diff --git a/aws-observability-terraform/app-modules/alb/app.tf b/aws-observability-terraform/app-modules/alb/app.tf index 6cea262d..b9099a41 100644 --- a/aws-observability-terraform/app-modules/alb/app.tf +++ b/aws-observability-terraform/app-modules/alb/app.tf @@ -1,5 +1,5 @@ module "alb_module" { - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q1" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q2" # source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic" # version = "1.0.23" diff --git a/aws-observability-terraform/app-modules/apigateway/app.tf b/aws-observability-terraform/app-modules/apigateway/app.tf index 96e59bae..84b5e2a5 100644 --- a/aws-observability-terraform/app-modules/apigateway/app.tf +++ b/aws-observability-terraform/app-modules/apigateway/app.tf @@ -1,5 +1,5 @@ module "apigateway_module" { - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q1" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q2" # source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic" # version = "1.0.23" diff --git a/aws-observability-terraform/app-modules/dynamodb/app.tf b/aws-observability-terraform/app-modules/dynamodb/app.tf index 7e62641a..025f35d6 100644 --- a/aws-observability-terraform/app-modules/dynamodb/app.tf +++ b/aws-observability-terraform/app-modules/dynamodb/app.tf @@ -1,5 +1,5 @@ module "dynamodb_module" { - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q1" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q2" # source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic" # version = "1.0.23" diff --git a/aws-observability-terraform/app-modules/ec2metrics/app.tf b/aws-observability-terraform/app-modules/ec2metrics/app.tf index d898789b..a902f124 100644 --- a/aws-observability-terraform/app-modules/ec2metrics/app.tf +++ b/aws-observability-terraform/app-modules/ec2metrics/app.tf @@ -1,5 +1,5 @@ module "ec2metrics_module" { - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q1" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q2" # source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic" # version = "1.0.23" diff --git a/aws-observability-terraform/app-modules/ecs/app.tf b/aws-observability-terraform/app-modules/ecs/app.tf index 41824eb7..b8f44676 100644 --- a/aws-observability-terraform/app-modules/ecs/app.tf +++ b/aws-observability-terraform/app-modules/ecs/app.tf @@ -1,5 +1,5 @@ module "ecs_module" { - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q1" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q2" # source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic" # version = "1.0.23" diff --git a/aws-observability-terraform/app-modules/elasticache/app.tf b/aws-observability-terraform/app-modules/elasticache/app.tf index 2e46f60f..4b93250e 100644 --- a/aws-observability-terraform/app-modules/elasticache/app.tf +++ b/aws-observability-terraform/app-modules/elasticache/app.tf @@ -1,5 +1,5 @@ module "elasticache_module" { - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q1" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q2" # source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic" # version = "1.0.23" diff --git a/aws-observability-terraform/app-modules/elb/app.tf b/aws-observability-terraform/app-modules/elb/app.tf index 2230a180..e5f6972b 100644 --- a/aws-observability-terraform/app-modules/elb/app.tf +++ b/aws-observability-terraform/app-modules/elb/app.tf @@ -1,5 +1,5 @@ module "classic_elb_module" { - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q1" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q2" # source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic" # version = "1.0.23" diff --git a/aws-observability-terraform/app-modules/lambda/app.tf b/aws-observability-terraform/app-modules/lambda/app.tf index 2b66fa60..738b45bd 100644 --- a/aws-observability-terraform/app-modules/lambda/app.tf +++ b/aws-observability-terraform/app-modules/lambda/app.tf @@ -1,5 +1,5 @@ module "lambda_module" { - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q1" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q2" # source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic" # version = "1.0.23" diff --git a/aws-observability-terraform/app-modules/nlb/app.tf b/aws-observability-terraform/app-modules/nlb/app.tf index 4597ee13..3bad29a9 100644 --- a/aws-observability-terraform/app-modules/nlb/app.tf +++ b/aws-observability-terraform/app-modules/nlb/app.tf @@ -1,5 +1,5 @@ module "nlb_module" { - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q1" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q2" # source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic" # version = "1.0.23" diff --git a/aws-observability-terraform/app-modules/overview/app.tf b/aws-observability-terraform/app-modules/overview/app.tf index 5b41f76d..05ce0707 100644 --- a/aws-observability-terraform/app-modules/overview/app.tf +++ b/aws-observability-terraform/app-modules/overview/app.tf @@ -1,5 +1,5 @@ module "overview_module" { - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q1" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q2" # source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic" # version = "1.0.23" diff --git a/aws-observability-terraform/app-modules/rds/app.tf b/aws-observability-terraform/app-modules/rds/app.tf index 31406193..6682477e 100644 --- a/aws-observability-terraform/app-modules/rds/app.tf +++ b/aws-observability-terraform/app-modules/rds/app.tf @@ -1,5 +1,5 @@ module "rds_module" { - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q1" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q2" # source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic" # version = "1.0.23" diff --git a/aws-observability-terraform/app-modules/sns/app.tf b/aws-observability-terraform/app-modules/sns/app.tf index b3283367..4015ec0e 100644 --- a/aws-observability-terraform/app-modules/sns/app.tf +++ b/aws-observability-terraform/app-modules/sns/app.tf @@ -1,5 +1,5 @@ module "sns_module" { - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q1" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q2" # source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic" # version = "1.0.23" diff --git a/aws-observability-terraform/app-modules/sqs/app.tf b/aws-observability-terraform/app-modules/sqs/app.tf index ff8c8423..7603adf8 100644 --- a/aws-observability-terraform/app-modules/sqs/app.tf +++ b/aws-observability-terraform/app-modules/sqs/app.tf @@ -1,5 +1,5 @@ module "sqs_module" { - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q1" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy27q2" # source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic" # version = "1.0.23" diff --git a/aws-observability-terraform/providers.tf b/aws-observability-terraform/providers.tf index 413e6d80..dbf442ef 100644 --- a/aws-observability-terraform/providers.tf +++ b/aws-observability-terraform/providers.tf @@ -6,7 +6,7 @@ provider "sumologic" { } provider "aws" { - region = "us-east-1" + region = "me-central-1" # # Below properties should be added when you would like to onboard more than one region and account # More Information regarding AWS Profile can be found at - diff --git a/aws-observability-terraform/source-module/local.tf b/aws-observability-terraform/source-module/local.tf index 5288026d..7084393f 100644 --- a/aws-observability-terraform/source-module/local.tf +++ b/aws-observability-terraform/source-module/local.tf @@ -110,6 +110,9 @@ locals { "cn-northwest-1" = "037604701340" } + # Check if current region is in the old regions list + is_old_region = lookup(local.region_to_elb_account_id, local.aws_region, null) != null + namespace_scan_interval = { "ApplicationELB" = 60000, "ApiGateway" = 300000, diff --git a/aws-observability-terraform/source-module/main.tf b/aws-observability-terraform/source-module/main.tf index 75c5f02a..9cdf3f55 100644 --- a/aws-observability-terraform/source-module/main.tf +++ b/aws-observability-terraform/source-module/main.tf @@ -26,8 +26,9 @@ module "cloudtrail_module" { depends_on = [time_sleep.wait_for_minutes] for_each = toset(local.create_cloudtrail_source ? ["cloudtrail_module"] : []) #source = "SumoLogic/sumo-logic-integrations/sumologic//aws/cloudtrail" - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/cloudtrail?ref=fy27q1" - #version = "1.0.23" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/cloudtrail?ref=fy27q2" + #version = "1.0.24" + create_collector = false @@ -63,14 +64,18 @@ module "cloudtrail_module" { aws_resource_tags = var.aws_resource_tags } -#ALB module +# #ALB module module "elb_module" { depends_on = [time_sleep.wait_for_minutes] for_each = toset(local.create_elb_source ? ["elb_module"] : []) #source = "SumoLogic/sumo-logic-integrations/sumologic//aws/elb" - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/elb?ref=fy27q1" - #version = "1.0.23" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/elb?ref=fy27q2" + #version = "1.0.24" + providers = { + aws = aws + lambda-invoke-extension = lambda-invoke-extension + } create_collector = false sumologic_organization_id = var.sumologic_organization_id @@ -116,9 +121,13 @@ module "classic_lb_module" { depends_on = [time_sleep.wait_for_minutes] for_each = toset(local.create_classic_lb_source ? ["classic_lb_module"] : []) #source = "SumoLogic/sumo-logic-integrations/sumologic//aws/elasticloadbalancing" - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/elasticloadbalancing?ref=fy27q1" - #version = "1.0.23" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/elasticloadbalancing?ref=fy27q2" + #version = "1.0.24" + providers = { + aws = aws + lambda-invoke-extension = lambda-invoke-extension + } create_collector = false sumologic_organization_id = var.sumologic_organization_id @@ -164,8 +173,9 @@ module "cloudwatch_custom_metrics_source_module" { depends_on = [time_sleep.wait_for_minutes] for_each = toset(local.create_cw_metrics_source && length(local.custom_namespace) > 0 ? ["Custom"] : []) #source = "SumoLogic/sumo-logic-integrations/sumologic//aws/cloudwatchmetrics" - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/cloudwatchmetrics?ref=fy27q1" - #version = "1.0.23" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/cloudwatchmetrics?ref=fy27q2" + #version = "1.0.24" + create_collector = false sumologic_organization_id = var.sumologic_organization_id @@ -195,9 +205,8 @@ module "cloudwatch_metrics_source_module" { depends_on = [time_sleep.wait_for_minutes] for_each = local.create_cw_metrics_source && length(local.aws_namespace) > 0 ? toset(local.aws_namespace) : [] # source = "SumoLogic/sumo-logic-integrations/sumologic//aws/cloudwatchmetrics" - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/cloudwatchmetrics?ref=fy27q1" - #version = "1.0.23" - + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/cloudwatchmetrics?ref=fy27q2" + #version = "1.0.24" create_collector = false sumologic_organization_id = var.sumologic_organization_id @@ -227,8 +236,8 @@ module "kinesis_firehose_for_metrics_source_module" { depends_on = [time_sleep.wait_for_minutes] for_each = toset(local.create_kf_metrics_source ? ["kinesis_firehose_for_metrics_source_module"] : []) # source = "SumoLogic/sumo-logic-integrations/sumologic//aws/kinesisfirehoseformetrics" - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/kinesisfirehoseformetrics?ref=fy27q1" - #version = "1.0.23" + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/kinesisfirehoseformetrics?ref=fy27q2" + #version = "1.0.24" create_collector = false sumologic_organization_id = var.sumologic_organization_id @@ -261,9 +270,8 @@ module "cloudwatch_logs_lambda_log_forwarder_module" { depends_on = [time_sleep.wait_for_minutes] for_each = toset(local.create_llf_logs_source ? ["cloudwatch_logs_lambda_log_forwarder_module"] : []) # source = "SumoLogic/sumo-logic-integrations/sumologic//aws/cloudwatchlogsforwarder" - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/cloudwatchlogsforwarder?ref=fy27q1" - #version = "1.0.23" - + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/cloudwatchlogsforwarder?ref=fy27q2" + #version = "1.0.24" create_collector = false @@ -295,9 +303,8 @@ module "kinesis_firehose_for_logs_module" { depends_on = [time_sleep.wait_for_minutes] for_each = toset(local.create_kf_logs_source ? ["kinesis_firehose_for_logs_module"] : []) #source = "SumoLogic/sumo-logic-integrations/sumologic//aws/kinesisfirehoseforlogs" - source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/kinesisfirehoseforlogs?ref=fy27q1" - #version = "1.0.23" - + source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/kinesisfirehoseforlogs?ref=fy27q2" + #version = "1.0.24" create_collector = false diff --git a/aws-observability-terraform/source-module/main_s3_bucket.tf b/aws-observability-terraform/source-module/main_s3_bucket.tf index 87de72f4..b7d3f5ab 100644 --- a/aws-observability-terraform/source-module/main_s3_bucket.tf +++ b/aws-observability-terraform/source-module/main_s3_bucket.tf @@ -15,10 +15,16 @@ resource "aws_s3_bucket_policy" "dump_access_logs_to_s3" { for_each = toset(local.create_common_bucket ? ["s3_bucket"] : []) bucket = aws_s3_bucket.s3_bucket["s3_bucket"].id - policy = templatefile("${path.module}/templates/s3_bucket_policy.tmpl", { + + # Use old policy template with ELB_ACCOUNT_ID for old regions + # Use new policy template with only BUCKET_NAME for new regions + policy = local.is_old_region ? templatefile("${path.module}/templates/s3_bucket_old_policy.tmpl", { BUCKET_NAME = local.common_bucket_name ELB_ACCCOUNT_ID = local.region_to_elb_account_id[local.aws_region] AWS_PARTITION = data.aws_partition.current.partition + }) : templatefile("${path.module}/templates/s3_bucket_new_policy.tmpl", { + BUCKET_NAME = local.common_bucket_name + AWS_PARTITION = data.aws_partition.current.partition }) } diff --git a/aws-observability-terraform/source-module/outputs.tf b/aws-observability-terraform/source-module/outputs.tf index 253de940..118a3f2c 100644 --- a/aws-observability-terraform/source-module/outputs.tf +++ b/aws-observability-terraform/source-module/outputs.tf @@ -53,11 +53,6 @@ output "elb_sns_subscription" { description = "AWS SNS subscription to Sumo Logic AWS ELB source." } -output "elb_auto_enable_stack" { - value = local.create_elb_source && var.auto_enable_access_logs != "None" ? module.elb_module["elb_module"].aws_serverlessapplicationrepository_cloudformation_stack : {} - description = "AWS CloudFormation stack for ALB Auto Enable access logs." -} - output "classic_lb_sns_topic" { value = local.create_classic_lb_source && !var.classic_lb_source_details.bucket_details.create_bucket ? module.classic_lb_module["classic_lb_module"].aws_sns_topic : {} description = "SNS topic created to be attached to an existing classic lb logs bucket." @@ -73,11 +68,6 @@ output "classic_lb_sns_subscription" { description = "AWS SNS subscription to Sumo Logic AWS Classic LB source." } -output "classic_lb_auto_enable_stack" { - value = local.create_classic_lb_source && var.auto_enable_access_logs != "None" ? module.classic_lb_module["classic_lb_module"].aws_serverlessapplicationrepository_cloudformation_stack : {} - description = "AWS CloudFormation stack for Classic LB Auto Enable access logs." -} - output "cloudwatch_metrics_source" { value = local.create_cw_metrics_source && length(local.aws_namespace) > 0 ? toset([ for namespace in local.aws_namespace : module.cloudwatch_metrics_source_module[namespace].sumologic_source @@ -115,11 +105,6 @@ output "cloudwatch_logs_lambda_function" { description = "AWS Lambda function to send logs to Sumo Logic." } -output "cloudwatch_logs_auto_subscribe_stack" { - value = local.create_llf_logs_source && var.auto_enable_logs_subscription != "None" ? module.cloudwatch_logs_lambda_log_forwarder_module["cloudwatch_logs_lambda_log_forwarder_module"].aws_serverlessapplicationrepository_cloudformation_stack : {} - description = "AWS CloudFormation stack for Auto Enable logs subscription." -} - output "kinesis_firehose_for_logs_source" { value = local.create_kf_logs_source ? module.kinesis_firehose_for_logs_module["kinesis_firehose_for_logs_module"].sumologic_source : null description = "Sumo Logic Kinesis Firehose for Logs source." @@ -128,9 +113,4 @@ output "kinesis_firehose_for_logs_source" { output "aws_kinesis_firehose_logs_delivery_stream" { value = local.create_kf_logs_source ? module.kinesis_firehose_for_logs_module["kinesis_firehose_for_logs_module"].aws_kinesis_firehose_delivery_stream : null description = "AWS Kinesis firehose delivery stream to send logs to Sumo Logic." -} - -output "kinesis_firehose_for_logs_auto_subscribe_stack" { - value = local.create_kf_logs_source && var.auto_enable_logs_subscription != "None" ? module.kinesis_firehose_for_logs_module["kinesis_firehose_for_logs_module"].aws_serverlessapplicationrepository_cloudformation_stack : {} - description = "AWS CloudFormation stack for Auto Enable logs subscription." } \ No newline at end of file diff --git a/aws-observability-terraform/source-module/templates/s3_bucket_new_policy.tmpl b/aws-observability-terraform/source-module/templates/s3_bucket_new_policy.tmpl new file mode 100644 index 00000000..4e7afcc4 --- /dev/null +++ b/aws-observability-terraform/source-module/templates/s3_bucket_new_policy.tmpl @@ -0,0 +1,53 @@ +{ + "Statement": [ + { + "Sid": "AWSCloudTrailAclCheck", + "Effect": "Allow", + "Principal": { + "Service": "cloudtrail.amazonaws.com" + }, + "Action": "s3:GetBucketAcl", + "Resource": "arn:${AWS_PARTITION}:s3:::${BUCKET_NAME}" + }, + { + "Sid": "AWSCloudTrailWrite", + "Effect": "Allow", + "Principal": { + "Service": "cloudtrail.amazonaws.com" + }, + "Action": "s3:PutObject", + "Resource": "arn:${AWS_PARTITION}:s3:::${BUCKET_NAME}/*", + "Condition": { + "StringEquals": { + "s3:x-amz-acl": "bucket-owner-full-control" + } + } + }, + { + "Sid": "AWSBucketExistenceCheck", + "Effect": "Allow", + "Principal": { + "Service": "cloudtrail.amazonaws.com" + }, + "Action": "s3:ListBucket", + "Resource": "arn:${AWS_PARTITION}:s3:::${BUCKET_NAME}" + }, + { + "Effect": "Allow", + "Principal": { + "Service": "logdelivery.elasticloadbalancing.amazonaws.com" + }, + "Action": "s3:PutObject", + "Resource": "arn:${AWS_PARTITION}:s3:::${BUCKET_NAME}/*" + }, + { + "Effect": "Allow", + "Principal": { + "Service": "delivery.logs.amazonaws.com" + }, + "Action": "s3:GetBucketAcl", + "Resource": "arn:${AWS_PARTITION}:s3:::${BUCKET_NAME}" + } + ], + "Version": "2008-10-17" +} \ No newline at end of file diff --git a/aws-observability-terraform/source-module/templates/s3_bucket_policy.tmpl b/aws-observability-terraform/source-module/templates/s3_bucket_old_policy.tmpl similarity index 100% rename from aws-observability-terraform/source-module/templates/s3_bucket_policy.tmpl rename to aws-observability-terraform/source-module/templates/s3_bucket_old_policy.tmpl diff --git a/aws-observability-terraform/source-module/versions.tf b/aws-observability-terraform/source-module/versions.tf index 40ff7125..1e36ae06 100644 --- a/aws-observability-terraform/source-module/versions.tf +++ b/aws-observability-terraform/source-module/versions.tf @@ -18,5 +18,17 @@ terraform { source = "hashicorp/random" version = ">= 3.1.0" } + lambda-invoke-extension = { + source = "registry.terraform.io/local-dev/lambda-invoke-extension" + #version = "0.1.0" + } } +} + +provider "aws" { + region = "me-central-1" +} + +provider "lambda-invoke-extension" { + region = "me-central-1" } \ No newline at end of file diff --git a/aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelperv2.0.23.zip b/aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelperv2.0.23.zip deleted file mode 100644 index 6ec5cd1a..00000000 Binary files a/aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelperv2.0.23.zip and /dev/null differ diff --git a/aws-observability/apps/SumoLogicAWSObservabilityHelper/download_zip.sh b/aws-observability/apps/SumoLogicAWSObservabilityHelper/download_zip.sh deleted file mode 100755 index cdda25d3..00000000 --- a/aws-observability/apps/SumoLogicAWSObservabilityHelper/download_zip.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/env bash - -export version="v2.0.18" - -if [[ -f SumoLogicAWSObservabilityHelper.zip ]]; then - rm SumoLogicAWSObservabilityHelper.zip -fi - -if [[ -f SumoLogicAWSObservabilityHelper${version}.zip ]]; then - rm SumoLogicAWSObservabilityHelper${version}.zip -fi - -export AWS_PROFILE="prod" - -aws s3 cp s3://appdevzipfiles-us-east-1/sumologic-aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelper${version}.zip SumoLogicAWSObservabilityHelper${version}.zip --profile ${AWS_PROFILE} --region us-east-1 diff --git a/aws-observability/apps/SumoLogicAWSObservabilityHelper/telemetryv1.0.0.zip b/aws-observability/apps/SumoLogicAWSObservabilityHelper/telemetryv1.0.0.zip deleted file mode 100644 index 813295ea..00000000 Binary files a/aws-observability/apps/SumoLogicAWSObservabilityHelper/telemetryv1.0.0.zip and /dev/null differ diff --git a/aws-observability/apps/SumoLogicAWSObservabilityHelper/upload_zip.sh b/aws-observability/apps/SumoLogicAWSObservabilityHelper/upload_zip.sh deleted file mode 100644 index f7f91a15..00000000 --- a/aws-observability/apps/SumoLogicAWSObservabilityHelper/upload_zip.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash - -export version="v2.0.18" - -export AWS_PROFILE="prod" - - -aws s3 cp SumoLogicAWSObservabilityHelper${version}.zip s3://appdevzipfiles-eu-north-1s/sumologic-aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelper${version}.zip --profile ${AWS_PROFILE} --region eu-north-1 - -aws s3 cp SumoLogicAWSObservabilityHelper${version}.zip s3://appdevzipfiles-ap-southeast-1/sumologic-aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelper${version}.zip --profile ${AWS_PROFILE} --region ap-southeast-1 diff --git a/aws-observability/apps/alb/alb_app.template.yaml b/aws-observability/apps/alb/alb_app.template.yaml deleted file mode 100755 index 8586ebe6..00000000 --- a/aws-observability/apps/alb/alb_app.template.yaml +++ /dev/null @@ -1,418 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to setup the ALB app with AWS and Sumo Logic resources for AWS Observability Solution." - -Metadata: - 'AWS::CloudFormation::Interface': - ParameterGroups: - - Label: - default: "Sumo Logic Access Configuration (Required)" - Parameters: - - Section1aSumoDeployment - - Section1bSumoAccessID - - Section1cSumoAccessKey - - Section1dRemoveSumoResourcesOnDeleteStack - - Section1eOrgId - - - Label: - default: "Sumo Logic AWS Resources Tagging Configuration (Required)" - Parameters: - - Section2aAccountAlias - - Section2bAccountAliasMappingS3URL - - - Label: - default: "App Details - Sumo Logic App Configuration" - Parameters: - - Section3aInstallApp - - - Label: - default: "App Details - CloudWatch Metrics Source Configuration" - Parameters: - - Section4aCloudWatchExistingSourceAPIUrl - - - Label: - default: "App Details - ALB Source Log Source Configuration" - Parameters: - - Section5aALBLogsAPIUrl - - Section5bALBLogsSourceName - - - Label: - default: "Local Parameters. Do Not Edit the values." - Parameters: - - Section6aParentStackLambdaARN - - Section6bTemplatesBucketName - - Section6cNestedTemplateVersion - - - Label: - default: "App Installation and sharing" - Parameters: - - Section7aAppInstallLocation - - Section7bShare - - ParameterLabels: - Section1aSumoDeployment: - default: "Sumo Logic Deployment Name" - Section1bSumoAccessID: - default: "Sumo Logic Access ID" - Section1cSumoAccessKey: - default: "Sumo Logic Access Key" - Section1dRemoveSumoResourcesOnDeleteStack: - default: "Delete Sumo Logic Resources when stack is deleted" - Section1eOrgId: - default: "Sumo Logic Organization Id" - - Section2aAccountAlias: - default: "Alias for AWS Account Identification. Please leave this blank if you are using CloudFormation StackSets to deploy the solution in multiple AWS accounts." - - Section2bAccountAliasMappingS3URL: - default: "S3 URL of a CSV file that maps AWS Account IDs to an Account Alias" - - Section3aInstallApp: - default: "Install Sumo Logic App" - - Section4aCloudWatchExistingSourceAPIUrl: - default: "Existing Sumo Logic CloudWatch Metrics Source API URL" - - Section5aALBLogsAPIUrl: - default: "Existing Sumo Logic ALB Logs Source API URL" - Section5bALBLogsSourceName: - default: "Provide the ALB Logs Source Name for Field Extraction Rule" - - Section6aParentStackLambdaARN: - default: "If Any, Lambda ARN from parent Stack" - Section6bTemplatesBucketName: - default: "Nested Templates Bucket Name" - Section6cNestedTemplateVersion: - default: "Nested Templates Version" - - Section7aAppInstallLocation: - default: "App Installation location" - Section7bShare: - default: "Share" - -Parameters: - Section1aSumoDeployment: - Type: String - Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2" - Default: "" - Section1bSumoAccessID: - Type: String - Description: "Sumo Logic Access ID. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access ID can not be empty." - Section1cSumoAccessKey: - Type: String - Description: "Sumo Logic Access Key. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access Key can not be empty." - NoEcho: true - Section1dRemoveSumoResourcesOnDeleteStack: - AllowedValues: - - true - - false - Default: true - Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True. - Deletes the resources created by the stack. Deletion of updated resources will be skipped." - Type: String - Section1eOrgId: - Description: "Appears on the Account Overview page that displays information about your Sumo Logic organization. Used for IAM Role in Sumo Logic AWS Sources. Visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page" - Type: String - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Organization Id can not be empty." - - Section2aAccountAlias: - Type: String - Description: "Provide an Alias for AWS account for identification in Sumo Logic Explorer View, metrics and logs. Please do not include special characters." - AllowedPattern: "[a-z0-9]*" - ConstraintDescription: "Alias must only contain lowercase letters, number and length less than or equal to 30 characters." - MaxLength: 30 - - Section2bAccountAliasMappingS3URL: - Type: String - Description: "Required only if you are using CloudFormation StackSets to deploy the solution in multiple AWS accounts." - Default: "" - - Section3aInstallApp: - Type: String - Description: "Yes - Installs the ALB App for the Sumo Logic AWS Observability Solution. - No - Skips the installation of this app." - Default: 'Yes' - AllowedValues: - - 'Yes' - - 'No' - - Section4aCloudWatchExistingSourceAPIUrl: - Type: String - Description: "Required when already collecting ALB Metrics. Provide the existing Sumo Logic ALB Metrics Source API URL. Account Field will be added to the Source. For Source API URL, visit https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration" - Default: "" - - Section5aALBLogsAPIUrl: - Type: String - Description: "Required when already collecting ALB logs. Provide the existing Sumo Logic ALB Source API URL. Account, region and namespace Fields will be added to the Source. For Source API URL, visit https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration" - Default: "" - Section5bALBLogsSourceName: - Type: String - Description: "Provide a ALB Logs Source Name for Field Extraction Rule." - Default: "" - - Section6aParentStackLambdaARN: - Type: String - Default: "ParentStackLambdaARN" - Description: Parent Stack Lambda ARN. Do Not Edit the value. - Section6bTemplatesBucketName: - Type: String - AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - Section6cNestedTemplateVersion: - Type: String - Description: "Provide the version for the nested templates. Default is the latest version." - AllowedPattern: ".