-
Notifications
You must be signed in to change notification settings - Fork 301
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: adding network syslog quickstart
- Loading branch information
Showing
5 changed files
with
283 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
id: network-syslog | ||
name: Syslog | ||
title: Network Syslog collection | ||
description: | | ||
Install NPM for syslog collection using a simple Docker container. | ||
target: | ||
type: agent | ||
destination: host | ||
os: | ||
- linux | ||
|
||
install: | ||
mode: link | ||
destination: | ||
url: https://docs.newrelic.com/docs/network-performance-monitoring/setup-performance-monitoring/network-syslog-monitoring/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
# Name of the quickstart (required) | ||
name: network-syslog | ||
|
||
# Displayed in the UI (required) | ||
title: Network Syslog | ||
|
||
# Long-form description of the quickstart (required) | ||
description: | | ||
The Network Syslog quickstart provides a dashboard that gives you a holistic view of collected syslogs from your network. | ||
Use this quickstart together with New Relic's Network Performance Monitoring (NPM) feature to analyze and alert on system messages in your network. | ||
# Displayed in search results and recommendations. Summarizes a quickstarts functionality. | ||
summary: | | ||
Syslog monitoring from NPM gives you valuable insights into potential issues and changes within your network. | ||
# Support level: New Relic | Verified | Community (required) | ||
level: Verified | ||
|
||
# Authors of the quickstart (required) | ||
authors: | ||
- New Relic | ||
- Zack Mutchler | ||
|
||
# Keywords for filtering / searching criteria in the UI | ||
keywords: | ||
- npm | ||
- network | ||
- networking | ||
- logging | ||
- ktranslate | ||
- kentik | ||
- featured | ||
- infrastructure | ||
|
||
documentation: | ||
- name: Network syslog installation docs | ||
url: https://docs.newrelic.com/docs/network-performance-monitoring/setup-performance-monitoring/network-syslog-monitoring/ | ||
description: | | ||
Install NPM for syslog collection using a simple Docker container. | ||
installPlans: | ||
- network-syslog | ||
|
||
# Content / Design | ||
logo: logo.svg |
221 changes: 221 additions & 0 deletions
221
quickstarts/network-syslog/dashboards/network-syslog.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,221 @@ | ||
{ | ||
"name": "Network Syslog Overview", | ||
"description": null, | ||
"pages": [ | ||
{ | ||
"name": "Network Syslog Overview", | ||
"description": null, | ||
"widgets": [ | ||
{ | ||
"visualization": { | ||
"id": "viz.billboard" | ||
}, | ||
"layout": { | ||
"column": 1, | ||
"row": 1, | ||
"height": 1, | ||
"width": 3 | ||
}, | ||
"title": "", | ||
"rawConfiguration": { | ||
"dataFormatters": [], | ||
"nrqlQueries": [ | ||
{ | ||
"accountId": 0, | ||
"query": "FROM Log SELECT rate(count(*), 1 MINUTE) AS 'Messages/min, Compared with Yesterday' WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' COMPARE WITH 24 HOURS AGO" | ||
} | ||
], | ||
"thresholds": [] | ||
}, | ||
"linkedEntityGuids": null | ||
}, | ||
{ | ||
"visualization": { | ||
"id": "viz.area" | ||
}, | ||
"layout": { | ||
"column": 4, | ||
"row": 1, | ||
"height": 4, | ||
"width": 3 | ||
}, | ||
"title": "Top 10 - Messages per Device", | ||
"rawConfiguration": { | ||
"dataFormatters": [], | ||
"facet": { | ||
"showOtherSeries": false | ||
}, | ||
"legend": { | ||
"enabled": true | ||
}, | ||
"nrqlQueries": [ | ||
{ | ||
"accountId": 0, | ||
"query": "FROM Log SELECT rate(count(*), 1 MINUTE) AS 'Messages/min' FACET device_name WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' TIMESERIES LIMIT 10" | ||
} | ||
] | ||
}, | ||
"linkedEntityGuids": null | ||
}, | ||
{ | ||
"visualization": { | ||
"id": "viz.pie" | ||
}, | ||
"layout": { | ||
"column": 7, | ||
"row": 1, | ||
"height": 4, | ||
"width": 3 | ||
}, | ||
"title": "Messages by Severity", | ||
"rawConfiguration": { | ||
"dataFormatters": [], | ||
"facet": { | ||
"showOtherSeries": false | ||
}, | ||
"legend": { | ||
"enabled": true | ||
}, | ||
"nrqlQueries": [ | ||
{ | ||
"accountId": 0, | ||
