Cleanup visualizations #147
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
craig-cogdill
suggested changes
Feb 28, 2020
| @@ -1,6 +1,6 @@ | |||
| { | |||
| "migrationVersion": { | |||
| "visualization": "7.2.0" | |||
| "visualization": "7.4.2" | |||
There was a problem hiding this comment.
Why did all of these change to 7.4.2? Those changes seem like they should be reverted.
| @@ -1,6 +1,6 @@ | |||
| { | |||
| "migrationVersion": { | |||
| "dashboard": "7.0.0" | |||
| "dashboard": "7.3.0" | |||
There was a problem hiding this comment.
And this one is 7.3.0 for some reason?
craig-cogdill
approved these changes
Feb 28, 2020
|
Approved changes after Slack discussion, but I have not built or tested this. |
josh-cogdill
approved these changes
Feb 28, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This prevents the
shards failed, too_many_buckets_exceptionerrors on visualizations that we know may return over 10,000 buckets (typically seen with the time picker set to the last 2 hours, or longer). We also removed a duplicated visualization (Top-10-Dest-Ports-By-Flow-Count) in favor ofTop-10-Dest-Ports-(pie).Changes:
Removed the Top-10-Dest-Ports-By-Flow-Count visualization
Error prevention: On the Destination Port Dashboard and Replayed Traffic Dashboard, the
Top 10 Dest Ports (Pie)donut chart has been reduced to two rings showing the top 10 destination ports and the top 10 applications on each port. The source and destination IP addresses are still available in the Ports Table at the bottom of the page.Error prevention: We removed
Sum of Repeated Field Count by Applicationon the Traffic Profile dashboard. In the past, this was interesting troubleshooting information (not useful to users as far as we know) because we used to insert every value on a repeated field into ES, so high repeated field count could cost us a lot of metadata space. Since we now truncate repeated fields over X length prior to insert, this is no longer useful for troubleshooting.