admingit
/
Deploiement_Server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'af91299fea'
${ noResults }
Deploiement_Server/deployment-apps/DA-ITSI-CP-microsoft-exchange/itsi/services/da-itsi-cp-microsoft-exchan...

1468 lines
92 KiB
Raw Blame History

{
"algorithms": {
"GradientBoostingRegressor": {
"RMSE": 0,
"modelId": "",
"rSquared": 0,
"recommended": false
},
"LinearRegression": {
"RMSE": 0,
"modelId": "",
"rSquared": 0,
"recommended": false
},
"LogisticRegression": {
"accuracy": 0,
"f1_score": 0,
"modelId": "",
"precision": 0,
"recall": 0,
"recommended": false
},
"RandomForestRegressor": {
"RMSE": 0,
"modelId": "",
"rSquared": 0,
"recommended": false
}
},
"description": "This service provides KPI's highlighting the process or running process as the set of instructions currently being processed by the computer processor. For example, in Windows you can see each of the processes running by opening the Processes tab in Task Manager. Windows Processes are Windows Services and background programs you normally don't see running on the computer. A process may be a printer program that runs in the background and monitors the ink levels and other printer settings while the computer is running. A typical computer has multiple processes running all the time to help manage the operating system, its hardware, and the software running on the computer.",
"enabled": true,
"entity_rules": [],
"key": "da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process",
"kpis": [
{
"adaptive_thresholding_training_window": "-7d",
"adaptive_thresholds_is_enabled": false,
"aggregate_eval": "",
"aggregate_statop": "avg",
"aggregate_threshold_alert_enabled": false,
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": [
{
"dynamic_param": null,
"severity_color": "#B50101",
"severity_color_light": "#E5A6A6",
"severity_label": "critical",
"severity_label_localized": null,
"severity_value": 6.0,
"threshold_value": 0.0
},
{
"dynamic_param": null,
"severity_color": "#F26A35",
"severity_color_light": "#FBCBB9",
"severity_label": "high",
"severity_label_localized": null,
"severity_value": 5.0,
"threshold_value": 20.0
},
{
"dynamic_param": null,
"severity_color": "#FCB64E",
"severity_color_light": "#FEE6C1",
"severity_label": "medium",
"severity_label_localized": null,
"severity_value": 4.0,
"threshold_value": 40.0
},
{
"dynamic_param": null,
"severity_color": "#FFE98C",
"severity_color_light": "#FFF4C5",
"severity_label": "low",
"severity_label_localized": null,
"severity_value": 3.0,
"threshold_value": 60.0
},
{
"dynamic_param": null,
"severity_color": "#99D18B",
"severity_color_light": "#DCEFD7",
"severity_label": "normal",
"severity_label_localized": null,
"severity_value": 2.0,
"threshold_value": 80.0
}
]
},
"aggregate_thresholds_alert_enabled": false,
"aggregate_thresholds_custom_alert_enabled": false,
"aggregate_thresholds_custom_alert_rules": [],
"alert_eval": "",
"alert_lag": "30",
"alert_on": "both",
"alert_period": "1",
"anomaly_detection_alerting_enabled": false,
"anomaly_detection_is_enabled": false,
"anomaly_detection_sensitivity": 0.999,
"anomaly_detection_training_window": "-7d",
"backfill_earliest_time": "-7d",
"backfill_enabled": false,
"base_search": "`get_full_itsi_summary_service_health_events(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process)`",
"base_search_id": null,
"base_search_metric": null,
"cohesive_ad": {
"sensitivity": 8
},
"cohesive_anomaly_detection_is_enabled": false,
"datamodel": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"datamodel_filter": [],
"datamodel_filter_clauses": null,
"description": "",
"enabled": false,
"entity_filter_field": "",
"entity_split_field": "",
"entity_statop": "avg",
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": [
{
"dynamic_param": null,
"severity_color": "#B50101",
"severity_color_light": "#E5A6A6",
"severity_label": "critical",
"severity_label_localized": null,
"severity_value": 6.0,
"threshold_value": 0.0
},
{
"dynamic_param": null,
"severity_color": "#F26A35",
"severity_color_light": "#FBCBB9",
"severity_label": "high",
"severity_label_localized": null,
"severity_value": 5.0,
"threshold_value": 20.0
},
{
"dynamic_param": null,
"severity_color": "#FCB64E",
"severity_color_light": "#FEE6C1",
"severity_label": "medium",
"severity_label_localized": null,
"severity_value": 4.0,
"threshold_value": 40.0
},
{
"dynamic_param": null,
"severity_color": "#FFE98C",
"severity_color_light": "#FFF4C5",
"severity_label": "low",
"severity_label_localized": null,
"severity_value": 3.0,
"threshold_value": 60.0
},
{
"dynamic_param": null,
"severity_color": "#99D18B",
"severity_color_light": "#DCEFD7",
"severity_label": "normal",
"severity_label_localized": null,
"severity_value": 2.0,
"threshold_value": 80.0
}
]
},
"fill_gaps": "null_value",
"gap_custom_alert_value": 0.0,
"gap_severity": "unknown",
"gap_severity_color": "#CCCCCC",
"gap_severity_color_light": "#EEEEEE",
"gap_severity_value": "-1",
"is_filter_entities_to_service": false,
"is_split_by_entity": false,
"key": "SHKPI-da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process",
"kpi_base_search": "",
"kpi_template_kpi_id": "",
"kpi_threshold_template_id": "",
"metric_qualifier": null,
"metric_search_spec": {
"metric_index": "",
"metric_name": ""
},