+" - - Section7aAppInstallLocation: - Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section7bShare: - Type: String - Description: "True - Installed App will be visible to all members of the organisation. - False - Installed App will be visible to you only." - Default: 'True' - AllowedValues: - - 'True' - - 'False' - -Conditions: - install_app: !Equals [!Ref Section3aInstallApp, 'Yes'] - - update_alb_logs_source: !Not [!Equals [!Ref Section5aALBLogsAPIUrl, '']] - - update_alb_metrics_source: !Not [!Equals [!Ref Section4aCloudWatchExistingSourceAPIUrl, '']] - - create_fer: !Or - - !Condition update_alb_logs_source - - !Not [!Equals [!Ref Section5bALBLogsSourceName, '']] - -Mappings: - # Some buckets names have 's' or 'ss' in the region suffix. It is kept intentional as bucket names were not available. - # Buckets names which are intentional - - # 1. appdevzipfiles-eu-north-1s - # 2. appdevzipfiles-ap-east-1s - # 3. appdevzipfiles-af-south-1s - # 4. appdevzipfiles-me-south-1s - # 5. appdevzipfiles-me-central-1 - # 6. appdevzipfiles-eu-central-2ss - # 7. appdevzipfiles-ap-northeast-3s - # 8. appdevzipfiles-ap-southeast-3 - RegionMap: - us-east-1: - bucketname: appdevzipfiles-us-east-1 - us-east-2: - bucketname: appdevzipfiles-us-east-2 - us-west-1: - bucketname: appdevzipfiles-us-west-1 - us-west-2: - bucketname: appdevzipfiles-us-west-2 - ap-south-1: - bucketname: appdevzipfiles-ap-south-1 - ap-northeast-2: - bucketname: appdevzipfiles-ap-northeast-2 - ap-southeast-1: - bucketname: appdevzipfiles-ap-southeast-1 - ap-southeast-2: - bucketname: appdevzipfiles-ap-southeast-2 - ap-northeast-1: - bucketname: appdevzipfiles-ap-northeast-1 - ca-central-1: - bucketname: appdevzipfiles-ca-central-1 - eu-central-1: - bucketname: appdevzipfiles-eu-central-1 - eu-west-1: - bucketname: appdevzipfiles-eu-west-1 - eu-west-2: - bucketname: appdevzipfiles-eu-west-2 - eu-west-3: - bucketname: appdevzipfiles-eu-west-3 - eu-north-1: - bucketname: appdevzipfiles-eu-north-1s - sa-east-1: - bucketname: appdevzipfiles-sa-east-1 - ap-east-1: - bucketname: appdevzipfiles-ap-east-1s - af-south-1: - bucketname: appdevzipfiles-af-south-1s - eu-south-1: - bucketname: appdevzipfiles-eu-south-1 - me-south-1: - bucketname: appdevzipfiles-me-south-1s - me-central-1: - bucketname: appdevzipfiles-me-central-1 - eu-central-2: - bucketname: appdevzipfiles-eu-central-2ss - ap-northeast-3: - bucketname: appdevzipfiles-ap-northeast-3s - ap-southeast-3: - bucketname: appdevzipfiles-ap-southeast-3 - -Resources: - - LambdaRole: - Type: AWS::IAM::Role - Metadata: - cfn_nag: - rules_to_suppress: - - id: W11 - reason: "Operations are performed across resources." - Properties: - AssumeRolePolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Principal: - Service: lambda.amazonaws.com - Action: sts:AssumeRole - Path: / - Policies: - - PolicyName: LambdaExecutePolicies - PolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Action: - - logs:CreateLogGroup - - logs:CreateLogStream - - logs:PutLogEvents - Resource: '*' - - LambdaHelper: - Type: 'AWS::Serverless::Function' - Properties: - Handler: main.handler - Runtime: python3.14 - CodeUri: - Bucket: !FindInMap [ RegionMap, !Ref 'AWS::Region', bucketname ] - Key: "sumologic-aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelperv2.0.23.zip" - MemorySize: 128 - Timeout: 900 - Role: - Fn::GetAtt: - - LambdaRole - - Arn - - AccountAliasValue: - Type: Custom::AccountAlias - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - Region: !Ref "AWS::Region" - AccountID: !Ref "AWS::AccountId" - AccountAlias: !Ref Section2aAccountAlias - AccountAliasMappingS3Url: !Ref Section2bAccountAliasMappingS3URL - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - - sumoApp: - Condition: install_app - Type: Custom::App - Properties: - ServiceToken: !Ref Section6aParentStackLambdaARN - Region: !Ref "AWS::Region" - AppName: "AWS Observability Alb App" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - FolderName: !Sub "AWS Observability ${Section6cNestedTemplateVersion} " - RetainOldAppOnUpdate: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - AppJsonS3Url: !Sub "https://${Section6bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section6cNestedTemplateVersion}/appjson/Alb-App.json" - location: !Ref Section7aAppInstallLocation - share: !Ref Section7bShare - orgid: !Ref Section1eOrgId - - SumoALBLogsUpdateSource: - Type: Custom::SumoLogicUpdateFields - Condition: update_alb_logs_source - Properties: - ServiceToken: !Ref Section6aParentStackLambdaARN - Region: !Ref "AWS::Region" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - SourceApiUrl: !Ref Section5aALBLogsAPIUrl - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - Fields: - account: !GetAtt AccountAliasValue.ACCOUNT_ALIAS - region: !Ref "AWS::Region" - accountid: !Ref "AWS::AccountId" - - SumoALBMetricsUpdateSource: - Type: Custom::SumoLogicUpdateFields - Condition: update_alb_metrics_source - Properties: - ServiceToken: !Ref Section6aParentStackLambdaARN - Region: !Ref "AWS::Region" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - SourceApiUrl: !Ref Section4aCloudWatchExistingSourceAPIUrl - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - Fields: - account: !GetAtt AccountAliasValue.ACCOUNT_ALIAS - - AlbLogsFieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section6aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityAlbAccessLogsFER" - FieldExtractionRuleScope: !Join - - "" - - - "(_source=" - - !If [update_alb_logs_source, !Sub "\"${SumoALBLogsUpdateSource.source_name}\"", !Ref Section5bALBLogsSourceName] - - " (http or https or h2 or grpcs or ws or wss))" - FieldExtractionRuleParseExpression: '| parse "* * * * * * * * * * * * \"*\" \"*\" * * * \"*\"" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId - | where Type in ("http", "https", "h2", "grpcs", "ws", "wss") - | where !isBlank(loadbalancer) - | "aws/applicationelb" as namespace - | tolowercase(loadbalancer) as loadbalancer | fields loadbalancer, namespace' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - - AlbCloudTrailLogsFieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section6aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityALBCloudTrailLogsFER" - FieldExtractionRuleScope: "account=* eventSource eventName \"elasticloadbalancing.amazonaws.com\" \"2015-12-01\"" - FieldExtractionRuleParseExpression: '| json "eventSource", "awsRegion", "recipientAccountId", "requestParameters.name", "requestParameters.type", "requestParameters.loadBalancerArn", "requestParameters.listenerArn", "apiVersion" as event_source, region, accountid, loadbalancer, loadbalancertype, loadbalancerarn, listenerarn, api_version nodrop - | where event_source = "elasticloadbalancing.amazonaws.com" and api_version matches "2015-12-01" - | "" as namespace - | parse field=loadbalancerarn ":loadbalancer/*/*/*" as balancertype1, loadbalancer1, f1 nodrop - | parse field=listenerarn ":listener/*/*/*/*" as balancertype2, loadbalancer2, f1, f2 nodrop - | if(loadbalancertype matches "network", "aws/networkelb", if(balancertype1 matches "net", "aws/networkelb", if(balancertype2 matches "net", "aws/networkelb", namespace))) as namespace - | if(loadbalancertype matches "application", "aws/applicationelb", if(balancertype1 matches "app", "aws/applicationelb", if(balancertype2 matches "app", "aws/applicationelb", namespace))) as namespace - | where namespace="aws/applicationelb" or isEmpty(namespace) - | if (!isEmpty(loadbalancer), loadbalancer, if (!isEmpty(loadbalancer1), loadbalancer1, loadbalancer2)) as loadbalancer - | toLowerCase(loadbalancer) as loadbalancer - | fields region, namespace, loadbalancer, accountid' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment -Outputs: - ExistingMetricSourceName: - Description: "Existing CloudWatch Metrics Source Name" - Condition: update_alb_metrics_source - Value: !GetAtt SumoALBMetricsUpdateSource.source_name - ExistingLogSourceName: - Description: "Existing ALB Logs Source Name" - Condition: update_alb_logs_source - Value: !GetAtt SumoALBLogsUpdateSource.source_name \ No newline at end of file diff --git a/aws-observability/apps/alb/test/TestTemplate.yaml b/aws-observability/apps/alb/test/TestTemplate.yaml deleted file mode 100644 index 9e82f9a5..00000000 --- a/aws-observability/apps/alb/test/TestTemplate.yaml +++ /dev/null @@ -1,124 +0,0 @@ ---- -Global: - TemplatePath: "../alb_app.template.yaml" - TestProjectName: BasicTestProject - ParallelTestsRun: 6 - GlobalParameters: - Section1aSumoDeployment: us2 - Section1bSumoAccessID: '${PROFESSIONAL_US2_ACCESS_ID}' - Section1cSumoAccessKey: '${PROFESSIONAL_US2_ACCESS_KEY}' - Section1dRemoveSumoResourcesOnDeleteStack: 'true' - Section2aAccountAlias: 'testenv' - Section3aInstallApp: 'No' - Section6aParentStackLambdaARN: '${lambda_arn}' - Section6bTemplatesBucketName: '${template_bucket}' - Section6cNestedTemplateVersion: '${template_version}' -Tests: - - TestName: appferandmetricupdate - Regions: - - ap-south-1 - Parameters: - Values: - Section3aInstallApp: 'Yes' - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/194268335/sources/1166309542' - Section5bALBLogsSourceName: 'Tests' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - AlbLogsFieldExtractionRule - - SumoALBMetricsUpdateSource - - AddLoadBalancerField - - AssertType: OutputsCheck - Assert: - Outputs: - - ExistingMetricSourceName - - TestName: installnothing - Regions: - - ap-south-1 - Parameters: - Values: - Section3aInstallApp: 'No' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - AddLoadBalancerField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyappinstall - Regions: - - ap-south-1 - Parameters: - Values: - Section3aInstallApp: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - AddLoadBalancerField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: updatecwmetrics - Regions: - - ap-south-1 - Parameters: - Values: - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/194268335/sources/1135631121' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - SumoALBMetricsUpdateSource - - AddLoadBalancerField - - AssertType: OutputsCheck - Assert: - Outputs: - - ExistingMetricSourceName - - TestName: updatelogssource - Regions: - - ap-south-1 - Parameters: - Values: - Section5aALBLogsAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/194268335/sources/1135631970' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - SumoALBLogsUpdateSource - - AlbLogsFieldExtractionRule - - AddLoadBalancerField - - AssertType: OutputsCheck - Assert: - Outputs: - - ExistingLogSourceName - - TestName: updatebothsources - Regions: - - ap-south-1 - Parameters: - Values: - Section5aALBLogsAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/194268335/sources/1167287836' - Section4aCloudWatchExistingSourceAPIUrl: "https://api.us2.sumologic.com/api/v1/collectors/194268335/sources/1269239693" - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - SumoALBLogsUpdateSource - - AlbLogsFieldExtractionRule - - SumoALBMetricsUpdateSource - - AddLoadBalancerField - - AssertType: OutputsCheck - Assert: - Outputs: - - ExistingLogSourceName - - ExistingMetricSourceName \ No newline at end of file diff --git a/aws-observability/apps/apigateway/api_gateway_app.template.yaml b/aws-observability/apps/apigateway/api_gateway_app.template.yaml deleted file mode 100755 index cc791153..00000000 --- a/aws-observability/apps/apigateway/api_gateway_app.template.yaml +++ /dev/null @@ -1,233 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to setup the API Gateway app with AWS and Sumo Logic resources for AWS Observability Solution." - -Metadata: - 'AWS::CloudFormation::Interface': - ParameterGroups: - - Label: - default: "Sumo Logic Access Configuration (Required)" - Parameters: - - Section1aSumoDeployment - - Section1bSumoAccessID - - Section1cSumoAccessKey - - Section1dRemoveSumoResourcesOnDeleteStack - - Section1eOrgId - - - Label: - default: "App Details - Sumo Logic App Configuration" - Parameters: - - Section2aInstallApp - - - Label: - default: "App Details - CloudTrail Log Source Configuration" - Parameters: - - Section3aCloudTrailLogsSourceName - - Section3bCloudTrailSourceUpdated - - - Label: - default: "Local Parameters. Do Not Edit the values." - Parameters: - - Section4aParentStackLambdaARN - - Section4bTemplatesBucketName - - Section4cNestedTemplateVersion - - - Label: - default: "App Installation and sharing" - Parameters: - - Section5aAppInstallLocation - - Section5bShare - - ParameterLabels: - Section1aSumoDeployment: - default: "Sumo Logic Deployment Name" - Section1bSumoAccessID: - default: "Sumo Logic Access ID" - Section1cSumoAccessKey: - default: "Sumo Logic Access Key" - Section1dRemoveSumoResourcesOnDeleteStack: - default: "Delete Sumo Logic Resources when stack is deleted" - Section1eOrgId: - default: "Sumo Logic Organization Id" - - Section2aInstallApp: - default: "Install Sumo Logic App" - - Section3aCloudTrailLogsSourceName: - default: "Sumo Logic CloudTrail Logs Source Name" - Section3bCloudTrailSourceUpdated: - default: "Existing Source Updated" - - Section4aParentStackLambdaARN: - default: "If Any, Lambda ARN from parent Stack" - Section4bTemplatesBucketName: - default: "Nested Templates Bucket Name" - Section4cNestedTemplateVersion: - default: "Nested Templates Version" - - Section5aAppInstallLocation: - default: "App Installation location" - Section5bShare: - default: "Share" - -Parameters: - Section1aSumoDeployment: - Type: String - Default: "" - Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2" - Section1bSumoAccessID: - Type: String - Description: "Sumo Logic Access ID. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access ID can not be empty." - Section1cSumoAccessKey: - Type: String - Description: "Sumo Logic Access Key. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access Key can not be empty." - NoEcho: true - Section1dRemoveSumoResourcesOnDeleteStack: - AllowedValues: - - true - - false - Default: true - Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True. - Deletes the resources created by the stack. Deletion of updated resources will be skipped." - Type: String - Section1eOrgId: - Description: "Appears on the Account Overview page that displays information about your Sumo Logic organization. Used for IAM Role in Sumo Logic AWS Sources. Visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page" - Type: String - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Organization Id can not be empty." - - Section2aInstallApp: - Type: String - Description: "Yes - Installs the API Gateway App for the Sumo Logic AWS Observability Solution. - No - Skips the installation of this app." - Default: 'Yes' - AllowedValues: - - 'Yes' - - 'No' - - Section3aCloudTrailLogsSourceName: - Type: String - Description: Change the CloudTrail Source name to be created else default name will be used. - Default: "" - Section3bCloudTrailSourceUpdated: - Type: String - Description: "Yes - If fields are added to the existing source. - No - If a new source was created." - Default: 'No' - AllowedValues: - - 'Yes' - - 'No' - - Section4aParentStackLambdaARN: - Type: String - Default: "ParentStackLambdaARN" - Description: Parent Stack Lambda ARN. Do Not Edit the value. - Section4bTemplatesBucketName: - Type: String - AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - Section4cNestedTemplateVersion: - Type: String - Description: "Provide the version for the nested templates. Default is the latest version." - AllowedPattern: ".+" - - Section5aAppInstallLocation: - Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section5bShare: - Type: String - Description: "True - Installed App will be visible to all members of the organisation. - False - Installed App will be visible to you only." - Default: 'True' - AllowedValues: - - 'True' - - 'False' - -Conditions: - install_app: !Equals [!Ref Section2aInstallApp, 'Yes'] - - create_fer: !Not [!Equals [!Ref Section3aCloudTrailLogsSourceName, '']] - - source_updated: !Equals [!Ref Section3bCloudTrailSourceUpdated, 'Yes'] - -Resources: - - sumoApp: - Type: Custom::App - Condition: install_app - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - Region: !Ref "AWS::Region" - AppName: "AWS Observability Api Gateway App" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - FolderName: !Sub "AWS Observability ${Section4cNestedTemplateVersion} " - RetainOldAppOnUpdate: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - AppJsonS3Url: !Sub "https://${Section4bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section4cNestedTemplateVersion}/appjson/Api-Gateway-App.json" - location: !Ref Section5aAppInstallLocation - share: !Ref Section5bShare - orgid: !Ref Section1eOrgId - - CloudTrailLogsFieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityApiGatewayCloudTrailLogsFER" - FieldExtractionRuleScope: !Join - - "" - - - "(_source=" - - !If [source_updated, !Sub "\"${Section3aCloudTrailLogsSourceName}\"", !Ref Section3aCloudTrailLogsSourceName] - - " (\"apigateway.amazonaws.com\"))" - FieldExtractionRuleParseExpression: '| json "eventSource", "awsRegion", "responseElements", "recipientAccountId" as eventSource, region, responseElements, accountid nodrop - | where eventSource = "apigateway.amazonaws.com" - | "aws/apigateway" as namespace - | json field=responseElements "name" as ApiName nodrop - | tolowercase(ApiName) as apiname - | fields region, namespace, apiname, accountid' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - - AccessLogsFieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityApiGatewayAccessLogsFER" - FieldExtractionRuleScope: "account=* region=* apiId domainName stage requestId status" - FieldExtractionRuleParseExpression: '| json "apiId", "domainName", "stage" as apiId, domainName, stage - | "aws/apigateway" as namespace - | apiId as apiName - | fields apiName, namespace, apiId' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - - MetricRule: - Type: Custom::SumoLogicMetricRules - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - RemoveOnDeleteStack: false - MetricRuleName: "AwsObservabilityApiGatewayApiNameMetricsEntityRule" - MatchExpression: "Namespace=AWS/ApiGateway apiid=*" - ExtractVariables: - apiname: "$apiid._1" - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment diff --git a/aws-observability/apps/apigateway/test/TestTemplate.yaml b/aws-observability/apps/apigateway/test/TestTemplate.yaml deleted file mode 100644 index 4ffc54ba..00000000 --- a/aws-observability/apps/apigateway/test/TestTemplate.yaml +++ /dev/null @@ -1,88 +0,0 @@ ---- -Global: - TemplatePath: "../api_gateway_app.template.yaml" - TestProjectName: BasicTestProject - ParallelTestsRun: 2 - GlobalParameters: - Section1aSumoDeployment: us2 - Section1bSumoAccessID: '${PROFESSIONAL_US2_ACCESS_ID}' - Section1cSumoAccessKey: '${PROFESSIONAL_US2_ACCESS_KEY}' - Section1dRemoveSumoResourcesOnDeleteStack: 'true' - Section2aInstallApp: 'No' - Section3bCloudTrailSourceUpdated: 'No' - Section4aParentStackLambdaARN: '${lambda_arn}' - Section4bTemplatesBucketName: '${template_bucket}' - Section4cNestedTemplateVersion: '${template_version}' -Tests: - - TestName: installall - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'Tests With Space' - Section3bCloudTrailSourceUpdated: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - CloudTrailLogsFieldExtractionRule - - AccessLogsFieldExtractionRule - - MetricRule - - AddApiIdField - - AddApiNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: installnothing - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'No' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - AddApiNameField - - AddApiIdField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyappinstall - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - AddApiNameField - - AddApiIdField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyfer - Regions: - - ap-south-1 - Parameters: - Values: - Section3aCloudTrailLogsSourceName: 'Tests' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - FieldExtractionRule - - AddApiNameField - - AddApiIdField - - AssertType: OutputsCheck - Assert: - Outputs: \ No newline at end of file diff --git a/aws-observability/apps/common/test/TestTemplate.yaml b/aws-observability/apps/common/test/TestTemplate.yaml deleted file mode 100644 index f8189364..00000000 --- a/aws-observability/apps/common/test/TestTemplate.yaml +++ /dev/null @@ -1,801 +0,0 @@ ---- -Global: - TemplatePath: "../resources.template.yaml" - TestProjectName: BasicTestProject - ParallelTestsRun: 10 - GlobalParameters: - SumoLogicDeployment: us2 - SumoLogicOrganizationId: '${US2_PROFESSIONAL_ORG_ID}' - SumoLogicAccessID: '${PROFESSIONAL_US2_ACCESS_ID}' - SumoLogicAccessKey: '${PROFESSIONAL_US2_ACCESS_KEY}' - RemoveSumoLogicResourcesOnDeleteStack: 'true' - AccountAlias: 'testenv' - SumoLogicAccountID: '926226587429' - CreateMetaDataSource: 'No' - CreateCloudWatchMetricsSource: 'No' - CreateALBLogSource: 'No' - CreateALBS3Bucket: 'No' - CreateCloudTrailLogSource: 'No' - CreateCloudTrailBucket: 'No' - CreateCloudWatchLogSource: 'No' - MetaDataSourceCategory: "aws/test/metadata" - CloudWatchMetricSourceCategory: "aws/test/metrics" - ALBLogsSourceCategory: "aws/test/alb" - CloudTrailLogsSourceCategory: "aws/test/cloudtrail" - CloudWatchLogsSourceCategory: "aws/test/cloudwatch" - TemplatesBucketName: '${template_bucket}' - NestedTemplateVersion: '${template_version}' -Tests: - - TestName: installall - Regions: - - ap-south-1 - Parameters: - Values: - AccountAlias: 'test1env' - CollectorName: 'Sourabh Collector Install All' - CreateMetaDataSource: 'Yes' - MetaDataSourceName: 'Sourabh MetaData Source' - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'Sourabh CW Metrics Source' - CloudWatchMetricsNameSpaces: 'AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB, AWS/SQS, AWS/SNS, AWS/EC2' - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'Yes' - ALBS3LogsBucketName: 'cf-templates-1qpf3unpuo1hw-ap-south-1' - ALBLogsSourceName: 'Sourabh ALB Source' - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: 'cf-templates-1qpf3unpuo1hw-us-east-1' - CloudTrailLogsSourceName: 'Sourabh CloudTrail Source' - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: 'Sourabh CW Logs Source' - CreateKinesisFirehoseMetricsSource: "Yes" - KinesisFirehoseMetricsSourceName: "Sourabh KF Metrics Source" - KinesisFirehoseMetricSourceCategory: "Labs/Sourabh/Metrics" - CreateKinesisFirehoseLogSource: "Yes" - KinesisFirehoseLogsSourceName: "Sourabh KF Logs Source" - KinesisFirehoseLogsSourceCategory: "Labs/Sourabh/Logs" - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaHelper - - AccountCheck - - CommonBucketSNSTopic - - CommonS3Bucket - - CommonBucketPolicy - - CommonSNSpolicy - - CommonCloudTrail - - CreateSumoLogicAWSExplorerView - - SumoLogicSourceRole - - SumoLogicHostedCollector - - SumoLogicMetaDataSource - - LambdaToDecideCWMetricsSources - - Primerinvoke - - CloudWatchMetricsFirstStack - - CloudWatchMetricsFirstStack.FirstCloudwatchMetricsSource - - CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CloudWatchMetricsFirstStack.FourthCloudwatchMetricsSource - - CloudWatchMetricsFirstStack.FifthCloudwatchMetricsSource - - CloudWatchMetricsSecondStack - - CloudWatchMetricsSecondStack.FirstCloudwatchMetricsSource - - CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CloudWatchMetricsSecondStack.ThirdCloudwatchMetricsSource - - CloudWatchMetricsSecondStack.FourthCloudwatchMetricsSource - - CloudWatchMetricsThirdStack - - CloudWatchMetricsThirdStack.FirstCloudwatchMetricsSource - - CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - ALBSource - - ALBSNSSubscription - - CloudTrailSource - - CloudTrailSNSSubscription - - CloudWatchEventFunction - - CloudWatchHTTPSource - - CloudWatchEventFunction.SumoCWDeadLetterQueue - - CloudWatchEventFunction.SumoCWEmailSNSTopic - - CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CloudWatchEventFunction.SumoCWLambdaPermission - - CloudWatchEventFunction.SumoCWLogGroup - - CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CloudWatchEventFunction.SumoCWLogsLambda - - CloudWatchEventFunction.SumoCWProcessDLQLambda - - CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CloudWatchEventFunction.SumoCWSpilloverAlarm - - AddAccountField - - AddRegionField - - AddNamespaceField - - KinesisFirehoseMetricsStack - - KinesisFirehoseMetricsSource - - KinesisFirehoseLogsStack - - KinesisFirehoseLogsSource - - KinesisFirehoseMetricsStack.AttachBucketPolicyToFirehoseLogsRole - - KinesisFirehoseMetricsStack.FirehoseLogsRole - - KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStream - - KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStream - - KinesisFirehoseMetricsStack.KinesisMetricsFirehoseRolePolicy - - KinesisFirehoseMetricsStack.KinesisMetricsLogGroup - - KinesisFirehoseMetricsStack.KinesisMetricsLogStream - - KinesisFirehoseMetricsStack.KinesisMetricsLogStreamS3 - - KinesisFirehoseMetricsStack.KinesisMetricsRole - - KinesisFirehoseMetricsStack.KinesisMetricsRolePolicy - - KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambda - - KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambdaRole - - KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - KinesisFirehoseLogsStack.FirehoseLogsRole - - KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - KinesisFirehoseLogsStack.KinesisLogsLogGroup - - KinesisFirehoseLogsStack.KinesisLogsLogStream - - KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - KinesisFirehoseLogsStack.KinesisLogsRole - - KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - KinesisFirehoseLogsStack.SubscriptionFilter - - AssertType: OutputsCheck - Assert: - Outputs: - - LambdaHelperARN - - LambdaRoleARN - - EnterpriseCheck - - PaidAccountCheck - - Namespaces - - BucketName - - CloudWatchLambdaARN - - CloudWatchEventFunction.SumoCWLogsLambdaArn - - KinesisLogsDeliveryStreamARN - - KinesisLogsRoleARN - - KinesisMetricsDeliveryStreamARN - - KinesisMetricsRoleARN - - KinesisFirehoseMetricsStack.KinesisMetricsRoleARN - - KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStreamARN - - KinesisFirehoseMetricsStack.KinesisMetricsLogGroupARN - - KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - KinesisFirehoseLogsStack.KinesisLogsRoleARN - - AssertType: ParameterCheck - Assert: - CloudWatchMetricsFirstStack: - CloudWatchMetricsSourceName: 'Sourabh CW Metrics Source' - CloudWatchMetricSourceCategory: "aws/test/metrics" - CreateFirstMetricsSource: 'Yes' - FirstMetricsSourceNamespace: 'ApplicationELB' - CreateSecondMetricsSource: 'Yes' - SecondMetricsSourceNamespace: 'ApiGateway' - CreateThirdMetricsSource: 'Yes' - ThirdMetricsSourceNamespace: 'DynamoDB' - CreateFourthMetricsSource: 'Yes' - FourthMetricsSourceNamespace: 'Lambda' - CreateFifthMetricsSource: 'Yes' - FifthMetricsSourceNamespace: 'RDS' - CloudWatchMetricsSecondStack: - CloudWatchMetricsSourceName: 'Sourabh CW Metrics Source' - CloudWatchMetricSourceCategory: "aws/test/metrics" - CreateFirstMetricsSource: 'Yes' - FirstMetricsSourceNamespace: 'ECS' - CreateSecondMetricsSource: 'Yes' - SecondMetricsSourceNamespace: 'ElastiCache' - CreateThirdMetricsSource: 'Yes' - ThirdMetricsSourceNamespace: 'ELB' - CreateFourthMetricsSource: 'Yes' - FourthMetricsSourceNamespace: 'NetworkELB' - CreateFifthMetricsSource: 'No' - FifthMetricsSourceNamespace: '' - KinesisFirehoseMetricsStack: - Section1bNamespaceFilter: 'AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB, AWS/SQS, AWS/SNS, AWS/EC2' - Section2aCreateS3Bucket: 'No' - Section2bFailedDataS3Bucket: "aws-observability-logs" - KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'No' - Section2bFailedDataS3Bucket: "aws-observability-logs" - - TestName: installmetadata - Regions: - - us-east-1 - Parameters: - Values: - CollectorName: 'Sourabh Collector Install MetaData' - CreateMetaDataSource: 'Yes' - MetaDataSourceName: 'Sourabh MetaData Source' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaHelper - - AccountCheck - - CreateSumoLogicAWSExplorerView - - SumoLogicSourceRole - - SumoLogicHostedCollector - - SumoLogicMetaDataSource - - LambdaToDecideCWMetricsSources - - Primerinvoke - - AddAccountField - - AddRegionField - - AddNamespaceField - - AssertType: OutputsCheck - Assert: - Outputs: - - LambdaHelperARN - - LambdaRoleARN - - EnterpriseCheck - - PaidAccountCheck - - Namespaces - - TestName: installcwmetrics - Regions: - - us-east-2 - Parameters: - Values: - CollectorName: 'Sourabh Collector Install CW Metrics' - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'Sourabh CW Metrics Source' - CloudWatchMetricsNameSpaces: 'AWS/ApplicationELB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ELB, AWS/NetworkELB, AWS/SNS' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaHelper - - AccountCheck - - CreateSumoLogicAWSExplorerView - - SumoLogicSourceRole - - SumoLogicHostedCollector - - LambdaToDecideCWMetricsSources - - Primerinvoke - - CloudWatchMetricsFirstStack - - CloudWatchMetricsFirstStack.FirstCloudwatchMetricsSource - - CloudWatchMetricsFirstStack.FourthCloudwatchMetricsSource - - CloudWatchMetricsFirstStack.FifthCloudwatchMetricsSource - - CloudWatchMetricsSecondStack - - CloudWatchMetricsSecondStack.FirstCloudwatchMetricsSource - - CloudWatchMetricsSecondStack.ThirdCloudwatchMetricsSource - - CloudWatchMetricsSecondStack.FourthCloudwatchMetricsSource - - CloudWatchMetricsThirdStack - - CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - AddAccountField - - AddRegionField - - AddNamespaceField - - AssertType: OutputsCheck - Assert: - Outputs: - - LambdaHelperARN - - LambdaRoleARN - - EnterpriseCheck - - PaidAccountCheck - - Namespaces - - AssertType: ParameterCheck - Assert: - CloudWatchMetricsFirstStack: - CloudWatchMetricsSourceName: 'Sourabh CW Metrics Source' - CloudWatchMetricSourceCategory: "aws/test/metrics" - CreateFirstMetricsSource: 'Yes' - FirstMetricsSourceNamespace: 'ApplicationELB' - CreateSecondMetricsSource: 'No' - SecondMetricsSourceNamespace: 'ApiGateway' - CreateThirdMetricsSource: 'No' - ThirdMetricsSourceNamespace: 'DynamoDB' - CreateFourthMetricsSource: 'Yes' - FourthMetricsSourceNamespace: 'Lambda' - CreateFifthMetricsSource: 'Yes' - FifthMetricsSourceNamespace: 'RDS' - CloudWatchMetricsSecondStack: - CloudWatchMetricsSourceName: 'Sourabh CW Metrics Source' - CloudWatchMetricSourceCategory: "aws/test/metrics" - CreateFirstMetricsSource: 'Yes' - FirstMetricsSourceNamespace: 'ECS' - CreateSecondMetricsSource: 'No' - SecondMetricsSourceNamespace: 'ElastiCache' - CreateThirdMetricsSource: 'Yes' - ThirdMetricsSourceNamespace: 'ELB' - CreateFourthMetricsSource: 'Yes' - FourthMetricsSourceNamespace: 'NetworkELB' - CreateFifthMetricsSource: 'No' - FifthMetricsSourceNamespace: '' - - TestName: installalbsourcewithbucket - Regions: - - ap-south-1 - Parameters: - Values: - CollectorName: 'Sourabh Collector Install ALB Bucket' - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'Yes' - ALBS3LogsBucketName: 'cf-templates-1qpf3unpuo1hw-ap-south-1' - ALBLogsSourceName: 'Sourabh ALB Source' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaHelper - - AccountCheck - - CommonBucketSNSTopic - - CommonS3Bucket - - CommonBucketPolicy - - CommonSNSpolicy - - CreateSumoLogicAWSExplorerView - - SumoLogicSourceRole - - SumoLogicHostedCollector - - LambdaToDecideCWMetricsSources - - Primerinvoke - - ALBSource - - ALBSNSSubscription - - AddAccountField - - AddRegionField - - AddNamespaceField - - AssertType: OutputsCheck - Assert: - Outputs: - - LambdaHelperARN - - LambdaRoleARN - - EnterpriseCheck - - PaidAccountCheck - - Namespaces - - BucketName - - TestName: installctwithbucket - Regions: - - us-east-1 - Parameters: - Values: - CollectorName: 'Sourabh Collector Install CT' - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: 'cf-templates-1qpf3unpuo1hw-us-east-1' - CloudTrailLogsSourceName: 'Sourabh CloudTrail Source' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaHelper - - AccountCheck - - CommonBucketSNSTopic - - CommonS3Bucket - - CommonBucketPolicy - - CommonSNSpolicy - - CommonCloudTrail - - CreateSumoLogicAWSExplorerView - - SumoLogicSourceRole - - SumoLogicHostedCollector - - LambdaToDecideCWMetricsSources - - Primerinvoke - - CloudTrailSource - - CloudTrailSNSSubscription - - AddAccountField - - AddRegionField - - AddNamespaceField - - AssertType: OutputsCheck - Assert: - Outputs: - - LambdaHelperARN - - LambdaRoleARN - - EnterpriseCheck - - PaidAccountCheck - - Namespaces - - BucketName - - TestName: installcwlogs - Regions: - - us-east-2 - Parameters: - Values: - CollectorName: 'Sourabh Collector Install CW Logs' - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: 'Sourabh CW Logs Source' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaHelper - - AccountCheck - - CreateSumoLogicAWSExplorerView - - SumoLogicHostedCollector - - LambdaToDecideCWMetricsSources - - Primerinvoke - - CloudWatchEventFunction - - CloudWatchHTTPSource - - CloudWatchEventFunction.SumoCWDeadLetterQueue - - CloudWatchEventFunction.SumoCWEmailSNSTopic - - CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CloudWatchEventFunction.SumoCWLambdaPermission - - CloudWatchEventFunction.SumoCWLogGroup - - CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CloudWatchEventFunction.SumoCWLogsLambda - - CloudWatchEventFunction.SumoCWProcessDLQLambda - - CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CloudWatchEventFunction.SumoCWSpilloverAlarm - - AddAccountField - - AddRegionField - - AddNamespaceField - - AssertType: OutputsCheck - Assert: - Outputs: - - LambdaHelperARN - - LambdaRoleARN - - EnterpriseCheck - - PaidAccountCheck - - Namespaces - - CloudWatchLambdaARN - - CloudWatchEventFunction.SumoCWLogsLambdaArn - - TestName: installalbexisctnew - Regions: - - ap-south-1 - Parameters: - Values: - CollectorName: 'Sourabh Collector Install ALB Exis' - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: 'cf-templates-1qpf3unpuo1hw-ap-south-1' - ALBLogsSourceName: 'Sourabh ALB Source' - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: 'cf-templates-1qpf3unpuo1hw-us-east-1' - CloudTrailLogsSourceName: 'Sourabh CloudTrail Source' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaHelper - - AccountCheck - - CommonBucketSNSTopic - - CommonS3Bucket - - CommonBucketPolicy - - CommonSNSpolicy - - CommonCloudTrail - - CreateSumoLogicAWSExplorerView - - SumoLogicSourceRole - - SumoLogicHostedCollector - - LambdaToDecideCWMetricsSources - - Primerinvoke - - ALBSource - - ALBSNSTopic - - ALBSNSSubscription - - ALBSNSpolicy - - CloudTrailSource - - CloudTrailSNSSubscription - - AddAccountField - - AddRegionField - - AddNamespaceField - - AssertType: OutputsCheck - Assert: - Outputs: - - LambdaHelperARN - - LambdaRoleARN - - EnterpriseCheck - - BucketName - - PaidAccountCheck - - Namespaces - - TestName: installalbnewctexis - Regions: - - us-east-1 - Parameters: - Values: - CollectorName: 'Sourabh Collector Install New CT' - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'Yes' - ALBS3LogsBucketName: 'cf-templates-1qpf3unpuo1hw-ap-south-1' - ALBLogsSourceName: 'Sourabh ALB Source' - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: 'cf-templates-1qpf3unpuo1hw-us-east-1' - CloudTrailLogsSourceName: 'Sourabh CloudTrail Source' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaHelper - - AccountCheck - - CommonBucketSNSTopic - - CommonS3Bucket - - CommonBucketPolicy - - CommonSNSpolicy - - CreateSumoLogicAWSExplorerView - - SumoLogicSourceRole - - SumoLogicHostedCollector - - LambdaToDecideCWMetricsSources - - Primerinvoke - - ALBSource - - ALBSNSSubscription - - CloudTrailSource - - CloudTrailSNSTopic - - CloudTrailSNSSubscription - - CloudTrailSNSpolicy - - AddAccountField - - AddRegionField - - AddNamespaceField - - AssertType: OutputsCheck - Assert: - Outputs: - - LambdaHelperARN - - LambdaRoleARN - - EnterpriseCheck - - PaidAccountCheck - - Namespaces - - BucketName - - TestName: installalbctexis - Regions: - - us-east-2 - Parameters: - Values: - CollectorName: 'Sourabh Collector Install CT Exit' - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: 'cf-templates-1qpf3unpuo1hw-ap-south-1' - ALBLogsSourceName: 'Sourabh ALB Source' - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: 'cf-templates-1qpf3unpuo1hw-us-east-1' - CloudTrailLogsSourceName: 'Sourabh CloudTrail Source' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaHelper - - AccountCheck - - CreateSumoLogicAWSExplorerView - - SumoLogicSourceRole - - SumoLogicHostedCollector - - LambdaToDecideCWMetricsSources - - Primerinvoke - - ALBSource - - ALBSNSTopic - - ALBSNSSubscription - - ALBSNSpolicy - - CloudTrailSource - - CloudTrailSNSTopic - - CloudTrailSNSSubscription - - CloudTrailSNSpolicy - - AddAccountField - - AddRegionField - - AddNamespaceField - - AssertType: OutputsCheck - Assert: - Outputs: - - LambdaHelperARN - - LambdaRoleARN - - EnterpriseCheck - - PaidAccountCheck - - Namespaces - - TestName: installnothing - Regions: - - ap-south-1 - Parameters: - Values: - CollectorName: 'Sourabh Collector Install Nothing' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaHelper - - AccountCheck - - CreateSumoLogicAWSExplorerView - - LambdaToDecideCWMetricsSources - - Primerinvoke - - AddAccountField - - AddRegionField - - AddNamespaceField - - AssertType: OutputsCheck - Assert: - Outputs: - - LambdaHelperARN - - LambdaRoleARN - - EnterpriseCheck - - PaidAccountCheck - - Namespaces - - TestName: installkfmetricsource - Regions: - - us-east-1 - Parameters: - Values: - AccountAlias: "kfsource" - CollectorName: 'Sourabh Collector Install KF Metrics' - CreateKinesisFirehoseMetricsSource: "Yes" - KinesisFirehoseMetricsSourceName: "Sourabh KF Metrics Source" - KinesisFirehoseMetricSourceCategory: "Labs/Sourabh/Metrics" - CloudWatchMetricsNameSpaces: 'AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaHelper - - AccountCheck - - CreateSumoLogicAWSExplorerView - - LambdaToDecideCWMetricsSources - - Primerinvoke - - AddAccountField - - AddRegionField - - AddNamespaceField - - KinesisFirehoseMetricsStack - - KinesisFirehoseMetricsSource - - SumoLogicHostedCollector - - SumoLogicSourceRole - - KinesisFirehoseMetricsStack.AttachBucketPolicyToFirehoseLogsRole - - KinesisFirehoseMetricsStack.FailedDataBucket - - KinesisFirehoseMetricsStack.FirehoseLogsRole - - KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStream - - KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStream - - KinesisFirehoseMetricsStack.KinesisMetricsFirehoseRolePolicy - - KinesisFirehoseMetricsStack.KinesisMetricsLogGroup - - KinesisFirehoseMetricsStack.KinesisMetricsLogStream - - KinesisFirehoseMetricsStack.KinesisMetricsLogStreamS3 - - KinesisFirehoseMetricsStack.KinesisMetricsRole - - KinesisFirehoseMetricsStack.KinesisMetricsRolePolicy - - KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambda - - KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambdaRole - - AssertType: OutputsCheck - Assert: - Outputs: - - LambdaHelperARN - - LambdaRoleARN - - EnterpriseCheck - - PaidAccountCheck - - Namespaces - - KinesisMetricsDeliveryStreamARN - - KinesisMetricsRoleARN - - KinesisFirehoseMetricsStack.KinesisMetricsRoleARN - - KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStreamARN - - KinesisFirehoseMetricsStack.FailedDataBucketArn - - KinesisFirehoseMetricsStack.KinesisMetricsLogGroupARN - - AssertType: ParameterCheck - Assert: - KinesisFirehoseMetricsStack: - Section1bNamespaceFilter: 'AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS' - Section2aCreateS3Bucket: 'Yes' - Section2bFailedDataS3Bucket: "aws-observability-logs" - - TestName: installkflogsource - Regions: - - ap-south-1 - Parameters: - Values: - AccountAlias: "kfsource" - CollectorName: 'Sourabh Collector Install KF Logs' - CreateKinesisFirehoseLogSource: "Yes" - KinesisFirehoseLogsSourceName: "Sourabh KF Logs Source" - KinesisFirehoseLogsSourceCategory: "Labs/Sourabh/Logs" - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaHelper - - AccountCheck - - CreateSumoLogicAWSExplorerView - - LambdaToDecideCWMetricsSources - - Primerinvoke - - AddAccountField - - AddRegionField - - AddNamespaceField - - KinesisFirehoseLogsStack - - KinesisFirehoseLogsSource - - SumoLogicHostedCollector - - KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - KinesisFirehoseLogsStack.FailedDataBucket - - KinesisFirehoseLogsStack.FirehoseLogsRole - - KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - KinesisFirehoseLogsStack.KinesisLogsLogGroup - - KinesisFirehoseLogsStack.KinesisLogsLogStream - - KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - KinesisFirehoseLogsStack.KinesisLogsRole - - KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - KinesisFirehoseLogsStack.SubscriptionFilter - - AssertType: OutputsCheck - Assert: - Outputs: - - LambdaHelperARN - - LambdaRoleARN - - EnterpriseCheck - - PaidAccountCheck - - Namespaces - - KinesisLogsDeliveryStreamARN - - KinesisLogsRoleARN - - KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - KinesisFirehoseLogsStack.FailedDataBucketArn - - KinesisFirehoseLogsStack.KinesisLogsRoleARN - - AssertType: ParameterCheck - Assert: - KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'Yes' - Section2bFailedDataS3Bucket: "aws-observability-logs" - - TestName: installbothkfsource - Regions: - - us-east-1 - Parameters: - Values: - AccountAlias: "kfsource" - CollectorName: 'Sourabh Collector Install ALL KF Logs' - CreateKinesisFirehoseMetricsSource: "Yes" - KinesisFirehoseMetricsSourceName: "Sourabh KF Metrics Source" - KinesisFirehoseMetricSourceCategory: "Labs/Sourabh/Metrics" - CreateKinesisFirehoseLogSource: "Yes" - KinesisFirehoseLogsSourceName: "Sourabh KF Logs Source" - KinesisFirehoseLogsSourceCategory: "Labs/Sourabh/Logs" - CloudWatchMetricsNameSpaces: 'AWS/ApplicationELB' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaHelper - - AccountCheck - - CreateSumoLogicAWSExplorerView - - LambdaToDecideCWMetricsSources - - Primerinvoke - - AddAccountField - - AddRegionField - - AddNamespaceField - - KinesisFirehoseMetricsStack - - KinesisFirehoseMetricsSource - - KinesisFirehoseLogsStack - - KinesisFirehoseLogsSource - - SumoLogicHostedCollector - - SumoLogicSourceRole - - KinesisFirehoseMetricsStack.AttachBucketPolicyToFirehoseLogsRole - - KinesisFirehoseMetricsStack.FailedDataBucket - - KinesisFirehoseMetricsStack.FirehoseLogsRole - - KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStream - - KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStream - - KinesisFirehoseMetricsStack.KinesisMetricsFirehoseRolePolicy - - KinesisFirehoseMetricsStack.KinesisMetricsLogGroup - - KinesisFirehoseMetricsStack.KinesisMetricsLogStream - - KinesisFirehoseMetricsStack.KinesisMetricsLogStreamS3 - - KinesisFirehoseMetricsStack.KinesisMetricsRole - - KinesisFirehoseMetricsStack.KinesisMetricsRolePolicy - - KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambda - - KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambdaRole - - KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - KinesisFirehoseLogsStack.FirehoseLogsRole - - KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - KinesisFirehoseLogsStack.KinesisLogsLogGroup - - KinesisFirehoseLogsStack.KinesisLogsLogStream - - KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - KinesisFirehoseLogsStack.KinesisLogsRole - - KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - KinesisFirehoseLogsStack.SubscriptionFilter - - AssertType: OutputsCheck - Assert: - Outputs: - - LambdaHelperARN - - LambdaRoleARN - - EnterpriseCheck - - PaidAccountCheck - - Namespaces - - KinesisLogsDeliveryStreamARN - - KinesisLogsRoleARN - - KinesisMetricsDeliveryStreamARN - - KinesisMetricsRoleARN - - KinesisFirehoseMetricsStack.KinesisMetricsRoleARN - - KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStreamARN - - KinesisFirehoseMetricsStack.FailedDataBucketArn - - KinesisFirehoseMetricsStack.KinesisMetricsLogGroupARN - - KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - KinesisFirehoseLogsStack.KinesisLogsRoleARN - - AssertType: ParameterCheck - Assert: - KinesisFirehoseMetricsStack: - Section1bNamespaceFilter: 'AWS/ApplicationELB' - Section2aCreateS3Bucket: 'Yes' - Section2bFailedDataS3Bucket: "aws-observability-logs" - KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'No' - Section2bFailedDataS3Bucket: "aws-observability-logs" \ No newline at end of file diff --git a/aws-observability/apps/dynamodb/dynamodb_app.template.yaml b/aws-observability/apps/dynamodb/dynamodb_app.template.yaml deleted file mode 100755 index f073d7d1..00000000 --- a/aws-observability/apps/dynamodb/dynamodb_app.template.yaml +++ /dev/null @@ -1,202 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to setup the DynamoDB app with AWS and Sumo Logic resources for AWS Observability Solution." - -Metadata: - 'AWS::CloudFormation::Interface': - ParameterGroups: - - Label: - default: "Sumo Logic Access Configuration (Required)" - Parameters: - - Section1aSumoDeployment - - Section1bSumoAccessID - - Section1cSumoAccessKey - - Section1dRemoveSumoResourcesOnDeleteStack - - Section1eOrgId - - - Label: - default: "App Details - Sumo Logic App Configuration" - Parameters: - - Section2aInstallApp - - - Label: - default: "App Details - CloudTrail Log Source Configuration" - Parameters: - - Section3aCloudTrailLogsSourceName - - Section3bCloudTrailSourceUpdated - - - Label: - default: "Local Parameters. Do Not Edit the values." - Parameters: - - Section4aParentStackLambdaARN - - Section4bTemplatesBucketName - - Section4cNestedTemplateVersion - - - Label: - default: "App Installation and sharing" - Parameters: - - Section5aAppInstallLocation - - Section5bShare - - ParameterLabels: - Section1aSumoDeployment: - default: "Sumo Logic Deployment Name" - Section1bSumoAccessID: - default: "Sumo Logic Access ID" - Section1cSumoAccessKey: - default: "Sumo Logic Access Key" - Section1dRemoveSumoResourcesOnDeleteStack: - default: "Delete Sumo Logic Resources when stack is deleted" - Section1eOrgId: - default: "Sumo Logic Organization Id" - - Section2aInstallApp: - default: "Install Sumo Logic App" - - Section3aCloudTrailLogsSourceName: - default: "Sumo Logic CloudTrail Logs Source Name" - Section3bCloudTrailSourceUpdated: - default: "Existing Source Updated" - - Section4aParentStackLambdaARN: - default: "If Any, Lambda ARN from parent Stack" - Section4bTemplatesBucketName: - default: "Nested Templates Bucket Name" - Section4cNestedTemplateVersion: - default: "Nested Templates Version" - - Section5aAppInstallLocation: - default: "App Installation location" - Section5bShare: - default: "Share" - -Parameters: - Section1aSumoDeployment: - Type: String - Default: "" - Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2" - Section1bSumoAccessID: - Type: String - Description: "Sumo Logic Access ID. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access ID can not be empty." - Section1cSumoAccessKey: - Type: String - Description: "Sumo Logic Access Key. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access Key can not be empty." - NoEcho: true - Section1dRemoveSumoResourcesOnDeleteStack: - AllowedValues: - - true - - false - Default: true - Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True. - Deletes the resources created by the stack. Deletion of updated resources will be skipped." - Type: String - Section1eOrgId: - Description: "Appears on the Account Overview page that displays information about your Sumo Logic organization. Used for IAM Role in Sumo Logic AWS Sources. Visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page" - Type: String - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Organization Id can not be empty." - - Section2aInstallApp: - Type: String - Description: "Yes - Installs the DynamoDB App for the Sumo Logic AWS Observability Solution. - No - Skips the installation of this app." - Default: 'Yes' - AllowedValues: - - 'Yes' - - 'No' - - Section3aCloudTrailLogsSourceName: - Type: String - Description: Change the CloudTrail Source name to be created else default name will be used. - Default: "" - Section3bCloudTrailSourceUpdated: - Type: String - Description: "Yes - If fields are added to the existing source. - No - If a new source was created." - Default: 'No' - AllowedValues: - - 'Yes' - - 'No' - - Section4aParentStackLambdaARN: - Type: String - Default: "ParentStackLambdaARN" - Description: Parent Stack Lambda ARN. Do Not Edit the value. - Section4bTemplatesBucketName: - Type: String - AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - Section4cNestedTemplateVersion: - Type: String - Description: "Provide the version for the nested templates. Default is the latest version." - AllowedPattern: ".+" - - Section5aAppInstallLocation: - Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section5bShare: - Type: String - Description: "True - Installed App will be visible to all members of the organisation. - False - Installed App will be visible to you only." - Default: 'True' - AllowedValues: - - 'True' - - 'False' - -Conditions: - install_app: !Equals [!Ref Section2aInstallApp, 'Yes'] - - create_fer: !Not [!Equals [!Ref Section3aCloudTrailLogsSourceName, '']] - - source_updated: !Equals [!Ref Section3bCloudTrailSourceUpdated, 'Yes'] - -Resources: - - sumoApp: - Type: Custom::App - Condition: install_app - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - Region: !Ref "AWS::Region" - AppName: "AWS Observability DynamoDb App" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - FolderName: !Sub "AWS Observability ${Section4cNestedTemplateVersion} " - RetainOldAppOnUpdate: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - AppJsonS3Url: !Sub "https://${Section4bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section4cNestedTemplateVersion}/appjson/DynamoDb-App.json" - location: !Ref Section5aAppInstallLocation - share: !Ref Section5bShare - orgid: !Ref Section1eOrgId - - FieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityDynamoDBCloudTrailLogsFER" - FieldExtractionRuleScope: !Join - - "" - - - "(_source=" - - !If [source_updated, !Sub "\"${Section3aCloudTrailLogsSourceName}\"", !Ref Section3aCloudTrailLogsSourceName] - - " (\"dynamodb.amazonaws.com\"))" - FieldExtractionRuleParseExpression: '| json "eventSource", "awsRegion", "requestParameters.tableName", "recipientAccountId" as eventSource, region, tablename, accountid nodrop - | where eventSource = "dynamodb.amazonaws.com" - | "aws/dynamodb" as namespace - | tolowercase(tablename) as tablename - | fields region, namespace, tablename, accountid' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment diff --git a/aws-observability/apps/dynamodb/test/TestTemplate.yaml b/aws-observability/apps/dynamodb/test/TestTemplate.yaml deleted file mode 100644 index 7e1643ca..00000000 --- a/aws-observability/apps/dynamodb/test/TestTemplate.yaml +++ /dev/null @@ -1,82 +0,0 @@ ---- -Global: - TemplatePath: "../dynamodb_app.template.yaml" - TestProjectName: BasicTestProject - ParallelTestsRun: 2 - GlobalParameters: - Section1aSumoDeployment: us2 - Section1bSumoAccessID: '${PROFESSIONAL_US2_ACCESS_ID}' - Section1cSumoAccessKey: '${PROFESSIONAL_US2_ACCESS_KEY}' - Section1dRemoveSumoResourcesOnDeleteStack: 'true' - Section2aInstallApp: 'No' - Section3bCloudTrailSourceUpdated: 'No' - Section4aParentStackLambdaARN: '${lambda_arn}' - Section4bTemplatesBucketName: '${template_bucket}' - Section4cNestedTemplateVersion: '${template_version}' -Tests: - - TestName: installall - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'Tests with space' - Section3bCloudTrailSourceUpdated: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - FieldExtractionRule - - AddTableNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: installnothing - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'No' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - AddTableNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyappinstall - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - AddTableNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyfer - Regions: - - ap-south-1 - Parameters: - Values: - Section3aCloudTrailLogsSourceName: 'Tests' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - FieldExtractionRule - - AddTableNameField - - AssertType: OutputsCheck - Assert: - Outputs: \ No newline at end of file diff --git a/aws-observability/apps/ec2metrics/ec2_metrics_app.template.yaml b/aws-observability/apps/ec2metrics/ec2_metrics_app.template.yaml deleted file mode 100755 index a62476b4..00000000 --- a/aws-observability/apps/ec2metrics/ec2_metrics_app.template.yaml +++ /dev/null @@ -1,267 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to setup the EC2 Metrics app with AWS and Sumo Logic resources for AWS Observability Solution." - -Metadata: - AWS::CloudFormation::Interface: - ParameterGroups: - - Label: - default: "Sumo Logic Access Configuration (Required)" - Parameters: - - Section1aSumoDeployment - - Section1bSumoAccessID - - Section1cSumoAccessKey - - Section1dRemoveSumoResourcesOnDeleteStack - - Section1eOrgId - - - Label: - default: "App Details - Sumo Logic App Configuration" - Parameters: - - Section2aInstallApp - - - Label: - default: "Local Parameters. Do Not Edit the values." - Parameters: - - Section3aParentStackLambdaARN - - Section3bTemplatesBucketName - - Section3cNestedTemplateVersion - - - Label: - default: "App Details - CloudTrail Log Source Configuration" - Parameters: - - Section4aCloudTrailLogsSourceName - - Section4bCloudTrailSourceUpdated - - - Label: - default: "App Installation and sharing" - Parameters: - - Section5aAppInstallLocation - - Section5bShare - - ParameterLabels: - Section1aSumoDeployment: - default: "Sumo Logic Deployment Name" - Section1bSumoAccessID: - default: "Sumo Logic Access ID" - Section1cSumoAccessKey: - default: "Sumo Logic Access Key" - Section1dRemoveSumoResourcesOnDeleteStack: - default: "Delete Sumo Logic Resources when stack is deleted" - Section1eOrgId: - default: "Sumo Logic Organization Id" - - Section2aInstallApp: - default: "Install Sumo Logic App" - - Section3aParentStackLambdaARN: - default: "If Any, Lambda ARN from parent Stack" - Section3bTemplatesBucketName: - default: "Nested Templates Bucket Name" - Section3cNestedTemplateVersion: - default: "Nested Templates Version" - - Section4aCloudTrailLogsSourceName: - default: "Sumo Logic CloudTrail Logs Source Name" - Section4bCloudTrailSourceUpdated: - default: "Existing Source Updated" - - Section5aAppInstallLocation: - default: "App Installation location" - Section5bShare: - default: "Share" - -Parameters: - Section1aSumoDeployment: - Type: String - Default: "" - Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2" - Section1bSumoAccessID: - Type: String - Description: "Sumo Logic Access ID. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access ID can not be empty." - Section1cSumoAccessKey: - Type: String - Description: "Sumo Logic Access Key. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access Key can not be empty." - NoEcho: true - Section1dRemoveSumoResourcesOnDeleteStack: - AllowedValues: - - true - - false - Default: true - Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True. - Deletes the resources created by the stack. Deletion of updated resources will be skipped." - Type: String - Section1eOrgId: - Description: "Appears on the Account Overview page that displays information about your Sumo Logic organization. Used for IAM Role in Sumo Logic AWS Sources. Visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page" - Type: String - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Organization Id can not be empty." - - Section2aInstallApp: - Type: String - Description: "Yes - Installs the EC2 App for the Sumo Logic AWS Observability Solution. - No - Skips the installation of this app." - Default: 'Yes' - AllowedValues: - - 'Yes' - - 'No' - - Section3aParentStackLambdaARN: - Type: String - Default: "ParentStackLambdaARN" - Description: Parent Stack Lambda ARN. Do Not Edit the value. - Section3bTemplatesBucketName: - Type: String - AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - Section3cNestedTemplateVersion: - Type: String - Description: "Provide the version for the nested templates. Default is the latest version." - AllowedPattern: ".+" - - Section4aCloudTrailLogsSourceName: - Type: String - Description: Change the CloudTrail Source name to be created else default name will be used. - Default: "" - Section4bCloudTrailSourceUpdated: - Type: String - Description: "Yes - If fields are added to the existing source. - No - If a new source was created." - Default: 'No' - AllowedValues: - - 'Yes' - - 'No' - - Section5aAppInstallLocation: - Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section5bShare: - Type: String - Description: "True - Installed App will be visible to all members of the organisation. - False - Installed App will be visible to you only." - Default: 'True' - AllowedValues: - - 'True' - - 'False' - -Conditions: - install_app: !Equals [!Ref Section2aInstallApp, 'Yes'] - - create_fer: !Not [!Equals [!Ref Section4aCloudTrailLogsSourceName, '']] - - source_updated: !Equals [!Ref Section4bCloudTrailSourceUpdated, 'Yes'] - -Resources: - - sumoApp: - Type: Custom::App - Condition: install_app - Properties: - ServiceToken: !Ref Section3aParentStackLambdaARN - Region: !Ref "AWS::Region" - AppName: "AWS Observability EC2 Metrics App" - FolderName: !Sub "AWS Observability ${Section3cNestedTemplateVersion} " - RetainOldAppOnUpdate: true - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - AppJsonS3Url: !Sub "https://${Section3bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section3cNestedTemplateVersion}/appjson/EC2-Metrics-App.json" - location: !Ref Section5aAppInstallLocation - share: !Ref Section5bShare - orgid: !Ref Section1eOrgId - - sumoAppCW: - Type: Custom::App - Condition: install_app - DependsOn: sumoApp - Properties: - ServiceToken: !Ref Section3aParentStackLambdaARN - Region: !Ref "AWS::Region" - AppName: "AWS Observability EC2 CloudWatch Metrics App" - FolderName: !Sub "AWS Observability ${Section3cNestedTemplateVersion} " - RetainOldAppOnUpdate: true - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - AppJsonS3Url: !Sub "https://${Section3bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section3cNestedTemplateVersion}/appjson/EC2-CW-Metrics-App.json" - location: !Ref Section5aAppInstallLocation - share: !Ref Section5bShare - orgid: !Ref Section1eOrgId - - FieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section3aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityEC2CloudTrailLogsFER" - FieldExtractionRuleScope: !Join - - "" - - - "(_source=" - - !If [source_updated, !Sub "\"${Section4aCloudTrailLogsSourceName}\"", !Ref Section4aCloudTrailLogsSourceName] - - " (\"ec2.amazonaws.com\"))" - FieldExtractionRuleParseExpression: '| json "eventSource", "awsRegion", "requestParameters", "responseElements", "recipientAccountId" as eventSource, region, requestParameters, responseElements, accountid nodrop - | where eventSource = "ec2.amazonaws.com" - | "aws/ec2" as namespace - | json field=requestParameters "instanceType", "instancesSet", "instanceId", "DescribeInstanceCreditSpecificationsRequest.InstanceId.content" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop - | json field=req_instancesSet "item", "items" as req_instancesSet_item, req_instancesSet_items nodrop - | parse regex field=req_instancesSet_item "\"instanceId\":\s*\"(?.*?)\"" nodrop - | parse regex field=req_instancesSet_items "\"instanceId\":\s*\"(?.*?)\"" nodrop - | json field=responseElements "instancesSet.items" as res_responseElements_items nodrop - | parse regex field=res_responseElements_items "\"instanceType\":\s*\"(?.*?)\"" nodrop - | parse regex field=res_responseElements_items "\"instanceId\":\s*\"(?.*?)\"" nodrop - | if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, "")))) as req_instanceid - | if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid - | if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType - | tolowercase(instanceid) as instanceid - | fields region, namespace, accountid, instanceid' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - - sumoOverview: - Type: Custom::App - Condition: install_app - DependsOn: sumoAppCW - Properties: - ServiceToken: !Ref Section3aParentStackLambdaARN - Region: !Ref "AWS::Region" - AppName: "AWS Observability Overview App" - FolderName: !Sub "AWS Observability ${Section3cNestedTemplateVersion} " - RetainOldAppOnUpdate: true - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - AppJsonS3Url: !Sub "https://${Section3bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section3cNestedTemplateVersion}/appjson/Overview-App.json" - location: !Ref Section5aAppInstallLocation - share: !Ref Section5bShare - orgid: !Ref Section1eOrgId - - sumoMonitorAlerts: - Type: Custom::AlertsMonitor - Condition: install_app - DependsOn: sumoOverview - Properties: - ServiceToken: !Ref Section3aParentStackLambdaARN - Region: !Ref "AWS::Region" - FolderName: !Sub "AWS Observability ${Section3cNestedTemplateVersion} " - MonitorsS3Url: !Sub "https://${Section3bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section3cNestedTemplateVersion}/appjson/Alerts-App.json" - SuffixDateTime: true - RetainOldAlerts: true - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - orgid: !Ref Section1eOrgId diff --git a/aws-observability/apps/ec2metrics/test/TestTemplate.yaml b/aws-observability/apps/ec2metrics/test/TestTemplate.yaml deleted file mode 100644 index 07804e81..00000000 --- a/aws-observability/apps/ec2metrics/test/TestTemplate.yaml +++ /dev/null @@ -1,48 +0,0 @@ ---- -Global: - TemplatePath: "../ec2_metrics_app.template.yaml" - TestProjectName: BasicTestProject - ParallelTestsRun: 5 - GlobalParameters: - Section1aSumoDeployment: us2 - Section1bSumoAccessID: '${PROFESSIONAL_US2_ACCESS_ID}' - Section1cSumoAccessKey: '${PROFESSIONAL_US2_ACCESS_KEY}' - Section1dRemoveSumoResourcesOnDeleteStack: 'true' - Section2aInstallApp: 'No' - Section3aParentStackLambdaARN: '${lambda_arn}' - Section3bTemplatesBucketName: '${template_bucket}' - Section3cNestedTemplateVersion: '${template_version}' -Tests: - - TestName: installall - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - sumoOverview - - AddInstanceIdField - - sumoMonitorAlerts - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: nothing - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'No' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - AddInstanceIdField - - AssertType: OutputsCheck - Assert: - Outputs: diff --git a/aws-observability/apps/ecs/ecs_app.template.yaml b/aws-observability/apps/ecs/ecs_app.template.yaml deleted file mode 100755 index 7492247a..00000000 --- a/aws-observability/apps/ecs/ecs_app.template.yaml +++ /dev/null @@ -1,203 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to setup the ECS app with AWS and Sumo Logic resources for AWS Observability Solution." - -Metadata: - 'AWS::CloudFormation::Interface': - ParameterGroups: - - Label: - default: "Sumo Logic Access Configuration (Required)" - Parameters: - - Section1aSumoDeployment - - Section1bSumoAccessID - - Section1cSumoAccessKey - - Section1dRemoveSumoResourcesOnDeleteStack - - Section1eOrgId - - - Label: - default: "App Details - Sumo Logic App Configuration" - Parameters: - - Section2aInstallApp - - - Label: - default: "App Details - CloudTrail Log Source Configuration" - Parameters: - - Section3aCloudTrailLogsSourceName - - Section3bCloudTrailSourceUpdated - - - Label: - default: "Local Parameters. Do Not Edit the values." - Parameters: - - Section4aParentStackLambdaARN - - Section4bTemplatesBucketName - - Section4cNestedTemplateVersion - - - Label: - default: "App Installation and sharing" - Parameters: - - Section5aAppInstallLocation - - Section5bShare - - ParameterLabels: - Section1aSumoDeployment: - default: "Sumo Logic Deployment Name" - Section1bSumoAccessID: - default: "Sumo Logic Access ID" - Section1cSumoAccessKey: - default: "Sumo Logic Access Key" - Section1dRemoveSumoResourcesOnDeleteStack: - default: "Delete Sumo Logic Resources when stack is deleted" - Section1eOrgId: - default: "Sumo Logic Organization Id" - - Section2aInstallApp: - default: "Install Sumo Logic App" - - Section3aCloudTrailLogsSourceName: - default: "Sumo Logic CloudTrail Logs Source Name" - Section3bCloudTrailSourceUpdated: - default: "Existing Source Updated" - - Section4aParentStackLambdaARN: - default: "If Any, Lambda ARN from parent Stack" - Section4bTemplatesBucketName: - default: "Nested Templates Bucket Name" - Section4cNestedTemplateVersion: - default: "Nested Templates Version" - - Section5aAppInstallLocation: - default: "App Installation location" - Section5bShare: - default: "Share" - -Parameters: - Section1aSumoDeployment: - Type: String - Default: "" - Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2" - Section1bSumoAccessID: - Type: String - Description: "Sumo Logic Access ID. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access ID can not be empty." - Section1cSumoAccessKey: - Type: String - Description: "Sumo Logic Access Key. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access Key can not be empty." - NoEcho: true - Section1dRemoveSumoResourcesOnDeleteStack: - AllowedValues: - - true - - false - Default: true - Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True. - Deletes the resources created by the stack. Deletion of updated resources will be skipped." - Type: String - Section1eOrgId: - Description: "Appears on the Account Overview page that displays information about your Sumo Logic organization. Used for IAM Role in Sumo Logic AWS Sources. Visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page" - Type: String - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Organization Id can not be empty." - - Section2aInstallApp: - Type: String - Description: "Yes - Installs the Amazon ECS App for the Sumo Logic AWS Observability Solution. - No - Skips the installation of this app." - Default: 'Yes' - AllowedValues: - - 'Yes' - - 'No' - - Section3aCloudTrailLogsSourceName: - Type: String - Description: Change the CloudTrail Source name to be created else default name will be used. - Default: "" - Section3bCloudTrailSourceUpdated: - Type: String - Description: "Yes - If fields are added to the existing source. - No - If a new source was created." - Default: 'No' - AllowedValues: - - 'Yes' - - 'No' - - Section4aParentStackLambdaARN: - Type: String - Default: "ParentStackLambdaARN" - Description: Parent Stack Lambda ARN. Do Not Edit the value. - Section4bTemplatesBucketName: - Type: String - AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - Section4cNestedTemplateVersion: - Type: String - Description: "Provide the version for the nested templates. Default is the latest version." - AllowedPattern: ".+" - - Section5aAppInstallLocation: - Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section5bShare: - Type: String - Description: "True - Installed App will be visible to all members of the organisation. - False - Installed App will be visible to you only." - Default: 'True' - AllowedValues: - - 'True' - - 'False' - -Conditions: - install_app: !Equals [!Ref Section2aInstallApp, 'Yes'] - - create_fer: !Not [!Equals [!Ref Section3aCloudTrailLogsSourceName, '']] - - source_updated: !Equals [!Ref Section3bCloudTrailSourceUpdated, 'Yes'] - -Resources: - - sumoApp: - Type: Custom::App - Condition: install_app - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - Region: !Ref "AWS::Region" - AppName: "AWS Observability Ecs App" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - FolderName: !Sub "AWS Observability ${Section4cNestedTemplateVersion} " - RetainOldAppOnUpdate: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - AppJsonS3Url: !Sub "https://${Section4bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section4cNestedTemplateVersion}/appjson/Ecs-App.json" - location: !Ref Section5aAppInstallLocation - share: !Ref Section5bShare - orgid: !Ref Section1eOrgId - - FieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityECSCloudTrailLogsFER" - FieldExtractionRuleScope: !Join - - "" - - - "(_source=" - - !If [source_updated, !Sub "\"${Section3aCloudTrailLogsSourceName}\"", !Ref Section3aCloudTrailLogsSourceName] - - " (\"ecs.amazonaws.com\"))" - FieldExtractionRuleParseExpression: 'json "eventSource", "awsRegion", "requestParameters", "recipientAccountId" as eventSource, region, requestParameters, accountid nodrop - | json field=requestParameters "cluster" as clustername nodrop - | where eventSource = "ecs.amazonaws.com" - | "aws/ecs" as namespace - | tolowercase(clustername) as clustername - | fields region, namespace, clustername, accountid' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment \ No newline at end of file diff --git a/aws-observability/apps/ecs/test/TestTemplate.yaml b/aws-observability/apps/ecs/test/TestTemplate.yaml deleted file mode 100644 index 3943d617..00000000 --- a/aws-observability/apps/ecs/test/TestTemplate.yaml +++ /dev/null @@ -1,82 +0,0 @@ ---- -Global: - TemplatePath: "../ecs_app.template.yaml" - TestProjectName: BasicTestProject - ParallelTestsRun: 2 - GlobalParameters: - Section1aSumoDeployment: us2 - Section1bSumoAccessID: '${PROFESSIONAL_US2_ACCESS_ID}' - Section1cSumoAccessKey: '${PROFESSIONAL_US2_ACCESS_KEY}' - Section1dRemoveSumoResourcesOnDeleteStack: 'true' - Section2aInstallApp: 'No' - Section3bCloudTrailSourceUpdated: 'No' - Section4aParentStackLambdaARN: '${lambda_arn}' - Section4bTemplatesBucketName: '${template_bucket}' - Section4cNestedTemplateVersion: '${template_version}' -Tests: - - TestName: appferandmetricupdate - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'Tests With Space' - Section3bCloudTrailSourceUpdated: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - FieldExtractionRule - - AddClusterNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: installnothing - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'No' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - AddClusterNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyappinstall - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - AddClusterNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyfer - Regions: - - ap-south-1 - Parameters: - Values: - Section3aCloudTrailLogsSourceName: 'Tests' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - FieldExtractionRule - - AddClusterNameField - - AssertType: OutputsCheck - Assert: - Outputs: \ No newline at end of file diff --git a/aws-observability/apps/elasticache/elasticache_app.template.yaml b/aws-observability/apps/elasticache/elasticache_app.template.yaml deleted file mode 100755 index 62075799..00000000 --- a/aws-observability/apps/elasticache/elasticache_app.template.yaml +++ /dev/null @@ -1,203 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to setup the ElastiCache app with AWS and Sumo Logic resources for AWS Observability Solution." - -Metadata: - 'AWS::CloudFormation::Interface': - ParameterGroups: - - Label: - default: "Sumo Logic Access Configuration (Required)" - Parameters: - - Section1aSumoDeployment - - Section1bSumoAccessID - - Section1cSumoAccessKey - - Section1dRemoveSumoResourcesOnDeleteStack - - Section1eOrgId - - - Label: - default: "App Details - Sumo Logic App Configuration" - Parameters: - - Section2aInstallApp - - - Label: - default: "App Details - CloudTrail Log Source Configuration" - Parameters: - - Section3aCloudTrailLogsSourceName - - Section3bCloudTrailSourceUpdated - - - Label: - default: "Local Parameters. Do Not Edit the values." - Parameters: - - Section4aParentStackLambdaARN - - Section4bTemplatesBucketName - - Section4cNestedTemplateVersion - - - Label: - default: "App Installation and sharing" - Parameters: - - Section5aAppInstallLocation - - Section5bShare - - ParameterLabels: - Section1aSumoDeployment: - default: "Sumo Logic Deployment Name" - Section1bSumoAccessID: - default: "Sumo Logic Access ID" - Section1cSumoAccessKey: - default: "Sumo Logic Access Key" - Section1dRemoveSumoResourcesOnDeleteStack: - default: "Delete Sumo Logic Resources when stack is deleted" - Section1eOrgId: - default: "Sumo Logic Organization Id" - - Section2aInstallApp: - default: "Install Sumo Logic App" - - Section3aCloudTrailLogsSourceName: - default: "Sumo Logic CloudTrail Logs Source Name" - Section3bCloudTrailSourceUpdated: - default: "Existing Source Updated" - - Section4aParentStackLambdaARN: - default: "If Any, Lambda ARN from parent Stack" - Section4bTemplatesBucketName: - default: "Nested Templates Bucket Name" - Section4cNestedTemplateVersion: - default: "Nested Templates Version" - - Section5aAppInstallLocation: - default: "App Installation location" - Section5bShare: - default: "Share" - -Parameters: - Section1aSumoDeployment: - Type: String - Default: "" - Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2" - Section1bSumoAccessID: - Type: String - Description: "Sumo Logic Access ID. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access ID can not be empty." - Section1cSumoAccessKey: - Type: String - Description: "Sumo Logic Access Key. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access Key can not be empty." - NoEcho: true - Section1dRemoveSumoResourcesOnDeleteStack: - AllowedValues: - - true - - false - Default: true - Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True. - Deletes the resources created by the stack. Deletion of updated resources will be skipped." - Type: String - Section1eOrgId: - Description: "Appears on the Account Overview page that displays information about your Sumo Logic organization. Used for IAM Role in Sumo Logic AWS Sources. Visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page" - Type: String - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Organization Id can not be empty." - - Section2aInstallApp: - Type: String - Description: "Yes - Installs the Amazon ElastiCache App for the Sumo Logic AWS Observability Solution. - No - Skips the installation of this app." - Default: 'Yes' - AllowedValues: - - 'Yes' - - 'No' - - Section3aCloudTrailLogsSourceName: - Type: String - Description: Change the CloudTrail Source name to be created else default name will be used. - Default: "" - Section3bCloudTrailSourceUpdated: - Type: String - Description: "Yes - If fields are added to the existing source. - No - If a new source was created." - Default: 'No' - AllowedValues: - - 'Yes' - - 'No' - - Section4aParentStackLambdaARN: - Type: String - Default: "ParentStackLambdaARN" - Description: Parent Stack Lambda ARN. Do Not Edit the value. - Section4bTemplatesBucketName: - Type: String - AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - Section4cNestedTemplateVersion: - Type: String - Description: "Provide the version for the nested templates. Default is the latest version." - AllowedPattern: ".+" - - Section5aAppInstallLocation: - Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section5bShare: - Type: String - Description: "True - Installed App will be visible to all members of the organisation. - False - Installed App will be visible to you only." - Default: 'True' - AllowedValues: - - 'True' - - 'False' - -Conditions: - install_app: !Equals [!Ref Section2aInstallApp, 'Yes'] - - create_fer: !Not [!Equals [!Ref Section3aCloudTrailLogsSourceName, '']] - - source_updated: !Equals [!Ref Section3bCloudTrailSourceUpdated, 'Yes'] - -Resources: - - sumoApp: - Type: Custom::App - Condition: install_app - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - Region: !Ref "AWS::Region" - AppName: "AWS Observability ElastiCache App" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - FolderName: !Sub "AWS Observability ${Section4cNestedTemplateVersion} " - RetainOldAppOnUpdate: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - AppJsonS3Url: !Sub "https://${Section4bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section4cNestedTemplateVersion}/appjson/ElastiCache-App.json" - location: !Ref Section5aAppInstallLocation - share: !Ref Section5bShare - orgid: !Ref Section1eOrgId - - FieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityElastiCacheCloudTrailLogsFER" - FieldExtractionRuleScope: !Join - - "" - - - "(_source=" - - !If [source_updated, !Sub "\"${Section3aCloudTrailLogsSourceName}\"", !Ref Section3aCloudTrailLogsSourceName] - - " (\"elasticache.amazonaws.com\"))" - FieldExtractionRuleParseExpression: 'json "eventSource", "awsRegion", "requestParameters.cacheClusterId", "responseElements.cacheClusterId", "recipientAccountId" as eventSource, region, req_cacheClusterId, res_cacheClusterId, accountid nodrop - | where eventSource = "elasticache.amazonaws.com" - | if (!isEmpty(req_cacheClusterId), req_cacheClusterId, res_cacheClusterId) as cacheclusterid - | "aws/elasticache" as namespace - | tolowercase(cacheclusterid) as cacheclusterid - | fields region, namespace, cacheclusterid, accountid' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment diff --git a/aws-observability/apps/elasticache/test/TestTemplate.yaml b/aws-observability/apps/elasticache/test/TestTemplate.yaml deleted file mode 100644 index 6606aef7..00000000 --- a/aws-observability/apps/elasticache/test/TestTemplate.yaml +++ /dev/null @@ -1,82 +0,0 @@ ---- -Global: - TemplatePath: "../elasticache_app.template.yaml" - TestProjectName: BasicTestProject - ParallelTestsRun: 2 - GlobalParameters: - Section1aSumoDeployment: us2 - Section1bSumoAccessID: '${PROFESSIONAL_US2_ACCESS_ID}' - Section1cSumoAccessKey: '${PROFESSIONAL_US2_ACCESS_KEY}' - Section1dRemoveSumoResourcesOnDeleteStack: 'true' - Section2aInstallApp: 'No' - Section3bCloudTrailSourceUpdated: 'No' - Section4aParentStackLambdaARN: '${lambda_arn}' - Section4bTemplatesBucketName: '${template_bucket}' - Section4cNestedTemplateVersion: '${template_version}' -Tests: - - TestName: installall - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'Tests With Space' - Section3bCloudTrailSourceUpdated: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - FieldExtractionRule - - AddCacheClusterIdField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: installnothing - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'No' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - AddCacheClusterIdField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyappinstall - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - AddCacheClusterIdField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyfer - Regions: - - ap-south-1 - Parameters: - Values: - Section3aCloudTrailLogsSourceName: 'Tests' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - FieldExtractionRule - - AddCacheClusterIdField - - AssertType: OutputsCheck - Assert: - Outputs: \ No newline at end of file diff --git a/aws-observability/apps/elb/elb_app.template.yaml b/aws-observability/apps/elb/elb_app.template.yaml deleted file mode 100755 index 577b6e07..00000000 --- a/aws-observability/apps/elb/elb_app.template.yaml +++ /dev/null @@ -1,406 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to setup the ELB classic app with AWS and Sumo Logic resources for AWS Observability Solution." - -Metadata: - 'AWS::CloudFormation::Interface': - ParameterGroups: - - Label: - default: "Sumo Logic Access Configuration (Required)" - Parameters: - - Section1aSumoDeployment - - Section1bSumoAccessID - - Section1cSumoAccessKey - - Section1dRemoveSumoResourcesOnDeleteStack - - Section1eOrgId - - - Label: - default: "Sumo Logic AWS Resources Tagging Configuration (Required)" - Parameters: - - Section2aAccountAlias - - Section2bAccountAliasMappingS3URL - - - Label: - default: "App Details - Sumo Logic App Configuration" - Parameters: - - Section3aInstallApp - - - Label: - default: "App Details - CloudWatch Metrics Source Configuration" - Parameters: - - Section4aCloudWatchExistingSourceAPIUrl - - - Label: - default: "App Details - ELB classic Source Log Source Configuration" - Parameters: - - Section5aELBLogsAPIUrl - - Section5bELBLogsSourceName - - - Label: - default: "Local Parameters. Do Not Edit the values." - Parameters: - - Section6aParentStackLambdaARN - - Section6bTemplatesBucketName - - Section6cNestedTemplateVersion - - - Label: - default: "App Installation and sharing" - Parameters: - - Section7aAppInstallLocation - - Section7bShare - - ParameterLabels: - Section1aSumoDeployment: - default: "Sumo Logic Deployment Name" - Section1bSumoAccessID: - default: "Sumo Logic Access ID" - Section1cSumoAccessKey: - default: "Sumo Logic Access Key" - Section1dRemoveSumoResourcesOnDeleteStack: - default: "Delete Sumo Logic Resources when stack is deleted" - Section1eOrgId: - default: "Sumo Logic Organization Id" - - Section2aAccountAlias: - default: "Alias for AWS Account Identification. Please leave this blank if you are using CloudFormation StackSets to deploy the solution in multiple AWS accounts." - - Section2bAccountAliasMappingS3URL: - default: "S3 URL of a CSV file that maps AWS Account IDs to an Account Alias" - - Section3aInstallApp: - default: "Install Sumo Logic App" - - Section4aCloudWatchExistingSourceAPIUrl: - default: "Existing Sumo Logic CloudWatch Metrics Source API URL" - - Section5aELBLogsAPIUrl: - default: "Existing Sumo Logic ELB Logs Source API URL" - Section5bELBLogsSourceName: - default: "Provide the ELB Logs Source Name for Field Extraction Rule" - - Section6aParentStackLambdaARN: - default: "If Any, Lambda ARN from parent Stack" - Section6bTemplatesBucketName: - default: "Nested Templates Bucket Name" - Section6cNestedTemplateVersion: - default: "Nested Templates Version" - - Section7aAppInstallLocation: - default: "App Installation location" - Section7bShare: - default: "Share" - -Parameters: - Section1aSumoDeployment: - Type: String - Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2" - Default: "" - Section1bSumoAccessID: - Type: String - Description: "Sumo Logic Access ID. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access ID can not be empty." - Section1cSumoAccessKey: - Type: String - Description: "Sumo Logic Access Key. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access Key can not be empty." - NoEcho: true - Section1dRemoveSumoResourcesOnDeleteStack: - AllowedValues: - - true - - false - Default: true - Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True. - Deletes the resources created by the stack. Deletion of updated resources will be skipped." - Type: String - Section1eOrgId: - Description: "Appears on the Account Overview page that displays information about your Sumo Logic organization. Used for IAM Role in Sumo Logic AWS Sources. Visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page" - Type: String - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Organization Id can not be empty." - - Section2aAccountAlias: - Type: String - Description: "Provide an Alias for AWS account for identification in Sumo Logic Explorer View, metrics and logs. Please do not include special characters." - AllowedPattern: "[a-z0-9]*" - ConstraintDescription: "Alias must only contain lowercase letters, number and length less than or equal to 30 characters." - MaxLength: 30 - - Section2bAccountAliasMappingS3URL: - Type: String - Description: "Required only if you are using CloudFormation StackSets to deploy the solution in multiple AWS accounts." - Default: "" - - Section3aInstallApp: - Type: String - Description: "Yes - Installs the ELB classic App for the Sumo Logic AWS Observability Solution. - No - Skips the installation of this app." - Default: 'Yes' - AllowedValues: - - 'Yes' - - 'No' - - Section4aCloudWatchExistingSourceAPIUrl: - Type: String - Description: "Required when already collecting ELB Metrics. Provide the existing Sumo Logic ALB Metrics Source API URL. Account Field will be added to the Source. For Source API URL, visit https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration" - Default: "" - - Section5aELBLogsAPIUrl: - Type: String - Description: "Required when already collecting ELB logs. Provide the existing Sumo Logic ELB Source API URL. Account, region and namespace Fields will be added to the Source. For Source API URL, visit https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration" - Default: "" - Section5bELBLogsSourceName: - Type: String - Description: "Provide a ELB Logs Source Name for Field Extraction Rule." - Default: "" - - Section6aParentStackLambdaARN: - Type: String - Default: "ParentStackLambdaARN" - Description: Parent Stack Lambda ARN. Do Not Edit the value. - Section6bTemplatesBucketName: - Type: String - AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - Section6cNestedTemplateVersion: - Type: String - Description: "Provide the version for the nested templates. Default is the latest version." - AllowedPattern: ".+" - - Section7aAppInstallLocation: - Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section7bShare: - Type: String - Description: "True - Installed App will be visible to all members of the organisation. - False - Installed App will be visible to you only." - Default: 'True' - AllowedValues: - - 'True' - - 'False' - -Conditions: - install_app: !Equals [!Ref Section3aInstallApp, 'Yes'] - - update_elb_logs_source: !Not [!Equals [!Ref Section5aELBLogsAPIUrl, '']] - - update_elb_metrics_source: !Not [!Equals [!Ref Section4aCloudWatchExistingSourceAPIUrl, '']] - - create_fer: !Or - - !Condition update_elb_logs_source - - !Not [!Equals [!Ref Section5bELBLogsSourceName, '']] - -Mappings: - # Bucket names where the Lambda Zip and Nested Templates are kept. Buckets are present in region, with region as suffix. - # Some buckets names have 's' in the region suffix. It is kept intentional as bucket names were not available. - # Buckets names which are intentional - - # 1. appdevzipfiles-eu-north-1s - # 2. appdevzipfiles-ap-east-1s - # 3. appdevzipfiles-af-south-1s - # 4. appdevzipfiles-me-south-1s - RegionMap: - us-east-1: - bucketname: appdevzipfiles-us-east-1 - us-east-2: - bucketname: appdevzipfiles-us-east-2 - us-west-1: - bucketname: appdevzipfiles-us-west-1 - us-west-2: - bucketname: appdevzipfiles-us-west-2 - ap-south-1: - bucketname: appdevzipfiles-ap-south-1 - ap-northeast-2: - bucketname: appdevzipfiles-ap-northeast-2 - ap-southeast-1: - bucketname: appdevzipfiles-ap-southeast-1 - ap-southeast-2: - bucketname: appdevzipfiles-ap-southeast-2 - ap-northeast-1: - bucketname: appdevzipfiles-ap-northeast-1 - ca-central-1: - bucketname: appdevzipfiles-ca-central-1 - eu-central-1: - bucketname: appdevzipfiles-eu-central-1 - eu-west-1: - bucketname: appdevzipfiles-eu-west-1 - eu-west-2: - bucketname: appdevzipfiles-eu-west-2 - eu-west-3: - bucketname: appdevzipfiles-eu-west-3 - eu-north-1: - bucketname: appdevzipfiles-eu-north-1s - sa-east-1: - bucketname: appdevzipfiles-sa-east-1 - ap-east-1: - bucketname: appdevzipfiles-ap-east-1s - af-south-1: - bucketname: appdevzipfiles-af-south-1s - eu-south-1: - bucketname: appdevzipfiles-eu-south-1 - me-south-1: - bucketname: appdevzipfiles-me-south-1s - me-central-1: - bucketname: appdevzipfiles-me-central-1 - eu-central-2: - bucketname: appdevzipfiles-eu-central-2ss - ap-northeast-3: - bucketname: appdevzipfiles-ap-northeast-3s - ap-southeast-3: - bucketname: appdevzipfiles-ap-southeast-3 - -Resources: - - LambdaRole: - Type: AWS::IAM::Role - Metadata: - cfn_nag: - rules_to_suppress: - - id: W11 - reason: "Operations are performed across resources." - Properties: - AssumeRolePolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Principal: - Service: lambda.amazonaws.com - Action: sts:AssumeRole - Path: / - Policies: - - PolicyName: LambdaExecutePolicies - PolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Action: - - logs:CreateLogGroup - - logs:CreateLogStream - - logs:PutLogEvents - Resource: '*' - - LambdaHelper: - Type: 'AWS::Serverless::Function' - Properties: - Handler: main.handler - Runtime: python3.14 - CodeUri: - Bucket: !FindInMap [ RegionMap, !Ref 'AWS::Region', bucketname ] - Key: "sumologic-aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelperv2.0.23.zip" - MemorySize: 128 - Timeout: 900 - Role: - Fn::GetAtt: - - LambdaRole - - Arn - - AccountAliasValue: - Type: Custom::AccountAlias - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - Region: !Ref "AWS::Region" - AccountID: !Ref "AWS::AccountId" - AccountAlias: !Ref Section2aAccountAlias - AccountAliasMappingS3Url: !Ref Section2bAccountAliasMappingS3URL - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - - sumoApp: - Condition: install_app - Type: Custom::App - Properties: - ServiceToken: !Ref Section6aParentStackLambdaARN - Region: !Ref "AWS::Region" - AppName: "AWS Observability Classic Load Balancer App" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - FolderName: !Sub "AWS Observability ${Section6cNestedTemplateVersion} " - RetainOldAppOnUpdate: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - AppJsonS3Url: !Sub "https://${Section6bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section6cNestedTemplateVersion}/appjson/Classic-lb-App.json" - location: !Ref Section7aAppInstallLocation - share: !Ref Section7bShare - orgid: !Ref Section1eOrgId - - SumoELBLogsUpdateSource: - Type: Custom::SumoLogicUpdateFields - Condition: update_elb_logs_source - Properties: - ServiceToken: !Ref Section6aParentStackLambdaARN - Region: !Ref "AWS::Region" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - SourceApiUrl: !Ref Section5aELBLogsAPIUrl - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - Fields: - account: !GetAtt AccountAliasValue.ACCOUNT_ALIAS - region: !Ref "AWS::Region" - accountid: !Ref "AWS::AccountId" - - SumoELBMetricsUpdateSource: - Type: Custom::SumoLogicUpdateFields - Condition: update_elb_metrics_source - Properties: - ServiceToken: !Ref Section6aParentStackLambdaARN - Region: !Ref "AWS::Region" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - SourceApiUrl: !Ref Section4aCloudWatchExistingSourceAPIUrl - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - Fields: - account: !GetAtt AccountAliasValue.ACCOUNT_ALIAS - - ElbLogsFieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section6aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityElbAccessLogsFER" - FieldExtractionRuleScope: !Join - - "" - - - "(_source=" - - !If [update_elb_logs_source, !Sub "\"${SumoELBLogsUpdateSource.source_name}\"", !Ref Section5bELBLogsSourceName] - - ")" - FieldExtractionRuleParseExpression: '| parse "* * * * * * * * * * * \"*\" \"*\" * *" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol - | parse regex field=datetime "(?\d{0,4}-\d{0,2}-\d{0,2}T\d{0,2}:\d{0,2}:\d{0,2}\.