colben/efk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
colben
2021-08-29 00:02:22 +08:00
commit 828bfa1adc
62 changed files with 2595 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
README.en.md Normal file
View File

@@ -0,0 +1,5 @@
# myfilebeat
#### Description
filebeat common config

5
README.md Normal file
View File

@@ -0,0 +1,5 @@
# myfilebeat
#### 介绍
filebeat 常用配置

10
filebeat.service Normal file
View File

@@ -0,0 +1,10 @@
[Unit]
Description=Elastic FileBeat
After=network.target
[Service]
ExecStart=/opt/filebeat/filebeat -c /opt/filebeat/filebeat.yml
[Install]
WantedBy=multi-user.target

21
filebeat.yml Normal file
View File

@@ -0,0 +1,21 @@
#================================ Processors ==================================
processors:
- drop_fields:
fields: ["beat.name", "beat.version", "offset"]
#========================== Elasticsearch output ==============================
output.elasticsearch:
enabled: true
hosts: []
#============================= Filebeat config ================================
filebeat.config:
prospectors:
enabled: true
path: prospectors.d/*.yml
reload.enabled: true
reload.period: 10s
#============================= Xpack Monitoring ===============================
xpack.monitoring.enabled: true

18
kibana/dashboard/abnormal.json Normal file
View File

@@ -0,0 +1,18 @@
[
{
"_id": "59d930f0-834c-11e9-ad88-85624cce68b5",
"_type": "dashboard",
"_source": {
"title": "服务器异常汇总",
"hits": 0,
"description": "",
"panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"x\":1,\"y\":0,\"w\":5,\"h\":3,\"i\":\"1\"},\"id\":\"4fb3a570-834b-11e9-ad88-85624cce68b5\",\"type\":\"search\",\"version\":\"6.2.4\"},{\"panelIndex\":\"2\",\"gridData\":{\"x\":6,\"y\":0,\"w\":6,\"h\":3,\"i\":\"2\"},\"id\":\"9f5a1e60-834b-11e9-ad88-85624cce68b5\",\"type\":\"search\",\"version\":\"6.2.4\"},{\"panelIndex\":\"3\",\"gridData\":{\"x\":0,\"y\":3,\"w\":3,\"h\":3,\"i\":\"3\"},\"id\":\"e8e33120-834b-11e9-ad88-85624cce68b5\",\"type\":\"search\",\"version\":\"6.2.4\"},{\"panelIndex\":\"4\",\"gridData\":{\"x\":6,\"y\":3,\"w\":6,\"h\":3,\"i\":\"4\"},\"id\":\"8d21a870-8301-11e9-ad88-85624cce68b5\",\"type\":\"search\",\"version\":\"6.2.4\"},{\"panelIndex\":\"5\",\"gridData\":{\"x\":0,\"y\":0,\"w\":1,\"h\":3,\"i\":\"5\"},\"id\":\"17980860-8351-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"6\",\"gridData\":{\"x\":3,\"y\":3,\"w\":3,\"h\":3,\"i\":\"6\"},\"version\":\"6.2.4\",\"type\":\"search\",\"id\":\"d65da6a0-85b4-11e9-9656-5f1225242944\"},{\"panelIndex\":\"7\",\"gridData\":{\"x\":6,\"y\":6,\"w\":6,\"h\":3,\"i\":\"7\"},\"version\":\"6.2.4\",\"type\":\"search\",\"id\":\"a15e2260-8846-11e9-9656-5f1225242944\"},{\"panelIndex\":\"8\",\"gridData\":{\"x\":0,\"y\":6,\"w\":6,\"h\":3,\"i\":\"8\"},\"version\":\"6.2.4\",\"type\":\"search\",\"id\":\"93d4c0a0-adcf-11e9-82d1-df99ba321bd2\"}]",
"optionsJSON": "{\"darkTheme\":false,\"hidePanelTitles\":false,\"useMargins\":true}",
"version": 1,
"timeRestore": false,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":true,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"search100\",\"params\":{\"query\":\"search100\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"search100\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"highlightAll\":true,\"version\":true}"
}
}
}
]

18
kibana/dashboard/access.json Normal file
View File

@@ -0,0 +1,18 @@
[
{
"_id": "9beb0d70-0ca9-11e9-98f8-c53bf18cb006",
"_type": "dashboard",
"_source": {
"title": "系统访问统计",
"hits": 0,
"description": "",
"panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"x\":1,\"y\":0,\"w\":11,\"h\":3,\"i\":\"1\"},\"id\":\"d1906110-0ca8-11e9-98f8-c53bf18cb006\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"2\",\"gridData\":{\"x\":0,\"y\":3,\"w\":5,\"h\":3,\"i\":\"2\"},\"id\":\"d998eae0-0ca7-11e9-98f8-c53bf18cb006\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"5\",\"gridData\":{\"x\":5,\"y\":3,\"w\":2,\"h\":6,\"i\":\"5\"},\"id\":\"fc53d820-1106-11e9-8819-7f8b8589cf6c\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"6\",\"gridData\":{\"x\":0,\"y\":6,\"w\":5,\"h\":3,\"i\":\"6\"},\"id\":\"62d35850-1940-11e9-85e4-c396c5d0cddf\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"7\",\"gridData\":{\"x\":0,\"y\":9,\"w\":6,\"h\":6,\"i\":\"7\"},\"id\":\"87286d00-68df-11e9-82d1-df99ba321bd2\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"8\",\"gridData\":{\"x\":0,\"y\":15,\"w\":6,\"h\":6,\"i\":\"8\"},\"id\":\"b9a0ce30-68df-11e9-82d1-df99ba321bd2\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"9\",\"gridData\":{\"x\":6,\"y\":9,\"w\":6,\"h\":6,\"i\":\"9\"},\"id\":\"4138be30-acfa-11e9-82d1-df99ba321bd2\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"10\",\"gridData\":{\"x\":0,\"y\":0,\"w\":1,\"h\":3,\"i\":\"10\"},\"id\":\"17980860-8351-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"11\",\"gridData\":{\"x\":7,\"y\":3,\"w\":5,\"h\":3,\"i\":\"11\"},\"version\":\"6.2.4\",\"type\":\"visualization\",\"id\":\"67b569c0-acf8-11e9-82d1-df99ba321bd2\"},{\"panelIndex\":\"12\",\"gridData\":{\"x\":7,\"y\":6,\"w\":5,\"h\":3,\"i\":\"12\"},\"version\":\"6.2.4\",\"type\":\"visualization\",\"id\":\"bd07e970-acf8-11e9-82d1-df99ba321bd2\"}]",
"optionsJSON": "{\"darkTheme\":false,\"hidePanelTitles\":false,\"useMargins\":true}",
"version": 1,
"timeRestore": false,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[],\"highlightAll\":true,\"version\":true}"
}
}
}
]

18
kibana/dashboard/kafka.json Normal file
View File

@@ -0,0 +1,18 @@
[
{
"_id": "3a948e00-8438-11e9-9656-5f1225242944",
"_type": "dashboard",
"_source": {
"title": "Kafka",
"hits": 0,
"description": "",
"panelsJSON": "[{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"h\":4,\"i\":\"1\",\"w\":12,\"x\":0,\"y\":3},\"id\":\"d5f67f80-8437-11e9-9656-5f1225242944\",\"panelIndex\":\"1\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"h\":3,\"i\":\"2\",\"w\":11,\"x\":1,\"y\":0},\"id\":\"8a6fd9f0-8435-11e9-9656-5f1225242944\",\"panelIndex\":\"2\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":3,\"i\":\"3\",\"w\":1,\"x\":0,\"y\":0},\"id\":\"17980860-8351-11e9-ad88-85624cce68b5\",\"panelIndex\":\"3\",\"type\":\"visualization\",\"version\":\"6.2.4\"}]",
"optionsJSON": "{\"darkTheme\":false,\"hidePanelTitles\":false,\"useMargins\":true}",
"version": 1,
"timeRestore": false,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"monitor.kafka.topic\",\"value\":\"wangmei_raw\",\"params\":{\"query\":\"wangmei_raw\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"monitor.kafka.topic\":{\"query\":\"wangmei_raw\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"highlightAll\":true,\"version\":true}"
}
}
}
]

18
kibana/dashboard/port.json Normal file
View File

@@ -0,0 +1,18 @@
[
{
"_id": "e9a89150-7dd7-11e9-ad88-85624cce68b5",
"_type": "dashboard",
"_source": {
"title": "查看指定端口的连接量",
"hits": 0,
"description": "",
"panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"x\":1,\"y\":0,\"w\":11,\"h\":9,\"i\":\"1\"},\"title\":\"端口连接分布\",\"version\":\"6.2.4\",\"type\":\"visualization\",\"id\":\"04b89ff0-7d68-11e9-ad88-85624cce68b5\",\"embeddableConfig\":{\"spy\":null}},{\"panelIndex\":\"2\",\"gridData\":{\"x\":0,\"y\":0,\"w\":1,\"h\":3,\"i\":\"2\"},\"version\":\"6.2.4\",\"type\":\"visualization\",\"id\":\"17980860-8351-11e9-ad88-85624cce68b5\"}]",
"optionsJSON": "{\"darkTheme\":false,\"useMargins\":true,\"hidePanelTitles\":false}",
"version": 1,
"timeRestore": false,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"monitor.conn.port\",\"value\":\"3306\",\"params\":{\"query\":\"3306\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"monitor.conn.port\":{\"query\":\"3306\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"highlightAll\":true,\"version\":true}"
}
}
}
]

18
kibana/dashboard/server-detail.json Normal file
View File

@@ -0,0 +1,18 @@
[
{
"_id": "5dd7aac0-7e96-11e9-ad88-85624cce68b5",
"_type": "dashboard",
"_source": {
"title": "服务器详情",
"hits": 0,
"description": "",
"panelsJSON": "[{\"panelIndex\":\"1\",\"gridData\":{\"x\":1,\"y\":0,\"w\":3,\"h\":3,\"i\":\"1\"},\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 60\":\"rgb(165,0,38)\",\"60 - 80\":\"rgb(255,255,190)\",\"80 - 100\":\"rgb(0,104,55)\"},\"legendOpen\":false}},\"id\":\"b8fc7020-7e91-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"2\",\"gridData\":{\"x\":4,\"y\":0,\"w\":3,\"h\":3,\"i\":\"2\"},\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 60\":\"rgb(0,104,55)\",\"60 - 80\":\"rgb(255,255,190)\",\"80 - 100\":\"rgb(165,0,38)\"},\"legendOpen\":false}},\"id\":\"ff9344f0-7e91-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"3\",\"gridData\":{\"x\":7,\"y\":0,\"w\":5,\"h\":3,\"i\":\"3\"},\"embeddableConfig\":{\"spy\":null,\"vis\":{\"legendOpen\":false}},\"id\":\"11d2fb90-7e94-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"4\",\"gridData\":{\"x\":0,\"y\":7,\"w\":4,\"h\":3,\"i\":\"4\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"id\":\"8f73d660-7e8e-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"5\",\"gridData\":{\"x\":4,\"y\":7,\"w\":4,\"h\":3,\"i\":\"5\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"id\":\"f84666d0-7e8e-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"6\",\"gridData\":{\"x\":8,\"y\":7,\"w\":4,\"h\":3,\"i\":\"6\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"id\":\"88d34100-7e8f-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"9\",\"gridData\":{\"x\":4,\"y\":16,\"w\":4,\"h\":2,\"i\":\"9\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"id\":\"0ed18e70-7f70-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"10\",\"gridData\":{\"x\":0,\"y\":13,\"w\":12,\"h\":3,\"i\":\"10\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"id\":\"6ea347d0-7f70-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"11\",\"gridData\":{\"x\":8,\"y\":16,\"w\":4,\"h\":2,\"i\":\"11\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"id\":\"a76d3e90-7f70-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"12\",\"gridData\":{\"x\":0,\"y\":16,\"w\":4,\"h\":2,\"i\":\"12\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"id\":\"d83e5860-7f70-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"13\",\"gridData\":{\"x\":0,\"y\":10,\"w\":12,\"h\":3,\"i\":\"13\"},\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"id\":\"174ad510-7f67-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"14\",\"gridData\":{\"x\":0,\"y\":3,\"w\":6,\"h\":2,\"i\":\"14\"},\"id\":\"09975710-8046-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"15\",\"gridData\":{\"x\":0,\"y\":5,\"w\":6,\"h\":2,\"i\":\"15\"},\"id\":\"c9413d00-8047-11e9-ad88-85624cce68b5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"panelIndex\":\"16\",\"gridData\":{\"x\":6,\"y\":3,\"w\":6,\"h\":4,\"i\":\"16\"},\"version\":\"6.2.4\",\"type\":\"search\",\"id\":\"8d21a870-8301-11e9-ad88-85624cce68b5\"},{\"panelIndex\":\"17\",\"gridData\":{\"x\":0,\"y\":0,\"w\":1,\"h\":3,\"i\":\"17\"},\"version\":\"6.2.4\",\"type\":\"visualization\",\"id\":\"17980860-8351-11e9-ad88-85624cce68b5\"}]",
"optionsJSON": "{\"darkTheme\":false,\"hidePanelTitles\":false,\"useMargins\":true}",
"version": 1,
"timeRestore": false,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"redis103\",\"params\":{\"query\":\"redis103\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"redis103\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"highlightAll\":true,\"version\":true}"
}
}
}
]

