I'm trying to setup a monitoring console using ELK stack but having a few issues. i would like to display the current free disk space in a pie chart, but I'm not sure how to setup the fields to show it.
In Logstash I'm using WMI plugin to query windows information and store the logs into Elastic Search. My Logstash config looks like this.:
input {
wmi{
query => "Select Name, FreeSpace, Size from Win32_LogicalDisk where DeviceID = 'C:'"
}
}
filter {
mutate {
convert => [ "FreeSpace", "integer" ]
convert => [ "Size", "integer" ]
}
}
output{
elasticsearch{}
}
And in Elastic Search it's stored like this :
{
"_index": "logstash-2015.04.18",
"_type": "logs",
"_id": "u80LfEgoQ7Omzwo3zzrvdA",
"_score": 1,
"_source": {
"@version": "1",
"@timestamp": "2015-04-18T17:15:55.634Z",
"host": "WIN-1N774K4CI8V",
"DeviceID": "C:",
"FreeSpace": 8467791872,
"Name": "C:",
"Size": 21367877632
}
}
I'm not sure what I'm doing wrong i just want to show free space against hd size.
In Kibana i get a pie chart with multiple slices, where i just want 2 (free and Size).
Should i set Logstash config to store one record of diskspace and update that single record (Any help on how to do that in the config), Or should i create a scripted field in Kibana (Not sure how to do that also, any help would be great).
If anyone could point me in the right direction on how to accomplish this, that would be awesome, any help would be appreciated.
Regards
Brad
Aucun commentaire:
Enregistrer un commentaire