github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

[8.x] [Inventory] Add k8s fields to Service entity type (#195407) (#195601)

Browse source 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Inventory] Add k8s fields to Service entity type
(#195407)](https://github.com/elastic/kibana/pull/195407)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Cauê
Marcondes","email":"55978943+cauemarcondes@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-09T13:44:12Z","message":"[Inventory]
Add k8s fields to Service entity type (#195407)\n\ncloses
https://github.com/elastic/kibana/issues/195244\r\n\r\n- Removed metrics
definition from service, host and container\r\n- Removed `metrics-apm`
index patterns from the service definition\r\nbecause k8s fields are not
available on that scope.\r\n- Added `traces-apm*` index pattern on the
service
definition\r\n\r\n\r\nhttps://github.com/user-attachments/assets/6c6b4fd6-817a-494e-8649-e2d76a8e98e3","sha":"cc7fdba1422f2717984b958509be13abc820b15b","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","backport:prev-minor","ci:cloud-deploy","ci:project-deploy-observability","Team:obs-ux-infra_services","v8.16.0","Feature:EEM"],"title":"[Inventory]
Add k8s fields to Service entity
type","number":195407,"url":"https://github.com/elastic/kibana/pull/195407","mergeCommit":{"message":"[Inventory]
Add k8s fields to Service entity type (#195407)\n\ncloses
https://github.com/elastic/kibana/issues/195244\r\n\r\n- Removed metrics
definition from service, host and container\r\n- Removed `metrics-apm`
index patterns from the service definition\r\nbecause k8s fields are not
available on that scope.\r\n- Added `traces-apm*` index pattern on the
service
definition\r\n\r\n\r\nhttps://github.com/user-attachments/assets/6c6b4fd6-817a-494e-8649-e2d76a8e98e3","sha":"cc7fdba1422f2717984b958509be13abc820b15b"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195407","number":195407,"mergeCommit":{"message":"[Inventory]
Add k8s fields to Service entity type (#195407)\n\ncloses
https://github.com/elastic/kibana/issues/195244\r\n\r\n- Removed metrics
definition from service, host and container\r\n- Removed `metrics-apm`
index patterns from the service definition\r\nbecause k8s fields are not
available on that scope.\r\n- Added `traces-apm*` index pattern on the
service
definition\r\n\r\n\r\nhttps://github.com/user-attachments/assets/6c6b4fd6-817a-494e-8649-e2d76a8e98e3","sha":"cc7fdba1422f2717984b958509be13abc820b15b"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Cauê Marcondes <55978943+cauemarcondes@users.noreply.github.com>
This commit is contained in:
Kibana Machine 2024-10-10 02:45:18 +11:00 committed by GitHub
parent 062ea5726f
commit ef6f776b12
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
16 changed files with 12 additions and 1161 deletions
Download patch file Download diff file Expand all files Collapse all files

92
x-pack/plugins/entity_manager/server/lib/entities/built_in/containers_from_ecs_data.ts
View file

@ -12,7 +12,7 @@ export const builtInContainersFromEcsEntityDefinition: EntityDefinition =
entityDefinitionSchema.parse({
id: `${BUILT_IN_ID_PREFIX}containers_from_ecs_data`,
managed: true,
version: '1.0.0',
version: '0.1.0',
name: 'Containers from ECS data',
description:
'This definition extracts container entities from common data streams by looking for the ECS field container.id',
@ -65,94 +65,4 @@ export const builtInContainersFromEcsEntityDefinition: EntityDefinition =
'agent.type',
'agent.ephemeral_id',
],
metrics: [
{
name: 'log_rate',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'doc_count',
filter: 'log.level: * OR error.log.level: *',
},
],
},
{
name: 'error_log_rate',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'doc_count',
filter: '(log.level: "error" OR "ERROR") OR (error.log.level: "error" OR "ERROR")',
},
],
},
{
name: 'cpu_usage_avg',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'avg',
field: 'docker.cpu.total.pct',
},
],
},
{
name: 'memory_usage_avg',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'avg',
field: 'docker.memory.usage.pct',
},
],
},
{
name: 'network_in_avg',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'avg',
field: 'docker.network.in.bytes',
},
],
},
{
name: 'network_out_avg',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'avg',
field: 'docker.network.out.bytes',
},
],
},
{
name: 'disk_read_avg',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'avg',
field: 'docker.diskio.read.ops',
},
],
},
{
name: 'disk_write_avg',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'avg',
field: 'docker.diskio.write.ops',
},
],
},
],
});

113
x-pack/plugins/entity_manager/server/lib/entities/built_in/hosts_from_ecs_data.ts
View file