"search": "`get_full_itsi_summary_service_health_events(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process)` | stats latest(health_score) AS aggregate",
"search_aggregate": "`get_full_itsi_summary_service_health_events(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process)` | stats latest(health_score) AS aggregate",
"search_alert": "",
"search_alert_earliest": "15",
"search_alert_entities": "",
"search_buckets": "",
"search_entities": null,
"search_occurrences": 1.0,
"search_time_compare": "`get_full_itsi_summary_service_health_events(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process)` [| stats count | addinfo | eval search= \"earliest=\" + tostring(info_min_time-(info_max_time-info_min_time))+ \" latest=\" + tostring(info_max_time) |fields search] | addinfo | eval bucket=if(_time<info_max_time-((info_max_time-info_min_time)/2), \"last_window\", \"current_window\") | stats avg(health_score) AS aggregate BY bucket | reverse | delta aggregate AS window_delta | search bucket=current_window | eval window_direction=if(window_delta >0, \"increase\", if(window_delta < 0, \"decrease\", \"none\"))",
"search_time_series": "`get_full_itsi_summary_service_health_events(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process)` | timechart avg(health_score) AS aggregate",
"search_time_series_aggregate": "`get_full_itsi_summary_service_health_events(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process)` | timechart avg(health_score) AS aggregate",
"search_time_series_entities": "",
"search_type": "adhoc",
"service_title": "MSExchange_BaseMetrics_Process",
"threshold_eval": "",
"threshold_field": "aggregate",
"time_policies": {
"policies": {
"default_policy": {
"aggregate_thresholds": {
"base_severity_color": "#AED3E5",
"base_severity_color_light": "#E3F0F6",
"base_severity_label": "info",
"base_severity_value": 1.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"entity_thresholds": {
"base_severity_color": "#AED3E5",
"base_severity_color_light": "#E3F0F6",
"base_severity_label": "info",
"base_severity_value": 1.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"policy_type": "static",
"time_blocks": [],
"title": "Default"
}
}
},
"title": "ServiceHealthScore",
"trending_ad": {
"sensitivity": 8
},
"type": "service_health",
"tz_offset": null,
"unit": "",
"urgency": 11.0,
"use_time_policies": false
},
{
"adaptive_thresholding_training_window": "-7d",
"adaptive_thresholds_is_enabled": false,
"aggregate_eval": null,
"aggregate_statop": "max",
"aggregate_threshold_alert_enabled": false,
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"aggregate_thresholds_alert_enabled": false,
"aggregate_thresholds_custom_alert_enabled": false,
"aggregate_thresholds_custom_alert_rules": [],
"alert_eval": null,
"alert_lag": "30",
"alert_on": "both",
"alert_period": "5",
"anomaly_detection_alerting_enabled": false,
"anomaly_detection_is_enabled": false,
"anomaly_detection_sensitivity": null,
"anomaly_detection_training_window": null,
"backfill_earliest_time": "-7d",
"backfill_enabled": false,
"base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Privileged Time\"",
"base_search_id": null,
"base_search_metric": null,
"cohesive_ad": {
"sensitivity": 8
},
"cohesive_anomaly_detection_is_enabled": false,
"datamodel": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"datamodel_filter": [],
"datamodel_filter_clauses": null,
"description": "% Privileged Time is the percentage of elapsed time that the process threads spent executing code in privileged mode. When a Windows system service in called, the service will often run in privileged mode to gain access to system-private data. Such data is protected from access by threads executing in user mode. Calls to the system can be explicit or implicit, such as page faults or interrupts. Unlike some early operating systems, Windows uses process boundaries for subsystem protection in addition to the traditional protection of user and privileged modes. Some work done by Windows on behalf of the application might appear in other subsystem processes in addition to the privileged time in the process. Privileged Utility is the amount of work a processor is completing while executing in privileged mode, as a percentage of the amount of work the processor could complete if it were running at its nominal performance and never idle. On some processors, Privileged Utility may exceed 100%.",
"enabled": true,
"entity_filter_field": "host",
"entity_split_field": "host",
"entity_statop": "max",
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"fill_gaps": "null_value",
"gap_custom_alert_value": 0.0,
"gap_severity": "unknown",
"gap_severity_color": "#CCCCCC",
"gap_severity_color_light": "#EEEEEE",
"gap_severity_value": "-1",
"is_filter_entities_to_service": false,
"is_split_by_entity": true,
"key": "da-itsi-cp-microsoft-exchange-dc58bc4a060a71792b824afb",
"kpi_base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Privileged Time\"",
"kpi_template_kpi_id": "",
"kpi_threshold_template_id": "",
"metric_qualifier": null,
"metric_search_spec": {
"metric_index": "",
"metric_name": ""
},
"search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Privileged Time\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-dc58bc4a060a71792b824afb, true, true, true)` | eval kpi=\"% Privileged Time\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Privileged Time\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-dc58bc4a060a71792b824afb)`",
