admingit
/
Deploiement_Server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e0ba6bc584'
${ noResults }
Deploiement_Server/deployment-apps/DA-ITSI-CP-splunk-observabi.../itsi/kpi_base_searches/da-itsi-cp-splunk-observabi...

31 lines
2.5 KiB
Raw Blame History

{
"alert_lag": 30,
"alert_period": "5",
"base_search": "| sim flow query=\"def weighted_duration(base, p, filter_, groupby):\n error_durations = data(base + '.duration.ns.' + p, filter=filter_ and filter('sf_error', 'true'), rollup='max').mean(by=groupby, allow_missing=['sf_httpMethod'])\n non_error_durations = data(base + '.duration.ns.' + p, filter=filter_ and filter('sf_error', 'false'), rollup='max').mean(by=groupby, allow_missing=['sf_httpMethod'])\n\n error_counts = data(base + '.count', filter=filter_ and filter('sf_error', 'true'), rollup='sum').sum(by=groupby, allow_missing=['sf_httpMethod'])\n non_error_counts = data(base + '.count', filter=filter_ and filter('sf_error', 'false'), rollup='sum').sum(by=groupby, allow_missing=['sf_httpMethod'])\n\n error_weight = (error_durations * error_counts).sum(over='1m')\n non_error_weight = (non_error_durations * non_error_counts).sum(over='1m')\n\n total_weight = combine((error_weight if error_weight is not None else 0) + (non_error_weight if non_error_weight is not None else 0))\n total = combine((error_counts if error_counts is not None else 0) + (non_error_counts if non_error_counts is not None else 0)).sum(over='1m')\n return (total_weight / total)\n\nfilter_ = filter('sf_environment', '*') and filter('sf_service', '*') and filter('sf_error','*') and not filter('sf_dimensionalized', '*')\ngroupby = ['sf_service', 'sf_environment', 'sf_error']\nweighted_duration('service.request', 'median', filter_, groupby).publish(label='medianLatency')\" \n| stats avg(_value) as medianLatency by sf_service sf_environment sf_organizationID _time",
"description": "",
"entity_filter_field": "sf_service",
"entity_split_field": "sf_service",
"is_filter_entities_to_service": true,
"is_split_by_entity": true,
"key": "da-itsi-cp-splunk-observability-splunkapm-rate-base-search",
"metric_qualifier": "",
"metrics": [
{
"aggregate_statop": "avg",
"entity_statop": "median",
"fill_gaps": "null_value",
"gap_custom_alert_value": "0",
"gap_severity": "unknown",
"gap_severity_color": "#CCCCCC",
"gap_severity_color_light": "#EEEEEE",
"gap_severity_value": "-1",
"key": "medianlatency",
"threshold_field": "medianLatency",
"title": "medianLatency",
"unit": "ms"
}
],
"search_alert_earliest": "5",
"title": "SplunkAPM Rate Base Search",
"version": "0.0.36"
}
Reference in new issue View Git Blame Copy Permalink