\d+Z)" - | where !isBlank(loadbalancername) and !isBlank(datetimevalue) - | "aws/elb" as namespace - | tolowercase(loadbalancername) as loadbalancername | fields loadbalancername, namespace' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - - ClbCloudTrailLogsFieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section6aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityCLBCloudTrailLogsFER" - FieldExtractionRuleScope: "account=* eventSource eventName \"elasticloadbalancing.amazonaws.com\" \"2012-06-01\"" - FieldExtractionRuleParseExpression: '| json "eventSource", "awsRegion", "recipientAccountId", "requestParameters.loadBalancerName" as event_source, region, accountid, loadbalancername nodrop - | where event_source = "elasticloadbalancing.amazonaws.com" - | toLowerCase(loadbalancername) as loadbalancername - | "aws/elb" as namespace - | fields region, namespace, loadbalancername, accountid' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - -Outputs: - ExistingLogSourceName: - Description: "Existing ELB Logs Source Name" - Condition: update_elb_logs_source - Value: !GetAtt SumoELBLogsUpdateSource.source_name \ No newline at end of file diff --git a/aws-observability/apps/elb/test/TestTemplate.yaml b/aws-observability/apps/elb/test/TestTemplate.yaml deleted file mode 100644 index 00b66d56..00000000 --- a/aws-observability/apps/elb/test/TestTemplate.yaml +++ /dev/null @@ -1,124 +0,0 @@ ---- -Global: - TemplatePath: "../elb_app.template.yaml" - TestProjectName: BasicTestProject - ParallelTestsRun: 6 - GlobalParameters: - Section1aSumoDeployment: us2 - Section1bSumoAccessID: '${PROFESSIONAL_US2_ACCESS_ID}' - Section1cSumoAccessKey: '${PROFESSIONAL_US2_ACCESS_KEY}' - Section1dRemoveSumoResourcesOnDeleteStack: 'true' - Section2aAccountAlias: 'testenv' - Section3aInstallApp: 'No' - Section6aParentStackLambdaARN: '${lambda_arn}' # ? - Section6bTemplatesBucketName: '${template_bucket}' # ? - Section6cNestedTemplateVersion: '${template_version}' # ? -Tests: - - TestName: appferandmetricupdate - Regions: - - us-east-1 # ? - Parameters: - Values: - Section3aInstallApp: 'Yes' - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/187445783/sources/952768626' # ? - Section9bELBLogsSourceName: 'ElbTests' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - ElbLogsFieldExtractionRule - - SumoELBMetricsUpdateSource - - AddLoadBalancerNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - ExistingMetricSourceName - - TestName: installnothing - Regions: - - us-east-1 # ? - Parameters: - Values: - Section3aInstallApp: 'No' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - AddLoadBalancerNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyappinstall - Regions: - - us-east-1 # ? - Parameters: - Values: - Section3aInstallApp: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - AddLoadBalancerNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: updatecwmetrics - Regions: - - us-east-1 # ? - Parameters: - Values: - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/187445783/sources/952768626' # ? - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - SumoELBMetricsUpdateSource - - AddLoadBalancerNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - ExistingMetricSourceName - - TestName: updatelogssource - Regions: - - us-east-1 # ? - Parameters: - Values: - Section9aELBLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/187445783/sources/951309199' # ? - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - SumoELBLogsUpdateSource - - ElbLogsFieldExtractionRule - - AddLoadBalancerNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - ExistingLogSourceName - - TestName: updatebothsources - Regions: - - us-east-1 # ? - Parameters: - Values: - Section9aELBLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/187445783/sources/951309199' # ? - Section4aCloudWatchExistingSourceAPIUrl: "https://api.sumologic.com/api/v1/collectors/187445783/sources/952768626" # ? - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - SumoELBLogsUpdateSource - - ElbLogsFieldExtractionRule - - SumoELBMetricsUpdateSource - - AddLoadBalancerNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - ExistingLogSourceName - - ExistingMetricSourceName diff --git a/aws-observability/apps/lambda/lambda_app.template.yaml b/aws-observability/apps/lambda/lambda_app.template.yaml deleted file mode 100755 index bddd6f82..00000000 --- a/aws-observability/apps/lambda/lambda_app.template.yaml +++ /dev/null @@ -1,389 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to setup the Lambda app with AWS and Sumo Logic resources for AWS Observability Solution." - -Metadata: - 'AWS::CloudFormation::Interface': - ParameterGroups: - - Label: - default: "Sumo Logic Access Configuration (Required)" - Parameters: - - Section1aSumoDeployment - - Section1bSumoAccessID - - Section1cSumoAccessKey - - Section1dRemoveSumoResourcesOnDeleteStack - - Section1eOrgId - - - Label: - default: "Sumo Logic AWS Resources Tagging Configuration (Required)" - Parameters: - - Section2aAccountAlias - - Section2bAccountAliasMappingS3URL - - - Label: - default: "App Details - Sumo Logic App Configuration" - Parameters: - - Section3aInstallApp - - - Label: - default: "App Details - CloudWatch Metrics Source Configuration" - Parameters: - - Section4aCloudWatchExistingSourceAPIUrl - - - Label: - default: "App Details - CloudTrail Log Source Configuration" - Parameters: - - Section5aCloudTrailLogsAPIUrl - - Section5bCloudTrailLogsSourceName - - - Label: - default: "App Details - CloudWatch Log Source Configuration" - Parameters: - - Section6aCloudWatchLogsAPIUrl - - Section6bCloudWatchLogsSourceName - - - Label: - default: "Local Parameters. Do Not Edit the values." - Parameters: - - Section7aParentStackLambdaARN - - Section7bTemplatesBucketName - - Section7cNestedTemplateVersion - - - Label: - default: "App Installation and sharing" - Parameters: - - Section8aAppInstallLocation - - Section8bShare - - ParameterLabels: - Section1aSumoDeployment: - default: "Sumo Logic Deployment Name" - Section1bSumoAccessID: - default: "Sumo Logic Access ID" - Section1cSumoAccessKey: - default: "Sumo Logic Access Key" - Section1dRemoveSumoResourcesOnDeleteStack: - default: "Delete Sumo Logic Resources when stack is deleted" - Section1eOrgId: - default: "Sumo Logic Organization Id" - - Section2aAccountAlias: - default: "Alias for AWS Account Identification. Please leave this blank if you are using CloudFormation StackSets to deploy the solution in multiple AWS accounts." - - Section2bAccountAliasMappingS3URL: - default: "S3 URL of a CSV file that maps AWS Account IDs to an Account Alias" - - Section3aInstallApp: - default: "Install Sumo Logic App" - - Section4aCloudWatchExistingSourceAPIUrl: - default: "Existing Sumo Logic CloudWatch Metrics Source API URL" - - Section5bCloudTrailLogsSourceName: - default: "Sumo Logic CloudTrail Logs Source Name" - Section5aCloudTrailLogsAPIUrl: - default: "Existing Sumo Logic ALB Logs Source API URL" - - Section6bCloudWatchLogsSourceName: - default: "Sumo Logic CloudWatch Logs Source Name" - Section6aCloudWatchLogsAPIUrl: - default: "Existing Sumo Logic ALB Logs Source API URL" - - Section7aParentStackLambdaARN: - default: "If Any, Lambda ARN from parent Stack" - Section7bTemplatesBucketName: - default: "Nested Templates Bucket Name" - Section7cNestedTemplateVersion: - default: "Nested Templates Version" - - Section8aAppInstallLocation: - default: "App Installation location" - Section8bShare: - default: "Share" - -Parameters: - Section1aSumoDeployment: - Type: String - Default: "" - Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2" - Section1bSumoAccessID: - Type: String - Description: "Sumo Logic Access ID. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access ID can not be empty." - Section1cSumoAccessKey: - Type: String - Description: "Sumo Logic Access Key. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access Key can not be empty." - NoEcho: true - Section1dRemoveSumoResourcesOnDeleteStack: - AllowedValues: - - true - - false - Default: true - Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True. - Deletes the resources created by the stack. Deletion of updated resources will be skipped." - Type: String - Section1eOrgId: - Description: "Appears on the Account Overview page that displays information about your Sumo Logic organization. Used for IAM Role in Sumo Logic AWS Sources. Visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page" - Type: String - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Organization Id can not be empty." - - Section2aAccountAlias: - Type: String - Description: "Provide an Alias for AWS account for identification in Sumo Logic Explorer View, metrics and logs. Please do not include special characters." - AllowedPattern: "[a-z0-9]*" - ConstraintDescription: "Alias must only contain lowercase letters, number and length less than or equal to 30 characters." - MaxLength: 30 - - Section2bAccountAliasMappingS3URL: - Type: String - Description: "Required only if you are using CloudFormation StackSets to deploy the solution in multiple AWS accounts." - Default: "" - - Section3aInstallApp: - Type: String - Description: "Yes - Installs the Lambda App for the Sumo Logic AWS Observability Solution. - No - Skips the installation of this app." - Default: 'Yes' - AllowedValues: - - 'Yes' - - 'No' - - Section4aCloudWatchExistingSourceAPIUrl: - Type: String - Description: "Required when already collecting Lambda Metrics. Provide the existing Sumo Logic Lambda Metrics Source API URL. Account Field will be added to the Source. For Source API URL, visit https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration" - Default: "" - - Section5bCloudTrailLogsSourceName: - Type: String - Description: Change the CloudTrail Source name to be created else default name will be used. - Default: "" - Section5aCloudTrailLogsAPIUrl: - Type: String - Description: "Required when already collecting CloudTrail logs. Provide the existing Sumo Logic CloudTrail Source API URL. Account Field will be added to the Source. For Source API URL, visit https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration" - Default: "" - - Section6bCloudWatchLogsSourceName: - Type: String - Description: Change the CloudWatch Log Source name to be created else default name will be used. - Default: "" - Section6aCloudWatchLogsAPIUrl: - Type: String - Description: "Required when already collecting CloudWatch logs. Provide the existing Sumo Logic CloudWatch Source API URL. Account Field will be added to the Source. For Source API URL, visit https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration" - Default: "" - - Section7aParentStackLambdaARN: - Type: String - Default: "ParentStackLambdaARN" - Description: Parent Stack Lambda ARN. Do Not Edit the value. - Section7bTemplatesBucketName: - Type: String - AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - Section7cNestedTemplateVersion: - Type: String - Description: "Provide the version for the nested templates. Default is the latest version." - AllowedPattern: ".+" - - Section8aAppInstallLocation: - Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section8bShare: - Type: String - Description: "True - Installed App will be visible to all members of the organisation. - False - Installed App will be visible to you only." - Default: 'True' - AllowedValues: - - 'True' - - 'False' - -Conditions: - install_app: !Equals [!Ref Section3aInstallApp, 'Yes'] - - update_cloudtrail_logs_source: !Not [!Equals [!Ref Section5aCloudTrailLogsAPIUrl, '']] - - update_cloudwatch_logs_source: !Not [!Equals [!Ref Section6aCloudWatchLogsAPIUrl, '']] - - update_metrics_source: !Not [!Equals [!Ref Section4aCloudWatchExistingSourceAPIUrl, '']] - - create_fer: !Or - - !Condition update_cloudtrail_logs_source - - !Not [!Equals [!Ref Section5bCloudTrailLogsSourceName, '']] - - create_cloudwatch_fer: !Or - - !Condition update_cloudwatch_logs_source - - !Not [!Equals [!Ref Section6bCloudWatchLogsSourceName, '']] - -Resources: - - AccountAliasValue: - Type: Custom::AccountAlias - Properties: - ServiceToken: !Ref Section7aParentStackLambdaARN - Region: !Ref "AWS::Region" - AccountID: !Ref "AWS::AccountId" - AccountAlias: !Ref Section2aAccountAlias - AccountAliasMappingS3Url: !Ref Section2bAccountAliasMappingS3URL - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - - sumoApp: - Type: Custom::App - Condition: install_app - Properties: - ServiceToken: !Ref Section7aParentStackLambdaARN - Region: !Ref "AWS::Region" - AppName: "AWS Observability Lambda App" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - FolderName: !Sub "AWS Observability ${Section7cNestedTemplateVersion} " - RetainOldAppOnUpdate: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - AppJsonS3Url: !Sub "https://${Section7bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section7cNestedTemplateVersion}/appjson/Lambda-App.json" - location: !Ref Section8aAppInstallLocation - share: !Ref Section8bShare - orgid: !Ref Section1eOrgId - - SumoCloudTrailLogsUpdateSource: - Type: Custom::SumoLogicUpdateFields - Condition: update_cloudtrail_logs_source - Properties: - ServiceToken: !Ref Section7aParentStackLambdaARN - Region: !Ref "AWS::Region" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - SourceApiUrl: !Ref Section5aCloudTrailLogsAPIUrl - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - Fields: - account: !GetAtt AccountAliasValue.ACCOUNT_ALIAS - - SumoMetricsUpdateSource: - Type: Custom::SumoLogicUpdateFields - Condition: update_metrics_source - Properties: - ServiceToken: !Ref Section7aParentStackLambdaARN - Region: !Ref "AWS::Region" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - SourceApiUrl: !Ref Section4aCloudWatchExistingSourceAPIUrl - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - Fields: - account: !GetAtt AccountAliasValue.ACCOUNT_ALIAS - - SumoHTTPUpdateSource: - Type: Custom::SumoLogicUpdateFields - Condition: update_cloudwatch_logs_source - Properties: - ServiceToken: !Ref Section7aParentStackLambdaARN - Region: !Ref "AWS::Region" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - SourceApiUrl: !Ref Section6aCloudWatchLogsAPIUrl - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - Fields: - account: !GetAtt AccountAliasValue.ACCOUNT_ALIAS - namespace: "aws/lambda" - region: !Ref "AWS::Region" - accountid: !Ref "AWS::AccountId" - - LambdaFieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section7aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityFieldExtractionRule" - FieldExtractionRuleScope: !Join - - "" - - - "(_source=" - - !If [update_cloudtrail_logs_source, !Sub "\"${SumoCloudTrailLogsUpdateSource.source_name}\"", !Ref Section5bCloudTrailLogsSourceName] - - " (\"lambda.amazonaws.com\"))" - FieldExtractionRuleParseExpression: '| json "eventSource", "awsRegion", "requestParameters", "recipientAccountId" as eventSource, region, requestParameters, accountid nodrop - | where eventSource = "lambda.amazonaws.com" - | json field=requestParameters "functionName", "resource" as functionname, resource nodrop - | parse regex field=functionname "\w+:\w+:\S+:[\w-]+:\S+:\S+:(?[\S]+)$" nodrop - | parse field=resource "arn:*:lambda:*:function:*" as arn_part, f1, functionname2 nodrop - | if (isEmpty(functionname), functionname2, functionname) as functionname - | "aws/lambda" as namespace - | tolowercase(functionname) as functionname - | fields region, namespace, functionname, accountid' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - - LambdaCloudWatchLogsFieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_cloudwatch_fer - Properties: - ServiceToken: !Ref Section7aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityLambdaCloudWatchLogsFER" - FieldExtractionRuleScope: !Join - - "" - - - "(_source=" - - !If [update_cloudwatch_logs_source, !Sub "\"${SumoHTTPUpdateSource.source_name}\"", !Ref Section6bCloudWatchLogsSourceName] - - " _sourceHost=/aws/lambda/*)" - FieldExtractionRuleParseExpression: '| parse field=_sourceHost "/aws/lambda/*" as functionname - | tolowercase(functionname) as functionname - | "aws/lambda" as namespace - | fields functionname, namespace' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - - GenericCloudWatchLogsFieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_cloudwatch_fer - Properties: - ServiceToken: !Ref Section7aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityGenericCloudWatchLogsFER" - FieldExtractionRuleScope: "(account=* region=* (_sourceHost=/aws/* or _sourceHost=API*Gateway*Execution*Logs*))" - FieldExtractionRuleParseExpression: '| if (isEmpty(namespace),"unknown",namespace) as namespace - | if (_sourceHost matches "/aws/lambda/*", "aws/lambda", namespace) as namespace - | if (_sourceHost matches "/aws/rds/*", "aws/rds", namespace) as namespace - | if (_sourceHost matches "/aws/ecs/containerinsights/*", "aws/ecs", namespace) as namespace - | if (_sourceHost matches "/aws/kinesisfirehose/*", "aws/firehose", namespace) as namespace - | if (_sourceHost matches "/aws/apigateway/*", "aws/apigateway", namespace) as namespace - | if (_sourceHost matches "API-Gateway-Execution-Logs*", "aws/apigateway", namespace) as namespace - | parse field=_sourceHost "/aws/lambda/*" as functionname nodrop - | tolowercase(functionname) as functionname - | parse field=_sourceHost "/aws/rds/*/*/" as f1, dbidentifier nodrop - | parse field=_sourceHost "/aws/apigateway/*/*" as apiid, stage nodrop - | parse field=_sourceHost "API-Gateway-Execution-Logs_*/*" as apiid, stage nodrop - | apiid as apiName - | tolowercase(dbidentifier) as dbidentifier - | fields namespace, functionname, dbidentifier, apiid, apiName' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - -Outputs: - ExistingMetricSourceName: - Description: "Existing CloudWatch Metrics Source Name" - Condition: update_metrics_source - Value: !GetAtt SumoMetricsUpdateSource.source_name - ExistingCloudTrailLogSourceName: - Description: "Existing CloudTrail Logs Source Name" - Condition: update_cloudtrail_logs_source - Value: !GetAtt SumoCloudTrailLogsUpdateSource.source_name - ExistingCloudWatchLogSourceName: - Description: "Existing CloudWatch Logs Source Name" - Condition: update_cloudwatch_logs_source - Value: !GetAtt SumoHTTPUpdateSource.source_name \ No newline at end of file diff --git a/aws-observability/apps/lambda/test/TestTemplate.yaml b/aws-observability/apps/lambda/test/TestTemplate.yaml deleted file mode 100644 index 776ed8fb..00000000 --- a/aws-observability/apps/lambda/test/TestTemplate.yaml +++ /dev/null @@ -1,145 +0,0 @@ ---- -Global: - TemplatePath: "../lambda_app.template.yaml" - TestProjectName: BasicTestProject - ParallelTestsRun: 10 - GlobalParameters: - Section1aSumoDeployment: us2 - Section1bSumoAccessID: '${PROFESSIONAL_US2_ACCESS_ID}' - Section1cSumoAccessKey: '${PROFESSIONAL_US2_ACCESS_KEY}' - Section1dRemoveSumoResourcesOnDeleteStack: 'true' - Section2aAccountAlias: 'testenv' - Section3aInstallApp: 'No' - Section7aParentStackLambdaARN: '${lambda_arn}' - Section7bTemplatesBucketName: '${template_bucket}' - Section7cNestedTemplateVersion: '${template_version}' -Tests: - - TestName: installall - Regions: - - ap-south-1 - Parameters: - Values: - Section3aInstallApp: 'Yes' - Section5aCloudTrailLogsAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/194268335/sources/1135631121' - Section6aCloudWatchLogsAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/194268335/sources/1135631970' - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/194268335/sources/1166309542' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - LambdaFieldExtractionRule - - LambdaCloudWatchLogsFieldExtractionRule - - SumoCloudTrailLogsUpdateSource - - SumoMetricsUpdateSource - - SumoHTTPUpdateSource - - AddFunctionNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - ExistingMetricSourceName - - ExistingCloudTrailLogSourceName - - ExistingCloudWatchLogSourceName - - TestName: installnothing - Regions: - - ap-south-1 - Parameters: - Values: - Section3aInstallApp: 'No' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - AddFunctionNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyappinstall - Regions: - - ap-south-1 - Parameters: - Values: - Section3aInstallApp: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - sumoApp - - AddFunctionNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: updatecwmetrics - Regions: - - ap-south-1 - Parameters: - Values: - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/194268335/sources/1167287836' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - SumoMetricsUpdateSource - - AddFunctionNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - ExistingMetricSourceName - - TestName: updatelogssource - Regions: - - ap-south-1 - Parameters: - Values: - Section5aCloudTrailLogsAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/194268335/sources/1269239693' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - SumoCloudTrailLogsUpdateSource - - LambdaFieldExtractionRule - - AddFunctionNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - ExistingCloudTrailLogSourceName - - TestName: updatecwlogssource - Regions: - - ap-south-1 - Parameters: - Values: - Section6aCloudWatchLogsAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/194268335/sources/1269283868' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - SumoHTTPUpdateSource - - LambdaCloudWatchLogsFieldExtractionRule - - AddFunctionNameField - - AssertType: OutputsCheck - Assert: - Outputs: - - ExistingCloudWatchLogSourceName - - TestName: FEROnly - Regions: - - ap-south-1 - Parameters: - Values: - Section5bCloudTrailLogsSourceName: 'Tests 1' - Section6bCloudWatchLogsSourceName: "Tests 2" - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaFieldExtractionRule - - LambdaCloudWatchLogsFieldExtractionRule - - AddFunctionNameField - - AssertType: OutputsCheck - Assert: - Outputs: \ No newline at end of file diff --git a/aws-observability/apps/nlb/nlb_app.template.yaml b/aws-observability/apps/nlb/nlb_app.template.yaml deleted file mode 100755 index ad4e8ec8..00000000 --- a/aws-observability/apps/nlb/nlb_app.template.yaml +++ /dev/null @@ -1,237 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to setup the NLB app with AWS and Sumo Logic resources for AWS Observability Solution." - -Metadata: - 'AWS::CloudFormation::Interface': - ParameterGroups: - - Label: - default: "Sumo Logic Access Configuration (Required)" - Parameters: - - Section1aSumoDeployment - - Section1bSumoAccessID - - Section1cSumoAccessKey - - Section1dRemoveSumoResourcesOnDeleteStack - - Section1eOrgId - - - Label: - default: "App Details - Sumo Logic App Configuration" - Parameters: - - Section2aInstallApp - - - Label: - default: "App Details - NLB Source Log Source Configuration" - Parameters: - - Section3aNLBLogsSourceName - - Section3bNLBSourceUpdated - - - Label: - default: "Local Parameters. Do Not Edit the values." - Parameters: - - Section4aParentStackLambdaARN - - Section4bTemplatesBucketName - - Section4cNestedTemplateVersion - - - Label: - default: "App Installation and sharing" - Parameters: - - Section5aAppInstallLocation - - Section5bShare - - ParameterLabels: - Section1aSumoDeployment: - default: "Sumo Logic Deployment Name" - Section1bSumoAccessID: - default: "Sumo Logic Access ID" - Section1cSumoAccessKey: - default: "Sumo Logic Access Key" - Section1dRemoveSumoResourcesOnDeleteStack: - default: "Delete Sumo Logic Resources when stack is deleted" - Section1eOrgId: - default: "Sumo Logic Organization Id" - - Section2aInstallApp: - default: "Install Sumo Logic App" - - Section3aNLBLogsSourceName: - default: "Sumo Logic NLB Logs Source Name" - Section3bNLBSourceUpdated: - default: "Existing Source Updated" - - Section4aParentStackLambdaARN: - default: "If Any, Lambda ARN from parent Stack" - Section4bTemplatesBucketName: - default: "Nested Templates Bucket Name" - Section4cNestedTemplateVersion: - default: "Nested Templates Version" - - Section5aAppInstallLocation: - default: "App Installation location" - Section5bShare: - default: "Share" - -Parameters: - Section1aSumoDeployment: - Type: String - Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2" - Default: "" - Section1bSumoAccessID: - Type: String - Description: "Sumo Logic Access ID. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access ID can not be empty." - Section1cSumoAccessKey: - Type: String - Description: "Sumo Logic Access Key. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access Key can not be empty." - NoEcho: true - Section1dRemoveSumoResourcesOnDeleteStack: - AllowedValues: - - true - - false - Default: true - Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True. - Deletes the resources created by the stack. Deletion of updated resources will be skipped." - Type: String - Section1eOrgId: - Description: "Appears on the Account Overview page that displays information about your Sumo Logic organization. Used for IAM Role in Sumo Logic AWS Sources. Visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page" - Type: String - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Organization Id can not be empty." - - Section2aInstallApp: - Type: String - Description: "Yes - Installs the NLB App for the Sumo Logic AWS Observability Solution. - No - Skips the installation of this app." - Default: 'Yes' - AllowedValues: - - 'Yes' - - 'No' - - Section3aNLBLogsSourceName: - Type: String - Description: Change the NLB Source name to be created else default name will be used. - Default: "" - Section3bNLBSourceUpdated: - Type: String - Description: "Yes - If fields are added to the existing source. - No - If a new source was created." - Default: 'No' - AllowedValues: - - 'Yes' - - 'No' - - Section4aParentStackLambdaARN: - Type: String - Default: "ParentStackLambdaARN" - Description: Parent Stack Lambda ARN. Do Not Edit the value. - Section4bTemplatesBucketName: - Type: String - AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - Section4cNestedTemplateVersion: - Type: String - Description: "Provide the version for the nested templates. Default is the latest version." - AllowedPattern: ".+" - - Section5aAppInstallLocation: - Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section5bShare: - Type: String - Description: "True - Installed App will be visible to all members of the organisation. - False - Installed App will be visible to you only." - Default: 'True' - AllowedValues: - - 'True' - - 'False' - -Conditions: - install_app: !Equals [!Ref Section2aInstallApp, 'Yes'] - - create_fer: !Not [!Equals [!Ref Section3aNLBLogsSourceName, '']] - - source_updated: !Equals [!Ref Section3bNLBSourceUpdated, 'Yes'] - -Resources: - - MetricRule: - Type: Custom::SumoLogicMetricRules - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - RemoveOnDeleteStack: false - MetricRuleName: "AwsObservabilityNLBMetricsEntityRule" - MatchExpression: "Namespace=AWS/NetworkELB LoadBalancer=*" - ExtractVariables: - networkloadbalancer: "$LoadBalancer._1" - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - - sumoApp: - Condition: install_app - Type: Custom::App - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - Region: !Ref "AWS::Region" - AppName: "AWS Observability Nlb App" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - FolderName: !Sub "AWS Observability ${Section4cNestedTemplateVersion} " - RetainOldAppOnUpdate: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - AppJsonS3Url: !Sub "https://${Section4bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section4cNestedTemplateVersion}/appjson/Nlb-App.json" - location: !Ref Section5aAppInstallLocation - share: !Ref Section5bShare - orgid: !Ref Section1eOrgId - - FieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityNlbAccessLogsFER" - FieldExtractionRuleScope: !Join - - "" - - - "(_source=" - - !If [source_updated, !Sub "\"${Section3aNLBLogsSourceName}\"", !Ref Section3aNLBLogsSourceName] - - ")" - FieldExtractionRuleParseExpression: '| parse "* * * * * * * * * * * * \"*\" \"*\" * * * \"*\"" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId - | tolowercase(loadbalancer) as loadbalancer - | fields loadbalancer' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - - NlbCloudTrailLogsFieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: install_app - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityNLBCloudTrailLogsFER" - FieldExtractionRuleScope: "account=* eventSource eventName \"elasticloadbalancing.amazonaws.com\" \"2015-12-01\"" - FieldExtractionRuleParseExpression: '| json "eventSource", "awsRegion", "recipientAccountId", "requestParameters.name", "requestParameters.type", "requestParameters.loadBalancerArn", "requestParameters.listenerArn", "apiVersion" as event_source, region, accountid, networkloadbalancer, loadbalancertype, loadbalancerarn, listenerarn, api_version nodrop - | where event_source = "elasticloadbalancing.amazonaws.com" and api_version matches "2015-12-01" - | "" as namespace - | parse field=loadbalancerarn ":loadbalancer/*/*/*" as balancertype1, networkloadbalancer1, f1 nodrop - | parse field=listenerarn ":listener/*/*/*/*" as balancertype2, networkloadbalancer2, f1, f2 nodrop - | if(loadbalancertype matches "network", "aws/networkelb", if(balancertype1 matches "net", "aws/networkelb", if(balancertype2 matches "net", "aws/networkelb", namespace))) as namespace - | if(loadbalancertype matches "application", "aws/applicationelb", if(balancertype1 matches "app", "aws/applicationelb", if(balancertype2 matches "app", "aws/applicationelb", namespace))) as namespace - | where namespace="aws/networkelb" or isEmpty(namespace) - | if (!isEmpty(networkloadbalancer), networkloadbalancer, if (!isEmpty(networkloadbalancer1), networkloadbalancer1, networkloadbalancer2)) as networkloadbalancer - | toLowerCase(networkloadbalancer) as networkloadbalancer - | fields region, namespace, networkloadbalancer, accountid' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment \ No newline at end of file diff --git a/aws-observability/apps/nlb/test/TestTemplate.yaml b/aws-observability/apps/nlb/test/TestTemplate.yaml deleted file mode 100644 index 0d5dd83f..00000000 --- a/aws-observability/apps/nlb/test/TestTemplate.yaml +++ /dev/null @@ -1,86 +0,0 @@ ---- -Global: - TemplatePath: "../nlb_app.template.yaml" - TestProjectName: BasicTestProject - ParallelTestsRun: 2 - GlobalParameters: - Section1aSumoDeployment: us2 - Section1bSumoAccessID: '${PROFESSIONAL_US2_ACCESS_ID}' - Section1cSumoAccessKey: '${PROFESSIONAL_US2_ACCESS_KEY}' - Section1dRemoveSumoResourcesOnDeleteStack: 'true' - Section2aInstallApp: 'No' - Section3bNLBSourceUpdated: 'No' - Section4aParentStackLambdaARN: '${lambda_arn}' - Section4bTemplatesBucketName: '${template_bucket}' - Section4cNestedTemplateVersion: '${template_version}' -Tests: - - TestName: installall - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'Yes' - Section3aNLBLogsSourceName: 'Tests With Space' - Section3bNLBSourceUpdated: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - MetricRule - - sumoApp - - FieldExtractionRule - - AddLoadBalancerField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: installnothing - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'No' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - MetricRule - - AddLoadBalancerField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyappinstall - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - MetricRule - - sumoApp - - AddLoadBalancerField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyfer - Regions: - - ap-south-1 - Parameters: - Values: - Section3aNLBLogsSourceName: 'Tests' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - MetricRule - - FieldExtractionRule - - AddLoadBalancerField - - AssertType: OutputsCheck - Assert: - Outputs: \ No newline at end of file diff --git a/aws-observability/apps/rds/rds_app.template.yaml b/aws-observability/apps/rds/rds_app.template.yaml deleted file mode 100755 index 1be7d4aa..00000000 --- a/aws-observability/apps/rds/rds_app.template.yaml +++ /dev/null @@ -1,234 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to setup the RDS app with AWS and Sumo Logic resources for AWS Observability Solution." - -Metadata: - 'AWS::CloudFormation::Interface': - ParameterGroups: - - Label: - default: "Sumo Logic Access Configuration (Required)" - Parameters: - - Section1aSumoDeployment - - Section1bSumoAccessID - - Section1cSumoAccessKey - - Section1dRemoveSumoResourcesOnDeleteStack - - Section1eOrgId - - - Label: - default: "App Details - Sumo Logic App Configuration" - Parameters: - - Section2aInstallApp - - - Label: - default: "App Details - CloudTrail Log Source Configuration" - Parameters: - - Section3aCloudTrailLogsSourceName - - Section3bCloudTrailSourceUpdated - - - Label: - default: "Local Parameters. Do Not Edit the values." - Parameters: - - Section4aParentStackLambdaARN - - Section4bTemplatesBucketName - - Section4cNestedTemplateVersion - - - Label: - default: "App Installation and sharing" - Parameters: - - Section5aAppInstallLocation - - Section5bShare - - ParameterLabels: - Section1aSumoDeployment: - default: "Sumo Logic Deployment Name" - Section1bSumoAccessID: - default: "Sumo Logic Access ID" - Section1cSumoAccessKey: - default: "Sumo Logic Access Key" - Section1dRemoveSumoResourcesOnDeleteStack: - default: "Delete Sumo Logic Resources when stack is deleted" - Section1eOrgId: - default: "Sumo Logic Organization Id" - - Section2aInstallApp: - default: "Install Sumo Logic App" - - Section3aCloudTrailLogsSourceName: - default: "Sumo Logic CloudTrail Logs Source Name" - Section3bCloudTrailSourceUpdated: - default: "Existing Source Updated" - - Section4aParentStackLambdaARN: - default: "If Any, Lambda ARN from parent Stack" - Section4bTemplatesBucketName: - default: "Nested Templates Bucket Name" - Section4cNestedTemplateVersion: - default: "Nested Templates Version" - - Section5aAppInstallLocation: - default: "App Installation location" - Section5bShare: - default: "Share" - -Parameters: - Section1aSumoDeployment: - Type: String - Default: "" - Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2" - Section1bSumoAccessID: - Type: String - Description: "Sumo Logic Access ID. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access ID can not be empty." - Section1cSumoAccessKey: - Type: String - Description: "Sumo Logic Access Key. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access Key can not be empty." - NoEcho: true - Section1dRemoveSumoResourcesOnDeleteStack: - AllowedValues: - - true - - false - Default: true - Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True. - Deletes the resources created by the stack. Deletion of updated resources will be skipped." - Type: String - Section1eOrgId: - Description: "Appears on the Account Overview page that displays information about your Sumo Logic organization. Used for IAM Role in Sumo Logic AWS Sources. Visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page" - Type: String - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Organization Id can not be empty." - - Section2aInstallApp: - Type: String - Description: "Yes - Installs the RDS App for the Sumo Logic AWS Observability Solution. - No - Skips the installation of this app." - Default: 'Yes' - AllowedValues: - - 'Yes' - - 'No' - - Section3aCloudTrailLogsSourceName: - Type: String - Description: Change the CloudTrail Source name to be created else default name will be used. - Default: "" - Section3bCloudTrailSourceUpdated: - Type: String - Description: "Yes - If fields are added to the existing source. - No - If a new source was created." - Default: 'No' - AllowedValues: - - 'Yes' - - 'No' - - Section4aParentStackLambdaARN: - Type: String - Default: "ParentStackLambdaARN" - Description: Parent Stack Lambda ARN. Do Not Edit the value. - Section4bTemplatesBucketName: - Type: String - AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - Section4cNestedTemplateVersion: - Type: String - Description: "Provide the version for the nested templates. Default is the latest version." - AllowedPattern: ".+" - - Section5aAppInstallLocation: - Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section5bShare: - Type: String - Description: "True - Installed App will be visible to all members of the organisation. - False - Installed App will be visible to you only." - Default: 'True' - AllowedValues: - - 'True' - - 'False' - -Conditions: - install_app: !Equals [!Ref Section2aInstallApp, 'Yes'] - - create_fer: !Not [!Equals [!Ref Section3aCloudTrailLogsSourceName, '']] - - source_updated: !Equals [!Ref Section3bCloudTrailSourceUpdated, 'Yes'] - -Resources: - - ClusterMetricRule: - Type: Custom::SumoLogicMetricRules - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - RemoveOnDeleteStack: false - MetricRuleName: "AwsObservabilityRDSClusterMetricsEntityRule" - MatchExpression: "Namespace=AWS/RDS DBClusterIdentifier=*" - ExtractVariables: - dbidentifier: "$DBClusterIdentifier._1" - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - - InstanceMetricRule: - Type: Custom::SumoLogicMetricRules - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - RemoveOnDeleteStack: false - MetricRuleName: "AwsObservabilityRDSInstanceMetricsEntityRule" - MatchExpression: "Namespace=AWS/RDS DBInstanceIdentifier=*" - ExtractVariables: - dbidentifier: "$DBInstanceIdentifier._1" - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - - sumoApp: - Type: Custom::App - Condition: install_app - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - Region: !Ref "AWS::Region" - AppName: "AWS Observability Rds App" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - FolderName: !Sub "AWS Observability ${Section4cNestedTemplateVersion} " - RetainOldAppOnUpdate: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - AppJsonS3Url: !Sub "https://${Section4bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section4cNestedTemplateVersion}/appjson/Rds-App.json" - location: !Ref Section5aAppInstallLocation - share: !Ref Section5bShare - orgid: !Ref Section1eOrgId - - FieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilityRdsCloudTrailLogsFER" - FieldExtractionRuleScope: !Join - - "" - - - "(_source=" - - !If [source_updated, !Sub "\"${Section3aCloudTrailLogsSourceName}\"", !Ref Section3aCloudTrailLogsSourceName] - - " (\"rds.amazonaws.com\"))" - FieldExtractionRuleParseExpression: '| json "eventSource", "awsRegion", "requestParameters", "responseElements", "recipientAccountId" as eventSource, region, requestParameters, responseElements, accountid nodrop - | where eventSource = "rds.amazonaws.com" - | "aws/rds" as namespace - | json field=requestParameters "dBInstanceIdentifier", "resourceName", "dBClusterIdentifier" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop - | json field=responseElements "dBInstanceIdentifier" as dBInstanceIdentifier3 nodrop | json field=responseElements "dBClusterIdentifier" as dBClusterIdentifier3 nodrop - | parse field=resourceName "arn:*:rds:*:db:*" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName "arn:*:rds:*:cluster:*" as arn_part, f1, dBClusterIdentifier2 nodrop - | if (resourceName matches "arn:*:rds:*:db:*", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier - | if (resourceName matches "arn:*:rds:*:cluster:*", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier - | if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier - | tolowercase(dbidentifier) as dbidentifier - | fields region, namespace, dBInstanceIdentifier, dBClusterIdentifier, dbidentifier, accountid' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment diff --git a/aws-observability/apps/rds/test/TestTemplate.yaml b/aws-observability/apps/rds/test/TestTemplate.yaml deleted file mode 100644 index 385ddd70..00000000 --- a/aws-observability/apps/rds/test/TestTemplate.yaml +++ /dev/null @@ -1,90 +0,0 @@ ---- -Global: - TemplatePath: "../rds_app.template.yaml" - TestProjectName: BasicTestProject - ParallelTestsRun: 2 - GlobalParameters: - Section1aSumoDeployment: us2 - Section1bSumoAccessID: '${PROFESSIONAL_US2_ACCESS_ID}' - Section1cSumoAccessKey: '${PROFESSIONAL_US2_ACCESS_KEY}' - Section1dRemoveSumoResourcesOnDeleteStack: 'true' - Section2aInstallApp: 'No' - Section3bCloudTrailSourceUpdated: 'No' - Section4aParentStackLambdaARN: '${lambda_arn}' - Section4bTemplatesBucketName: '${template_bucket}' - Section4cNestedTemplateVersion: '${template_version}' -Tests: - - TestName: installall - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'Tests With Space' - Section3bCloudTrailSourceUpdated: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - ClusterMetricRule - - InstanceMetricRule - - sumoApp - - FieldExtractionRule - - AddDBIdentifierField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: installnothing - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'No' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - ClusterMetricRule - - InstanceMetricRule - - AddDBIdentifierField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyappinstall - Regions: - - ap-south-1 - Parameters: - Values: - Section2aInstallApp: 'Yes' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - ClusterMetricRule - - InstanceMetricRule - - sumoApp - - AddDBIdentifierField - - AssertType: OutputsCheck - Assert: - Outputs: - - TestName: onlyfer - Regions: - - ap-south-1 - Parameters: - Values: - Section3aCloudTrailLogsSourceName: 'Tests' - Skip: false - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - ClusterMetricRule - - InstanceMetricRule - - FieldExtractionRule - - AddDBIdentifierField - - AssertType: OutputsCheck - Assert: - Outputs: \ No newline at end of file diff --git a/aws-observability/apps/sns/sns_app.template.yaml b/aws-observability/apps/sns/sns_app.template.yaml deleted file mode 100755 index add125d6..00000000 --- a/aws-observability/apps/sns/sns_app.template.yaml +++ /dev/null @@ -1,213 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to setup the SNS app with AWS and Sumo Logic resources for AWS Observability Solution." - -Metadata: - 'AWS::CloudFormation::Interface': - ParameterGroups: - - Label: - default: "Sumo Logic Access Configuration (Required)" - Parameters: - - Section1aSumoDeployment - - Section1bSumoAccessID - - Section1cSumoAccessKey - - Section1dRemoveSumoResourcesOnDeleteStack - - Section1eOrgId - - - Label: - default: "App Details - Sumo Logic App Configuration" - Parameters: - - Section2aInstallApp - - - Label: - default: "App Details - CloudTrail Log Source Configuration" - Parameters: - - Section3aCloudTrailLogsSourceName - - Section3bCloudTrailSourceUpdated - - - Label: - default: "Local Parameters. Do Not Edit the values." - Parameters: - - Section4aParentStackLambdaARN - - Section4bTemplatesBucketName - - Section4cNestedTemplateVersion - - - Label: - default: "App Installation and sharing" - Parameters: - - Section5aAppInstallLocation - - Section5bShare - - ParameterLabels: - Section1aSumoDeployment: - default: "Sumo Logic Deployment Name" - Section1bSumoAccessID: - default: "Sumo Logic Access ID" - Section1cSumoAccessKey: - default: "Sumo Logic Access Key" - Section1dRemoveSumoResourcesOnDeleteStack: - default: "Delete Sumo Logic Resources when stack is deleted" - Section1eOrgId: - default: "Sumo Logic Organization Id" - - Section2aInstallApp: - default: "Install Sumo Logic App" - - Section3aCloudTrailLogsSourceName: - default: "Sumo Logic CloudTrail Logs Source Name" - Section3bCloudTrailSourceUpdated: - default: "Existing Source Updated" - - Section4aParentStackLambdaARN: - default: "If Any, Lambda ARN from parent Stack" - Section4bTemplatesBucketName: - default: "Nested Templates Bucket Name" - Section4cNestedTemplateVersion: - default: "Nested Templates Version" - - Section5aAppInstallLocation: - default: "App Installation location" - Section5bShare: - default: "Share" - -Parameters: - Section1aSumoDeployment: - Type: String - Default: "" - Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2" - Section1bSumoAccessID: - Type: String - Description: "Sumo Logic Access ID. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access ID can not be empty." - Section1cSumoAccessKey: - Type: String - Description: "Sumo Logic Access Key. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access Key can not be empty." - NoEcho: true - Section1dRemoveSumoResourcesOnDeleteStack: - AllowedValues: - - true - - false - Default: true - Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True. - Deletes the resources created by the stack. Deletion of updated resources will be skipped." - Type: String - Section1eOrgId: - Description: "Appears on the Account Overview page that displays information about your Sumo Logic organization. Used for IAM Role in Sumo Logic AWS Sources. Visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page" - Type: String - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Organization Id can not be empty." - - Section2aInstallApp: - Type: String - Description: "Yes - Installs the SNS App for the Sumo Logic AWS Observability Solution. - No - Skips the installation of this app." - Default: 'Yes' - AllowedValues: - - 'Yes' - - 'No' - - Section3aCloudTrailLogsSourceName: - Type: String - Description: Change the CloudTrail Source name to be created else default name will be used. - Default: "" - Section3bCloudTrailSourceUpdated: - Type: String - Description: "Yes - If fields are added to the existing source. - No - If a new source was created." - Default: 'No' - AllowedValues: - - 'Yes' - - 'No' - - Section4aParentStackLambdaARN: - Type: String - Default: "ParentStackLambdaARN" - Description: Parent Stack Lambda ARN. Do Not Edit the value. - Section4bTemplatesBucketName: - Type: String - AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - Section4cNestedTemplateVersion: - Type: String - Description: "Provide the version for the nested templates. Default is the latest version." - AllowedPattern: ".+" - - Section5aAppInstallLocation: - Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section5bShare: - Type: String - Description: "True - Installed App will be visible to all members of the organisation. - False - Installed App will be visible to you only." - Default: 'True' - AllowedValues: - - 'True' - - 'False' - -Conditions: - install_app: !Equals [!Ref Section2aInstallApp, 'Yes'] - - create_fer: !Not [!Equals [!Ref Section3aCloudTrailLogsSourceName, '']] - - source_updated: !Equals [!Ref Section3bCloudTrailSourceUpdated, 'Yes'] - -Resources: - - sumoApp: - Type: Custom::App - Condition: install_app - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - Region: !Ref "AWS::Region" - AppName: "AWS Observability SNS App" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - FolderName: !Sub "AWS Observability ${Section4cNestedTemplateVersion} " - RetainOldAppOnUpdate: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - AppJsonS3Url: !Sub "https://${Section4bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section4cNestedTemplateVersion}/appjson/Sns-App.json" - location: !Ref Section5aAppInstallLocation - share: !Ref Section5bShare - orgid: !Ref Section1eOrgId - - FieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilitySNSCloudTrailLogsFER" - FieldExtractionRuleScope: !Join - - "" - - - "(_source=" - - !If [source_updated, !Sub "\"${Section3aCloudTrailLogsSourceName}\"", !Ref Section3aCloudTrailLogsSourceName] - - " (\"sns.amazonaws.com\"))" - FieldExtractionRuleParseExpression: '| json "userIdentity", "eventSource", "eventName", "awsRegion", "recipientAccountId", "requestParameters", "responseElements" as userIdentity, event_source, event_name, region, recipient_account_id, requestParameters, responseElements nodrop - | where event_source = "sns.amazonaws.com" - | json field=userIdentity "accountId", "type", "arn", "userName" as accountid, type, arn, username nodrop - | parse field=arn ":assumed-role/*" as user nodrop - | parse field=arn "arn:*:iam::*:*" as arn_part, accountid, user nodrop - | json field=requestParameters "topicArn", "name", "resourceArn", "subscriptionArn" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop - | json field=responseElements "topicArn" as res_topic_arn nodrop - | if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn - | if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn - | parse field=topic_arn "arn:*:sns:*:*:*" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop - | parse field=subscription_arn "arn:*:sns:*:*:*:*" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop - | if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname - | if (isBlank(accountid), recipient_account_id, accountid) as accountid - | toLowerCase(topicname) as topicname - | "aws/sns" as namespace - | fields region, namespace, topicname, accountid' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment diff --git a/aws-observability/apps/sqs/sqs_app.template.yaml b/aws-observability/apps/sqs/sqs_app.template.yaml deleted file mode 100755 index 8f00c3ff..00000000 --- a/aws-observability/apps/sqs/sqs_app.template.yaml +++ /dev/null @@ -1,208 +0,0 @@ -AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to setup the SQS app with AWS and Sumo Logic resources for AWS Observability Solution." - -Metadata: - 'AWS::CloudFormation::Interface': - ParameterGroups: - - Label: - default: "Sumo Logic Access Configuration (Required)" - Parameters: - - Section1aSumoDeployment - - Section1bSumoAccessID - - Section1cSumoAccessKey - - Section1dRemoveSumoResourcesOnDeleteStack - - Section1eOrgId - - - Label: - default: "App Details - Sumo Logic App Configuration" - Parameters: - - Section2aInstallApp - - - Label: - default: "App Details - CloudTrail Log Source Configuration" - Parameters: - - Section3aCloudTrailLogsSourceName - - Section3bCloudTrailSourceUpdated - - - Label: - default: "Local Parameters. Do Not Edit the values." - Parameters: - - Section4aParentStackLambdaARN - - Section4bTemplatesBucketName - - Section4cNestedTemplateVersion - - - Label: - default: "App Installation and sharing" - Parameters: - - Section5aAppInstallLocation - - Section5bShare - - ParameterLabels: - Section1aSumoDeployment: - default: "Sumo Logic Deployment Name" - Section1bSumoAccessID: - default: "Sumo Logic Access ID" - Section1cSumoAccessKey: - default: "Sumo Logic Access Key" - Section1dRemoveSumoResourcesOnDeleteStack: - default: "Delete Sumo Logic Resources when stack is deleted" - Section1eOrgId: - default: "Sumo Logic Organization Id" - - Section2aInstallApp: - default: "Install Sumo Logic App" - - Section3aCloudTrailLogsSourceName: - default: "Sumo Logic CloudTrail Logs Source Name" - Section3bCloudTrailSourceUpdated: - default: "Existing Source Updated" - - Section4aParentStackLambdaARN: - default: "If Any, Lambda ARN from parent Stack" - Section4bTemplatesBucketName: - default: "Nested Templates Bucket Name" - Section4cNestedTemplateVersion: - default: "Nested Templates Version" - - Section5aAppInstallLocation: - default: "App Installation location" - Section5bShare: - default: "Share" - -Parameters: - Section1aSumoDeployment: - Type: String - Default: "" - Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2" - Section1bSumoAccessID: - Type: String - Description: "Sumo Logic Access ID. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access ID can not be empty." - Section1cSumoAccessKey: - Type: String - Description: "Sumo Logic Access Key. Used for Sumo Logic API calls." - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Access Key can not be empty." - NoEcho: true - Section1dRemoveSumoResourcesOnDeleteStack: - AllowedValues: - - true - - false - Default: true - Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True. - Deletes the resources created by the stack. Deletion of updated resources will be skipped." - Type: String - Section1eOrgId: - Description: "Appears on the Account Overview page that displays information about your Sumo Logic organization. Used for IAM Role in Sumo Logic AWS Sources. Visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page" - Type: String - AllowedPattern: ".+" - ConstraintDescription: "Sumo Logic Organization Id can not be empty." - - Section2aInstallApp: - Type: String - Description: "Yes - Installs the SQS App for the Sumo Logic AWS Observability Solution. - No - Skips the installation of this app." - Default: 'Yes' - AllowedValues: - - 'Yes' - - 'No' - - Section3aCloudTrailLogsSourceName: - Type: String - Description: Change the CloudTrail Source name to be created else default name will be used. - Default: "" - Section3bCloudTrailSourceUpdated: - Type: String - Description: "Yes - If fields are added to the existing source. - No - If a new source was created." - Default: 'No' - AllowedValues: - - 'Yes' - - 'No' - - Section4aParentStackLambdaARN: - Type: String - Default: "ParentStackLambdaARN" - Description: Parent Stack Lambda ARN. Do Not Edit the value. - Section4bTemplatesBucketName: - Type: String - AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - Section4cNestedTemplateVersion: - Type: String - Description: "Provide the version for the nested templates. Default is the latest version." - AllowedPattern: ".+" - - Section5aAppInstallLocation: - Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section5bShare: - Type: String - Description: "True - Installed App will be visible to all members of the organisation. - False - Installed App will be visible to you only." - Default: 'True' - AllowedValues: - - 'True' - - 'False' - -Conditions: - install_app: !Equals [!Ref Section2aInstallApp, 'Yes'] - - create_fer: !Not [!Equals [!Ref Section3aCloudTrailLogsSourceName, '']] - - source_updated: !Equals [!Ref Section3bCloudTrailSourceUpdated, 'Yes'] - -Resources: - - sumoApp: - Type: Custom::App - Condition: install_app - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - Region: !Ref "AWS::Region" - AppName: "AWS Observability SQS App" - RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack - FolderName: !Sub "AWS Observability ${Section4cNestedTemplateVersion} " - RetainOldAppOnUpdate: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment - AppJsonS3Url: !Sub "https://${Section4bTemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${Section4cNestedTemplateVersion}/appjson/Sqs-App.json" - location: !Ref Section5aAppInstallLocation - share: !Ref Section5bShare - orgid: !Ref Section1eOrgId - - FieldExtractionRule: - Type: Custom::SumoLogicFieldExtractionRule - Condition: create_fer - Properties: - ServiceToken: !Ref Section4aParentStackLambdaARN - RemoveOnDeleteStack: false - FieldExtractionRuleName: "AwsObservabilitySQSCloudTrailLogsFER" - FieldExtractionRuleScope: !Join - - "" - - - "(_source=" - - !If [source_updated, !Sub "\"${Section3aCloudTrailLogsSourceName}\"", !Ref Section3aCloudTrailLogsSourceName] - - " (\"sqs.amazonaws.com\"))" - FieldExtractionRuleParseExpression: '| json "userIdentity", "eventSource", "eventName", "awsRegion", "recipientAccountId", "requestParameters", "responseElements", "sourceIPAddress" as userIdentity, event_source, event_name, region, recipient_account_id, requestParameters, responseElements, src_ip nodrop - | json field=userIdentity "accountId", "type", "arn", "userName" as accountid, type, arn, username nodrop - | json field=requestParameters "queueUrl" as queueUrlReq nodrop - | json field=responseElements "queueUrl" as queueUrlRes nodrop - | where event_source="sqs.amazonaws.com" - | if(event_name="CreateQueue", queueUrlRes, queueUrlReq) as queueUrl - | parse regex field=queueUrl "(?[^\/]*$)" - | if (isBlank(recipient_account_id), accountid, recipient_account_id) as accountid - | toLowerCase(queuename) as queuename - | "aws/sqs" as namespace - | fields region, namespace, queuename, accountid' - FieldExtractionRuleParseEnabled: true - SumoAccessID: !Ref Section1bSumoAccessID - SumoAccessKey: !Ref Section1cSumoAccessKey - SumoDeployment: !Ref Section1aSumoDeployment diff --git a/aws-observability/json/Alerts-App.json b/aws-observability/json/Alerts-App.json deleted file mode 100644 index 831e8e8c..00000000 --- a/aws-observability/json/Alerts-App.json +++ /dev/null @@ -1,3673 +0,0 @@ -{ - "name": "AWS Observability", - "description": "This folder contains all the monitors for AWS Observability solution.", - "type": "MonitorsLibraryFolderExport", - "children": [ - { - "name": "AWS API Gateway - High Server-Side Errors", - "description": "This alert fires where there are too many API requests (>5%) with server-side errors within 5 minutes. This can be caused by 5xx errors from your integration, permission issues, or other factors preventing successful invocation of the integration, such as the integration being throttled or deleted.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/apigateway (metric=5XX or metric=5xxError or metric=ExecutionError) Statistic=Average account=* region=* apiname=* stage=* !(route=*) !(resource=*) | avg by apiname, namespace, region, account, stage" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0.05, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0.05, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS PostgreSQL - Statement Timeouts", - "description": "This alert fires when we detect Postgres logs show statement timeouts", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/rds dbidentifier=* _sourceHost=/aws/rds/*postgresql \"statement timeout\" | json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message | parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg | count by dbidentifier, database" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS EC2 CW - High CPU Utilization", - "description": "This alert fires when the average CPU Utilization based on cloud watch metrics, within a 5 minute interval for an EC2 instance is high (>=85%).", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/ec2 metric=CPUUtilization instanceid=* statistic=average | avg by account, region, namespace, instanceid" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS EC2 - High Total CPU Utilization", - "description": "This alert fires when the average total CPU utilization within a 5 minute interval for an EC2 instance is high (>=85%).", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/ec2 metric=CPU_Total account=* region=* instanceid=* | avg by account, region, namespace, instanceid" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Network Load Balancer - Deletion Alert", - "description": "This alert fires when we detect greater than or equal to 2 application load balancers are deleted over a 5 minute time-period.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"errorCode\" \"2015-12-01\"\n| json \"eventSource\", \"eventName\",\"apiVersion\" as event_source, event_name, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\" and namespace matches \"aws/networkelb\"\n| where event_name matches \"DeleteLoadBalancer\"" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 2, - "thresholdType": "GreaterThanOrEqual", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": "-5m", - "timeRange": "-5m", - "threshold": 2, - "thresholdType": "LessThan", - "field": null - } - ], - "timeZone": "Asia/Kolkata", - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS - High Write Latency", - "description": "This alert fires when the average write latency of a database within a 5 minute interval is high (>=5 seconds) . High write latencies will affect the performance of your application.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/rds metric=WriteLatency statistic=Average account=* region=* dbidentifier=* | avg by dbidentifier, namespace, region, account" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Application Load Balancer - Deletion Alert", - "description": "This alert fires when we detect greater than or equal to 2 application load balancers are deleted over a 5 minute time-period.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"errorCode\" \"2015-12-01\"\n| json \"eventSource\", \"eventName\",\"apiVersion\" as event_source, event_name, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\" and namespace matches \"aws/applicationelb\"\n| where event_name matches \"DeleteLoadBalancer\"" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 2, - "thresholdType": "GreaterThanOrEqual", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": "-5m", - "timeRange": "-5m", - "threshold": 2, - "thresholdType": "LessThan", - "field": null - } - ], - "timeZone": "Asia/Kolkata", - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Classic Load Balancer - Access from Highly Malicious Sources", - "description": "This alert fires when the Classic load balancer is accessed from highly malicious IP addresses within last 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/elb\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp, loadbalancername, account, region, namespace\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where MaliciousConfidence=\"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by ClientIp, loadbalancername, account, region, namespace, MaliciousConfidence, Actor, LabelName" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS - Low Aurora Buffer Cache Hit Ratio", - "description": "This alert fires when the average RDS Aurora buffer cache hit ratio within a 5 minute interval is low (<= 50%). This indicates that a lower percentage of requests were are served by the buffer cache, which could further indicate a degradation in application performance.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/rds metric=BufferCacheHitRatio statistic=Average account=* region=* dbidentifier=* | avg by dbidentifier, namespace, region, account" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 50, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 50, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS MSSQL - Database observing authentication failures from multiple client IPs", - "description": "This alert fires when we detect more than or equal to 10 client IPs attempting authentication failures on the database over a 15-minute period.