I have a question when collecting data from the system module.
- When collecting processes, I would like to collect the top 10 CPU and memory information.
- When collecting processes, I want to collect a specific process.name. (Example: Notepad*, xyz.exe)
How do I modify it in System.yml to create Visualize by collecting both collection targets together?
I modified it as below, but the data of the Top 10 process is not collected, only a specific process is collected.
## system.yml
# Module: system
# Docs: https://www.elastic.co/guide/en/beats/metricbeat/master/metricbeat-module-system.html
- module: system
period: 30s
metricsets:
- cpu
- memory
- network
- process
- process_summary
- socket_summary
- diskio
- filesystem
- uptime
# https://www.elastic.co/guide/en/beats/metricbeat/current/metricbeat-metricset-system-service.html
cpu.metrics: [percentages, normalized_percentages]
filesystem.ignore_types: [nsfs, nfs, smbfs, autofs]
#processes: ['.*', 'Notepad*', 'vapm.exe', 'epmd*']
processes: ['.*']
processes: ['Notepad*', 'vapm.exe', 'epmd*']
process.include_top_n.by_cpu: 10
process.include_top_n.by_memory: 10
process.cgroups.enabled: false
process.include_cpu_ticks: true
filters:
- drop_event.when.regexp:
system.filesystem.mount_point: '^\/(sys|cgroup|proc|dev|etc|host)\/(.*)'
- drop_event.when.regexp:
system.filesystem.device_name: '^(sys|cgroup|proc|dev|etc|host|sysfs|gvfsd-fuse)'
Result
How do I collect all top 10 process and specific process information?
