github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Stack Monitoring] Debug logging docs (#127568)

Browse source
This commit is contained in:
Mat Schaffer 2022-03-18 09:08:29 +09:00 committed by GitHub
parent 04ccd4d215
commit 4fe1f0744e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 62 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

61
x-pack/plugins/monitoring/dev_docs/how_to/debug_logging.md
View file

@ -0,0 +1,61 @@
When diagnosing issues with UI or alert errors, it can be useful to know the exact query being sent by kibana to elasticsearch.
Rules should have a `fetchData` setup [like this one](/x-pack/plugins/monitoring/server/alerts/nodes_changed_rule.ts#L96). Tracing down will get you to `fetchNodesFromClusterStats`.
Just before the `esClient.search` call you can log out the query parameters using something like:
```typescript
console.log(JSON.stringify(params));
```
With kibana running locally (possibly connected to a [cloud test cluster](../how_to/cloud_setup.md)), enable the rule and let it run.
Visit the UI for the first time or use the "manage" link in the top right to create the rules. Once created they should be visible in the "Rules and Connectors" section of stack management.
Once the rule runs you should see output like this:
```json
{
"index": ".monitoring-es-6-*,.monitoring-es-7-*,metricbeat-disabled-*",
"filter_path": ["aggregations.clusters.buckets"],
"body": {
"size": 0,
"sort": [{ "timestamp": { "order": "desc", "unmapped_type": "long" } }],
"query": {
"bool": {
"filter": [
{ "term": { "type": "cluster_stats" } },
{ "range": { "timestamp": { "gte": "now-2m" } } }
]
}
},
"aggs": {
"clusters": {
"terms": { "include": ["XoDBYCe_QLCYIfyc_wPtrw"], "field": "cluster_uuid" },
"aggs": {
"top": {
"top_hits": {
"sort": [{ "timestamp": { "order": "desc", "unmapped_type": "long" } }],
"_source": { "includes": ["cluster_state.nodes_hash", "cluster_state.nodes"] },
"size": 2
}
}
}
}
}
}
}
```
Note that this isn't a valid Elasticsearch query on its own, you'll need to extract the body and index pattern into something like this.
```
GET {{.index}}/_search?filter_path={{.filter_path}}
{{.body}}
```
You can likely omit the `filter_path` from the query since it's mainly a performance optimization.
This technique can be used similarly in server API routes.
In stack releases since 7.15 ([kibana#107711](https://github.com/elastic/kibana/pull/107711)), you can set `monitoring.ui.debug_mode: true` to get similar output without making any code changes.

2
x-pack/plugins/monitoring/readme.md
View file

@ -15,7 +15,7 @@ This plugin provides the Stack Monitoring kibana application.
- [Rules and Alerts](dev_docs/reference/rules_alerts.md)
## Tooling
- [Debugging logging](dev_docs/how_to/debug_logging.md) (WIP)
- [Debugging logging](dev_docs/how_to/debug_logging.md)
- [APM tracing](dev_docs/how_to/apm_tracing.md)
## Troubleshooting