我在kibana中有垃圾收集器事件数据,我需要执行以下操作: 制作一个包含每个垃圾收集事件持续时间的折线图。 这是Json:
{
"_index": "brain_sys-2017.04.24",
"_type": "java_gc_log",
"_id": "AVufE99vjvbJ-WSoGT9K",
"_score": null,
"_source": {
"gc_cpu_time_sys": 0,
"gc_young_usage_before_collection": 42033,
"gc_heap_before_collection": 275694,
"gc_young_usage_after_collection": 928,
"gc_event_time_stamp": "2017-04-24T08:28:43.865+0000",
"source": "/apps/brain/logs/gc.log.0.current",
"type": "java_gc_log",
"event_timestamp": "2017-04-24T08:28:43.865Z",
"elastic_insert_time": "2017-04-24T08:28:51.437Z",
"beat": {
"hostname": "gate06.prod.bos.credorax.com",
"name": "gate06.prod.bos.credorax.com",
"version": "5.1.1"
},
"@version": "1",
"gc_heap_after_collection": 235009,
"gc_duration_in_seconds": 0.00717,
"offset": 52096,
"gc_cpu_time_real": 0.01,
"input_type": "log",
"gc_heap_total": 388608,
"message": "2017-04-24T08:28:43.865+0000: 1884391.587: [GC [PSYoungGen: 42033K->928K(41984K)] 275694K->235009K(388608K), 0.0071700 secs] [Times: user=0.05 sys=0.00, real=0.01 secs] ",
"gc_young": "PSYoungGen",
"tags": [
"filebeat",
"bos"
],
"gc_cpu_time_user": 0.05,
"@timestamp": "2017-04-24T08:28:46.715Z",
"gc_young_total_size_after_collection": 41984,
"gc_relative_to_jvm_time_stamp": 1884391.587,
"gc_type": "GC"
},
"fields": {
"@timestamp": [
1493022526715
],
"elastic_insert_time": [
1493022531437
],
"gc_event_time_stamp": [
1493022523865
],
"event_timestamp": [
1493022523865
]
},
"sort": [
1493022523865
]
}
我需要使用event_timestamp和gc_duration_in_seconds。 我还希望将它拆分为beat.hostname和gc_type(GC或GC Full)
试过这个: .es(index = brain_sys *,' beat.name' =' gate06.prod.fra.credorax.com') 作为一个开始,并没有真正起作用。
我在TimeLion中执行此操作而不是常规可视化的原因是因为需要将其放在另一个图形(TPS)之上。