18
kibana/dashboard/server-general.json Normal file
View File

@@ -0,0 +1,18 @@
[
{
"_id": "2a121b70-808b-11e9-ad88-85624cce68b5",
"_type": "dashboard",
"_source": {
"title": "服务器概览",
"hits": 0,
"description": "",
"panelsJSON": "[{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":3,\"i\":\"1\",\"w\":5,\"x\":1,\"y\":0},\"id\":\"2b5e0b20-8085-11e9-ad88-85624cce68b5\",\"panelIndex\":\"1\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":3,\"i\":\"2\",\"w\":6,\"x\":6,\"y\":0},\"id\":\"84681490-8085-11e9-ad88-85624cce68b5\",\"panelIndex\":\"2\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":3,\"i\":\"3\",\"w\":12,\"x\":0,\"y\":3},\"id\":\"ad133180-8086-11e9-ad88-85624cce68b5\",\"panelIndex\":\"3\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":3,\"i\":\"4\",\"w\":12,\"x\":0,\"y\":9},\"id\":\"4385b8b0-808a-11e9-ad88-85624cce68b5\",\"panelIndex\":\"4\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":3,\"i\":\"5\",\"w\":12,\"x\":0,\"y\":6},\"id\":\"7c7f4af0-808a-11e9-ad88-85624cce68b5\",\"panelIndex\":\"5\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":3,\"i\":\"6\",\"w\":12,\"x\":0,\"y\":15},\"id\":\"99d6f5a0-8088-11e9-ad88-85624cce68b5\",\"panelIndex\":\"6\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":false}},\"gridData\":{\"h\":3,\"i\":\"7\",\"w\":12,\"x\":0,\"y\":12},\"id\":\"923f7d20-8089-11e9-ad88-85624cce68b5\",\"panelIndex\":\"7\",\"type\":\"visualization\",\"version\":\"6.2.4\"},{\"gridData\":{\"h\":3,\"i\":\"8\",\"w\":1,\"x\":0,\"y\":0},\"id\":\"17980860-8351-11e9-ad88-85624cce68b5\",\"panelIndex\":\"8\",\"type\":\"visualization\",\"version\":\"6.2.4\"}]",
"optionsJSON": "{\"darkTheme\":false,\"hidePanelTitles\":false,\"useMargins\":true}",
"version": 1,
"timeRestore": false,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"type\":\"phrases\",\"key\":\"beat.hostname\",\"value\":\"emotion110, region109, yq108\",\"params\":[\"emotion110\",\"region109\",\"yq108\"],\"negate\":false,\"disabled\":false,\"alias\":null},\"query\":{\"bool\":{\"should\":[{\"match_phrase\":{\"beat.hostname\":\"emotion110\"}},{\"match_phrase\":{\"beat.hostname\":\"region109\"}},{\"match_phrase\":{\"beat.hostname\":\"yq108\"}}],\"minimum_should_match\":1}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"type\":\"phrases\",\"key\":\"beat.hostname\",\"value\":\"node105, node104, node102\",\"params\":[\"node105\",\"node104\",\"node102\"],\"negate\":false,\"disabled\":true,\"alias\":null},\"query\":{\"bool\":{\"should\":[{\"match_phrase\":{\"beat.hostname\":\"node105\"}},{\"match_phrase\":{\"beat.hostname\":\"node104\"}},{\"match_phrase\":{\"beat.hostname\":\"node102\"}}],\"minimum_should_match\":1}},\"$state\":{\"store\":\"appState\"}}],\"highlightAll\":true,\"version\":true}"
}
}
}
]

27
kibana/search/java.json Normal file
View File

@@ -0,0 +1,27 @@
[
{
"_id": "a15e2260-8846-11e9-9656-5f1225242944",
"_type": "search",
"_source": {
"title": "JAVA 报错",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"java.process",
"java.class",
"java.function",
"java.line_num",
"java.log.content"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"java.log.level\",\"value\":\"ERROR\",\"params\":{\"query\":\"ERROR\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"java.log.level\":{\"query\":\"ERROR\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"
}
}
}
]

28
kibana/search/kafka.json Normal file
View File

@@ -0,0 +1,28 @@
[
{
"_id": "d4c0e280-8433-11e9-9656-5f1225242944",
"_type": "search",
"_source": {
"title": "Kafka Offset",
"description": "",
"hits": 0,
"columns": [
"monitor.kafka.client_host",
"monitor.kafka.consumer_group",
"monitor.kafka.topic",
"monitor.kafka.current_offset",
"monitor.kafka.end_offset",
"monitor.kafka.lag",
"monitor.kafka.partition"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":true,\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"key\":\"beat.hostname\",\"negate\":false,\"params\":{\"query\":\"kafka106\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"kafka106\"},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"kafka106\",\"type\":\"phrase\"}}}},{\"$state\":{\"store\":\"appState\"},\"exists\":{\"field\":\"monitor.kafka.topic\"},\"meta\":{\"alias\":null,\"disabled\":false,\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"key\":\"monitor.kafka.topic\",\"negate\":false,\"type\":\"exists\",\"value\":\"exists\"}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":true,\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"key\":\"monitor.kafka.consumer_group\",\"negate\":false,\"params\":{\"query\":\"yuqing_v1.12\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"yuqing_v1.12\"},\"query\":{\"match\":{\"monitor.kafka.consumer_group\":{\"query\":\"yuqing_v1.12\",\"type\":\"phrase\"}}}}]}"
}
}
}
]

48
kibana/search/mysql.json Normal file
View File

@@ -0,0 +1,48 @@
[
{
"_id": "2b1b1100-09dc-11e9-b283-47528513fd78",
"_type": "search",
"_source": {
"title": "Mysql 异常",
"description": "",
"hits": 0,
"columns": [
"message"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"source\",\"value\":\"/var/log/mysqld/error.log\",\"params\":{\"query\":\"/var/log/mysqld/error.log\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"source\":{\"query\":\"/var/log/mysqld/error.log\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"
}
}
},
{
"_id": "4791e6b0-09dc-11e9-b283-47528513fd78",
"_type": "search",
"_source": {
"title": "Mysql 慢查询",
"description": "",
"hits": 0,
"columns": [
"mysql.slowlog.user",
"mysql.slowlog.ip",
"mysql.slowlog.query_time.sec",
"mysql.slowlog.lock_time.sec",
"mysql.slowlog.rows_examined",
"mysql.slowlog.rows_sent",
"mysql.slowlog.query"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"source\",\"value\":\"/var/log/mysqld/slow.log\",\"params\":{\"query\":\"/var/log/mysqld/slow.log\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"source\":{\"query\":\"/var/log/mysqld/slow.log\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"
}
}
}
]

91
kibana/search/nginx.json Normal file
View File

@@ -0,0 +1,91 @@
[
{
"_id": "68594410-09d7-11e9-b283-47528513fd78",
"_type": "search",
"_source": {
"title": "Nginx 报错",
"description": "",
"hits": 0,
"columns": [
"message"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"source\",\"value\":\"/var/log/nginx/error.log\",\"params\":{\"query\":\"/var/log/nginx/error.log\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"source\":{\"query\":\"/var/log/nginx/error.log\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"nginx\",\"params\":{\"query\":\"nginx\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"nginx\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"
}
}
},
{
"_id": "efd03910-0fec-11e9-8819-7f8b8589cf6c",
"_type": "search",
"_source": {
"title": "Nginx 非法请求",
"description": "",
"hits": 0,
"columns": [
"nginx.access.remote_ip",
"nginx.access.method",
"nginx.access.url",
"nginx.access.agent"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"nginx\",\"params\":{\"query\":\"nginx\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"nginx\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"type\":\"phrases\",\"key\":\"source\",\"value\":\"/var/log/nginx/qyjs360.com/access-illegal.log, /var/log/nginx/www.goldeneye.cn/access-illegal.log\",\"params\":[\"/var/log/nginx/qyjs360.com/access-illegal.log\",\"/var/log/nginx/www.goldeneye.cn/access-illegal.log\"],\"negate\":false,\"disabled\":false,\"alias\":null},\"query\":{\"bool\":{\"should\":[{\"match_phrase\":{\"source\":\"/var/log/nginx/qyjs360.com/access-illegal.log\"}},{\"match_phrase\":{\"source\":\"/var/log/nginx/www.goldeneye.cn/access-illegal.log\"}}],\"minimum_should_match\":1}},\"$state\":{\"store\":\"appState\"}}]}"
}
}
},
{
"_id": "3e9b9ec0-acf2-11e9-82d1-df99ba321bd2",
"_type": "search",
"_source": {
"title": "與情 Nginx 正常访问",
"description": "",
"hits": 0,
"columns": [
"nginx.access.remote_ip",
"nginx.access.os",
"nginx.access.url",
"nginx.access.agent"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"nginx\",\"params\":{\"query\":\"nginx\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"nginx\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"source\",\"value\":\"/var/log/nginx/www.goldeneye.cn/access.log\",\"params\":{\"query\":\"/var/log/nginx/www.goldeneye.cn/access.log\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"source\":{\"query\":\"/var/log/nginx/www.goldeneye.cn/access.log\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"
}
}
},
{
"_id": "476794a0-09d7-11e9-b283-47528513fd78",
"_type": "search",
"_source": {
"title": "企业军师 Nginx 正常访问",
"description": "",
"hits": 0,
"columns": [
"nginx.access.remote_ip",
"nginx.access.os",
"nginx.access.url",
"nginx.access.agent"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"\",\"language\":\"lucene\"},\"filter\":[{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"nginx\",\"params\":{\"query\":\"nginx\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"nginx\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"source\",\"value\":\"/var/log/nginx/qyjs360.com/access.log\",\"params\":{\"query\":\"/var/log/nginx/qyjs360.com/access.log\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"source\":{\"query\":\"/var/log/nginx/qyjs360.com/access.log\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"
}
}
}
]

