Hi - is anyone aware of any community developed or publicly available kibana dashboards created to observe the health of the elastic stack, including APM ? Ideally including the alerts seen in Stack Management, but extended to cover bespoke situations like "number of connected APM services" or "number of connected datasets".
Or, is there any documentation available to help us query the "hidden" indexes that hold the stack alert status so we could pull back this and display in Kibana ?
Hey @dave.richards, I think there are several things at play here:
- (fired) alerts are available in the
.alerts*indices. The schema of these documents is an implementation detail and not meant for public consumption. You'll probably be able to build visualisations on top of it though. I'm not aware of any publicly available visualisations (that are maintained by Elastic). I don't think there are docs either, as it is not meant for public consumption. - "number of connected APM Services" can be derived from your APM data, which is in
*apm*data streams or indices, depending on your version of the stack. We also have the APM App that shows you this data, but if you want to get this in a dashboard, you'll have to build the visualisation yourself. This is fairly straightforward - you'll want to count the unique values ofservice.namein*apm*. - "number of connected datasets": it's not entirely clear to me what this means. What do you consider a dataset? We do have the Data Streams view in Fleet (
/app/fleet/data-streams), but it only covers data from Elastic Integrations, and is a bespoke implementation, that is, the data is not persisted in an index, but derived at runtime by querying the data streams that the Elastic Integrations are using.
2 Likes
Sorry for the delay, I missed your reply. OK, thanks for the info, will take a look at .alerts*
Datasets in this case is referring to metricsets of data coming from the metricbeats k8s integration. We are checking that to make sure the expected numver of metricsets are coming in from the beats integration.
This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.