Hi,
I'm using SNMP-Logstash plugin to get data from SNMP. It works fine to an extent, The issues comes in for a field that has multiple values, example "processorusage" as i have 2 fortigate devices but it is fetching all these fields in single document. There are other fields like this having same issue. I'm attaching the screenshots for both cases, It would be great if there's some way to merge them into one single label or anything I'm missing on please do let me know.
It's showing you per-CPU utilization. How do you want to combine them? Average?
Note that you may only want to combine processors of the same type (e.g. do not average NP, SP, and CP utilization).
I don't understand how it showing per CPU utilization. I have two Fortinet devices and both are coming in the same document. There shouldn't be this many fields for two devices. How could i combine them i a single document with respect to their device.
See this post. It links to a couple of posts with ideas about how to split an SNMP response that covers multiple devices.
As I said, you could average the CPU cores on a device, but you may not want to take averages across different core types. This averaging would require further ruby code, but depending on the final data structure you end up with you may be able to do it in elasticsearch when retrieving the data.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