325
kibana/search/os.json Normal file
View File

@@ -0,0 +1,325 @@
[
{
"_id": "65129a00-09d6-11e9-b283-47528513fd78",
"_type": "search",
"_source": {
"title": "操作系统登陆日志",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"login.rhost",
"login.method",
"login.user",
"login.result"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"key\":\"source\",\"negate\":false,\"params\":{\"query\":\"/var/log/secure\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"/var/log/secure\"},\"query\":{\"match\":{\"source\":{\"query\":\"/var/log/secure\",\"type\":\"phrase\"}}}},{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":true,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"login.rhost\",\"value\":\"172.17.251.5\",\"params\":{\"query\":\"172.17.251.5\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"login.rhost\":{\"query\":\"172.17.251.5\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"
}
}
},
{
"_id": "4fb3a570-834b-11e9-ad88-85624cce68b5",
"_type": "search",
"_source": {
"title": "CPU 使用超过 80%",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"monitor.cpu.user",
"monitor.cpu.system",
"monitor.cpu.wait",
"monitor.cpu.idle"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"range\",\"key\":\"monitor.cpu.idle\",\"value\":\"0 to 20\",\"params\":{\"gte\":0,\"lt\":20}},\"range\":{\"monitor.cpu.idle\":{\"gte\":0,\"lt\":20}},\"$state\":{\"store\":\"appState\"}}]}"
}
}
},
{
"_id": "7ccc0500-7e11-11e9-ad88-85624cce68b5",
"_type": "search",
"_source": {
"title": "CPU 查询",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"monitor.cpu.user",
"monitor.cpu.system",
"monitor.cpu.idle",
"monitor.cpu.wait"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"source: \\\\/var\\\\/log\\\\/monitor\\\\/cpu-*.log\"},\"filter\":[]}"
}
}
},
{
"_id": "69059000-7f0f-11e9-ad88-85624cce68b5",
"_type": "search",
"_source": {
"title": "IO 查询",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"monitor.io.dev",
"monitor.io.tps",
"monitor.io.rd",
"monitor.io.wr",
"monitor.io.wait",
"monitor.io.util"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"source: \\\\/var\\\\/log\\\\/monitor\\\\/io-*.log\"},\"filter\":[]}"
}
}
},
{
"_id": "92c209e0-7e34-11e9-ad88-85624cce68b5",
"_type": "search",
"_source": {
"title": "Disk 查询",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"monitor.disk.partition",
"monitor.disk.used"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"source: \\\\/var\\\\/log\\\\/monitor\\\\/disk-*.log\"},\"filter\":[]}"
}
}
},
{
"_id": "33688dc0-7e34-11e9-ad88-85624cce68b5",
"_type": "search",
"_source": {
"title": "MEM 查询",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"monitor.mem.used"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"source: \\\\/var\\\\/log\\\\/monitor\\\\/mem-*.log\"},\"filter\":[]}"
}
}
},
{
"_id": "9f5a1e60-834b-11e9-ad88-85624cce68b5",
"_type": "search",
"_source": {
"title": "MEM 使用超过 80%",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"monitor.mem.used",
"monitor.mem.buffers",
"monitor.mem.cache",
"monitor.mem.free"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"range\",\"key\":\"monitor.mem.used\",\"value\":\"80 to 100\",\"params\":{\"gte\":80,\"lt\":100}},\"range\":{\"monitor.mem.used\":{\"gte\":80,\"lt\":100}},\"$state\":{\"store\":\"appState\"}}]}"
}
}
},
{
"_id": "e8e33120-834b-11e9-ad88-85624cce68b5",
"_type": "search",
"_source": {
"title": "分区使用超过 80%",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"monitor.disk.partition",
"monitor.disk.used"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"range\",\"key\":\"monitor.disk.used\",\"value\":\"80 to 100\",\"params\":{\"gte\":80,\"lt\":100}},\"range\":{\"monitor.disk.used\":{\"gte\":80,\"lt\":100}},\"$state\":{\"store\":\"appState\"}}]}"
}
}
},
{
"_id": "2f67e7d0-7f0a-11e9-ad88-85624cce68b5",
"_type": "search",
"_source": {
"title": "磁盘空间查询",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"monitor.disk.partition",
"monitor.disk.used"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"source: \\\\/var\\\\/log\\\\/monitor\\\\/disk-*.log\"},\"filter\":[]}"
}
}
},
{
"_id": "37644d50-7d40-11e9-ad88-85624cce68b5",
"_type": "search",
"_source": {
"title": "端口连接量查询",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"monitor.conn.server",
"monitor.conn.port",
"monitor.conn.count"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"source: \\\\/var\\\\/log\\\\/monitor\\\\/conn-*.log\"},\"filter\":[]}"
}
}
},
{
"_id": "94288030-7f0f-11e9-ad88-85624cce68b5",
"_type": "search",
"_source": {
"title": "网卡流量查询",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"monitor.net.dev",
"monitor.net.rx",
"monitor.net.tx"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"source: \\\\/var\\\\/log\\\\/monitor\\\\/net-*.log\"},\"filter\":[]}"
}
}
},
{
"_id": "d65da6a0-85b4-11e9-9656-5f1225242944",
"_type": "search",
"_source": {
"title": "网络不通",
"description": "",
"hits": 0,
"columns": [
"monitor.ping.server",
"monitor.ping.state"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"key\":\"monitor.ping.state_code\",\"negate\":true,\"params\":{\"query\":1,\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":1},\"query\":{\"match\":{\"monitor.ping.state_code\":{\"query\":1,\"type\":\"phrase\"}}}},{\"$state\":{\"store\":\"appState\"},\"exists\":{\"field\":\"monitor.ping.server\"},\"meta\":{\"alias\":null,\"disabled\":false,\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"key\":\"monitor.ping.server\",\"negate\":false,\"type\":\"exists\",\"value\":\"exists\"}},{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"nginx\",\"params\":{\"query\":\"nginx\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"nginx\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}]}"
}
}
},
{
"_id": "8d21a870-8301-11e9-ad88-85624cce68b5",
"_type": "search",
"_source": {
"title": "非正常的 service 和 daemon",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"monitor.proc.proc",
"monitor.proc.type",
"monitor.proc.state"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"exists\":{\"field\":\"monitor.proc.proc\"},\"meta\":{\"alias\":null,\"disabled\":false,\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"key\":\"monitor.proc.proc\",\"negate\":false,\"type\":\"exists\",\"value\":\"exists\"}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"key\":\"monitor.proc.state_code\",\"negate\":true,\"params\":{\"query\":0,\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"0\"},\"query\":{\"match\":{\"monitor.proc.state_code\":{\"query\":0,\"type\":\"phrase\"}}}}]}"
}
}
},
{
"_id": "93d4c0a0-adcf-11e9-82d1-df99ba321bd2",
"_type": "search",
"_source": {
"title": "操作系统异常登陆",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"login.rhost",
"login.method",
"login.user",
"login.result"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"language\":\"lucene\",\"query\":\"\"},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"key\":\"source\",\"negate\":false,\"params\":{\"query\":\"/var/log/secure\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"/var/log/secure\"},\"query\":{\"match\":{\"source\":{\"query\":\"/var/log/secure\",\"type\":\"phrase\"}}}},{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"type\":\"phrases\",\"key\":\"login.rhost\",\"value\":\"172.17.102.100, 162.105.88.41\",\"params\":[\"172.17.102.100\",\"162.105.88.41\"],\"negate\":true,\"disabled\":false,\"alias\":null},\"query\":{\"bool\":{\"should\":[{\"match_phrase\":{\"login.rhost\":\"172.17.102.100\"}},{\"match_phrase\":{\"login.rhost\":\"162.105.88.41\"}}],\"minimum_should_match\":1}},\"$state\":{\"store\":\"appState\"}}]}"
}
}
}
]

23
kibana/search/shell.json Normal file
View File

@@ -0,0 +1,23 @@
[
{
"_id": "1712ed30-14a0-11e9-85e4-c396c5d0cddf",
"_type": "search",
"_source": {
"title": "代理 Tunnel 日志",
"description": "",
"hits": 0,
"columns": [
"beat.hostname",
"shell.log.content"
],
"sort": [
"@timestamp",
"desc"
],
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"highlightAll\":true,\"version\":true,\"query\":{\"query\":\"source: \\\\/qyjs\\\\/logs\\\\/tunnel\\\\/*.log\",\"language\":\"lucene\"},\"filter\":[{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"type\":\"phrases\",\"key\":\"beat.hostname\",\"value\":\"spider101, spider107\",\"params\":[\"spider101\",\"spider107\"],\"negate\":false,\"disabled\":false,\"alias\":null},\"query\":{\"bool\":{\"should\":[{\"match_phrase\":{\"beat.hostname\":\"spider101\"}},{\"match_phrase\":{\"beat.hostname\":\"spider107\"}}],\"minimum_should_match\":1}},\"$state\":{\"store\":\"appState\"}}]}"
}
}
}
]

30
kibana/visualization/kafka.json Normal file
View File

@@ -0,0 +1,30 @@
[
{
"_id": "d5f67f80-8437-11e9-9656-5f1225242944",
"_type": "visualization",
"_source": {
"title": "Kafka 概览",
"visState": "{\"title\":\"Kafka 概览\",\"type\":\"area\",\"params\":{\"type\":\"area\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100,\"filter\":true},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\",\"defaultYExtents\":true,\"setYExtents\":false},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"offset\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"生产者位移\",\"id\":\"1\"},\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"valueAxis\":\"ValueAxis-1\"},{\"show\":true,\"mode\":\"normal\",\"type\":\"area\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"linear\",\"data\":{\"id\":\"2\",\"label\":\"消费者位移\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.kafka.end_offset\",\"customLabel\":\"生产者位移\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.kafka.current_offset\",\"customLabel\":\"消费者位移\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"monitor.kafka.partition\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"asc\",\"orderBy\":\"_term\",\"customLabel\":\"分区\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"monitor.kafka.consumer_group\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"asc\",\"orderBy\":\"1\",\"customLabel\":\"消费组\",\"row\":true}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":true,\"alias\":null,\"type\":\"phrase\",\"key\":\"monitor.kafka.topic\",\"value\":\"wangmei_raw\",\"params\":{\"query\":\"wangmei_raw\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"monitor.kafka.topic\":{\"query\":\"wangmei_raw\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "8a6fd9f0-8435-11e9-9656-5f1225242944",
"_type": "visualization",
"_source": {
"title": "Kafka 消费者滞后情况",
"visState": "{\"title\":\"Kafka 消费者滞后情况\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-2\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"offset\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"offset\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"lineWidth\":4,\"interpolate\":\"linear\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.kafka.lag\",\"customLabel\":\"offset\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"monitor.kafka.partition\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"asc\",\"orderBy\":\"_term\",\"customLabel\":\"分区\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"monitor.kafka.consumer_group\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"asc\",\"orderBy\":\"_term\",\"customLabel\":\"消费组\",\"row\":true}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":true,\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"key\":\"monitor.kafka.consumer_group\",\"negate\":false,\"params\":{\"query\":\"yuqing_v1.12\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"yuqing_v1.12\"},\"query\":{\"match\":{\"monitor.kafka.consumer_group\":{\"query\":\"yuqing_v1.12\",\"type\":\"phrase\"}}}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":true,\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"key\":\"monitor.kafka.topic\",\"negate\":false,\"params\":{\"query\":\"wangmei_raw\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"wangmei_raw\"},\"query\":{\"match\":{\"monitor.kafka.topic\":{\"query\":\"wangmei_raw\",\"type\":\"phrase\"}}}}],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
}
]

16
kibana/visualization/menu.json Normal file
View File

@@ -0,0 +1,16 @@
[
{
"_id": "17980860-8351-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "导航",
"visState": "{\"title\":\"导航\",\"type\":\"markdown\",\"params\":{\"fontSize\":10,\"markdown\":\"[访问统计](#/dashboard/9beb0d70-0ca9-11e9-98f8-c53bf18cb006)\\n\\n[异常汇总](#/dashboard/59d930f0-834c-11e9-ad88-85624cce68b5)\\n\\n[概览](#/dashboard/2a121b70-808b-11e9-ad88-85624cce68b5)\\n\\n[详情](#/dashboard/5dd7aac0-7e96-11e9-ad88-85624cce68b5)\\n\\n[端口连接](#/dashboard/e9a89150-7dd7-11e9-ad88-85624cce68b5)\\n\\n[Kafka](#/dashboard/3a948e00-8438-11e9-9656-5f1225242944)\"},\"aggs\":[]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{}"
}
}
}
]

