I would like to detect the red marked drop. I would not like to get see the the positive spikes, because they are not the issue what i am looking for.
What is the best way to do so?
We are using basic license. So machine learning, etc. is not an option.
Target is to see, how often this issue occurred within the last month for example.
I need to detect issues, wich may be only 1 or 2 minutes long.
Our metric data is written once a minute.
Desired output is a bar graph and a table which lists all occurrences of the issue.
So when kibana is increasing the time range of a bucket, this might be problematic.
The workaround option I have in mind would be, fire a script against ES which calculates the difference of m1(now) - m1(now-1min). If result is negative, insert into ES, where I can visualize and list it.
But it would be nice to find a solution inside of kibana without the need of external jobs.
yes, it detects the drops, but also it sees drops after the spike of incoming messages after 7:00. Because this drop is only a consequence of the spike, I would not like to see this.
You might be able to achieve something close to what you want with the Time Series Visual Builder visualization. Here's an example where I'm highlighting all instances where my current CPU utilization average drops below the moving average, which helps smooth out some of those spikes. It's probably not exactly what you want, and you won't be able to get a table out of this, but maybe it's close.
The workaround option I have in mind would be, fire a script against ES which calculates the difference of m1(now) - m1(now-1min). If result is negative, insert into ES, where I can visualize and list it.
You could do exactly this calculation in realtime in Timelion, however it wouldn't deal with the issue of spikes in the data creating false positives for drops.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
