Metrics

George Alpizar
George Alpizar
  • Updated

Overview

You can use this document to learn about the data displayed in the Metrics page.

The Metrics page displays the outputs of configured processors. 

Based on your configurations, a processor generates metrics that are reported to the Edge Delta backend, as well as to the configured triggering destination. These metrics populate the filters and most charts in the Edge Delta App.


Configure Default Settings for Displayed Metrics 

You can use these instructions to update default setting for the the graph that populates the Metrics page. 

Specifically, you can update default settings for:

  • Lookback
  • Tag
  • Source Type
  • Source

Note

When you update default settings in the Metrics page, the updated default settings will also be reflected in the following pages: 

  • Patterns
  • Anomalies
  • Insights
  • Metrics
  • Log Search
  • Pipeline Status
  • Rehydrations
  1. In the Edge Delta App, on the left-side navigation, click Observability, and then click Metrics
  2. In the top, right corner of the screen, click Filters
  3. Based on your desired time settings, click Relative or Custom, and make the desired configurations.
    • To view data for a generic time frame, such as 1 hour, 4 hours, 1 day, etc, click Relative
    • To view data for a specific time frame, such as from February 1, 2022, at 1:15PM to February 7, 2022, at 1:14PM, click Custom.
  4. Select a Tag, and then select a Source Type.
    • A tag is a configuration parameter available in an agent configuration file. Specifically, a tag is used to describe an environment, such as prod_us_west_2_cluster. To learn more about tags, see Agent Settings.
    • A source type is an input parameter type that tells the Edge Delta agent which data streams to monitor and extract logs from.
  5. Click Save As Defaults.

Create a Custom Metric Alert

Note

To better understand alerts for metrics, you can review a sample configuration of a custom metric alert. To learn more, see Review Sample Custom Alert.

  1. In the Edge Delta App, on the left-side navigation, click Observability, and then click Metrics
  2. In the top table, under Metric, select a metric type to monitor. Select_metric_type.png
  3. In the top, right corner of the page, click Filters
  4. Select a Tag, and then select a Source Type.
    • A tag is a configuration parameter available in an agent configuration file. Specifically, a tag is used to describe an environment, such as prod_us_west_2_cluster. To learn more about tags, see Agent Settings.
    • A source type is an input parameter type that tells the Edge Delta agent which data streams to monitor and extract logs from.
  5. Click Apply Filters
  6. Click + Create Alert
  7. Complete the missing fields.
    Field Description
    Name Enter a descriptive name for this metric alert. 
    Type

    This field will be pre-populated and cannot be changed. 

    Filters

    This field will be pre-populated based on your selection in the previous page. 

    In this pop-up window, you cannot change this field. To make a change, you must exit the pop-up window, click Filters, and then select the desired filter types.

    Metric

    This field will be pre-populated based on your selection in the previous page. 

    In this pop-up window, you cannot change this field. To make a change, you must:

    1. Exit the pop-up window.
    2. From the Metrics page, select the desired metric type.
    3. Click + Create Alert
    Aggregation

    Select an aggregate function to tally data. 

    Window

    Select a timeframe to organize data into separate buckets. 

    Group By

    Select a dimension to organize data into separate groups. 

    Lookback

    Enter a timeframe of previous data to monitor. 

    Tresholds

    Configure the Anomaly Score and Value settings that must be met in order to generate an alert. 

    The Anomaly Score is based on the configuration of your processors. 

    Email Recipients

    Enter an email address that will receive the alert. 

    Instead of an email address, you can also select an existing triggering output. 

    Trigger Endpoints

    Select an existing triggering output to receive the alert. 

    Currently, only Slack endpoints are supported.

    To learn how to create a triggering output, see Review Parameters for Trigger Outputs and Integrations.

    Suppression Window

    Select a time period in hours where a notification for a similar alert will not be sent more than once during the specified time period. 

    Timezone

    Select a timezone to be used to define the data in the alert. 

    Enabled

    Mark Yes to enable this alert. 

    Mark No to disable this alert. 

  8. Click Save

Manage Existing Custom Alerts

You can use these instructions to update certain configurations for an existing custom alert, including enabling or disabling the alert. 

Note

For an existing metric, you cannot update the following features:

  • Type
  • Filters
  • Metric
  1. In the Edge Delta App, on the left-side navigation, click Observability, and then click Monitors
  2. Locate the desired custom alert (monitor), then under Actions, click the vertical ellipses, and then click Edit
  3. Make your changes. Review the following table to better understand each configuration option:
    Field Description
    Name Enter a descriptive name for this metric alert. 
    Type

    This field will be pre-populated and cannot be changed. 

    Filters

    This field will be pre-populated based on your selection in the previous page. 

    In this pop-up window, you cannot change this field. To make a change, you must exit the pop-up window, click Filters, and then select the desired filter types.

    Metric

    This field will be pre-populated based on your selection in the previous page. 

    In this pop-up window, you cannot change this field. To make a change, you must:

    1. Exit the pop-up window.
    2. From the Metrics page, select the desired metric type.
    3. Click + Create Alert
    Aggregation

    Select an aggregate function to tally data. 

    Window

    Select a timeframe to organize data into separate buckets. 

    Group By

    Select a dimension to organize data into separate groups. 

    Lookback

    Enter a timeframe of previous data to monitor. 

    Tresholds

    Configure the Anomaly Score and Value settings that must be met in order to generate an alert. 

    The Anomaly Score is based on the configuration of your processors. 

    Email Recipients

    Enter an email address that will receive the alert. 

    Instead of an email address, you can also select an existing triggering output. 

    Trigger Endpoints

    Select an existing triggering output to receive the alert. 

    Currently, only Slack endpoints are supported.

    To learn how to create a triggering output, see Review Parameters for Trigger Outputs and Integrations.

    Suppression Window

    Select a time period in hours where a notification for a similar alert will not be sent more than once during the specified time period. 

    Timezone

    Select a timezone to be used to define the data in the alert. 

    Enabled

    Mark Yes to enable this alert. 

    Mark No to disable this alert. 

  4. Click Save

Review Sample Custom Alert

In the image below, the custom alert will trigger if the sum (aggregation) of api_access.count (metric) over 5 minutes (window) period exceeds 10,000 (value)

This threshold is evaluated every 5 minutes (window) in Edge Delta backend, which aggregates the metrics reported by the agents that correspond to admin-api-backend (filters - tag).  

 

 


Share this document