47
kibana/visualization/nginx-geoip.json Normal file
View File

@@ -0,0 +1,47 @@
[
{
"_id": "87286d00-68df-11e9-82d1-df99ba321bd2",
"_type": "visualization",
"_source": {
"title": "企业军师访问分布",
"visState": "{\"title\":\"企业军师访问分布\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatClusterSize\":1.5,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true},\"baseLayersAreLoaded\":{\"_c\":[],\"_s\":1,\"_d\":true,\"_v\":true,\"_h\":0,\"_n\":false},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4&license=1e6f68d4-d175-4939-b59b-f610a5777315\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>&#169; <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://openmaptiles.org/\\\">OpenMapTiles</a> | <a href=\\\"https://www.maptiler.com/\\\">MapTiler</a> | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p>&#10;\",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4&license=1e6f68d4-d175-4939-b59b-f610a5777315\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>&#169; <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://openmaptiles.org/\\\">OpenMapTiles</a> | <a href=\\\"https://www.maptiler.com/\\\">MapTiler</a> | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p>&#10;\",\"subdomains\":[]}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"nginx.access.geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"precision\":2}}]}",
"uiStateJSON": "{}",
"description": "",
"savedSearchId": "476794a0-09d7-11e9-b283-47528513fd78",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "4138be30-acfa-11e9-82d1-df99ba321bd2",
"_type": "visualization",
"_source": {
"title": "與情访问分布",
"visState": "{\"title\":\"與情访问分布\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Scaled Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatClusterSize\":1.5,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true},\"baseLayersAreLoaded\":{\"_c\":[],\"_s\":1,\"_d\":true,\"_v\":true,\"_h\":0,\"_n\":false},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4&license=1e6f68d4-d175-4939-b59b-f610a5777315\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>&#169; <a href=\\\"https://www.openstreetmap.org/copyright\\\">OpenStreetMap contributors</a>|<a href=\\\"https://openmaptiles.org\\\">OpenMapTiles</a>|<a href=\\\"https://www.maptiler.com\\\">MapTiler</a>|<a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p>&#10;\",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4&license=1e6f68d4-d175-4939-b59b-f610a5777315\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>&#169; <a href=\\\"https://www.openstreetmap.org/copyright\\\">OpenStreetMap contributors</a>|<a href=\\\"https://openmaptiles.org\\\">OpenMapTiles</a>|<a href=\\\"https://www.maptiler.com\\\">MapTiler</a>|<a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p>&#10;\",\"subdomains\":[]}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"nginx.access.geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"precision\":2}}]}",
"uiStateJSON": "{}",
"description": "",
"savedSearchId": "3e9b9ec0-acf2-11e9-82d1-df99ba321bd2",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "b9a0ce30-68df-11e9-82d1-df99ba321bd2",
"_type": "visualization",
"_source": {
"title": "非法访问",
"visState": "{\"title\":\"非法访问\",\"type\":\"tile_map\",\"params\":{\"mapType\":\"Shaded Circle Markers\",\"isDesaturated\":true,\"addTooltip\":true,\"heatClusterSize\":1.5,\"legendPosition\":\"bottomright\",\"mapZoom\":2,\"mapCenter\":[0,0],\"wms\":{\"enabled\":false,\"options\":{\"format\":\"image/png\",\"transparent\":true},\"baseLayersAreLoaded\":{\"_c\":[],\"_s\":1,\"_d\":true,\"_v\":true,\"_h\":0,\"_n\":false},\"tmsLayers\":[{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4&license=1e6f68d4-d175-4939-b59b-f610a5777315\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>&#169; <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://openmaptiles.org/\\\">OpenMapTiles</a> | <a href=\\\"https://www.maptiler.com/\\\">MapTiler</a> | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p>&#10;\",\"subdomains\":[]}],\"selectedTmsLayer\":{\"id\":\"road_map\",\"url\":\"https://tiles.maps.elastic.co/v2/default/{z}/{x}/{y}.png?elastic_tile_service_tos=agree&my_app_name=kibana&my_app_version=6.2.4&license=1e6f68d4-d175-4939-b59b-f610a5777315\",\"minZoom\":0,\"maxZoom\":18,\"attribution\":\"<p>&#169; <a href=\\\"http://www.openstreetmap.org/copyright\\\">OpenStreetMap</a> contributors | <a href=\\\"https://openmaptiles.org/\\\">OpenMapTiles</a> | <a href=\\\"https://www.maptiler.com/\\\">MapTiler</a> | <a href=\\\"https://www.elastic.co/elastic-maps-service\\\">Elastic Maps Service</a></p>&#10;\",\"subdomains\":[]}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"geohash_grid\",\"schema\":\"segment\",\"params\":{\"field\":\"nginx.access.geoip.location\",\"autoPrecision\":true,\"isFilteredByCollar\":true,\"useGeocentroid\":true,\"precision\":2}}]}",
"uiStateJSON": "{}",
"description": "",
"savedSearchId": "efd03910-0fec-11e9-8819-7f8b8589cf6c",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
}
]

86
kibana/visualization/nginx.json Normal file
View File

@@ -0,0 +1,86 @@
[
{
"_id": "d1906110-0ca8-11e9-98f8-c53bf18cb006",
"_type": "visualization",
"_source": {
"title": "nginx 访问量",
"visState": "{\"title\":\"nginx 访问量\",\"type\":\"area\",\"params\":{\"addLegend\":true,\"addTimeMarker\":true,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"filter\":false,\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"legendPosition\":\"right\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"访问量\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"cardinal\",\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"area\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"访问量\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{\"customLabel\":\"访问量\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"source\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"key\":\"beat.hostname\",\"negate\":false,\"params\":{\"query\":\"nginx\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"nginx\"},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"nginx\",\"type\":\"phrase\"}}}},{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"type\":\"phrases\",\"key\":\"source\",\"value\":\"/var/log/nginx/www.goldeneye.cn/access.log, /var/log/nginx/qyjs360.com/access.log, /var/log/nginx/access-kibana.log, /var/log/nginx/access-schedule.log\",\"params\":[\"/var/log/nginx/www.goldeneye.cn/access.log\",\"/var/log/nginx/qyjs360.com/access.log\",\"/var/log/nginx/access-kibana.log\",\"/var/log/nginx/access-schedule.log\"],\"negate\":false,\"disabled\":false,\"alias\":null},\"query\":{\"bool\":{\"should\":[{\"match_phrase\":{\"source\":\"/var/log/nginx/www.goldeneye.cn/access.log\"}},{\"match_phrase\":{\"source\":\"/var/log/nginx/qyjs360.com/access.log\"}},{\"match_phrase\":{\"source\":\"/var/log/nginx/access-kibana.log\"}},{\"match_phrase\":{\"source\":\"/var/log/nginx/access-schedule.log\"}}],\"minimum_should_match\":1}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
},
{
"_id": "d998eae0-0ca7-11e9-98f8-c53bf18cb006",
"_type": "visualization",
"_source": {
"title": "企业军师客户端 IP",
"visState": "{\"title\":\"企业军师客户端 IP\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"labels\":{\"show\":true,\"values\":true,\"last_level\":false,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"nginx.access.remote_ip\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"nginx\",\"params\":{\"query\":\"nginx\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"nginx\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"source\",\"value\":\"/var/log/nginx/qyjs360.com/access.log\",\"params\":{\"query\":\"/var/log/nginx/qyjs360.com/access.log\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"source\":{\"query\":\"/var/log/nginx/qyjs360.com/access.log\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "62d35850-1940-11e9-85e4-c396c5d0cddf",
"_type": "visualization",
"_source": {
"title": "企业军师客户端 OS",
"visState": "{\"title\":\"企业军师客户端 OS\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":false,\"labels\":{\"last_level\":false,\"show\":true,\"truncate\":100,\"values\":true},\"legendPosition\":\"right\",\"type\":\"pie\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"nginx.access.os\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"key\":\"beat.hostname\",\"negate\":false,\"params\":{\"query\":\"nginx\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"nginx\"},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"nginx\",\"type\":\"phrase\"}}}},{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"source\",\"value\":\"/var/log/nginx/qyjs360.com/access.log\",\"params\":{\"query\":\"/var/log/nginx/qyjs360.com/access.log\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"source\":{\"query\":\"/var/log/nginx/qyjs360.com/access.log\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
},
{
"_id": "67b569c0-acf8-11e9-82d1-df99ba321bd2",
"_type": "visualization",
"_source": {
"title": "與情客户端 IP",
"visState": "{\"title\":\"與情客户端 IP\",\"type\":\"pie\",\"params\":{\"type\":\"pie\",\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"isDonut\":false,\"labels\":{\"show\":true,\"values\":true,\"last_level\":false,\"truncate\":100}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"nginx.access.remote_ip\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"nginx\",\"params\":{\"query\":\"nginx\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"nginx\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"source\",\"value\":\"/var/log/nginx/www.goldeneye.cn/access.log\",\"params\":{\"query\":\"/var/log/nginx/www.goldeneye.cn/access.log\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"source\":{\"query\":\"/var/log/nginx/www.goldeneye.cn/access.log\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "bd07e970-acf8-11e9-82d1-df99ba321bd2",
"_type": "visualization",
"_source": {
"title": "與情客户端 OS",
"visState": "{\"title\":\"與情客户端 OS\",\"type\":\"pie\",\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":false,\"labels\":{\"last_level\":false,\"show\":true,\"truncate\":100,\"values\":true},\"legendPosition\":\"right\",\"type\":\"pie\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"nginx.access.os\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"key\":\"beat.hostname\",\"negate\":false,\"params\":{\"query\":\"nginx\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"nginx\"},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"nginx\",\"type\":\"phrase\"}}}},{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"negate\":false,\"disabled\":false,\"alias\":null,\"type\":\"phrase\",\"key\":\"source\",\"value\":\"/var/log/nginx/www.goldeneye.cn/access.log\",\"params\":{\"query\":\"/var/log/nginx/www.goldeneye.cn/access.log\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"source\":{\"query\":\"/var/log/nginx/www.goldeneye.cn/access.log\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
},
{
"_id": "fc53d820-1106-11e9-8819-7f8b8589cf6c",
"_type": "visualization",
"_source": {
"title": "非法访问排名",
"visState": "{\"title\":\"非法访问排名\",\"type\":\"table\",\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":true,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"count\",\"schema\":\"metric\",\"params\":{}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"bucket\",\"params\":{\"field\":\"nginx.access.remote_ip\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":50,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"源地址\"}}]}",
"uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"key\":\"beat.hostname\",\"negate\":false,\"params\":{\"query\":\"nginx\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"nginx\"},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"nginx\",\"type\":\"phrase\"}}}},{\"meta\":{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"type\":\"phrases\",\"key\":\"source\",\"value\":\"/var/log/nginx/qyjs360.com/access-illegal.log, /var/log/nginx/www.goldeneye.cn/access-illegal.log\",\"params\":[\"/var/log/nginx/qyjs360.com/access-illegal.log\",\"/var/log/nginx/www.goldeneye.cn/access-illegal.log\"],\"negate\":false,\"disabled\":false,\"alias\":null},\"query\":{\"bool\":{\"should\":[{\"match_phrase\":{\"source\":\"/var/log/nginx/qyjs360.com/access-illegal.log\"}},{\"match_phrase\":{\"source\":\"/var/log/nginx/www.goldeneye.cn/access-illegal.log\"}}],\"minimum_should_match\":1}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
}
]

