"kpi_service_title": "Splunk app for SOAR - OS Metrics",
"kpi_title": "Network Txmt KBps",
"kpi_unit": "",
"lane_overlay_settings": {
"entity_count": 5.0,
"graph_color": "AUTO",
"graph_type": "line",
"is_enabled": "yes",
"metric": null,
"overlay_type": "entity",
"search": "`get_full_itsi_summary_kpi(da-itsi-cp-soar-bcff695c16507896c1c7ef7e)` indexed_is_service_aggregate::0 [search `get_full_itsi_summary_kpi(da-itsi-cp-soar-bcff695c16507896c1c7ef7e)` indexed_is_service_aggregate::0 | `escape_entity_key` | stats avg(alert_level) AS alert_level by entity_title, entity_key | sort 0 -alert_level | head 3 | fields + entity_title]| `escape_entity_key` | timechart avg(alert_value) as alert_value first(entity_id) as _entity_id by entity_title",
"selected_entities": [
"5.3.0-cluster-HA",
"5.3.0-cluster-N1",
"5.3.0-cluster-N2"
],
"selection_mode": "dynamic"
},
"lane_size": "medium",
"lane_type": "kpi",
"overwrite_entity_title": "no",
"overwrite_kpi_title": "no",
"search": "`itsi-cp-soar-indexes` sourcetype=bandwidth | search [ | rest splunk_server=local report_as=text service_id=da-itsi-cp-soar-splunk-app-for-soar-os-metrics kpi_id=da-itsi-cp-soar-bcff695c16507896c1c7ef7e entity_id_fields=host entity_alias_filtering_fields=host search_type= search_type=adhoc \"/servicesNS/nobody/SA-ITOA/itoa_interface/generate_entity_filter\" | return $value ] | `aggregate_raw_into_entity_time_series(latest, txKB_PS, \"host\", 5)` | `aggregate_entity_into_service_time_series(sum, 5)` | `assess_severity(da-itsi-cp-soar-splunk-app-for-soar-os-metrics, da-itsi-cp-soar-bcff695c16507896c1c7ef7e)`",
"search_source": "kpi",
"subtitle": "Splunk app for SOAR - OS Metrics",
"threshold_indication_enabled": "enabled",
"threshold_indication_type": "stateIndication",
"title": "Network Txmt KBps",
"vertical_axis_boundary_type": "value",
"vertical_axis_scale": "linear",
"vertical_axis_static_bounds": [
0.43000000000000005,
2168.76
]
},
{
"data_gaps": "connected",
"data_model": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"data_model_stat_op": "count",
"data_model_where_clause": "",
"distribution_stream_mode": "quantile",
"entity_add_to_summary": "yes",
"exclude_fields": [
"alert_color",
"alert_severity",
"alert_level",
"serviceid",
"kpiid",
"itsi_kpi_id",
"itsi_service_id",
"alert_error",
"alert_period",
"kpi",
"kpibasesearch",
"urgency",
"is_entity_in_maintenance",
"is_service_in_maintenance",
"is_filled_gap_event"
],
"graph_color": "#333333",
"graph_series": "da-itsi-cp-soar-6251abe13c92438f948e31cb",
"graph_type": "line",
"hide_graph": "no",
"key": "lane-38512",
"kpi_add_to_summary": "yes",
"kpi_id": "da-itsi-cp-soar-6251abe13c92438f948e31cb",
"kpi_service_id": "da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"kpi_service_title": "Splunk app for SOAR - OS Metrics",
"kpi_title": "Swap Used (pct)",
"kpi_unit": "",
"lane_overlay_settings": {
"entity_count": 5.0,
"graph_color": "AUTO",
"graph_type": "line",
"is_enabled": "yes",
"metric": null,
"overlay_type": "entity",
"search": "`get_full_itsi_summary_kpi(da-itsi-cp-soar-6251abe13c92438f948e31cb)` indexed_is_service_aggregate::0 [search `get_full_itsi_summary_kpi(da-itsi-cp-soar-6251abe13c92438f948e31cb)` indexed_is_service_aggregate::0 | `escape_entity_key` | stats avg(alert_level) AS alert_level by entity_title, entity_key | sort 0 -alert_level | head 3 | fields + entity_title]| `escape_entity_key` | timechart avg(alert_value) as alert_value first(entity_id) as _entity_id by entity_title",
"selected_entities": [
"5.3.0-cluster-HA",
"5.3.0-cluster-N1",
"5.3.0-cluster-N2"
],
"selection_mode": "dynamic"
},
"lane_size": "medium",
"lane_type": "kpi",
"overwrite_entity_title": "no",
"overwrite_kpi_title": "no",
"search": "`itsi-cp-soar-indexes` source=vmstat | search [ | rest splunk_server=local report_as=text service_id=da-itsi-cp-soar-splunk-app-for-soar-os-metrics kpi_id=da-itsi-cp-soar-6251abe13c92438f948e31cb entity_id_fields=host entity_alias_filtering_fields=host search_type= search_type=adhoc \"/servicesNS/nobody/SA-ITOA/itoa_interface/generate_entity_filter\" | return $value ] | `aggregate_raw_into_entity_time_series(latest, swapUsedPct, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-soar-splunk-app-for-soar-os-metrics, da-itsi-cp-soar-6251abe13c92438f948e31cb)`",
"search_source": "kpi",
"subtitle": "Splunk app for SOAR - OS Metrics",
"threshold_indication_enabled": "enabled",
"threshold_indication_type": "stateIndication",
"title": "Swap Used (pct)",
"vertical_axis_boundary_type": "staticValue",
"vertical_axis_scale": "linear",
"vertical_axis_static_bounds": [
0,
100
]
}
],
"latest_time": "now",
"title": "Splunk app for SOAR - OS Metrics",
"topology_id": "da-itsi-cp-soar-splunk-app-for-soar-os-metrics",
"version": "0.0.33"
}
Reference in new issue View Git Blame Copy Permalink