"search_alert": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Privileged Time\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-dc58bc4a060a71792b824afb, true, true, true)` | eval kpi=\"% Privileged Time\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_alert_earliest": "5",
"search_alert_entities": "",
"search_buckets": "",
"search_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Privileged Time\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-dc58bc4a060a71792b824afb)`",
"search_occurrences": 1.0,
"search_time_compare": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Privileged Time\" | `aggregate_raw_and_compare(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-dc58bc4a060a71792b824afb)`",
"search_time_series": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Privileged Time\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-dc58bc4a060a71792b824afb)`",
"search_time_series_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Privileged Time\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-dc58bc4a060a71792b824afb)`",
"search_time_series_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Privileged Time\" | `aggregate_raw_into_limited_entity_time_series(max, Value, \"host\", 5)`",
"search_type": "adhoc",
"service_title": "MSExchange_BaseMetrics_Process",
"threshold_eval": null,
"threshold_field": "Value",
"time_policies": {
"policies": {
"default_policy": {
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"policy_type": "static",
"time_blocks": [],
"title": "Default"
}
}
},
"title": "% Privileged Time",
"trending_ad": {
"sensitivity": 8
},
"type": "kpis_primary",
"tz_offset": null,
"unit": "%",
"urgency": 5.0,
"use_time_policies": false
},
{
"adaptive_thresholding_training_window": "-7d",
"adaptive_thresholds_is_enabled": false,
"aggregate_eval": null,
"aggregate_statop": "max",
"aggregate_threshold_alert_enabled": false,
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"aggregate_thresholds_alert_enabled": false,
"aggregate_thresholds_custom_alert_enabled": false,
"aggregate_thresholds_custom_alert_rules": [],
"alert_eval": null,
"alert_lag": "30",
"alert_on": "both",
"alert_period": "5",
"anomaly_detection_alerting_enabled": false,
"anomaly_detection_is_enabled": false,
"anomaly_detection_sensitivity": null,
"anomaly_detection_training_window": null,
"backfill_earliest_time": "-7d",
"backfill_enabled": false,
"base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Processor Time\"",
"base_search_id": null,
"base_search_metric": null,
"cohesive_ad": {
"sensitivity": 8
},
"cohesive_anomaly_detection_is_enabled": false,
"datamodel": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"datamodel_filter": [],
"datamodel_filter_clauses": null,
"description": "Shows the percentage of elapsed processor time that all process threads used to execute instructions. An instruction is the basic unit of execution in a computer. A thread is the object that executes instructions, and a process is the object created when a program is run. Code executed to handle some hardware interruptions and trap conditions are included in this count.",
"enabled": true,
"entity_filter_field": "host",
"entity_split_field": "host",
"entity_statop": "max",
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"fill_gaps": "null_value",
"gap_custom_alert_value": 0.0,
"gap_severity": "unknown",
"gap_severity_color": "#CCCCCC",
"gap_severity_color_light": "#EEEEEE",
"gap_severity_value": "-1",
"is_filter_entities_to_service": false,
"is_split_by_entity": true,
"key": "da-itsi-cp-microsoft-exchange-71e3cbff8dd976f93e32881b",
"kpi_base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Processor Time\"",
"kpi_template_kpi_id": "",
"kpi_threshold_template_id": "",
"metric_qualifier": null,
"metric_search_spec": {
"metric_index": "",
"metric_name": ""
},
"search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Processor Time\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-71e3cbff8dd976f93e32881b, true, true, true)` | eval kpi=\"% Processor Time\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Processor Time\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-71e3cbff8dd976f93e32881b)`",
"search_alert": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Processor Time\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-71e3cbff8dd976f93e32881b, true, true, true)` | eval kpi=\"% Processor Time\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_alert_earliest": "5",
"search_alert_entities": "",
"search_buckets": "",
"search_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Processor Time\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-71e3cbff8dd976f93e32881b)`",
"search_occurrences": 1.0,
"search_time_compare": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Processor Time\" | `aggregate_raw_and_compare(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-71e3cbff8dd976f93e32881b)`",
"search_time_series": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Processor Time\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-71e3cbff8dd976f93e32881b)`",
"search_time_series_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Processor Time\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-71e3cbff8dd976f93e32881b)`",