"query": "FROM Log SELECT count(*) AS 'Syslog' WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' FACET CASES (WHERE severity = 0 AS 'Emergency', WHERE severity = 1 AS 'Alert', WHERE severity = 2 AS 'Critical', WHERE severity = 3 AS 'Error', WHERE severity = 4 AS 'Warning', WHERE severity = 5 AS 'Notice', WHERE severity = 6 AS 'Informational', WHERE severity = 7 AS 'Debug' ) " | ||
} | ||
] | ||
}, | ||
"linkedEntityGuids": null | ||
}, | ||
{ | ||
"visualization": { | ||
"id": "viz.pie" | ||
}, | ||
"layout": { | ||
"column": 10, | ||
"row": 1, | ||
"height": 4, | ||
"width": 3 | ||
}, | ||
"title": "Messages by Facility", | ||
"rawConfiguration": { | ||
"facet": { | ||
"showOtherSeries": false | ||
}, | ||
"nrqlQueries": [ | ||
{ | ||
"accountId": 0, | ||
"query": "FROM Log SELECT count(*) AS 'Syslog' WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' FACET CASES (WHERE facility = 0 AS 'kernel messages', WHERE facility = 1 AS 'user-level messages', WHERE facility = 2 AS 'mail system', WHERE facility = 3 AS 'system daemons', WHERE facility = 4 AS 'security/authorization messages', WHERE facility = 5 AS 'internal syslog', WHERE facility = 6 AS 'line printer subsystem', WHERE facility = 7 AS 'network news subsystem', WHERE facility = 8 AS 'UUCP subsystem', WHERE facility = 9 AS 'clock daemon', WHERE facility = 10 AS 'security/authorization messages', WHERE facility = 11 AS 'FTP daemon', WHERE facility = 12 AS 'NTP subsystem', WHERE facility = 13 AS 'log audit', WHERE facility = 14 AS 'log alert', WHERE facility = 15 AS 'clock daemon', WHERE facility = 16 AS 'local0', WHERE facility = 17 AS 'local1', WHERE facility = 18 AS 'local2', WHERE facility = 19 AS 'local3', WHERE facility = 20 AS 'local4', WHERE facility = 21 AS 'local5', WHERE facility = 22 AS 'local6', WHERE facility = 23 AS 'local7')" | ||
} | ||
] | ||
}, | ||
"linkedEntityGuids": null | ||
}, | ||
{ | ||
"visualization": { | ||
"id": "viz.area" | ||
}, | ||
"layout": { | ||
"column": 1, | ||
"row": 2, | ||
"height": 3, | ||
"width": 3 | ||
}, | ||
"title": "Total Messages/min", | ||
"rawConfiguration": { | ||
"dataFormatters": [], | ||
"legend": { | ||
"enabled": false | ||
}, | ||
"nrqlQueries": [ | ||
{ | ||
"accountId": 0, | ||
"query": "FROM Log SELECT rate(count(*), 1 MINUTE) AS 'Messages/min' WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' TIMESERIES " | ||
} | ||
] | ||
}, | ||
"linkedEntityGuids": null | ||
}, | ||
{ | ||
"visualization": { | ||
"id": "viz.table" | ||
}, | ||
"layout": { | ||
"column": 1, | ||
"row": 5, | ||
"height": 5, | ||
"width": 12 | ||
}, | ||
"title": "Syslog Messages", | ||
"rawConfiguration": { | ||
"dataFormatters": [], | ||
"facet": { | ||
"showOtherSeries": false | ||
}, | ||
"nrqlQueries": [ | ||
{ | ||
"accountId": 0, | ||
"query": "FROM Log SELECT timestamp, device_name, client, message WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' LIMIT MAX" | ||
} | ||
] | ||
}, | ||
"linkedEntityGuids": null | ||
}, | ||
{ | ||
"visualization": { | ||
"id": "viz.table" | ||
}, | ||
"layout": { | ||
"column": 1, | ||
"row": 10, | ||
"height": 4, | ||
"width": 4 | ||
}, | ||
"title": "Top 5 - Message Patterns", | ||
"rawConfiguration": { | ||
"dataFormatters": [], | ||
"facet": { | ||
"showOtherSeries": false | ||
}, | ||
"nrqlQueries": [ | ||
{ | ||
"accountId": 0, | ||
"query": "FROM Log SELECT uniqueCount(messageId) AS 'COUNT' WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' AND newrelic.logPattern != 'nr.DID_NOT_MATCH' FACET newrelic.logPattern AS 'LOG PATTERN' LIMIT 5" | ||
} | ||
] | ||
}, | ||
"linkedEntityGuids": null | ||
}, | ||
{ | ||
"visualization": { | ||
"id": "viz.area" | ||
}, | ||
"layout": { | ||
"column": 5, | ||
"row": 10, | ||
"height": 4, | ||
"width": 8 | ||
}, | ||
"title": "Top 5 - Message Patterns", | ||
"rawConfiguration": { | ||
"dataFormatters": [], | ||
"facet": { | ||
"showOtherSeries": false | ||
}, | ||
"legend": { | ||
"enabled": true | ||
}, | ||
"nrqlQueries": [ | ||
{ | ||
"accountId": 0, | ||
"query": "FROM Log SELECT uniqueCount(messageId) AS 'COUNT' WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' AND newrelic.logPattern != 'nr.DID_NOT_MATCH' FACET newrelic.logPattern AS 'LOG PATTERN' TIMESERIES LIMIT 5" | ||
} | ||
], | ||
"yAxisLeft": { | ||
"zero": true | ||
} | ||
}, | ||
"linkedEntityGuids": null | ||
} | ||
] | ||
} | ||
] | ||
} |
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.