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/rds dbidentifier=* _sourceHost=/aws/rds/*Error Logon Login failed for user\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* Logon Login failed for user '*'. Reason: * [CLIENT: *]\" as time, user, reason, client_ip\n| count_distinct(client_ip) as unique_client_ip by dbidentifier\n| 10 as threshold\n| where unique_client_ip >= threshold\n| sort by unique_client_ip\n| fields - threshold" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-15m", - "threshold": 1, - "thresholdType": "GreaterThanOrEqual", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-15m", - "threshold": 1, - "thresholdType": "LessThan", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon Elasticache - High Redis Memory Fragmentation Ratio", - "description": "This alert fires when the average Redis memory fragmentation ratio for within a 5 minute interval is high (>=1.5). Value equal to or greater than 1.5 Indicate significant memory fragmentation.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/elasticache metric=MemoryFragmentationRatio statistic=Average account=* region=* CacheClusterId=* CacheNodeId=* | avg by account, region, namespace, CacheClusterId, CacheNodeId" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 1.5, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 1.5, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon ECS - High CPU Utilization", - "description": "This alert fires when the average CPU utilization within a 5 minute interval for a service within a cluster is high (>=85%).", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/ecs metric=CPUUtilization statistic=Average account=* region=* ClusterName=* ServiceName=* | avg by ClusterName, ServiceName, account, region, namespace" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS SNS - Failed Notifications", - "description": "This alert fires where there are many failed notifications (>=5) within an interval of 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/sns TopicName=* metric=NumberOfNotificationsFailed Statistic=Sum \n| sum by account, region, TopicName" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 2, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 2, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS - High Read Latency", - "description": "This alert fires when the average read latency of a database within a 5 minutes time inerval is high (>=5 seconds). High read latency will affect the performance of your application.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/rds metric=ReadLatency statistic=Average account=* region=* dbidentifier=* | avg by dbidentifier, namespace, region, account" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Classic Load Balancer - High 4XX Errors", - "description": "This alert fires where there are too many HTTP requests (>5%) with a response status of 4xx within an interval of 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/elb metric=HTTPCode_ELB_4XX Statistic=Sum account=* region=* loadbalancername=* | sum by loadbalancername, account, region, namespace" - }, - { - "rowId": "B", - "query": "Namespace=aws/elb metric=RequestCount Statistic=Sum account=* region=* loadbalancername=* | sum by loadbalancername, account, region, namespace" - }, - { - "rowId": "C", - "query": "#A * 100 / #B along loadbalancername, account, region, namespace" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon Elasticache - High Redis Database Memory Usage", - "description": "This alert fires when the average database memory usage within a 5 minute interval for the Redis engine is high (>=95%). When the value reaches 100%, eviction may happen or write operations may fail based on ElastiCache policies thereby impacting application performance.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/elasticache metric=DatabaseMemoryUsagePercentage statistic=Average account=* region=* CacheClusterId=* CacheNodeId=* | avg by account, region, namespace, CacheClusterId, CacheNodeId" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 95, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 95, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS SQS - Messages not processed", - "description": "This alert fires when we detect messages that have been received by a consumer, but have not been processed (deleted/failed). That is, the average number of messages that are in flight are >=20 for an interval of 5 minutes", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "metric=ApproximateNumberOfMessagesNotVisible Statistic=avg region = * account=* queuename=* namespace=aws/sqs | avg by account, region, namespace, queuename " - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 20, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 20, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Application Load Balancer - Targets Deregistered", - "description": "This alert fires when we detect greater than or equal to 1 target is de-registered over a 5 minute time-period.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"errorCode\" \"2015-12-01\" \n| json \"eventSource\", \"eventName\",\"apiVersion\" as event_source, event_name, api_version nodrop \n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\" \n| where namespace matches \"aws/applicationelb\" and event_name=\"DeregisterTargets\"\n" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 1, - "thresholdType": "GreaterThanOrEqual", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": "-5m", - "timeRange": "-5m", - "threshold": 1, - "thresholdType": "LessThan", - "field": null - } - ], - "timeZone": "Asia/Kolkata", - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS DynamoDB - High Max Provisioned Table Read Capacity", - "description": "This alert fires when we detect that the average percentage of read provisioned capacity used by the highest read provisioned table of an account for a time interval of 5 minutes is great than or equal to 80%. High values indicate requests to the database are being throttled, which could further indicate that your application may not be working as intended.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/dynamodb metric=MaxProvisionedTableReadCapacityUtilization statistic=Average account=* region=* | avg by namespace, region, account" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 80, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 80, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS DynamoDB - High Max Provisioned Table Write Capacity", - "description": "This alert fires when we detect that the average percentage of write provisioned capacity used by the highest write provisioned table of an account for a time interval of 5 minutes is great than or equal to 80%. High values indicate requests to the database are being throttled, which could further indicate that your application may not be working as intended.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/dynamodb metric=MaxProvisionedTableWriteCapacityUtilization statistic=Average account=* region=* | avg by namespace, region, account" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 80, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 80, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS - Low Burst Balance", - "description": "This alert fires when we observe a low burst balance (<= 50%) for a given database. A low burst balance indicates you won't be able to scale up as fast for burstable database workloads on gp2 volumes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/rds metric=BurstBalance statistic=Average account=* region=* dbidentifier=* | avg by dbidentifier, namespace, region, account" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 50, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 50, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS MySQL - Excessive Slow Query Detected", - "description": "This alert fires when we detect the average time to execute a query is more than 5 seconds over last 10 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/rds dbidentifier=* _sourceHost=/aws/rds/*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| parse regex field=query_block \"# Query_time:\\s+(?[\\d.]*)\\s+Lock_time:\\s+(?[\\d.]*)\\s+Rows_sent:\\s+(?[\\d]*)\\s+Rows_examined:\\s+(?[\\d]*)\" nodrop\n| parse regex field=query_block \"SET timestamp=(?\\d*);\\n(?[\\s\\S]*);\" nodrop\n| parse regex field=sql_cmd \"[^a-zA-Z]*(?[a-zA-Z]+)\\s*\"\n| fields -query_block\n| num (query_time)\n| count as frequency, sum(query_time) as total_time, min(query_time) as min_time, max(query_time) as max_time, avg(query_time) as avg_time, avg(rows_examined) as avg_rows_examined, avg(rows_sent) as avg_rows_sent, avg(Lock_Time) as avg_lock_time group by sql_cmd, dbidentifier\n| 5 as threshold // customize if need different value. As an example, query taking more than 5 Seconds is considered as Excessive Slow.\n| where avg_time > threshold\n| sort by avg_time, frequency asc" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-10m", - "threshold": 1, - "thresholdType": "GreaterThanOrEqual", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-10m", - "threshold": 1, - "thresholdType": "LessThan", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS SQS - Queue has stopped receiving messages", - "description": "This alert fires when we detect that the queue has stopped receiving messages. That is, the average number of messages received in the queue <1 for an interval of 30 minutes", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "metric=NumberOfMessagesReceived Statistic=avg region=* account=* queuename=* namespace=aws/sqs | avg by account, region, namespace, queuename " - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-30m", - "threshold": 1, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-30m", - "threshold": 1, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS PostgreSQL - High Errors", - "description": "This alert fires when we detect high number (>10) of error/fatal logs in Postgres logs over a 5 minutes time period", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* (\"ERROR\" OR \"FATAL\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,threadid,user,database,processid,severity,msg \n| where severity IN (\"ERROR\", \"FATAL\") " - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 10, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 10, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS - Low Free Storage", - "description": "This alert fires when the average free storage space of a RDS instance is low (< 512MB) for an interval of 15 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/rds metric=FreeStorageSpace statistic=average | eval _value/(1024*1024) | avg by dbidentifier, namespace, region, account" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-15m", - "threshold": 512, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-15m", - "threshold": 512, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS - High Disk Queue Depth", - "description": "This alert fires when the average disk queue depth for a database is high (>=5) for an interval of 5 minutes. Higher this value, higher will be the number of outstanding I/Os (read/write requests) waiting to access the disk, which will impact the performance of your application.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/rds metric=DiskQueueDepth statistic=Average account=* region=* dbidentifier=* | avg by dbidentifier, namespace, region, account" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Application Load Balancer - High 5XX Errors", - "description": "This alert fires where there are too many HTTP requests (>5%) with a response status of 5xx within an interval of 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/applicationelb metric=HTTPCode_ELB_5XX_Count Statistic=Sum account=* region=* loadbalancer=* | sum by loadbalancer, account, region, namespace" - }, - { - "rowId": "B", - "query": "Namespace=aws/applicationelb metric=RequestCount Statistic=Sum account=* region=* loadbalancer=* | sum by loadbalancer, account, region, namespace" - }, - { - "rowId": "C", - "query": "#A * 100 / #B along loadbalancer, account, region, namespace" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS SNS - Failed Events", - "description": "This alert fires when an SNS app has high number of failed events (>5) within last 5 minutes", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/sns \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" errorCode \n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop \n| where event_source = \"sns.amazonaws.com\" and !isblank(error_code) \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop \n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop \n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop \n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn \n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn \n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop \n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop \n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname \n| if (isBlank(accountid), recipient_account_id, accountid) as accountid \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status \n| if (isEmpty(username), user, username) as user \n| count as event_count by event_name, error_code, error_message, region, src_ip, accountid, user, type, request_id, topicname, topic_arn, user_agent" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS - Oracle Logs - Failed Connection Attempts", - "description": "This alert fires when we detect greater than or equal to 25 failed connection attempts over a 5 minute time-period.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/rds dbidentifier=* _sourceHost=/aws/rds/*listener establish \"PROGRAM=\" (\"SID=\" or \"SERVICE_NAME=\") and (\"\\nTNS-\" or \"TNS-\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\* \\(CONNECT_DATA[\\s\\S]+?\\* establish \\* \\S+ \\* (?\\d+)\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?SERVICE_NAME=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?service_name=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?SID=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?sid=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?PROGRAM=(?[^)]*)\\)[\\s\\S]+?HOST=(?[^)]*)\\)[\\s\\S]+?USER=(?[^)]*)\\)\" nodrop\n| parse field=message \"(ADDRESS=(PROTOCOL=*)(HOST=*)(PORT=*))\" as clientProtocol, clientHost, clientPort nodrop\n| parse regex field=message \"(?TNS-\\d{5}): (?.*)\" nodrop\n| where status != \"0\"" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 25, - "thresholdType": "GreaterThanOrEqual", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": "-5m", - "timeRange": "-5m", - "threshold": 25, - "thresholdType": "LessThan", - "field": null - } - ], - "timeZone": "Asia/Colombo", - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Network Load Balancer - High TLS Negotiation Errors", - "description": "This alert fires when we detect that there are too many TLS Negotiation Errors (>=10%) within an interval of 5 minutes for a given network load balancer", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/NetworkELB metric=ClientTLSNegotiationErrorCount Statistic=sum account=* region=* LoadBalancer=* | sum by LoadBalancer, account, region, namespace" - }, - { - "rowId": "B", - "query": "Namespace=aws/NetworkELB metric=TargetTLSNegotiationErrorCount Statistic=sum account=* region=* LoadBalancer=* | sum by LoadBalancer, account, region, namespace" - }, - { - "rowId": "C", - "query": "(#A + #B) along LoadBalancer, account, region, namespace" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 10, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 10, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS DynamoDB - High Write Throttle", - "description": "This alert fires when we detect that the total write throttle events for a dynamodb table is high (>5) for a time interval of 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/dynamodb tablename=* metric=WriteThrottleEvents statistic=sum | sum by account, region, namespace, tablename" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS DynamoDB - High Account Provisioned Write Capacity", - "description": "This alert fires when we detect that the average write capacity provisioned for an account for a time interval of 5 minutes is greater than or equal to 80%. High values indicate requests to the database are being throttled, which could further indicate that your application may not be working as intended.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/dynamodb metric=AccountProvisionedWriteCapacityUtilization statistic=Average account=* region=* | avg by namespace, region, account" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 80, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 80, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS API Gateway - High Integration Latency", - "description": "This alert fires when we detect the high integration latency for the API requests in a stage within 5 minutes. This alarm is recommended for WebSocket APIs by AWS, and optional for other APIs because they already have separate alarm recommendations for the Latency metric. You can correlate the IntegrationLatency metric value with the corresponding latency metric of your backend such as the Duration metric for Lambda integrations. This helps you determine whether the API backend is taking more time to process requests from clients due to performance issues or if there is some other overhead from initialization or cold start.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* Namespace=aws/apigateway metric=IntegrationLatency statistic=p90 apiname=* stage=* !(route=*) !(resource=*) | avg by apiname, namespace, region, account, stage" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 2000, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 2000, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Application Load Balancer - Access from Highly Malicious Sources", - "description": "This alert fires when an Application load balancer is accessed from highly malicious IP addresses within last 5 minutes", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/applicationelb\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp, loadbalancer, account, region, namespace\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where MaliciousConfidence=\"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by ClientIp, loadbalancer, account, region, namespace, MaliciousConfidence, Actor, LabelName" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Classic Load Balancer - High Latency", - "description": "This alert fires when we detect that the average latency for a given Classic load balancer within a time interval of 5 minutes is greater than or equal to three seconds.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/elb metric=Latency Statistic=Average account=* region=* loadbalancername=* | eval(_value*1000) | sum by account, region, namespace, loadbalancername" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 3000, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 3000, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Application Load Balancer - High Latency", - "description": "This alert fires when we detect that the average latency for a given Application load balancer within a time interval of 5 minutes is greater than or equal to three seconds.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/applicationelb metric=TargetResponseTime Statistic=Average account=* region=* loadbalancer=* | eval(_value*1000) | sum by account, region, namespace, loadbalancer" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 3000, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 3000, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS DynamoDB - High Account Provisioned Read Capacity", - "description": "This alert fires when we detect that the average read capacity provisioned for an account for a time interval of 5 minutes is greater than or equal to 80%. High values indicate requests to the database are being throttled, which could further indicate that your application may not be working as intended.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/dynamodb metric=AccountProvisionedReadCapacityUtilization statistic=Average account=* region=* | avg by namespace, region, account" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 80, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 80, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Lambda - Low Provisioned Concurrency Utilization", - "description": "This alert fires when the average provisioned concurrency utilization for 5 minutes is low (<= 50%). This indicates low provisioned concurrency utilization efficiency.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/lambda metric=ProvisionedConcurrencyUtilization statistic=Average account=* region=* functionname=* | avg by functionname, namespace, region, account" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 50, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 50, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS SNS - Notification to DLQ Failure", - "description": "This alert fires when an SNS topic messages that couldn't be moved to a dead-letter queue.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/sns topicname=* metric=NumberOfNotificationsFailedToRedriveToDlq statistic=sum | sum by account, region, namespace, topicname " - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Network Load Balancer - High Unhealthy Hosts", - "description": "This alert fires when we detect that are there are too many unhealthy hosts (>=10%) within an interval of 5 minutes for a given network load balancer", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/NetworkELB metric=UnHealthyHostCount Statistic=sum account=* region=* LoadBalancer=* AvailabilityZone=* | sum by LoadBalancer, AvailabilityZone, account, region, namespace" - }, - { - "rowId": "B", - "query": "Namespace=aws/NetworkELB metric=HealthyHostCount Statistic=sum account=* region=* LoadBalancer=* AvailabilityZone=* | sum by LoadBalancer, AvailabilityZone, account, region, namespace" - }, - { - "rowId": "C", - "query": "#A * 100 / (#A + #B) along LoadBalancer, AvailabilityZone, account, region, namespace" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 10, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 10, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS SNS - Access from Highly Malicious Sources", - "description": "This alert fires when an Application AWS - SNS is accessed from highly malicious IP addresses within last 5 minutes", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/sns \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" sourceIPAddress \n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop \n| where event_source = \"sns.amazonaws.com\" \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, user_type, arn, username nodrop \n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop \n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop \n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn \n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn \n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop \n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop \n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname \n| if (isBlank(accountid), recipient_account_id, accountid) as accountid \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status \n| if (isEmpty(username), user_type, username) as user_type \n| count as ip_count by src_ip, event_name, region, accountid,user_type \n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=src_ip \n| where malicious_confidence = \"high\" \n| json field=raw \"labels[*].name\" as label_name nodrop\n| replace(label_name, \"\\\\/\",\"->\") as label_name \n| replace(label_name, \"\\\"\",\" \") as label_name \n| if (isEmpty(actor), \"Unassigned\", actor) as actor \n| sum(ip_count) as threat_count by src_ip, event_name, region, accountid, malicious_confidence, actor, label_name" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS SQS - Access from Highly Malicious Sources", - "description": "This alert fires when an Application AWS - SQS is accessed from highly malicious IP addresses within last 5 minutes", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=\"aws/sqs\" eventname eventsource \"sqs.amazonaws.com\" sourceIPAddress\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\",\"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, recipient_account_id, requestParameters, responseElements, src_ip, error_code, error_message nodrop\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| json field=requestParameters \"queueUrl\" as queueUrlReq nodrop \n| json field=responseElements \"queueUrl\" as queueUrlRes nodrop\n| where event_source=\"sqs.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\")\n| if(event_name=\"CreateQueue\", queueUrlRes, queueUrlReq) as queueUrl \n| parse regex field=queueUrl \"(?[^\\/]*$)\"\n| if (isBlank(recipient_account_id), accountid, recipient_account_id) as accountid\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status \n| count as ip_count by src_ip\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=src_ip\n| json field=raw \"labels[*].name\" as label_name nodrop\n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| if (isEmpty(actor), \"Unassigned\", actor) as actor\n| where malicious_confidence = \"high\"\n| sort by ip_count, src_ip\n| fields src_ip, malicious_confidence, actor, label_name" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Classic Load Balancer - High 5XX Errors", - "description": "This alert fires where there are too many HTTP requests (>5%) with a response status of 5xx within an interval of 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/elb metric=HTTPCode_ELB_5XX Statistic=Sum account=* region=* loadbalancername=* | sum by loadbalancername, account, region, namespace" - }, - { - "rowId": "B", - "query": "Namespace=aws/elb metric=RequestCount Statistic=Sum account=* region=* loadbalancername=* | sum by loadbalancername, account, region, namespace" - }, - { - "rowId": "C", - "query": "#A * 100 / #B along loadbalancername, account, region, namespace" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS DynamoDB - High Read Throttle", - "description": "This alert fires when we detect that the total read throttle events for a dynamodb table is high (>5) for a time interval of 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/dynamodb tablename=* metric=ReadThrottleEvents statistic=sum | sum by account, region, namespace, tablename" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon Elasticache - High Engine CPU Utilization", - "description": "This alert fires when the average CPU utilization for the Redis engine process within a 5 minute interval is high (>=90%). For larger node types with four vCPUs or more, use the EngineCPUUtilization metric to monitor and set thresholds for scaling.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/elasticache metric=EngineCPUUtilization statistic=Average account=* region=* CacheClusterId=* CacheNodeId=* | avg by CacheClusterId, CacheNodeId, account, region, namespace" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 90, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 90, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS EC2 - High Memory Utilization", - "description": "This alert fires when the average memory utilization within a 5 minute interval for an EC2 instance is high (>=85%).", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/ec2 metric=Mem_UsedPercent account=* region=* instanceid=* | avg by account, region, namespace, instanceid" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon ECS - High Memory Utilization", - "description": "This alert fires when the average memory utilization within a 5 minute interval for a service within a cluster is high (>=85%).", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/ecs metric=MemoryUtilization statistic=Average account=* region=* ClusterName=* ServiceName=* | avg by ClusterName, ServiceName, account, region, namespace" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS PostgreSQL - Excessive Slow Query Detected", - "description": "This alert fires when we detect the average time to execute a query is more than 5 seconds over a 10 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/rds dbidentifier=* _sourceHost=/aws/rds/*postgresql\n| json \"message\" nodrop \n| if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\"\n| 5000 as threshold // customize if need different value. As an example, query taking more than 5 Seconds is considered as Excessive Slow.\n| where execution_time_ms > threshold \n| count by dbidentifier, database" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS MySQL - High Authentication Failure", - "description": "This alert fires when we detect more then 10 authentication failure over a 5 minute time-period", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/rds dbidentifier=* _sourceHost=/aws/rds/*Error \"Access denied for user\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n| parse field=message \" * [Note] Access denied for user '*'@'*' (using *: *)\" as requestid, user, host, authenticationType, flag nodrop\n| parse field=message \"[Warning] Access denied for user '*'@'*' (using *: *)\" as user, host, authenticationType, flag nodrop\n| count as event_count" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 10, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 10, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS API Gateway - High Client-Side Errors", - "description": "This alert fires where there are too many API requests (>5%) with client-side errors within 5 minutes. This can indicate an issue in the authorisation or client request parameters. It could also mean that a resource was removed or a client is requesting one that doesn't exist. Errors could also be caused by exceeding the configured throttling limit.