"search_time_series_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% Processor Time\" | `aggregate_raw_into_limited_entity_time_series(max, Value, \"host\", 5)`",
"search_type": "adhoc",
"service_title": "MSExchange_BaseMetrics_Process",
"threshold_eval": null,
"threshold_field": "Value",
"time_policies": {
"policies": {
"default_policy": {
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"policy_type": "static",
"time_blocks": [],
"title": "Default"
}
}
},
"title": "% Processor Time",
"trending_ad": {
"sensitivity": 8
},
"type": "kpis_primary",
"tz_offset": null,
"unit": "%",
"urgency": 5.0,
"use_time_policies": false
},
{
"adaptive_thresholding_training_window": "-7d",
"adaptive_thresholds_is_enabled": false,
"aggregate_eval": null,
"aggregate_statop": "max",
"aggregate_threshold_alert_enabled": false,
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"aggregate_thresholds_alert_enabled": false,
"aggregate_thresholds_custom_alert_enabled": false,
"aggregate_thresholds_custom_alert_rules": [],
"alert_eval": null,
"alert_lag": "30",
"alert_on": "both",
"alert_period": "5",
"anomaly_detection_alerting_enabled": false,
"anomaly_detection_is_enabled": false,
"anomaly_detection_sensitivity": null,
"anomaly_detection_training_window": null,
"backfill_earliest_time": "-7d",
"backfill_enabled": false,
"base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% User Time\"",
"base_search_id": null,
"base_search_metric": null,
"cohesive_ad": {
"sensitivity": 8
},
"cohesive_anomaly_detection_is_enabled": false,
"datamodel": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"datamodel_filter": [],
"datamodel_filter_clauses": null,
"description": "% User Time is the percentage of elapsed time the processor spends in the user mode. User mode is a restricted processing mode designed for applications, environment subsystems, and integral subsystems.",
"enabled": true,
"entity_filter_field": "host",
"entity_split_field": "host",
"entity_statop": "max",
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"fill_gaps": "null_value",
"gap_custom_alert_value": 0.0,
"gap_severity": "unknown",
"gap_severity_color": "#CCCCCC",
"gap_severity_color_light": "#EEEEEE",
"gap_severity_value": "-1",
"is_filter_entities_to_service": false,
"is_split_by_entity": true,
"key": "da-itsi-cp-microsoft-exchange-c27c2badc47d0538630603dd",
"kpi_base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% User Time\"",
"kpi_template_kpi_id": "",
"kpi_threshold_template_id": "",
"metric_qualifier": null,
"metric_search_spec": {
"metric_index": "",
"metric_name": ""
},
"search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% User Time\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-c27c2badc47d0538630603dd, true, true, true)` | eval kpi=\"% User Time\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% User Time\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-c27c2badc47d0538630603dd)`",
"search_alert": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% User Time\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-c27c2badc47d0538630603dd, true, true, true)` | eval kpi=\"% User Time\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_alert_earliest": "5",
"search_alert_entities": "",
"search_buckets": "",
"search_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% User Time\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-c27c2badc47d0538630603dd)`",
"search_occurrences": 1.0,
"search_time_compare": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% User Time\" | `aggregate_raw_and_compare(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-c27c2badc47d0538630603dd)`",
"search_time_series": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% User Time\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-c27c2badc47d0538630603dd)`",
"search_time_series_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% User Time\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-c27c2badc47d0538630603dd)`",
"search_time_series_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"% User Time\" | `aggregate_raw_into_limited_entity_time_series(max, Value, \"host\", 5)`",
"search_type": "adhoc",
"service_title": "MSExchange_BaseMetrics_Process",
"threshold_eval": null,
"threshold_field": "Value",
"time_policies": {
"policies": {
"default_policy": {
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"policy_type": "static",
"time_blocks": [],
"title": "Default"
}
}
},
"title": "% User Time",
"trending_ad": {
"sensitivity": 8
},
"type": "kpis_primary",
"tz_offset": null,
"unit": "%",
"urgency": 5.0,
"use_time_policies": false
},
{
"adaptive_thresholding_training_window": "-7d",
"adaptive_thresholds_is_enabled": false,
"aggregate_eval": null,
"aggregate_statop": "max",
"aggregate_threshold_alert_enabled": false,
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"aggregate_thresholds_alert_enabled": false,
"aggregate_thresholds_custom_alert_enabled": false,
"aggregate_thresholds_custom_alert_rules": [],
"alert_eval": null,
"alert_lag": "30",
"alert_on": "both",
"alert_period": "5",
"anomaly_detection_alerting_enabled": false,
"anomaly_detection_is_enabled": false,
"anomaly_detection_sensitivity": null,
"anomaly_detection_training_window": null,