310
kibana/visualization/os.json Normal file
View File

@@ -0,0 +1,310 @@
[
{
"_id": "04b89ff0-7d68-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "端口连接量",
"visState": "{\"title\":\"端口连接量\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"legendPosition\":\"top\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"连接数量\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"连接数量\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.conn.count\",\"customLabel\":\"连接数量\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{},\"customLabel\":\"时间\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"beat.hostname\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"服务器\",\"row\":true}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"monitor.conn.port\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":true,\"alias\":null,\"type\":\"phrase\",\"key\":\"monitor.conn.port\",\"value\":\"8084\",\"params\":{\"query\":\"8084\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"monitor.conn.port\":{\"query\":\"8084\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
},
{
"_id": "b8fc7020-7e91-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "CPU 空闲%",
"visState": "{\"title\":\"CPU 空闲%\",\"type\":\"gauge\",\"params\":{\"type\":\"gauge\",\"addTooltip\":true,\"addLegend\":true,\"isDisplayWarning\":false,\"gauge\":{\"verticalSplit\":false,\"extendRange\":true,\"percentageMode\":true,\"gaugeType\":\"Arc\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"Labels\",\"colorsRange\":[{\"from\":0,\"to\":20},{\"from\":20,\"to\":40},{\"from\":40,\"to\":100}],\"invertColors\":true,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":true,\"labels\":false,\"color\":\"#333\"},\"type\":\"meter\",\"style\":{\"bgWidth\":0.9,\"width\":0.9,\"mask\":false,\"bgMask\":false,\"maskBars\":50,\"bgFill\":\"#eee\",\"bgColor\":false,\"subText\":\"\",\"fontSize\":60,\"labelColor\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"min\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.cpu.idle\",\"customLabel\":\"最小空闲\"}}]}",
"uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 20\":\"rgb(165,0,38)\",\"20 - 40\":\"rgb(255,255,190)\",\"40 - 100\":\"rgb(0,104,55)\"}}}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":true,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"spider-master\",\"params\":{\"query\":\"spider-master\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"spider-master\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "ff9344f0-7e91-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "MEM 已用%",
"visState": "{\"title\":\"MEM 已用%\",\"type\":\"gauge\",\"params\":{\"type\":\"gauge\",\"addTooltip\":true,\"addLegend\":true,\"isDisplayWarning\":false,\"gauge\":{\"verticalSplit\":false,\"extendRange\":true,\"percentageMode\":true,\"gaugeType\":\"Arc\",\"gaugeStyle\":\"Full\",\"backStyle\":\"Full\",\"orientation\":\"vertical\",\"colorSchema\":\"Green to Red\",\"gaugeColorMode\":\"Labels\",\"colorsRange\":[{\"from\":0,\"to\":60},{\"from\":60,\"to\":80},{\"from\":80,\"to\":100}],\"invertColors\":false,\"labels\":{\"show\":false,\"color\":\"black\"},\"scale\":{\"show\":true,\"labels\":false,\"color\":\"#333\"},\"type\":\"meter\",\"style\":{\"bgWidth\":0.9,\"width\":0.9,\"mask\":false,\"bgMask\":false,\"maskBars\":50,\"bgFill\":\"#eee\",\"bgColor\":false,\"subText\":\"\",\"fontSize\":60,\"labelColor\":true}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.mem.used\",\"customLabel\":\"最大已用\"}}]}",
"uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 60\":\"rgb(0,104,55)\",\"60 - 80\":\"rgb(255,255,190)\",\"80 - 100\":\"rgb(165,0,38)\"}}}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":true,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"spider-master\",\"params\":{\"query\":\"spider-master\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"spider-master\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "71ae7a10-7f72-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "磁盘读写",
"visState": "{\"title\":\"磁盘读写\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":null},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":90,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"BottomAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\",\"defaultYExtents\":false,\"setYExtents\":false},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"sec/s\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"最大读\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true},{\"show\":true,\"mode\":\"normal\",\"type\":\"histogram\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"data\":{\"id\":\"3\",\"label\":\"最大写\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"orderBucketsBySum\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.io.rd\",\"customLabel\":\"最大读\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"monitor.io.dev\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"asc\",\"orderBy\":\"_term\",\"customLabel\":\"磁盘\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.io.wr\",\"customLabel\":\"最大写\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":true,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"redis110\",\"params\":{\"query\":\"redis110\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"redis110\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "174ad510-7f67-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "网卡流量趋势",
"visState": "{\"title\":\"网卡流量趋势\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"legendPosition\":\"right\",\"radiusRatio\":77,\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"入口平均流量\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"},{\"data\":{\"id\":\"3\",\"label\":\"出口平均流量\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4,\"mode\":\"normal\",\"show\":true,\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":90,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"KB/s\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.net.rx\",\"customLabel\":\"入口平均流量\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.net.tx\",\"customLabel\":\"出口平均流量\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"monitor.net.dev\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"网卡\",\"row\":false}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":true,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"mysql111\",\"params\":{\"query\":\"mysql111\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"mysql111\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
},
{
"_id": "88d34100-7e8f-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "磁盘使用趋势",
"visState": "{\"title\":\"磁盘使用趋势\",\"type\":\"line\",\"params\":{\"type\":\"line\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":90,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"%\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"normal\",\"data\":{\"label\":\"%\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"radiusRatio\":77},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.disk.used\",\"customLabel\":\"%\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"monitor.disk.partition\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"分区\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":true,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"spider-master\",\"params\":{\"query\":\"spider-master\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"spider-master\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "c9413d00-8047-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "网卡流量",
"visState": "{\"title\":\"网卡流量\",\"type\":\"metric\",\"params\":{\"addLegend\":false,\"addTooltip\":true,\"metric\":{\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"invertColors\":false,\"labels\":{\"show\":true},\"metricColorMode\":\"None\",\"percentageMode\":false,\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":30,\"labelColor\":false,\"subText\":\"\"},\"useRanges\":false},\"type\":\"metric\"},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.net.rx\",\"customLabel\":\"入口最大流量 KB/s\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"min\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.net.tx\",\"customLabel\":\"出口最大流量KB/s\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"monitor.net.dev\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":9,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"网卡\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
},
{
"_id": "09975710-8046-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "磁盘 IO 流量",
"visState": "{\"title\":\"磁盘 IO 流量\",\"type\":\"metric\",\"params\":{\"addTooltip\":true,\"addLegend\":false,\"type\":\"metric\",\"metric\":{\"percentageMode\":false,\"useRanges\":false,\"colorSchema\":\"Green to Red\",\"metricColorMode\":\"None\",\"colorsRange\":[{\"from\":0,\"to\":10000}],\"labels\":{\"show\":true},\"invertColors\":false,\"style\":{\"bgFill\":\"#000\",\"bgColor\":false,\"labelColor\":false,\"subText\":\"\",\"fontSize\":30}}},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.io.wr\",\"customLabel\":\"写入最大流量 KB/s\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"min\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.io.rd\",\"customLabel\":\"读出最大流量 KB/s\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"monitor.io.dev\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":9,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"磁盘\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
},
{
"_id": "6ea347d0-7f70-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "磁盘读写趋势",
"visState": "{\"title\":\"磁盘读写趋势\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"legendPosition\":\"right\",\"radiusRatio\":77,\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"平均读\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"},{\"show\":true,\"mode\":\"normal\",\"type\":\"area\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4,\"data\":{\"id\":\"4\",\"label\":\"平均写\"},\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"KB/s\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.io.rd\",\"customLabel\":\"平均读\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"4\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.io.wr\",\"customLabel\":\"平均写\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"monitor.io.dev\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"磁盘\",\"row\":false}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":true,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"mysql111\",\"params\":{\"query\":\"mysql111\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"mysql111\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
},
{
"_id": "923f7d20-8089-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "网卡入口最大流量统计",
"visState": "{\"title\":\"网卡入口最大流量统计\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":90,\"filter\":true,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\",\"defaultYExtents\":false,\"setYExtents\":false},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"KB/s\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"KB/s\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.net.rx\",\"customLabel\":\"KB/s\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"monitor.net.dev\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"asc\",\"orderBy\":\"_term\",\"customLabel\":\"网卡\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"beat.hostname\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"asc\",\"orderBy\":\"_term\",\"customLabel\":\"服务器\",\"row\":false}}]}",
"uiStateJSON": "{\"vis\":{\"legendOpen\":false}}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "99d6f5a0-8088-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "网卡出口最大流量统计",
"visState": "{\"title\":\"网卡出口最大流量统计\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"top\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":90,\"filter\":true,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\",\"defaultYExtents\":false,\"setYExtents\":false},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"KB/s\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"KB/s\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"min\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.net.tx\",\"customLabel\":\"KB/s\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"monitor.net.dev\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"asc\",\"orderBy\":\"_term\",\"customLabel\":\"网卡\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"beat.hostname\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"asc\",\"orderBy\":\"_term\",\"customLabel\":\"服务器\",\"row\":false}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "7c7f4af0-808a-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "磁盘最大写 IO 统计",
"visState": "{\"title\":\"磁盘最大写 IO 统计\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":90,\"filter\":true,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\",\"defaultYExtents\":false,\"setYExtents\":false},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"KB/s\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"KB/s\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.io.wr\",\"customLabel\":\"KB/s\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"monitor.io.dev\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"asc\",\"orderBy\":\"_term\",\"customLabel\":\"磁盘\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"beat.hostname\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"asc\",\"orderBy\":\"_term\",\"customLabel\":\"服务器\",\"row\":false}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "4385b8b0-808a-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "磁盘最大读 IO 统计",
"visState": "{\"title\":\"磁盘最大读 IO 统计\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"top\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":90,\"filter\":true,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\",\"defaultYExtents\":false,\"setYExtents\":false},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"KB/s\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"KB/s\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"min\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.io.rd\",\"customLabel\":\"KB/s\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"monitor.io.dev\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"asc\",\"orderBy\":\"_term\",\"customLabel\":\"磁盘\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"beat.hostname\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"asc\",\"orderBy\":\"_term\",\"customLabel\":\"服务器\",\"row\":false}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "f84666d0-7e8e-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "MEM 趋势",
"visState": "{\"title\":\"MEM 趋势\",\"type\":\"line\",\"params\":{\"type\":\"line\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":90,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"%\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"stacked\",\"data\":{\"label\":\"已用\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4},{\"show\":true,\"mode\":\"stacked\",\"type\":\"area\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4,\"data\":{\"id\":\"3\",\"label\":\"缓冲\"},\"valueAxis\":\"ValueAxis-1\"},{\"show\":true,\"mode\":\"stacked\",\"type\":\"area\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4,\"data\":{\"id\":\"4\",\"label\":\"缓存\"},\"valueAxis\":\"ValueAxis-1\"},{\"show\":true,\"mode\":\"stacked\",\"type\":\"area\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4,\"data\":{\"id\":\"5\",\"label\":\"空闲\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"radiusRatio\":77},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.mem.used\",\"customLabel\":\"已用\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.mem.buffers\",\"customLabel\":\"缓冲\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.mem.cache\",\"customLabel\":\"缓存\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.mem.free\",\"customLabel\":\"空闲\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":true,\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"key\":\"beat.hostname\",\"negate\":false,\"params\":{\"query\":\"spider-master\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"spider-master\"},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"spider-master\",\"type\":\"phrase\"}}}}],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
},
{
"_id": "8f73d660-7e8e-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "CPU 趋势",
"visState": "{\"title\":\"CPU 趋势\",\"type\":\"line\",\"params\":{\"type\":\"line\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"truncate\":100},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":90,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"%\"}}],\"seriesParams\":[{\"show\":\"true\",\"type\":\"area\",\"mode\":\"stacked\",\"data\":{\"label\":\"用户态\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4},{\"show\":true,\"mode\":\"stacked\",\"type\":\"area\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4,\"data\":{\"id\":\"3\",\"label\":\"内核态\"},\"valueAxis\":\"ValueAxis-1\"},{\"show\":true,\"mode\":\"stacked\",\"type\":\"area\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4,\"data\":{\"id\":\"4\",\"label\":\"空闲\"},\"valueAxis\":\"ValueAxis-1\"},{\"show\":true,\"mode\":\"stacked\",\"type\":\"area\",\"drawLinesBetweenPoints\":true,\"showCircles\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4,\"data\":{\"id\":\"5\",\"label\":\"等待\"},\"valueAxis\":\"ValueAxis-1\"}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"radiusRatio\":77},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.cpu.user\",\"customLabel\":\"用户态\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.cpu.system\",\"customLabel\":\"内核态\"}},{\"id\":\"4\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.cpu.idle\",\"customLabel\":\"空闲\"}},{\"id\":\"5\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.cpu.wait\",\"customLabel\":\"等待\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":true,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"spider-master\",\"params\":{\"query\":\"spider-master\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"spider-master\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "d83e5860-7f70-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "磁盘消耗 CPU 趋势",
"visState": "{\"title\":\"磁盘消耗 CPU 趋势\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"legendPosition\":\"right\",\"radiusRatio\":77,\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"%\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":90,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"%\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.io.util\",\"customLabel\":\"%\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"monitor.io.dev\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"磁盘\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":true,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"mysql111\",\"params\":{\"query\":\"mysql111\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"mysql111\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
},
{
"_id": "a76d3e90-7f70-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "磁盘阻塞趋势",
"visState": "{\"title\":\"磁盘阻塞趋势\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"legendPosition\":\"right\",\"radiusRatio\":77,\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"us\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":90,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"us\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.io.wait\",\"customLabel\":\"us\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"monitor.io.dev\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"磁盘\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":true,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"mysql111\",\"params\":{\"query\":\"mysql111\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"mysql111\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
},
{
"_id": "11d2fb90-7e94-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "磁盘空间%",
"visState": "{\"title\":\"磁盘空间%\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":90,\"filter\":false,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\"},\"labels\":{\"show\":true,\"rotate\":75,\"filter\":false,\"truncate\":100},\"title\":{\"text\":\"最大已用\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"最大已用\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false,\"orderBucketsBySum\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.disk.used\",\"customLabel\":\"最大已用\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"segment\",\"params\":{\"field\":\"monitor.disk.partition\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"分区\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":true,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"spider-master\",\"params\":{\"query\":\"spider-master\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"spider-master\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "84681490-8085-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "MEM 最大使用统计",
"visState": "{\"title\":\"MEM 最大使用统计\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\",\"defaultYExtents\":true,\"setYExtents\":true,\"max\":100,\"min\":0},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"%\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"%\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.mem.used\",\"customLabel\":\"%\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"beat.hostname\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"asc\",\"orderBy\":\"1\",\"customLabel\":\"服务器\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
},
{
"_id": "ad133180-8086-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "硬盘最大使用统计",
"visState": "{\"title\":\"硬盘最大使用统计\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-2\",\"type\":\"value\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\",\"defaultYExtents\":true,\"setYExtents\":true,\"max\":100,\"min\":0},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"%\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"%\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"max\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.disk.used\",\"customLabel\":\"%\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"monitor.disk.partition\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"asc\",\"orderBy\":\"_term\",\"customLabel\":\"分区\"}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"split\",\"params\":{\"field\":\"beat.hostname\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"_term\",\"customLabel\":\"服务器\",\"row\":false}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
},
{
"_id": "0ed18e70-7f70-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "磁盘 TPS 趋势",
"visState": "{\"title\":\"磁盘 TPS 趋势\",\"type\":\"line\",\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{},\"type\":\"category\"}],\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"legendPosition\":\"right\",\"radiusRatio\":77,\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"次数\"},\"drawLinesBetweenPoints\":true,\"interpolate\":\"cardinal\",\"lineWidth\":4,\"mode\":\"normal\",\"show\":\"true\",\"showCircles\":true,\"type\":\"area\",\"valueAxis\":\"ValueAxis-1\"}],\"times\":[],\"type\":\"line\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":90,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"次数\"},\"type\":\"value\"}]},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"avg\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.io.tps\",\"customLabel\":\"次数\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"date_histogram\",\"schema\":\"segment\",\"params\":{\"field\":\"@timestamp\",\"interval\":\"auto\",\"customInterval\":\"2h\",\"min_doc_count\":1,\"extended_bounds\":{}}},{\"id\":\"3\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"monitor.io.dev\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":10,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"磁盘\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[{\"meta\":{\"index\":\"c9e95990-7ac5-11e9-ad88-85624cce68b5\",\"negate\":false,\"disabled\":true,\"alias\":null,\"type\":\"phrase\",\"key\":\"beat.hostname\",\"value\":\"mysql111\",\"params\":{\"query\":\"mysql111\",\"type\":\"phrase\"}},\"query\":{\"match\":{\"beat.hostname\":{\"query\":\"mysql111\",\"type\":\"phrase\"}}},\"$state\":{\"store\":\"appState\"}}],\"query\":{\"language\":\"lucene\",\"query\":\"\"}}"
}
}
},
{
"_id": "2b5e0b20-8085-11e9-ad88-85624cce68b5",
"_type": "visualization",
"_source": {
"title": "CPU 最小空闲统计",
"visState": "{\"title\":\"CPU 最小空闲统计\",\"type\":\"horizontal_bar\",\"params\":{\"type\":\"histogram\",\"grid\":{\"categoryLines\":true,\"style\":{\"color\":\"#eee\"},\"valueAxis\":\"ValueAxis-1\"},\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"type\":\"category\",\"position\":\"left\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\"},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":200},\"title\":{}}],\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"name\":\"LeftAxis-1\",\"type\":\"value\",\"position\":\"bottom\",\"show\":true,\"style\":{},\"scale\":{\"type\":\"linear\",\"mode\":\"normal\",\"defaultYExtents\":true,\"setYExtents\":true,\"max\":100,\"min\":0},\"labels\":{\"show\":true,\"rotate\":0,\"filter\":true,\"truncate\":100},\"title\":{\"text\":\"%\"}}],\"seriesParams\":[{\"show\":true,\"type\":\"histogram\",\"mode\":\"normal\",\"data\":{\"label\":\"%\",\"id\":\"1\"},\"valueAxis\":\"ValueAxis-1\",\"drawLinesBetweenPoints\":true,\"showCircles\":true}],\"addTooltip\":true,\"addLegend\":true,\"legendPosition\":\"right\",\"times\":[],\"addTimeMarker\":false},\"aggs\":[{\"id\":\"1\",\"enabled\":true,\"type\":\"min\",\"schema\":\"metric\",\"params\":{\"field\":\"monitor.cpu.idle\",\"customLabel\":\"%\"}},{\"id\":\"2\",\"enabled\":true,\"type\":\"terms\",\"schema\":\"group\",\"params\":{\"field\":\"beat.hostname\",\"otherBucket\":false,\"otherBucketLabel\":\"其它\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"size\":20,\"order\":\"desc\",\"orderBy\":\"1\",\"customLabel\":\"服务器\"}}]}",
"uiStateJSON": "{}",
"description": "",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"bb85dde0-09d4-11e9-b283-47528513fd78\",\"filter\":[],\"query\":{\"query\":\"\",\"language\":\"lucene\"}}"
}
}
}
]

