Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable TSDB for System integration #5848

Closed
10 of 11 tasks
joshdover opened this issue Apr 11, 2023 · 9 comments · Fixed by #8637
Closed
10 of 11 tasks

Enable TSDB for System integration #5848

joshdover opened this issue Apr 11, 2023 · 9 comments · Fixed by #8637
Assignees
@tetianakravchenko @lalit-satapathy
Labels
Team:Elastic-Agent Label for the Agent team

Comments

@joshdover
Copy link
Contributor

joshdover commented Apr 11, 2023
edited by tetianakravchenko
Loading

We need to enable TSDB indexing for the system integration's metric streams to reduce storage costs. This should be done in 3 broad phases:

  • Update mappings to specify dimensions
  • Update mappings to specify metric types
  • Flip the toggle to enable TSDB indexing mode, update constraint.kibana.version to 8.8

You can find related issues and examples for other integrations in #5233

Current PRs:

Found issues:
@joshdover joshdover added the Team:Elastic-Agent Label for the Agent team label Apr 11, 2023
@elasticmachine
Copy link

Pinging @elastic/elastic-agent (Team:Elastic-Agent)

@jlind23
Copy link
Contributor

jlind23 commented Apr 13, 2023

cc @andresrc for awareness / prio

@jlind23
Copy link
Contributor

jlind23 commented Apr 13, 2023

Assigning this to @lalit-satapathy per our email discussion.

@lalit-satapathy
Copy link
Collaborator

@tetianakravchenko will help do the TSDB enablement on system package.

Based on the analysis, the scope of the TSDB enablement on system package would be:

  • dimensions present only in 3 out of 17 data_streams: memory, cpu and load. See any missing dimensions. Dimension need to be added to all remaining data_streams and testing.
    Prior work by @ruflin.
  • metic_type present in diskio, core, memory, socket_summary, cpu, network,filesystem, load, fsstat, process_summary, uptime and process. We need to see if this work before is complete or anything pending here.
    Prior work.

As usual, we we separate the dimension work from new metric type work(if any) and track in separate PRs.

@tetianakravchenko
Copy link
Contributor

tetianakravchenko commented May 2, 2023
edited
Loading

Relevant for TSDB datastreams:

Datastream: core (metrics)

  • [WIP] dimensions: will add it in separated PR, core.id should be used as an extra dimentions, when adding it, all documents are dropped - need investigate.

Datastream: cpu (metrics)

Datastream: diskio (metrics)

Datastream: filesystem (metrics)

Datastream: fsstat (metrics)

Datastream: load (metrics)

Datastream: memory (metrics)

Datastream: network (metrics)

Datastream: process (metrics)

Datastream: process_summary (metrics)

Datastream: socket_summary (metrics)

Datastream: uptime (metrics)

next datastream are skipped:

  • application (input log: winlog)
  • auth (input type: logfile)
  • security (input type: winlog)
  • syslog (input type: logfile)
  • system (input type: winlog)

@lalit-satapathy lalit-satapathy mentioned this issue May 30, 2023
Closed
45 tasks
@lalit-satapathy
Copy link
Collaborator

Hi @joshdover, @jlind23,

We have the initial PR ready (with dimension work) as part of the TSDB enablement. Can someone help review the changes from the package owner perspective and also need help answering one query here. Thanks!

@gbamparop gbamparop mentioned this issue Jun 16, 2023
Closed
@tetianakravchenko
Copy link
Contributor

tetianakravchenko commented Jun 19, 2023
edited
Loading

Testing:

Before TSDB:

Screenshot 2023-06-19 at 12 42 12

Disk used is missing for the time range < 1h

Screenshot 2023-06-19 at 11 55 36

Disk used is missing for the time range < 1h

Screenshot 2023-06-19 at 11 58 34

Swap usage - no value

Enable TSDB

Diskio:

- name: host
  type: group
  fields:
    - name: disk.read.bytes
      type: scaled_float
      unit: byte
      metric_type: gauge
      description: |
        The total number of bytes read successfully in a given period of time.
    - name: disk.write.bytes
      type: scaled_float
      unit: byte
      metric_type: gauge
      description: |
        The total number of bytes write successfully in a given period of time.

no time_series_metric for scaled_float in mapping:

mapping:

      "host": {
        "properties": {
          "architecture": {
            "type": "keyword",
            "ignore_above": 1024
          },
          "containerized": {
            "type": "boolean"
          },
          "disk": {
            "properties": {
              "read": {
                "properties": {
                  "bytes": {
                    "type": "long"
                  }
                }
              },
              "write": {
                "properties": {
                  "bytes": {
                    "type": "long"
                  }
                }
              }
            }
          },

Created issue:

@lalit-satapathy
Copy link
Collaborator

@tetianakravchenko, Anything pending on this issue or it can be closed?

@tetianakravchenko
Copy link
Contributor

@lalit-satapathy there is one more datastream to enable tsdb on - #8637. When merged this issue can be closed

@tetianakravchenko tetianakravchenko mentioned this issue Dec 4, 2023
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tetianakravchenko tetianakravchenko

@lalit-satapathy lalit-satapathy

Labels
Team:Elastic-Agent Label for the Agent team
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[System][core] Enable tsdb tetianakravchenko/integrations
5 participants
@joshdover @elasticmachine @tetianakravchenko @jlind23 @lalit-satapathy