"backfill_earliest_time": "-7d",
"backfill_enabled": false,
"base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Data Bytes/sec\"",
"base_search_id": null,
"base_search_metric": null,
"cohesive_ad": {
"sensitivity": 8
},
"cohesive_anomaly_detection_is_enabled": false,
"datamodel": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"datamodel_filter": [],
"datamodel_filter_clauses": null,
"description": "Shows the rate at which the process is reading and writing bytes in I/O operations. This counter counts all I/O activity generated by the process to include file, network and device I/O's.",
"enabled": true,
"entity_filter_field": "host",
"entity_split_field": "host",
"entity_statop": "max",
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"fill_gaps": "null_value",
"gap_custom_alert_value": 0.0,
"gap_severity": "unknown",
"gap_severity_color": "#CCCCCC",
"gap_severity_color_light": "#EEEEEE",
"gap_severity_value": "-1",
"is_filter_entities_to_service": false,
"is_split_by_entity": true,
"key": "da-itsi-cp-microsoft-exchange-254a49482bc265577d6410da",
"kpi_base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Data Bytes/sec\"",
"kpi_template_kpi_id": "",
"kpi_threshold_template_id": "",
"metric_qualifier": null,
"metric_search_spec": {
"metric_index": "",
"metric_name": ""
},
"search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Data Bytes/sec\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-254a49482bc265577d6410da, true, true, true)` | eval kpi=\"IO Data Bytes/sec\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Data Bytes/sec\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-254a49482bc265577d6410da)`",
"search_alert": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Data Bytes/sec\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-254a49482bc265577d6410da, true, true, true)` | eval kpi=\"IO Data Bytes/sec\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_alert_earliest": "5",
"search_alert_entities": "",
"search_buckets": "",
"search_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Data Bytes/sec\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-254a49482bc265577d6410da)`",
"search_occurrences": 1.0,
"search_time_compare": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Data Bytes/sec\" | `aggregate_raw_and_compare(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-254a49482bc265577d6410da)`",
"search_time_series": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Data Bytes/sec\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-254a49482bc265577d6410da)`",
"search_time_series_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Data Bytes/sec\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-254a49482bc265577d6410da)`",
"search_time_series_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Data Bytes/sec\" | `aggregate_raw_into_limited_entity_time_series(max, Value, \"host\", 5)`",
"search_type": "adhoc",
"service_title": "MSExchange_BaseMetrics_Process",
"threshold_eval": null,
"threshold_field": "Value",
"time_policies": {
"policies": {
"default_policy": {
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"policy_type": "static",
"time_blocks": [],
"title": "Default"
}
}
},
"title": "IO Data Bytes/sec",
"trending_ad": {
"sensitivity": 8
},
"type": "kpis_primary",
"tz_offset": null,
"unit": "/sec",
"urgency": 5.0,
"use_time_policies": false
},
{
"adaptive_thresholding_training_window": "-7d",
"adaptive_thresholds_is_enabled": false,
"aggregate_eval": null,
"aggregate_statop": "max",
"aggregate_threshold_alert_enabled": false,
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"aggregate_thresholds_alert_enabled": false,
"aggregate_thresholds_custom_alert_enabled": false,
"aggregate_thresholds_custom_alert_rules": [],
"alert_eval": null,
"alert_lag": "30",
"alert_on": "both",
"alert_period": "5",
"anomaly_detection_alerting_enabled": false,
"anomaly_detection_is_enabled": false,
"anomaly_detection_sensitivity": null,
"anomaly_detection_training_window": null,
"backfill_earliest_time": "-7d",
"backfill_enabled": false,
"base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Other Bytes/sec\"",
"base_search_id": null,
"base_search_metric": null,
"cohesive_ad": {
"sensitivity": 8
},
"cohesive_anomaly_detection_is_enabled": false,
"datamodel": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"datamodel_filter": [],
"datamodel_filter_clauses": null,
"description": "Shows the rate at which the process is issuing bytes to I/O operations that don't involve data such as control operations. This counter counts all I/O activity generated by the process to include file, network and device I/O's.",
"enabled": true,
"entity_filter_field": "host",
"entity_split_field": "host",
"entity_statop": "max",
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"fill_gaps": "null_value",
"gap_custom_alert_value": 0.0,
"gap_severity": "unknown",
"gap_severity_color": "#CCCCCC",
"gap_severity_color_light": "#EEEEEE",
"gap_severity_value": "-1",
"is_filter_entities_to_service": false,
"is_split_by_entity": true,
"key": "da-itsi-cp-microsoft-exchange-58f447dd1b6fc5bbf3045739",
"kpi_base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Other Bytes/sec\"",
"kpi_template_kpi_id": "",
"kpi_threshold_template_id": "",
"metric_qualifier": null,
"metric_search_spec": {
"metric_index": "",
