Display count of tomcat down -metric visualization

Elastic Stack Kibana
1

Trying to create a visulization in kibana that should only display no of tomcat which are down.
I guess I'm using wrong aggregation and not getting exactly wht can help out here.
'''''''''''''''''
logs:
Filelds:
1)tomcat.host_name:kpti001,kpti002..etc
2)tomcat.server_status : "UP" or "Down" Value
'''''''''''''''''''
Issue: when tomcat goes down the count shows correct and updates on visualization,ex 2 tomcat down--metric shows "2",but when server is up it takes 15 min to show current status of UP.
The timefilter is 15 min,but refresh is set 10 s,still not getting how come its updating the value after 15 min,though in discover index the status comes up immediately as "UP".I guess the Unique count and count aggregation are causing it but wht could solve this,any diff aggregation?

Thanks,
Prashant

M3
M3589×777 50.6 KB

2

Hi @PRASHANT_MEHTA. I believe you only want to check the latest status of the Tomcat server. So you might try settings your Metrics to Top Hit on the @timestamp field.

1 Like
3

hello @nickpeihl ,thanks for looking into this,I want the total count of tomcat that are down.
Ex:Server 1-Tomcat1,Server 2-Tomcat 2...Server n Tomcat n,Now suppose out of active 25 tomcat,5 tomcat goes down so I want 5 to be displayed real time i.e current status.I did tried the Top hit earlier but it didn't worked.Just want the count of host that are presently down.This is something admin will check for real time to check the status.Any suggestion would be helpful.
Sample Logs Image:
tomcat.server_status: "UP" or "Down"
tomcat.tomcat.host_name:td06app1001,td02app1002,td03app1003...
Kibana 7.9.1

SEVERAL_HOST_STATUS
SEVERAL_HOST_STATUS933×102 7.42 KB

4

Hi again @PRASHANT_MEHTA. I believe you need to have a terms query for the top hit (on @timestamp) for each server then count the results. You might want to use the advanced features of TSVB for that.

1 Like
5

@nickpeihl Thanx for your quick response!! :smiley:,I achieved the desired result.Many Thanx.

tomcat_server_down_count
tomcat_server_down_count1179×742 84.5 KB

1 Like
6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.