I have a configuration of 3 servers:
1-ElaticSearch+kibana+logstash
2-Topbeat ,filebeat and Packetbeat with a (web server and a website connected to a remote MySQL DB in the 3rd server), and MySQL DB connected to another component.
3-Packetbeat and MySQL DB connected the web site of the 2nd server.
Now everything works perfectly and I can vizualise in Kibana my network BUT how can i split between the two seperated MySQL Performance and web transactions cause now they are merged together (Maybe with diffrent colors, diffrent doscovering, dashboarding ..)
If you want to differentiate between the traffic coming from two different MySQL, then you can use the shipper field from the event to differentiate between them.
In the Discovery page, you can differentiate between them by searching for:
type: mysql AND shipper: xxxx ( to get the MySQL traffic coming from xxxx)
type: mysql AND shipper: yyyy (to get the MySQL traffic coming from yyyy)
In the Kibana Dashboards:
You can save the two searches that you used in the Discovery Page and give it a name. Then, you can use these searches when creating any widget in the dashboard.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.