"metric_name": ""
},
"search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Other Bytes/sec\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-58f447dd1b6fc5bbf3045739, true, true, true)` | eval kpi=\"IO Other Bytes/sec\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Other Bytes/sec\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-58f447dd1b6fc5bbf3045739)`",
"search_alert": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Other Bytes/sec\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-58f447dd1b6fc5bbf3045739, true, true, true)` | eval kpi=\"IO Other Bytes/sec\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_alert_earliest": "5",
"search_alert_entities": "",
"search_buckets": "",
"search_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Other Bytes/sec\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-58f447dd1b6fc5bbf3045739)`",
"search_occurrences": 1.0,
"search_time_compare": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Other Bytes/sec\" | `aggregate_raw_and_compare(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-58f447dd1b6fc5bbf3045739)`",
"search_time_series": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Other Bytes/sec\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-58f447dd1b6fc5bbf3045739)`",
"search_time_series_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Other Bytes/sec\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-58f447dd1b6fc5bbf3045739)`",
"search_time_series_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Other Bytes/sec\" | `aggregate_raw_into_limited_entity_time_series(max, Value, \"host\", 5)`",
"search_type": "adhoc",
"service_title": "MSExchange_BaseMetrics_Process",
"threshold_eval": null,
"threshold_field": "Value",
"time_policies": {
"policies": {
"default_policy": {
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"policy_type": "static",
"time_blocks": [],
"title": "Default"
}
}
},
"title": "IO Other Bytes/sec",
"trending_ad": {
"sensitivity": 8
},
"type": "kpis_primary",
"tz_offset": null,
"unit": "/sec",
"urgency": 5.0,
"use_time_policies": false
},
{
"adaptive_thresholding_training_window": "-7d",
"adaptive_thresholds_is_enabled": false,
"aggregate_eval": null,
"aggregate_statop": "max",
"aggregate_threshold_alert_enabled": false,
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 439521961197.54596,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"aggregate_thresholds_alert_enabled": false,
"aggregate_thresholds_custom_alert_enabled": false,
"aggregate_thresholds_custom_alert_rules": [],
"alert_eval": null,
"alert_lag": "30",
"alert_on": "both",
"alert_period": "5",
"anomaly_detection_alerting_enabled": false,
"anomaly_detection_is_enabled": false,
"anomaly_detection_sensitivity": null,
"anomaly_detection_training_window": null,
"backfill_earliest_time": "-7d",
"backfill_enabled": false,
"base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Read Bytes/sec\"",
"base_search_id": null,
"base_search_metric": null,
"cohesive_ad": {
"sensitivity": 8
},
"cohesive_anomaly_detection_is_enabled": false,
"datamodel": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"datamodel_filter": [],
"datamodel_filter_clauses": null,
"description": "Shows the rate at which the process is reading bytes from I/O operations. This counter counts all I/O activity generated by the process to include file, network and device I/O's",
"enabled": true,
"entity_filter_field": "host",
"entity_split_field": "host",
"entity_statop": "max",
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"fill_gaps": "null_value",
"gap_custom_alert_value": 0.0,
"gap_severity": "unknown",
"gap_severity_color": "#CCCCCC",
"gap_severity_color_light": "#EEEEEE",
"gap_severity_value": "-1",
"is_filter_entities_to_service": false,
"is_split_by_entity": true,
"key": "da-itsi-cp-microsoft-exchange-031348e84f25b89e7e056bf7",
"kpi_base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Read Bytes/sec\"",
"kpi_template_kpi_id": "",
"kpi_threshold_template_id": "",
"metric_qualifier": null,
"metric_search_spec": {
"metric_index": "",
"metric_name": ""
},
"search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Read Bytes/sec\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-031348e84f25b89e7e056bf7, true, true, true)` | eval kpi=\"IO Read Bytes/sec\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Read Bytes/sec\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-031348e84f25b89e7e056bf7)`",
"search_alert": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Read Bytes/sec\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-031348e84f25b89e7e056bf7, true, true, true)` | eval kpi=\"IO Read Bytes/sec\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_alert_earliest": "5",
"search_alert_entities": "",
"search_buckets": "",
"search_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Read Bytes/sec\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-031348e84f25b89e7e056bf7)`",
"search_occurrences": 1.0,
"search_time_compare": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Read Bytes/sec\" | `aggregate_raw_and_compare(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-031348e84f25b89e7e056bf7)`",
"search_time_series": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Read Bytes/sec\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-031348e84f25b89e7e056bf7)`",
