In one full day of business on Monday we consumed 137G of events.
Index # Docs Primary Size
logstash-2019.06.10 379,128,391 137GB
I see that the disk is holding what i would expect for a few days of data
Drive Used Free Folder
965G 304G 623G 33% /appl
I have 8 inputs currently.
How do I tell the daily volume size of events from each input?
Thanks
NAgios LS - Dashboard Table Input Colors
NAgios LS - Dashboard Table Input Colors
Is there a way to set the color of the different inputs in the "EVENTS OVER TIME" table?
ie:
input 1 - red
input 2 = blue
input 3 - yellow
etc
Thanks
ie:
input 1 - red
input 2 = blue
input 3 - yellow
etc
Thanks
You do not have the required permissions to view the files attached to this post.
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: NAgios LS - Dashboard Table Input Colors
One way is to click on the blue dot in the query area and change the query type to TopN then in "Field" enter "host"
this will separate them into different shades, the alternative would be to enter each host as a different query with a different color by addinf multiple queries with the +
Example:
red
blue
yellow
this will separate them into different shades, the alternative would be to enter each host as a different query with a different color by addinf multiple queries with the +
Example:
red
Code: Select all
host:xxx.xxx.xxx.xxxCode: Select all
host:yyy.yyy.yyy.yyyCode: Select all
host:zzz.zzz.zzz.zzzRe: NAgios LS - Dashboard Table Input Colors
Thanks and WOW
The 'eventlog' is really chatty for 6 window server hosts.
That was unexpected.
The 'eventlog' is really chatty for 6 window server hosts.
That was unexpected.
You do not have the required permissions to view the files attached to this post.
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: NAgios LS - Dashboard Table Input Colors
In the TopN settings if you change the "Field" from _type to "host" you would see which server is the most chattynewmember wrote:Thanks and WOW
The 'eventlog' is really chatty for 6 window server hosts.
That was unexpected.
Re: NAgios LS - Dashboard Table Input Colors
Perfect
yes one host stands out for more windows events
yes one host stands out for more windows events
You do not have the required permissions to view the files attached to this post.
Re: NAgios LS - Dashboard Table Input Colors
This appears to be the main event (sounds like MMA) that this driving up the event count.
Not sure if its important?
Cool how we can use Nagios LS to trouble shoot its self.
Volume of this event from this host:
Not sure if its important?
Cool how we can use Nagios LS to trouble shoot its self.
Code: Select all
The Windows Filtering Platform has permitted a connection.
Application Information:
Process ID: 316
Application Name: \device\harddiskvolume2\windows\system32\svchost.exe
Network Information:
Direction: Inbound
Source Address: 224.0.0.252
Source Port: 5355
Destination Address: XX.XX.XX.12
Destination Port: 60317
Protocol: 17
Filter Information:
Filter Run-Time ID: 68611
Layer Name: Receive/Accept
Layer Run-Time ID: 44Volume of this event from this host:
You do not have the required permissions to view the files attached to this post.
Last edited by newmember on Tue Jun 11, 2019 11:59 am, edited 1 time in total.
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: NAgios LS - Dashboard Table Input Colors
Yepnewmember wrote:Cool how we can use Nagios LS to trouble shoot its self.
https://www.google.com/search?q=224.0.0.252
The connection to 224.0.0.252:5355 with protocol UDP is used by recent versions of Windows for Link Local Multicast Name Resolution (LLMNR) searching for local network computers.