48
pipelines/java.json Normal file
View File

@@ -0,0 +1,48 @@
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/java -d '
{
"description" : "java",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"^%{JAVA_TIME:java.log.time}-\\[%{DATA:java.process}\\]-%{WORD:java.log.level}\\[%{DATA:java.thead}\\]%{WORD:java.class}\\.%{WORD:java.function}\\((?:%{NUMBER:java.line_num}|\\?)\\) \\| %{CONTENT:java.log.content}"
],
"pattern_definitions" : {
"JAVA_TIME" : "^20[0-9][0-9]-[0-9][0-9]-[0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]",
"CONTENT" : "(.*\n?)*"
},
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "@timestamp",
"target_field" : "read_timestamp"
}
},
{
"date" : {
"formats" : [
"YYYY-MM-dd H:m:s"
],
"timezone" : "Asia/Shanghai",
"field" : "java.log.time",
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"remove" : {
"field" : "java.log.time",
"ignore_failure" : true
}
},
{
"remove" : {
"field" : "message"
}
}
]
}'

52
pipelines/monitor-conn.json Normal file
View File

@@ -0,0 +1,52 @@
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/monitor-conn -d '
{
"description": "monitor-conn",
"processors": [
{
"grok": {
"field": "message",
"patterns": [
"^%{MONITOR_TIME:monitor.time} %{HOSTNAME:monitor.conn.server} %{NUMBER:monitor.conn.port} %{NUMBER:monitor.conn.count}"
],
"pattern_definitions" : {
"MONITOR_TIME" : "^20[0-9][0-9]-[0-9][0-9]-[0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]"
},
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "@timestamp",
"target_field" : "read_timestamp"
}
},
{
"date" : {
"formats" : [
"YYYY-MM-dd H:m:s"
],
"timezone" : "Asia/Shanghai",
"field" : "monitor.time",
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"convert": {
"field": "monitor.conn.count",
"type": "integer"
}
},
{
"remove": {
"field": "monitor.time"
}
},
{
"remove": {
"field": "message"
}
}
]
}'

70
pipelines/monitor-cpu.json Normal file
View File

@@ -0,0 +1,70 @@
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/monitor-cpu -d '
{
"description": "monitor-cpu",
"processors": [
{
"grok": {
"field": "message",
"patterns": [
"^%{MONITOR_TIME:monitor.time} %{NUMBER:monitor.cpu.user} %{NUMBER:monitor.cpu.system} %{NUMBER:monitor.cpu.wait} %{NUMBER:monitor.cpu.idle}"
],
"pattern_definitions" : {
"MONITOR_TIME" : "^20[0-9][0-9]-[0-9][0-9]-[0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]"
},
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "@timestamp",
"target_field" : "read_timestamp"
}
},
{
"date" : {
"formats" : [
"YYYY-MM-dd H:m:s"
],
"timezone" : "Asia/Shanghai",
"field" : "monitor.time",
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"convert": {
"field": "monitor.cpu.user",
"type": "float"
}
},
{
"convert": {
"field": "monitor.cpu.system",
"type": "float"
}
},
{
"convert": {
"field": "monitor.cpu.wait",
"type": "float"
}
},
{
"convert": {
"field": "monitor.cpu.idle",
"type": "float"
}
},
{
"remove": {
"field": "monitor.time"
}
},
{
"remove": {
"field": "message"
}
}
]
}'

52
pipelines/monitor-disk.json Normal file
View File

@@ -0,0 +1,52 @@
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/monitor-disk -d '
{
"description": "monitor-disk",
"processors": [
{
"grok": {
"field": "message",
"patterns": [
"^%{MONITOR_TIME:monitor.time} %{DATA:monitor.disk.partition} %{NUMBER:monitor.disk.used}"
],
"pattern_definitions" : {
"MONITOR_TIME" : "^20[0-9][0-9]-[0-9][0-9]-[0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]"
},
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "@timestamp",
"target_field" : "read_timestamp"
}
},
{
"date" : {
"formats" : [
"YYYY-MM-dd H:m:s"
],
"timezone" : "Asia/Shanghai",
"field" : "monitor.time",
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"convert": {
"field": "monitor.disk.used",
"type": "float"
}
},
{
"remove": {
"field": "monitor.time"
}
},
{
"remove": {
"field": "message"
}
}
]
}'

76
pipelines/monitor-io.json Normal file
View File

@@ -0,0 +1,76 @@
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/monitor-io -d '
{
"description": "monitor-io",
"processors": [
{
"grok": {
"field": "message",
"patterns": [
"^%{MONITOR_TIME:monitor.time} %{DATA:monitor.io.dev} %{NUMBER:monitor.io.tps} %{NUMBER:monitor.io.rd} %{NUMBER:monitor.io.wr} %{NUMBER:monitor.io.wait} %{NUMBER:monitor.io.util}"
],
"pattern_definitions" : {
"MONITOR_TIME" : "^20[0-9][0-9]-[0-9][0-9]-[0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]"
},
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "@timestamp",
"target_field" : "read_timestamp"
}
},
{
"date" : {
"formats" : [
"YYYY-MM-dd H:m:s"
],
"timezone" : "Asia/Shanghai",
"field" : "monitor.time",
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"convert": {
"field": "monitor.io.tps",
"type": "float"
}
},
{
"convert": {
"field": "monitor.io.rd",
"type": "float"
}
},
{
"convert": {
"field": "monitor.io.wr",
"type": "float"
}
},
{
"convert": {
"field": "monitor.io.wait",
"type": "float"
}
},
{
"convert": {
"field": "monitor.io.util",
"type": "float"
}
},
{
"remove": {
"field": "monitor.time"
}
},
{
"remove": {
"field": "message"
}
}
]
}'

70
pipelines/monitor-kafka.json Normal file
View File

@@ -0,0 +1,70 @@
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/monitor-kafka?pretty -d '
{
"description": "monitor-kafka",
"processors": [
{
"grok": {
"field": "message",
"patterns": [
"^%{MONITOR_TIME:monitor.time} %{DATA:monitor.kafka.topic} %{NUMBER:monitor.kafka.partition} %{NUMBER:monitor.kafka.current_offset} %{NUMBER:monitor.kafka.end_offset} %{NUMBER:monitor.kafka.lag} %{HOSTNAME:monitor.kafka.client_host} %{DATA:monitor.kafka.consumer_group}$"
],
"pattern_definitions" : {
"MONITOR_TIME" : "^20[0-9][0-9]-[0-9][0-9]-[0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]"
},
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "@timestamp",
"target_field" : "read_timestamp"
}
},
{
"date" : {
"formats" : [
"YYYY-MM-dd H:m:s"
],
"timezone" : "Asia/Shanghai",
"field" : "monitor.time",
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"convert": {
"field": "monitor.kafka.partition",
"type": "integer"
}
},
{
"convert": {
"field": "monitor.kafka.current_offset",
"type": "integer"
}
},
{
"convert": {
"field": "monitor.kafka.end_offset",
"type": "integer"
}
},
{
"convert": {
"field": "monitor.kafka.lag",
"type": "integer"
}
},
{
"remove": {
"field": "monitor.time"
}
},
{
"remove": {
"field": "message"
}
}
]
}'

70
pipelines/monitor-mem.json Normal file
View File

@@ -0,0 +1,70 @@
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/monitor-mem -d '
{
"description": "monitor-mem",
"processors": [
{
"grok": {
"field": "message",
"patterns": [
"^%{MONITOR_TIME:monitor.time} %{NUMBER:monitor.mem.used} %{NUMBER:monitor.mem.free} %{NUMBER:monitor.mem.buffers} %{NUMBER:monitor.mem.cache}"
],
"pattern_definitions" : {
"MONITOR_TIME" : "^20[0-9][0-9]-[0-9][0-9]-[0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]"
},
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "@timestamp",
"target_field" : "read_timestamp"
}
},
{
"date" : {
"formats" : [
"YYYY-MM-dd H:m:s"
],
"timezone" : "Asia/Shanghai",
"field" : "monitor.time",
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"convert": {
"field": "monitor.mem.used",
"type": "float"
}
},
{
"convert": {
"field": "monitor.mem.free",
"type": "float"
}
},
{
"convert": {
"field": "monitor.mem.buffers",
"type": "float"
}
},
{
"convert": {
"field": "monitor.mem.cache",
"type": "float"
}
},
{
"remove": {
"field": "monitor.time"
}
},
{
"remove": {
"field": "message"
}
}
]
}'

58
pipelines/monitor-net.json Normal file
View File

@@ -0,0 +1,58 @@
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/monitor-net -d '
{
"description": "monitor-net",
"processors": [
{
"grok": {
"field": "message",
"patterns": [
"^%{MONITOR_TIME:monitor.time} %{DATA:monitor.net.dev} %{NUMBER:monitor.net.rx} %{NUMBER:monitor.net.tx}"
],
"pattern_definitions" : {
"MONITOR_TIME" : "^20[0-9][0-9]-[0-9][0-9]-[0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]"
},
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "@timestamp",
"target_field" : "read_timestamp"
}
},
{
"date" : {
"formats" : [
"YYYY-MM-dd H:m:s"
],
"timezone" : "Asia/Shanghai",
"field" : "monitor.time",
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"convert": {
"field": "monitor.net.rx",
"type": "float"
}
},
{
"convert": {
"field": "monitor.net.tx",
"type": "float"
}
},
{
"remove": {
"field": "monitor.time"
}
},
{
"remove": {
"field": "message"
}
}
]
}'

52
pipelines/monitor-ping.json Normal file
View File

@@ -0,0 +1,52 @@
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/monitor-ping -d '
{
"description": "monitor-ping",
"processors": [
{
"grok": {
"field": "message",
"patterns": [
"^%{MONITOR_TIME:monitor.time} %{HOSTNAME:monitor.ping.server} %{DATA:monitor.ping.state} %{NUMBER:monitor.ping.state_code}"
],
"pattern_definitions" : {
"MONITOR_TIME" : "^20[0-9][0-9]-[0-9][0-9]-[0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]"
},
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "@timestamp",
"target_field" : "read_timestamp"
}
},
{
"date" : {
"formats" : [
"YYYY-MM-dd H:m:s"
],
"timezone" : "Asia/Shanghai",
"field" : "monitor.time",
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"convert": {
"field": "monitor.ping.state_code",
"type": "integer"
}
},
{
"remove": {
"field": "monitor.time"
}
},
{
"remove": {
"field": "message"
}
}
]
}'