"search_time_series_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Read Bytes/sec\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-031348e84f25b89e7e056bf7)`",
"search_time_series_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Read Bytes/sec\" | `aggregate_raw_into_limited_entity_time_series(max, Value, \"host\", 5)`",
"search_type": "adhoc",
"service_title": "MSExchange_BaseMetrics_Process",
"threshold_eval": null,
"threshold_field": "Value",
"time_policies": {
"policies": {
"default_policy": {
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"policy_type": "static",
"time_blocks": [],
"title": "Default"
}
}
},
"title": "IO Read Bytes/sec",
"trending_ad": {
"sensitivity": 8
},
"type": "kpis_primary",
"tz_offset": null,
"unit": "/sec",
"urgency": 5.0,
"use_time_policies": false
},
{
"adaptive_thresholding_training_window": "-7d",
"adaptive_thresholds_is_enabled": false,
"aggregate_eval": null,
"aggregate_statop": "max",
"aggregate_threshold_alert_enabled": false,
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"aggregate_thresholds_alert_enabled": false,
"aggregate_thresholds_custom_alert_enabled": false,
"aggregate_thresholds_custom_alert_rules": [],
"alert_eval": null,
"alert_lag": "30",
"alert_on": "both",
"alert_period": "5",
"anomaly_detection_alerting_enabled": false,
"anomaly_detection_is_enabled": false,
"anomaly_detection_sensitivity": null,
"anomaly_detection_training_window": null,
"backfill_earliest_time": "-7d",
"backfill_enabled": false,
"base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Write Bytes/sec\"",
"base_search_id": null,
"base_search_metric": null,
"cohesive_ad": {
"sensitivity": 8
},
"cohesive_anomaly_detection_is_enabled": false,
"datamodel": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"datamodel_filter": [],
"datamodel_filter_clauses": null,
"description": "Shows the rate the process is writing bytes to I/O operations. This counter counts all I/O activity generated by the process to include file, network and device I/O's",
"enabled": true,
"entity_filter_field": "host",
"entity_split_field": "host",
"entity_statop": "max",
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"fill_gaps": "null_value",
"gap_custom_alert_value": 0.0,
"gap_severity": "unknown",
"gap_severity_color": "#CCCCCC",
"gap_severity_color_light": "#EEEEEE",
"gap_severity_value": "-1",
"is_filter_entities_to_service": false,
"is_split_by_entity": true,
"key": "da-itsi-cp-microsoft-exchange-c5a8ed3b348880160210c61f",
"kpi_base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Write Bytes/sec\"",
"kpi_template_kpi_id": "",
"kpi_threshold_template_id": "",
"metric_qualifier": null,
"metric_search_spec": {
"metric_index": "",
"metric_name": ""
},
"search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Write Bytes/sec\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-c5a8ed3b348880160210c61f, true, true, true)` | eval kpi=\"IO Write Bytes/sec\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Write Bytes/sec\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-c5a8ed3b348880160210c61f)`",
"search_alert": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Write Bytes/sec\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-c5a8ed3b348880160210c61f, true, true, true)` | eval kpi=\"IO Write Bytes/sec\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_alert_earliest": "5",
"search_alert_entities": "",
"search_buckets": "",
"search_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Write Bytes/sec\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-c5a8ed3b348880160210c61f)`",
"search_occurrences": 1.0,
"search_time_compare": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Write Bytes/sec\" | `aggregate_raw_and_compare(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-c5a8ed3b348880160210c61f)`",
"search_time_series": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Write Bytes/sec\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-c5a8ed3b348880160210c61f)`",
"search_time_series_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Write Bytes/sec\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-c5a8ed3b348880160210c61f)`",
"search_time_series_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"IO Write Bytes/sec\" | `aggregate_raw_into_limited_entity_time_series(max, Value, \"host\", 5)`",
"search_type": "adhoc",
"service_title": "MSExchange_BaseMetrics_Process",
"threshold_eval": null,
"threshold_field": "Value",
"time_policies": {
"policies": {
"default_policy": {
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"policy_type": "static",
"time_blocks": [],
"title": "Default"
}
}
},
"title": "IO Write Bytes/sec",
"trending_ad": {
"sensitivity": 8
},
"type": "kpis_primary",
"tz_offset": null,
"unit": "/sec",
"urgency": 5.0,
"use_time_policies": false
},
{
"adaptive_thresholding_training_window": "-7d",
"adaptive_thresholds_is_enabled": false,
"aggregate_eval": null,
"aggregate_statop": "max",
"aggregate_threshold_alert_enabled": false,
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"aggregate_thresholds_alert_enabled": false,
"aggregate_thresholds_custom_alert_enabled": false,
"aggregate_thresholds_custom_alert_rules": [],
"alert_eval": null,
"alert_lag": "30",
"alert_on": "both",