@ -11,7 +11,7 @@ import { BUILT_IN_ID_PREFIX } from './constants';
export const builtInHostsFromEcsEntityDefinition: EntityDefinition = entityDefinitionSchema.parse({
id: `${BUILT_IN_ID_PREFIX}hosts_from_ecs_data`,
managed: true,
version: '1.0.0',
version: '0.1.0',
name: 'Hosts from ECS data',
description:
'This definition extracts host entities from common data streams by looking for the ECS field host.name',
@ -65,115 +65,4 @@ export const builtInHostsFromEcsEntityDefinition: EntityDefinition = entityDefin
'agent.type',
'agent.version',
],
metrics: [
{
name: 'log_rate',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'doc_count',
filter: 'log.level: * OR error.log.level: *',
},
],
},
{
name: 'error_log_rate',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'doc_count',
filter: '(log.level: "error" OR "ERROR") OR (error.log.level: "error" OR "ERROR")',
},
],
},
{
name: 'cpu_usage_avg',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'avg',
field: 'system.cpu.total.norm.pct',
},
],
},
{
name: 'normalized_load_avg',
equation: 'A / B',
metrics: [
{
name: 'A',
aggregation: 'avg',
field: 'system.load.1',
},
{
name: 'B',
aggregation: 'max',
field: 'system.load.cores',
},
],
},
{
name: 'memory_usage_avg',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'avg',
field: 'system.memory.actual.used.pct',
},
],
},
{
name: 'memory_free_avg',
equation: 'A - B',
metrics: [
{
name: 'A',
aggregation: 'max',
field: 'system.memory.total',
},
{
name: 'B',
aggregation: 'avg',
field: 'system.memory.actual.used.bytes',
},
],
},
{
name: 'disk_usage_max',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'max',
field: 'system.filesystem.used.pct',
},
],
},
{
name: 'rx_avg',
equation: 'A * 8',
metrics: [
{
name: 'A',
aggregation: 'sum',
field: 'host.network.ingress.bytes',
},
],
},
{
name: 'tx_avg',
equation: 'A * 8',
metrics: [
{
name: 'A',
aggregation: 'sum',
field: 'host.network.egress.bytes',
},
],
},
],
});

90
x-pack/plugins/entity_manager/server/lib/entities/built_in/services_from_ecs_data.ts
View file

@ -8,31 +8,16 @@
import { EntityDefinition, entityDefinitionSchema } from '@kbn/entities-schema';
import { BUILT_IN_ID_PREFIX } from './constants';
const serviceTransactionFilter = (additionalFilters: string[] = []) => {
const baseFilters = [
'processor.event: "metric"',
'metricset.name: "service_transaction"',
'metricset.interval: "1m"',
];
return [...baseFilters, ...additionalFilters].join(' AND ');
};
export const builtInServicesFromEcsEntityDefinition: EntityDefinition =
entityDefinitionSchema.parse({
version: '0.3.0',
version: '0.4.0',
id: `${BUILT_IN_ID_PREFIX}services_from_ecs_data`,
name: 'Services from ECS data',
description:
'This definition extracts service entities from common data streams by looking for the ECS field service.name',
type: 'service',
managed: true,
indexPatterns: [
'logs-*',
'filebeat*',
'metrics-apm.service_transaction.1m*',
'metrics-apm.service_summary.1m*',
],
indexPatterns: ['logs-*', 'filebeat*', 'traces-apm*'],
history: {
timestampField: '@timestamp',
interval: '1m',
@ -65,72 +50,9 @@ export const builtInServicesFromEcsEntityDefinition: EntityDefinition =
'cloud.provider',
'cloud.availability_zone',
'cloud.machine.type',
],
metrics: [
{
name: 'latency',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'avg',
filter: serviceTransactionFilter(),
field: 'transaction.duration.histogram',
},
],
},
{
name: 'throughput',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'value_count',
filter: serviceTransactionFilter(),
field: 'transaction.duration.summary',
},
],
},
{
name: 'failedTransactionRate',
equation: '1 - (A / B)',
metrics: [
{
name: 'A',
aggregation: 'sum',
filter: serviceTransactionFilter(),
field: 'event.success_count',
},
{
name: 'B',
aggregation: 'value_count',
filter: serviceTransactionFilter(),
field: 'event.success_count',
},
],
},
{
name: 'logErrorRate',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'doc_count',
filter:
'log.level: "error" OR log.level: "ERROR" OR error.log.level: "error" OR error.log.level: "ERROR"',
},
],
},
{
name: 'logRate',
equation: 'A',
metrics: [
{
name: 'A',
aggregation: 'doc_count',
filter: 'data_stream.type: logs',
},
],
},
'kubernetes.namespace',
'orchestrator.cluster.name',
'k8s.namespace.name',
'k8s.cluster.name',
],
});