52
pipelines/monitor-proc.json Normal file
View File

@@ -0,0 +1,52 @@
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/monitor-proc -d '
{
"description": "monitor-proc",
"processors": [
{
"grok": {
"field": "message",
"patterns": [
"^%{MONITOR_TIME:monitor.time} %{DATA:monitor.proc.type}#%{DATA:monitor.proc.proc}#%{DATA:monitor.proc.state}#%{NUMBER:monitor.proc.state_code}"
],
"pattern_definitions" : {
"MONITOR_TIME" : "^20[0-9][0-9]-[0-9][0-9]-[0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]"
},
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "@timestamp",
"target_field" : "read_timestamp"
}
},
{
"date" : {
"formats" : [
"YYYY-MM-dd H:m:s"
],
"timezone" : "Asia/Shanghai",
"field" : "monitor.time",
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"convert": {
"field": "monitor.proc.state_code",
"type": "integer"
}
},
{
"remove": {
"field": "monitor.time"
}
},
{
"remove": {
"field": "message"
}
}
]
}'

38
pipelines/mysql-slow.json Normal file
View File

@@ -0,0 +1,38 @@
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/mysql-slow -d '
{
"description" : "mysql-slow",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"^# Time: %{DATA:mysql.slowlog.exec_time}\n# User@Host: (?:%{USER:mysql.slowlog.user}|)\\[(?:%{USER:mysql.slowlog.user}|)\\] @ (?:%{HOSTNAME:mysql.slowlog.ip}|) \\[(?:%{HOSTNAME:mysql.slowlog.ip}|)\\][^#]*# Query_time: %{NUMBER:mysql.slowlog.query_time.sec} Lock_time: %{NUMBER:mysql.slowlog.lock_time.sec} Rows_sent: %{NUMBER:mysql.slowlog.rows_sent} Rows_examined: %{NUMBER:mysql.slowlog.rows_examined}\n%{SQLS:mysql.slowlog.query}"
],
"pattern_definitions" : {
"SQLS" : "(.*\n?)*"
},
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "@timestamp",
"target_field" : "read_timestamp"
}
},
{
"rename" : {
"field" : "mysql.slowlog.exec_time",
"target_field" : "@timestamp",
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"remove" : {
"field" : "message"
}
}
]
}'

81
pipelines/nginx-access-with-geoip.json Normal file
View File

@@ -0,0 +1,81 @@
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/nginx-access -d '
{
"description" : "nginx-access",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"^%{DATA:nginx.access.remote_ip} - \\[%{HTTPDATE:nginx.access.time}\\] \"%{WORD:nginx.access.method} %{DATA:nginx.access.url}\" \"%{DATA:nginx.access.args}\" \"%{DATA:nginx.access.request_body}\" %{NUMBER:nginx.access.response_code} %{NUMBER:nginx.access.body_sent.bytes} \"%{DATA:nginx.access.referrer}\" \"%{DATA:nginx.access.agent}\" \"%{DATA:nginx.access.x_forward_for}\""
],
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"geoip" : {
"field" : "nginx.access.remote_ip",
"target_field" : "nginx.access.geoip",
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "@timestamp",
"target_field" : "read_timestamp"
}
},
{
"date" : {
"formats" : [
"dd/MMM/YYYY:H:m:s Z"
],
"timezone" : "Asia/Shanghai",
"field" : "nginx.access.time",
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"grok" : {
"field" : "nginx.access.agent",
"patterns" : [
"%{ANDROID:nginx.access.os}",
"%{LINUX:nginx.access.os}",
"%{IOS:nginx.access.os}",
"%{MACOSX:nginx.access.os}",
"%{WINDOWS:nginx.access.os}",
"%{DARWIN:nginx.access.os}",
"%{SOGOU:nginx.access.os}",
"%{BINGBOT:nginx.access.os}",
"%{OFFICE:nginx.access.os}"
],
"pattern_definitions" : {
"ANDROID" : "Android *[0-9]*",
"LINUX" : "Linux (x86_64|i386|i686)",
"IOS" : "OS [0-9]+",
"MACOSX" : "Mac OS X [0-9]+",
"WINDOWS" : "Windows NT [0-9.]+",
"DARWIN" : "Darwin",
"SOGOU" : "Sogou web spider",
"BINGBOT" : "bingbot",
"OFFICE" : "Microsoft Office [^ ]*"
},
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"remove" : {
"field" : "nginx.access.time",
"ignore_failure" : true
}
},
{
"remove" : {
"field" : "message"
}
}
]
}'

73
pipelines/nginx-access.json Normal file
View File

@@ -0,0 +1,73 @@
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/nginx-access -d '
{
"description" : "nginx-access",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"^%{DATA:nginx.access.remote_ip} - \\[%{HTTPDATE:nginx.access.time}\\] \"%{WORD:nginx.access.method} %{DATA:nginx.access.url}\" \"%{DATA:nginx.access.args}\" \"%{DATA:nginx.access.request_body}\" %{NUMBER:nginx.access.response_code} %{NUMBER:nginx.access.body_sent.bytes} \"%{DATA:nginx.access.referrer}\" \"%{DATA:nginx.access.agent}\" \"%{DATA:nginx.access.x_forward_for}\""
],
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "@timestamp",
"target_field" : "read_timestamp"
}
},
{
"date" : {
"formats" : [
"dd/MMM/YYYY:H:m:s Z"
],
"timezone" : "Asia/Shanghai",
"field" : "nginx.access.time",
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"grok" : {
"field" : "nginx.access.agent",
"patterns" : [
"%{ANDROID:nginx.access.os}",
"%{LINUX:nginx.access.os}",
"%{IOS:nginx.access.os}",
"%{MACOSX:nginx.access.os}",
"%{WINDOWS:nginx.access.os}",
"%{DARWIN:nginx.access.os}",
"%{SOGOU:nginx.access.os}",
"%{BINGBOT:nginx.access.os}",
"%{OFFICE:nginx.access.os}"
],
"pattern_definitions" : {
"ANDROID" : "Android *[0-9]*",
"LINUX" : "Linux (x86_64|i386|i686)",
"IOS" : "OS [0-9]+",
"MACOSX" : "Mac OS X [0-9]+",
"WINDOWS" : "Windows NT [0-9.]+",
"DARWIN" : "Darwin",
"SOGOU" : "Sogou web spider",
"BINGBOT" : "bingbot",
"OFFICE" : "Microsoft Office [^ ]*"
},
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"remove" : {
"field" : "nginx.access.time",
"ignore_failure" : true
}
},
{
"remove" : {
"field" : "message"
}
}
]
}'

51
pipelines/secure-login.json Normal file
View File

@@ -0,0 +1,51 @@
curl -H "Content-Type: application/json" -X PUT http://127.0.0.1:9200/_ingest/pipeline/secure-login -d '
{
"description" : "secure-login",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"^%{LOGIN_TIME:login.time} [^ ]+ %{WORD:login.method}.*: %{RESULT:login.result} %{WORD:login.user} from %{HOSTNAME:login.rhost}",
"^%{LOGIN_TIME:login.time} [^ ]+ %{WORD:login.method}.*: %{RESULT:login.result} for %{WORD:login.user} from %{HOSTNAME:login.rhost}",
"^%{LOGIN_TIME:login.time} [^ ]+ %{WORD:login.method}.*: %{RESULT:login.result}; .*ruser=(?:%{WORD:login.ruser}|) rhost=(?:%{HOSTNAME:login.rhost}|) user=%{WORD:login.user}"
],
"pattern_definitions" : {
"LOGIN_TIME" : "[^ ]+ ?[^ ]+ [^ ]+",
"RESULT" : "Invalid user|Accepted publickey|Accepted password|authentication failure"
},
"ignore_missing" : true,
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "@timestamp",
"target_field" : "read_timestamp"
}
},
{
"date" : {
"formats" : [
"MMM d HH:mm:ss",
"MMM dd HH:mm:ss"
],
"timezone" : "Asia/Shanghai",
"field" : "login.time",
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"remove" : {
"field" : "login.time",
"ignore_failure" : true
}
},
{
"remove" : {
"field" : "message"
}
}
]
}'

13
prospectors.d/java.yml Normal file
View File

@@ -0,0 +1,13 @@
#------------------------------ Java Log -------------------------------
- type: log
enabled: true
paths:
- /xxxx/logs/*/*.log
multiline.pattern: "^20[0-9][0-9]-[0-9][0-9]-[0-9][0-9]"
multiline.negate: true
multiline.match: after
multiline.max_lines: 400
multiline.timeout: 4s
tail_files: false
pipeline: java

8
prospectors.d/monitor-conn.yml Normal file
View File

@@ -0,0 +1,8 @@
#---------------------------- Monitor Port -----------------------------
- type: log
enabled: true
paths:
- /var/log/monitor/conn-*.log
tail_files: false
pipeline: monitor-conn

8
prospectors.d/monitor-cpu.yml Normal file
View File

@@ -0,0 +1,8 @@
#---------------------------- Monitor CPU -----------------------------
- type: log
enabled: true
paths:
- /var/log/monitor/cpu-*.log
tail_files: false
pipeline: monitor-cpu

8
prospectors.d/monitor-disk.yml Normal file
View File

@@ -0,0 +1,8 @@
#---------------------------- Monitor Disk -----------------------------
- type: log
enabled: true
paths:
- /var/log/monitor/disk-*.log
tail_files: false
pipeline: monitor-disk

8
prospectors.d/monitor-io.yml Normal file
View File

@@ -0,0 +1,8 @@
#---------------------------- Monitor IO -----------------------------
- type: log
enabled: true
paths:
- /var/log/monitor/io-*.log
tail_files: false
pipeline: monitor-io

8
prospectors.d/monitor-kafka.yml Normal file
View File

@@ -0,0 +1,8 @@
#---------------------------- Monitor Kafka -----------------------------
- type: log
enabled: true
paths:
- /var/log/monitor/kafka-*.log
tail_files: false
pipeline: monitor-kafka

8
prospectors.d/monitor-mem.yml Normal file
View File

@@ -0,0 +1,8 @@
#---------------------------- Monitor MEM -----------------------------
- type: log
enabled: true
paths:
- /var/log/monitor/mem-*.log
tail_files: false
pipeline: monitor-mem

8
prospectors.d/monitor-net.yml Normal file
View File

@@ -0,0 +1,8 @@
#---------------------------- Monitor NET -----------------------------
- type: log
enabled: true
paths:
- /var/log/monitor/net-*.log
tail_files: false
pipeline: monitor-net

8
prospectors.d/monitor-ping.yml Normal file
View File

@@ -0,0 +1,8 @@
#---------------------------- Monitor Ping -----------------------------
- type: log
enabled: true
paths:
- /var/log/monitor/ping-*.log
tail_files: false
pipeline: monitor-ping

8
prospectors.d/monitor-proc.yml Normal file
View File

@@ -0,0 +1,8 @@
#---------------------------- Monitor Proc -----------------------------
- type: log
enabled: true
paths:
- /var/log/monitor/proc-*.log
tail_files: false
pipeline: monitor-proc

24
prospectors.d/mysql.yml Normal file
View File

@@ -0,0 +1,24 @@
#------------------------------- MySQL Log -------------------------------
- type: log
enabled: true
paths:
- /var/log/mysqld/slow.log
multiline.pattern: "^# Time|^/usr/sbin/mysqld"
multiline.negate: true
multiline.match: after
multiline.max_lines: 400
multiline.timeout: 4s
tail_files: false
pipeline: mysql-slow
- type: log
enabled: true
paths:
- /var/log/mysqld/error.log
include_lines: "[[Error]]"
multiline.pattern: "^20[0-9][0-9]-[0-9][0-9]-[0-9][0-9]T"
multiline.negate: true
multiline.match: after
multiline.max_lines: 400
multiline.timeout: 4s
tail_files: false

16
prospectors.d/nginx.yml Normal file
View File

@@ -0,0 +1,16 @@
#------------------------------- Nginx Log -------------------------------
- type: log
enabled: true
paths:
- /var/log/nginx/access.log
- /var/log/nginx/access-illegal.log
exclude_lines: ["favicon.ico"]
tail_files: false
pipeline: nginx-access
- type: log
enabled: true
paths:
- /var/log/nginx/error.log
exclude_lines: ["favicon.ico"]
tail_files: false

9
prospectors.d/secure.yml Normal file
View File

@@ -0,0 +1,9 @@
#------------------------------ Secure Log -------------------------------
- type: log
enabled: true
paths:
- /var/log/secure
include_lines: [": Invalid user ", ": Accepted password ", ": Accepted publickey ", ": authentication failure;"]
tail_files: false
pipeline: secure-login