"alert_period": "5",
"anomaly_detection_alerting_enabled": false,
"anomaly_detection_is_enabled": false,
"anomaly_detection_sensitivity": null,
"anomaly_detection_training_window": null,
"backfill_earliest_time": "-7d",
"backfill_enabled": false,
"base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"Page Faults/sec\"",
"base_search_id": null,
"base_search_metric": null,
"cohesive_ad": {
"sensitivity": 8
},
"cohesive_anomaly_detection_is_enabled": false,
"datamodel": {
"datamodel": "",
"field": "",
"object": "",
"owner_field": ""
},
"datamodel_filter": [],
"datamodel_filter_clauses": null,
"description": "Shows the rate at which page faults by the threads executing in this process are occurring. A page fault occurs when a thread refers to a virtual memory page that is not in its working set in main memory. This does not cause the page to be fetched from disk if it is on the standby list and hence already in main memory, or if it is in use by another process with whom the page is shared.",
"enabled": true,
"entity_filter_field": "host",
"entity_split_field": "host",
"entity_statop": "max",
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"fill_gaps": "null_value",
"gap_custom_alert_value": 0.0,
"gap_severity": "unknown",
"gap_severity_color": "#CCCCCC",
"gap_severity_color_light": "#EEEEEE",
"gap_severity_value": "-1",
"is_filter_entities_to_service": false,
"is_split_by_entity": true,
"key": "da-itsi-cp-microsoft-exchange-eabf1ad7107d94401a8443ca",
"kpi_base_search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"Page Faults/sec\"",
"kpi_template_kpi_id": "",
"kpi_threshold_template_id": "",
"metric_qualifier": null,
"metric_search_spec": {
"metric_index": "",
"metric_name": ""
},
"search": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"Page Faults/sec\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-eabf1ad7107d94401a8443ca, true, true, true)` | eval kpi=\"Page Faults/sec\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"Page Faults/sec\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-eabf1ad7107d94401a8443ca)`",
"search_alert": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"Page Faults/sec\" | `aggregate_raw_into_entity(max, Value, \"host\")` | eval sec_grp = \"default_itsi_security_group\" | `match_entities(host, sec_grp)` | eval serviceid = \"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `aggregate_entity_into_service(max)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-eabf1ad7107d94401a8443ca, true, true, true)` | eval kpi=\"Page Faults/sec\", urgency=\"5\", alert_period=\"5\", serviceid=\"da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process\" | `assess_urgency` | `gettime`",
"search_alert_earliest": "5",
"search_alert_entities": "",
"search_buckets": "",
"search_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"Page Faults/sec\" | `aggregate_raw_into_single_value(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-eabf1ad7107d94401a8443ca)`",
"search_occurrences": 1.0,
"search_time_compare": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"Page Faults/sec\" | `aggregate_raw_and_compare(max, max, Value, \"host\", 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-eabf1ad7107d94401a8443ca)`",
"search_time_series": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"Page Faults/sec\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-eabf1ad7107d94401a8443ca)`",
"search_time_series_aggregate": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"Page Faults/sec\" | `aggregate_raw_into_entity_time_series(max, Value, \"host\", 5)` | `aggregate_entity_into_service_time_series(max, 5)` | `assess_severity(da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process, da-itsi-cp-microsoft-exchange-eabf1ad7107d94401a8443ca)`",
"search_time_series_entities": "eventtype=msperfmon-index ms_exchange_host=\"true\" object=Process eventtype=msexchange-perfmon counter=\"Page Faults/sec\" | `aggregate_raw_into_limited_entity_time_series(max, Value, \"host\", 5)`",
"search_type": "adhoc",
"service_title": "MSExchange_BaseMetrics_Process",
"threshold_eval": null,
"threshold_field": "Value",
"time_policies": {
"policies": {
"default_policy": {
"aggregate_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"entity_thresholds": {
"base_severity_color": "#99D18B",
"base_severity_color_light": "#DCEFD7",
"base_severity_label": "normal",
"base_severity_value": 2.0,
"gauge_max": 100,
"gauge_min": 0,
"is_max_static": false,
"is_min_static": true,
"metric_field": "count",
"render_boundary_max": 100.0,
"render_boundary_min": 0.0,
"threshold_levels": []
},
"policy_type": "static",
"time_blocks": [],
"title": "Default"
}
}
},
"title": "Page Faults/sec",
"trending_ad": {
"sensitivity": 8
},
"type": "kpis_primary",
"tz_offset": null,
"unit": "/sec",
"urgency": 5.0,
"use_time_policies": false
}
],
"service_tags": {
"tags": [],
"template_tags": []
},
"service_template_id": "",
"services_depending_on_me": [
{
"kpis_depending_on": [
"SHKPI-da-itsi-cp-microsoft-exchange-msexchange-basemetrics-process"
],
"service_id": "da-itsi-cp-microsoft-exchange-msexchange-basemetrics-group-processing"
}
],
"services_depends_on": [],
"team_id": "default_itsi_security_group",
"title": "MSExchange_BaseMetrics_Process",
"version": "0.0.33"
}
Reference in new issue View Git Blame Copy Permalink