11
scripts/Monitor.service Normal file
View File

@@ -0,0 +1,11 @@
[Unit]
Description=Monitor
[Service]
ExecStart=/opt/scripts/Monitor.sh
TimeoutStopSec=8
Restart=on-failure
[Install]
WantedBy=multi-user.target

25
scripts/Monitor.sh Executable file
View File

@@ -0,0 +1,25 @@
#!/bin/bash
INTERVAL=2
function Init {
local self_count=$(pgrep -cx "$(basename $0)")
[ 0 -eq $? ] || exit 1
[ 1 -eq $self_count ] || exit 1
type sar > /dev/null || exit 1
}
function Main {
cd $(dirname $0) || exit 1
while sleep $INTERVAL; do
for proc in $(find . -type f -name "mon_*" \
-executable); do
$proc &
done
done
}
# start
Init
Main

1
scripts/conn.list Normal file
View File

@@ -0,0 +1 @@
localhost:5000

51
scripts/mon_conn Executable file
View File

@@ -0,0 +1,51 @@
#!/bin/bash
export LANG=en_US.UTF-8
ADDR_FILE="$(dirname $0)/conn.list"
LOG_PATH="/var/log/monitor"
LOG_NAME="conn"
INTERVAL=60
function Init {
local self_count=$(pgrep -cx "$(basename $0)")
[ 0 -eq $? ] || exit 1
[ 1 -eq $self_count ] || exit 1
mkdir -p $LOG_PATH || exit 1
}
function Log {
local msg="$1"
local log_time="$(date +'%F %T')"
local log_file="$LOG_PATH/$LOG_NAME-${log_time% *}.log"
echo "$log_time $msg" >> $log_file
cd $LOG_PATH && ls ${LOG_NAME}-* 2>/dev/null \
| head -n -7 | xargs rm -f
}
function CountAddrConn {
local addr=$1
local server="${addr%:*}"
local port="${addr#*:}"
local count=0
if [ 'localhost' = "$server" ]; then
count=$(ss -anpt | awk '{print $4}' \
| grep -c ":$port$")
else
count=$(ss -anpt | awk '{print $5}' \
| grep -c "$addr$")
fi
echo "$server $port $count"
}
function Main {
local addr=
sleep $INTERVAL
for addr in $(cat $ADDR_FILE); do
Log "$(CountAddrConn $addr)"
done
}
# start
Init
Main

38
scripts/mon_cpu Executable file
View File

@@ -0,0 +1,38 @@
#!/bin/bash
export LANG=en_US.UTF-8
LOG_PATH="/var/log/monitor"
LOG_NAME="cpu"
INTERVAL=60
function Init {
local self_count=$(pgrep -cx "$(basename $0)")
[ 0 -eq $? ] || exit 1
[ 1 -eq $self_count ] || exit 1
type sar > /dev/null || exit 1
mkdir -p $LOG_PATH || exit 1
}
function Log {
local msg="$1"
local log_time="$(date +'%F %T')"
local log_file="$LOG_PATH/$LOG_NAME-${log_time% *}.log"
echo "$log_time $msg" >> $log_file
cd $LOG_PATH && ls ${LOG_NAME}-* 2>/dev/null \
| head -n -7 | xargs rm -f
}
function GetCPULoad {
top -b -n 1 | sed -n '3p' | sed 's/^.*://' | tr , ' ' \
| awk '{print $1,$3,$9,$7}'
}
function Main {
sleep $INTERVAL
Log "$(GetCPULoad)"
}
# start
Init
Main

39
scripts/mon_disk Executable file
View File

@@ -0,0 +1,39 @@
#!/bin/bash
export LANG=en_US.UTF-8
LOG_PATH="/var/log/monitor"
LOG_NAME="disk"
INTERVAL=300
function Init {
local self_count=$(pgrep -cx "$(basename $0)")
[ 0 -eq $? ] || exit 1
[ 1 -eq $self_count ] || exit 1
mkdir -p $LOG_PATH || exit 1
}
function Log {
local msg="$1"
local log_time="$(date +'%F %T')"
local log_file="$LOG_PATH/$LOG_NAME-${log_time% *}.log"
echo "$log_time $msg" >> $log_file
cd $LOG_PATH && ls ${LOG_NAME}-* 2>/dev/null \
| head -n -7 | xargs rm -f
}
function GetDiskInfo {
df | grep '^/dev/' \
| awk '{print $1,substr($5,0,length($5)-1)}'
}
function Main {
sleep $INTERVAL
GetDiskInfo|while read line; do
Log "$line"
done
}
# start
Init
Main

42
scripts/mon_io Executable file
View File

@@ -0,0 +1,42 @@
#!/bin/bash
export LANG=en_US.UTF-8
LOG_PATH="/var/log/monitor"
LOG_NAME="io"
SAR_INTERVAL=20
SAR_COUNT=6
function Init {
local self_count=$(pgrep -cx "$(basename $0)")
[ 0 -eq $? ] || exit 1
[ 1 -eq $self_count ] || exit 1
type sar > /dev/null || exit 1
mkdir -p $LOG_PATH || exit 1
}
function Log {
local msg="$1"
local log_time="$(date +'%F %T')"
local log_file="$LOG_PATH/$LOG_NAME-${log_time% *}.log"
echo "$log_time $msg" >> $log_file
cd $LOG_PATH && ls ${LOG_NAME}-* 2>/dev/null \
| head -n -7 | xargs rm -f
}
function GetIOInfo {
sar -dp $SAR_INTERVAL $SAR_COUNT | grep '^Average' \
| tail -n +2 \
| awk '{print $2,$3,-$4/2,$5/2,$8,$10}'
}
function Main {
local line=
GetIOInfo | while read line; do
Log "$line"
done
}
# start
Init
Main

51
scripts/mon_kafka Executable file
View File

@@ -0,0 +1,51 @@
#!/bin/bash
export LANG=en_US.UTF-8
export JAVA_HOME=/opt/jre
export PATH=$JAVA_HOME/bin:$PATH
LOG_PATH="/var/log/monitor"
LOG_NAME="kafka"
INTERVAL=60
KAFKA_ROOT="/opt/kafka"
KAFKA_SERVERS="10.0.4.104:9092,10.0.4.105:9092,10.0.4.106:9092"
function Init {
local self_count=$(pgrep -cx "$(basename $0)")
[ 0 -eq $? ] || exit 1
[ 1 -eq $self_count ] || exit 1
mkdir -p $LOG_PATH || exit 1
}
function Log {
local msg="$1"
local log_time="$(date +'%F %T')"
local log_file="$LOG_PATH/$LOG_NAME-${log_time% *}.log"
echo "$log_time $msg" >> $log_file
cd $LOG_PATH && ls ${LOG_NAME}-* 2>/dev/null \
| head -n -7 | xargs rm -f
}
function GetKafkaInfo {
local consumer_group=
cd $KAFKA_ROOT/bin || return 1
for consumer_group in $(./kafka-consumer-groups.sh \
--bootstrap-server $KAFKA_SERVERS --list); do
./kafka-consumer-groups.sh \
--bootstrap-server $KAFKA_SERVERS \
--group $consumer_group --describe \
| tail -n +3 | awk '$7 !~ /^-$/{print $1,$2,
$3,$4,$5,substr($7,2),"'$consumer_group'"}'
done
}
function Main {
sleep $INTERVAL
GetKafkaInfo|while read line; do
Log "$line"
done
}
# start
Init
Main

38
scripts/mon_mem Executable file
View File

@@ -0,0 +1,38 @@
#!/bin/bash
export LANG=en_US.UTF-8
LOG_PATH="/var/log/monitor"
LOG_NAME="mem"
INTERVAL=60
function Init {
local self_count=$(pgrep -cx "$(basename $0)")
[ 0 -eq $? ] || exit 1
[ 1 -eq $self_count ] || exit 1
mkdir -p $LOG_PATH || exit 1
}
function Log {
local msg="$1"
local log_time="$(date +'%F %T')"
local log_file="$LOG_PATH/$LOG_NAME-${log_time% *}.log"
echo "$log_time $msg" >> $log_file
cd $LOG_PATH && ls ${LOG_NAME}-* 2>/dev/null \
| head -n -7 | xargs rm -f
}
function GetMEMInfo {
free -w | grep '^Mem' \
| awk '{printf "%.2f %.2f %.2f %.2f\n",$3*100/$2,
$4*100/$2,$6*100/$2,$7*100/$2}'
}
function Main {
sleep $INTERVAL
Log "$(GetMEMInfo)"
}
# start
Init
Main

41
scripts/mon_net Executable file
View File

@@ -0,0 +1,41 @@
#!/bin/bash
export LANG=en_US.UTF-8
LOG_PATH="/var/log/monitor"
LOG_NAME="net"
SAR_INTERVAL=50
SAR_COUNT=6
function Init {
local self_count=$(pgrep -cx "$(basename $0)")
[ 0 -eq $? ] || exit 1
[ 1 -eq $self_count ] || exit 1
type sar > /dev/null || exit 1
mkdir -p $LOG_PATH || exit 1
}
function Log {
local msg="$1"
local log_time="$(date +'%F %T')"
local log_file="$LOG_PATH/$LOG_NAME-${log_time% *}.log"
echo "$log_time $msg" >> $log_file
cd $LOG_PATH && ls ${LOG_NAME}-* 2>/dev/null \
| head -n -7 | xargs rm -f
}
function GetNetInfo {
sar -n DEV $SAR_INTERVAL $SAR_COUNT | grep '^Average' \
| tail -n +2 | awk '{print $2,$5,-$6}'
}
function Main {
local line=
GetNetInfo | while read line; do
Log "$line"
done
}
# start
Init
Main

42
scripts/mon_ping Executable file
View File

@@ -0,0 +1,42 @@
#!/bin/bash
export LANG=en_US.UTF-8
PING_FILE="$(dirname $0)/ping.list"
LOG_PATH="/var/log/monitor"
LOG_NAME="ping"
INTERVAL=120
function Init {
local self_count=$(pgrep -cx "$(basename $0)")
[ 0 -eq $? ] || exit 1
[ 1 -eq $self_count ] || exit 1
type fping > /dev/null || exit 1
mkdir -p $LOG_PATH || exit 1
}
function Log {
local msg="$1"
local log_time="$(date +'%F %T')"
local log_file="$LOG_PATH/$LOG_NAME-${log_time% *}.log"
echo "$log_time $msg" >> $log_file
cd $LOG_PATH && ls ${LOG_NAME}-* 2>/dev/null \
| head -n -7 | xargs rm -f
}
function GetPingInfo {
fping -A -f $PING_FILE \
| awk '{print $1,$3,"alive"==$3?1:0}'
}
function Main {
local line=
sleep $INTERVAL
GetPingInfo|while read line; do
Log "$line"
done
}
# start
Init
Main

55
scripts/mon_proc Executable file
View File

@@ -0,0 +1,55 @@
#!/bin/bash
export LANG=en_US.UTF-8
PROC_FILE="$(dirname $0)/proc.list"
LOG_PATH="/var/log/monitor"
LOG_NAME="proc"
INTERVAL=60
function Init {
local self_count=$(pgrep -cx "$(basename $0)")
[ 0 -eq $? ] || exit 1
[ 1 -eq $self_count ] || exit 1
mkdir -p $LOG_PATH || exit 1
}
function Log {
local msg="$1"
local log_time="$(date +'%F %T')"
local log_file="$LOG_PATH/$LOG_NAME-${log_time% *}.log"
echo "$log_time $msg" >> $log_file
cd $LOG_PATH && ls ${LOG_NAME}-* 2>/dev/null \
| head -n -7 | xargs rm -f
}
function GetProcInfo {
local line="$1"
local class="${line%% *}"
local proc="${line#* }"
local stat_code=1
local stat=
if [ 'service' = "$class" ]; then
stat="$(systemctl status $proc \
| grep -m 1 '^ Active:' \
| awk '{print $2}')"
[ 'active' = "$stat" ] && stat_code=0
[ -z "$stat" ] && stat="unknown"
else
pgrep -f "$proc" &> /dev/null && stat_code=0 \
&& stat='running' || stat='stopped'
fi
echo "$class#$proc#$stat#$stat_code"
}
function Main {
local line=
sleep $INTERVAL
while read line; do
Log "$(GetProcInfo "$line")"
done < $PROC_FILE
}
# start
Init
Main

2
scripts/ping.list Normal file
View File

@@ -0,0 +1,2 @@
192.168.1.1
192.168.1.2

2
scripts/proc.list Normal file
View File

@@ -0,0 +1,2 @@
service EmotionJudger
daemon java .*-jar .*\\<filename.jar