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/apigateway (metric=4XX or metric=4xxError or metric=ClientError) Statistic=Average account=* region=* apiname=* stage=* !(route=*) !(resource=*) | avg by apiname, namespace, region, account, stage" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0.05, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0.05, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Classic Load Balancer - Deletion Alert", - "description": "This alert fires when we detect greater than or equal to 2 application load balancers are deleted over a 5 minute time-period.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/elb \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"\\\"apiVersion\\\":\\\"2012-06-01\\\"\"\n| json \"eventSource\", \"eventName\" as event_source, event_name nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" \n| where event_name matches \"DeleteLoadBalancer\"" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 2, - "thresholdType": "GreaterThanOrEqual", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": "-5m", - "timeRange": "-5m", - "threshold": 2, - "thresholdType": "LessThan", - "field": null - } - ], - "timeZone": "Asia/Kolkata", - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Lambda - High Percentage of Failed Requests", - "description": "This alert fires when we detect a large number of failed Lambda requests (>5%) within an interval of 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/lambda metric=Errors Statistic=Sum account=* region=* functionname=* | sum by functionname, account, region, namespace" - }, - { - "rowId": "B", - "query": "Namespace=aws/lambda metric=Invocations Statistic=Sum account=* region=* functionname=* | sum by functionname, account, region, namespace" - }, - { - "rowId": "C", - "query": "#A * 100 / #B along functionname, account, region, namespace" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS - Low Freeable Memory", - "description": "This alert fires when the average Freeable memory of an RDS instance is < 128 MB for an interval of 15 minutes. If this value is lower you may need to scale up to a larger instance class.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/rds metric=FreeableMemory statistic=average | eval _value/(1024*1024) | avg by dbidentifier, namespace, region, account" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-15m", - "threshold": 128, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-15m", - "threshold": 128, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS PostgreSQL - High Authentication Failure", - "description": "This alert fires when we detect more than 10 authentication failure in Postgres logs over a 5 minute time-period", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \"authentication failed\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where msg matches \"*authentication failed*\"" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 10, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 10, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Lambda - High Memory Utilization", - "description": "This alert fires when we detect a Lambda execution with memory usage of more than 85% within an interval of 10 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* Namespace=aws/lambda Memory Size Used\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| _sourceName as logStream | _sourceHost as logGroup\n| parse regex field=message \"REPORT\\s+RequestId:\\s+(?[^\\s]+)\\s+Duration:\\s+(?[^\\s]+)\\s+ms\\s+Billed Duration:\\s+(?[^\\s]+)\\s+ms\\s+Memory\\s+Size:\\s+(?[^\\s]+)\\s+MB\\s+Max\\s+Memory\\s+Used:\\s+(?[^\\s]+)\\s+MB\" \n| parse field=loggroup \"/aws/lambda/*\" as functionname\n| avg(MemorySize) as MemorySizeAvg, avg(MaxMemoryUsed) as MaxMemoryUsedAvg by functionname\n| (MaxMemoryUsedAvg/MemorySizeAvg)*100 as memoryUtilization\n| where memoryUtilization>85" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-10m", - "threshold": 0, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-10m", - "threshold": 0, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS DynamoDB - Multiple Tables deleted", - "description": "This alert fires when five or more tables are deleted within 15 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/dynamodb eventSource \"dynamodb.amazonaws.com\"\n| json \"eventSource\", \"eventName\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as event_source, event_name, tablename, SourceIp, UserName, ContextUserName nodrop\n| where event_source = \"dynamodb.amazonaws.com\" and event_name = \"DeleteTable\"\n| if (isEmpty(UserName), ContextUserName, UserName) as user\n| count by _messageTime, account, region, namespace, event_name, user, tablename\n| formatDate(_messageTime, \"MM/dd/yyyy HH:mm:ss:SSS Z\") as message_date\n| fields message_date, account, region, namespace, event_name, user, tablename\n| fields -_messageTime" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-15m", - "threshold": 5, - "thresholdType": "GreaterThanOrEqual", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-15m", - "threshold": 5, - "thresholdType": "LessThan", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS API Gateway - High WAF Latency", - "description": "This alert fires when we detect the high WAF latency for the REST and WebSocket API requests in a stage within 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "1m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=* apiname=* apiid stage domainname requestId wafLatency \n| json \"wafLatency\", \"apiId\", \"stage\" as wafLatency, apiid, stage \n| pct(wafLatency, 90) as wafLatency90th by apiid,stage" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 1000, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 1000, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon Elasticache - Multiple Failed Operations", - "description": "This alert fires when we detect multiple failed operations within a 15 minute interval for an ElastiCache service.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/elasticache \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" errorCode errorMessage\n| json \"eventSource\", \"errorCode\", \"errorMessage\", \"userIdentity\", \"requestParameters\", \"responseElements\" as event_source, error_code, error_message, user_identity, requestParameters, responseElements nodrop\n| json field=requestParameters \"cacheClusterId\" as req_cacheClusterId nodrop\n| json field=responseElements \"cacheClusterId\" as res_cacheClusterId nodrop\n| json field=user_identity \"arn\", \"userName\" nodrop \n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where event_source matches \"elasticache.amazonaws.com\" and !isEmpty(error_code) and !isEmpty(error_message) and !isEmpty(user)\n| count as event_count by _messageTime, account, region, event_source, error_code, error_message, user, cacheclusterid\n| formatDate(_messageTime, \"MM/dd/yyyy HH:mm:ss:SSS Z\") as message_date\n| fields message_date, account, region, event_source, error_code, error_message, user, cacheclusterid\n| fields -_messageTime" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-15m", - "threshold": 10, - "thresholdType": "GreaterThanOrEqual", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-15m", - "threshold": 10, - "thresholdType": "LessThan", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS - High CPU Utilization", - "description": "This alert fires when we detect that the average CPU utilization for a database is high (>=85%) for an interval of 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/rds metric=CPUUtilization statistic=Average account=* region=* dbidentifier=* | avg by dbidentifier, namespace, region, account" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Application Load Balancer - High 4XX Errors", - "description": "This alert fires where there are too many HTTP requests (>5%) with a response status of 4xx within an interval of 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/applicationelb metric=HTTPCode_ELB_4XX_Count Statistic=Sum account=* region=* loadbalancer=* | sum by loadbalancer, account, region, namespace" - }, - { - "rowId": "B", - "query": "Namespace=aws/applicationelb metric=RequestCount Statistic=Sum account=* region=* loadbalancer=* | sum by loadbalancer, account, region, namespace" - }, - { - "rowId": "C", - "query": "#A * 100 / #B along loadbalancer, account, region, namespace" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS EC2 - High System CPU Utilization", - "description": "This alert fires when the average system CPU utilization within a 5 minute interval for an EC2 instance is high (>=85%).", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/ec2 metric=CPU_Sys account=* region=* instanceid=* | avg by account, region, namespace, instanceid" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS DynamoDB - System Errors", - "description": "This alert fires when we detect system errors for a dynamodb table is high (>10) for a time interval of 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/dynamodb metric=SystemErrors statistic=samplecount | sum" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 10, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 10, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Classic Load Balancer - Targets Deregistered", - "description": "This alert fires when we detect greater than or equal to 1 target is de-registered over a 5 minute time-period.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/elb \"\"eventsource\":\"elasticloadbalancing.amazonaws.com\"\" \"\"apiVersion\":\"2012-06-01\"\" \n| json \"eventSource\", \"eventName\" as event_source, event_name nodrop \n| where event_source = \"elasticloadbalancing.amazonaws.com\" \n| where event_name matches \"DeregisterInstancesFromLoadBalancer\"" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 1, - "thresholdType": "GreaterThanOrEqual", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": "-5m", - "timeRange": "-5m", - "threshold": 1, - "thresholdType": "LessThan", - "field": null - } - ], - "timeZone": "Asia/Kolkata", - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS API Gateway - High Integration Errors", - "description": "This alert fires where there are too many API requests (>5%) with integration errors within 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "1m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/apigateway apiname=* apiid stage domainname requestId integrationError\n| json \"status\", \"integrationError\", \"apiid\", \"stage\" as status, integrationError, apiid, stage \n| if (!(integrationError matches \"-\") and !(status matches \"2*\"), 1, 0) as is_integrationError \n| sum(is_integrationError) as integrationError_count, count as totalRequests by apiid, stage \n| (integrationError_count*100/totalRequests) as integrationError_percent \n| fields integrationError_percent, apiid, stage" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Network Load Balancer - Targets Deregistered", - "description": "This alert fires when we detect greater than or equal to 1 target is de-registered over a 5 minute time-period.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"errorCode\" \"2015-12-01\" | json \"eventSource\", \"eventName\",\"apiVersion\" as event_source, event_name, api_version nodrop \n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\" and namespace matches \"aws/networkelb\"\n| where event_name matches \"DeregisterTargets\"" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 1, - "thresholdType": "GreaterThanOrEqual", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": "-5m", - "timeRange": "-5m", - "threshold": 1, - "thresholdType": "LessThan", - "field": null - } - ], - "timeZone": "Asia/Kolkata", - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS - Oracle Logs - DB Crash", - "description": "This alert fires when we detect greater than or equal to 1 Oracle DB crash over a 5 minute time-period.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/rds dbidentifier=* _sourceHost=/aws/rds/*alert ORA-*\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message \n| parse regex field=message \"(?ORA-\\d{5}): (?.*)\" multi\n| count" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 1, - "thresholdType": "GreaterThanOrEqual", - "field": "_count" - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": "-5m", - "timeRange": "-5m", - "threshold": 1, - "thresholdType": "LessThan", - "field": "_count" - } - ], - "timeZone": "Asia/Colombo", - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS API Gateway - High Latency", - "description": "This alert fires when we detect the high Latency in a stage within 5 minutes for REST and HTTP API. Find the IntegrationLatency metric value to check the API backend latency. If the two metrics are mostly aligned, the API backend is the source of higher latency and you should investigate there for issues. View this metric per resource and method and narrow down the source of the latency.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* Namespace=aws/apigateway metric=Latency statistic=p90 apiname=* stage=* !(route=*) !(resource=*) | avg by apiname, namespace, region, account, stage" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 2500, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 2500, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon Elasticache - High CPU Utilization", - "description": "This alert fires when the average CPU utilization within a 5 minute interval for a host is high (>=90%). The CPUUtilization metric includes total CPU utilization across application, operating system and management processes. We highly recommend monitoring CPU utilization for hosts with two vCPUs or less.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/elasticache metric=CPUUtilization statistic=Average account=* region=* CacheClusterId=* CacheNodeId=* | avg by CacheClusterId, CacheNodeId, account, region, namespace" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 90, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 90, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS API Gateway - Low Traffic API", - "description": "This alert fires where there is low message traffic volume for the API within 5 minutes. This can indicate an issue with the application calling the API such as using incorrect endpoints. It could also indicate an issue with the configuration or permissions of the API making it unreachable for clients. This alarm is not recommended for APIs that don't expect constant and consistent traffic.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/apigateway (metric=ConnectCount OR metric=Count) statistic=SampleCount account=* region=* apiname=* stage=* !(route=*) !(resource=*) | quantize using sum | sum by apiname, namespace, region, account, stage" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-10m", - "threshold": 1, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-10m", - "threshold": 1, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon Elasticache - Low Redis Cache Hit Rate", - "description": "This alert fires when the average cache hit rate for Redis within a 5 minute interval is low (<= 80%). This indicates low efficiency of the Redis instance. If cache ratio is lower than 80%, that indicates a significant amount of keys are either evicted, expired, or don't exist.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/elasticache metric=CacheHitRate statistic=Average account=* region=* CacheClusterId=* CacheNodeId=* | avg by account, region, namespace, CacheClusterId, CacheNodeId" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 80, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 80, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS API Gateway - High Authorizer Errors", - "description": "This alert fires where there are too many API requests (>5%) with authorizer errors within 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "1m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/apigateway apiname=* apiid stage domainname requestId authorizerError\n| json \"status\", \"authorizerError\", \"apiid\", \"stage\" as status, authorizerError, apiid, stage \n| if (!(authorizerError matches \"-\") and !(status matches \"2*\"), 1, 0) as is_authorizerError \n| sum(is_authorizerError) as is_authorizerError_count, count as totalRequests by apiid, stage \n| (is_authorizerError_count*100/totalRequests) as authorizerError_percent \n| fields authorizerError_percent, apiid, stage" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS SNS - Notification to DLQ", - "description": "This alert fires when an SNS topic messages are moved to a dead-letter queue.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/sns topicname=* metric=NumberOfNotificationsRedrivenToDlq statistic=sum | sum by account, region, namespace, topicname" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS SQS - Message processing not fast enough", - "description": "This alert fires when we detect message processing is not fast enough. That is, the average approximate age of the oldest non-deleted message in the queue is more than 5 seconds for an interval of 5 minutes", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "metric=ApproximateAgeOfOldestMessage Statistic=avg region=* account=* queuename=* namespace=aws/sqs | avg by account,region,namespace,queuename " - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "Amazon RDS MSSQL - Authentication failures from the same client IP on multiple databases", - "description": "This alert fires when we detect specific client IP attempting authentication failures on more than or equal to 10 databases over a 15 minute time-period.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/rds dbidentifier=* _sourceHost=/aws/rds/*Error Logon Login failed for user\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* Logon Login failed for user '*'. Reason: * [CLIENT: *]\" as time, user, reason, client_ip\n| count_distinct(dbidentifier) as unique_db by client_ip\n| 10 as threshold\n| where unique_db >= threshold\n| sort by unique_db, client_ip asc\n| fields - threshold" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-15m", - "threshold": 1, - "thresholdType": "GreaterThanOrEqual", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-15m", - "threshold": 1, - "thresholdType": "LessThan", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS EC2 CW - Status Check Failed", - "description": "This alert fires when there is a status check failures within a 5 minute interval for an EC2 instance.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/ec2 instanceid=* metric=StatusCheckFailed statistic=maximum | filter latest=1 | count by account, region, namespace,instanceid " - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 0, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS Lambda - Throttling", - "description": "This alert fires when we detect a Lambda running into throttling within an interval of 10 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "4m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/lambda metric=Throttles statistic=average account=* region=* functionname=* Resource=* | avg by account, region,namespace, functionname " - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-10m", - "threshold": 0, - "thresholdType": "GreaterThan", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-10m", - "threshold": 0, - "thresholdType": "LessThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS API Gateway - High WAF Errors", - "description": "This alert fires where there are too many API requests (>5%) with WAF errors within 5 minutes.", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Logs", - "evaluationDelay": "1m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "account=* region=* namespace=aws/apigateway apiname=* apiid stage domainname requestId \n| json \"status\", \"apiid\", \"stage\", \"wafResponseCode\" as status, apiid, stage, wafResponseCode \n| if (wafResponseCode==\"WAF_BLOCK\" and !(status matches \"2*\"), 1, 0) as is_wafError \n| sum(is_wafError) as is_wafError_count, count as totalRequests by apiid, stage \n| (is_wafError_count*100/totalRequests) as wafError_percent \n| fields wafError_percent, apiid, stage" - } - ], - "triggers": [ - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "GreaterThan", - "field": null - }, - { - "detectionMethod": "LogsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 5, - "thresholdType": "LessThanOrEqual", - "field": null - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - }, - { - "name": "AWS EC2 - High Disk Utilization", - "description": "This alert fires when the average disk utilization within a 5 minute time interval for an EC2 instance is high (>=85%).", - "type": "MonitorsLibraryMonitorExport", - "monitorType": "Metrics", - "evaluationDelay": "0m", - "alertName": null, - "runAs": null, - "notificationGroupFields": [], - "queries": [ - { - "rowId": "A", - "query": "Namespace=aws/ec2 metric=Disk_UsedPercent account=* region=* instanceid=* | avg by account, region, namespace, instanceid, devname" - } - ], - "triggers": [ - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "Critical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "GreaterThanOrEqual", - "occurrenceType": "Always", - "minDataPoints": 2 - }, - { - "detectionMethod": "MetricsStaticCondition", - "triggerType": "ResolvedCritical", - "resolutionWindow": null, - "timeRange": "-5m", - "threshold": 85, - "thresholdType": "LessThan", - "occurrenceType": "Always", - "minDataPoints": 2 - } - ], - "timeZone": null, - "notifications": [], - "isDisabled": true, - "groupNotifications": true, - "playbook": "", - "sloId": null, - "monitorTemplateId": null, - "tags": null, - "automatedPlaybookIds": [] - } - ] -} \ No newline at end of file diff --git a/aws-observability/json/Api-Gateway-App.json b/aws-observability/json/Api-Gateway-App.json deleted file mode 100644 index ee58d463..00000000 --- a/aws-observability/json/Api-Gateway-App.json +++ /dev/null @@ -1,7618 +0,0 @@ -{ - "type": "FolderSyncDefinition", - "name": "AWS API Gateway", - "description": "The Sumo Logic App for AWS API Gateway provides visibility into your Amazon APIGateway Service. The App\u2019s Dashboards provide preconfigured searches and filters that allow you to monitor your API Gateway Infrastructure.", - "children": [ - { - "type": "DashboardV2SyncDefinition", - "name": "1. AWS API Gateway - Latency, Cache (REST API)", - "description": "AWS API Gateway - Latency, Cache (REST API) dashboard provides insights into API Gateway performance including API requests, latency, API cache hits, and back-end cache misses.", - "title": "1. AWS API Gateway - Latency, Cache (REST API)", - "theme": "Light", - "topologyLabelMap": { - "data": { - "apiname": [ - "*" - ], - "a429f7579091c0359a5e252d2e30c75b": [ - "*" - ], - "namespace": [ - "aws/apigateway" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-d8cca1fd9e28fa4e", - "structure": "{\"height\":2,\"width\":24,\"x\":0,\"y\":8}" - }, - { - "key": "panelpane-be2d46b2823fbb44", - "structure": "{\"height\":2,\"width\":24,\"x\":0,\"y\":23}" - }, - { - "key": "panelpane-825676c9a42b7844", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":10}" - }, - { - "key": "panelpane-95b93c0ea7c2694f", - "structure": "{\"height\":6,\"width\":17,\"x\":7,\"y\":25}" - }, - { - "key": "panelpane-de1fae9b96f50949", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":39}" - }, - { - "key": "panelpane-611d41d29c4b0b46", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":39}" - }, - { - "key": "panelpane-86be2b008a2db942", - "structure": "{\"height\":1,\"width\":12,\"x\":0,\"y\":38}" - }, - { - "key": "panelpane-903472b3b1481b4a", - "structure": "{\"height\":1,\"width\":12,\"x\":12,\"y\":38}" - }, - { - "key": "panel6CA130B4B9D91948", - "structure": "{\"height\":6,\"width\":7,\"x\":0,\"y\":25}" - }, - { - "key": "panelC680C9AB908EAA47", - "structure": "{\"height\":6,\"width\":16,\"x\":8,\"y\":10}" - }, - { - "key": "panel124A719C8F774847", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":16}" - }, - { - "key": "panel8C9DC835B7C5CB47", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":31}" - }, - { - "key": "panelE6120B3A9FA25843", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":1}" - }, - { - "key": "panel36230F3D8701C847", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-d8cca1fd9e28fa4e", - "title": "Latency", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\",\"alignment\":\"left\",\"fontSize\":16},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "Time in between API Gateway receives request from client and returns response to the client" - }, - { - "id": null, - "key": "panelpane-be2d46b2823fbb44", - "title": "Integration Latency", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\",\"fontSize\":16,\"alignment\":\"left\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "Time in between API Gateway relays request to backend and receives response from backend" - }, - { - "id": null, - "key": "panelpane-825676c9a42b7844", - "title": "Average Latency (ms)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":500,\"color\":\"#75bf00\"},{\"from\":500,\"to\":1000,\"color\":\"#f6c851\"},{\"from\":1000,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[{\"label\":\"stage\",\"value\":\"stage\"}],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency statistic=Average apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | avg by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-95b93c0ea7c2694f", - "title": "Integration Latency for REST API (ms)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":1},\"axes\":{\"axisY\":{\"title\":\"\",\"unit\":{\"value\":\"ms\",\"isCustom\":false}},\"axisX\":{}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"apiname={{apiname}} stage={{stage}} - avg\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"apiname={{apiname}} stage={{stage}} - max\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=Average apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | avg by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=maximum apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | quantize using max | max by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-de1fae9b96f50949", - "title": "Cache Hit Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Cache Hit Rate\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}} - {{stage}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=CacheHitCount statistic=Average apiname={{apiname}} stage={{stage}} !(apiid=*) !(resource=*) | avg by account, region, namespace, apiname, stage | eval _value * 100 ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-611d41d29c4b0b46", - "title": "Cache Miss Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Cache Miss Rate\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}} - {{stage}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=CacheMissCount statistic=Average apiname={{apiname}} stage={{stage}} !(apiid=*) !(resource=*) | avg by account, region, namespace, apiname, stage | eval _value * 100", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-86be2b008a2db942", - "title": " Requests Served From API Cache (Cache Hits)", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-903472b3b1481b4a", - "title": "Requests Served From Back-end (Cache Misses)", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel6CA130B4B9D91948", - "title": "Average Integration Latency (ms)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":500,\"color\":\"#75bf00\"},{\"from\":500,\"to\":1000,\"color\":\"#f6c851\"},{\"from\":1000,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[{\"label\":\"stage\",\"value\":\"stage\"}],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=Average apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | avg by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelC680C9AB908EAA47", - "title": "Latency for REST API (ms)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"unit\":{\"value\":\"ms\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"apiname={{apiname}} stage={{stage}} - avg\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"apiname={{apiname}} stage={{stage}} - max\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency statistic=Average apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | avg by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency statistic=maximum apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | quantize using max | max by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel124A719C8F774847", - "title": "Percentile Latency (ms)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"decimals\":2}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency statistic=average apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | pct(99.0) by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency statistic=average apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | pct(95.0) by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": " account={{account}} region={{region}} Namespace={{namespace}} metric=Latency statistic=average apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | pct(50.0) by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8C9DC835B7C5CB47", - "title": "Percentile Integration Latency (ms)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"decimals\":2}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=average apiname={{apiname}} stage={{stage}} !(apiid=*) !(resource=*) | pct(99.0) by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=average apiname={{apiname}} stage={{stage}} !(apiid=*) !(resource=*) | pct(95.0) by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=average apiname={{apiname}} stage={{stage}} !(apiid=*) !(resource=*) | pct(50.0) by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelE6120B3A9FA25843", - "title": "REST API Requests (Today, Yesterday, Last Week)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":1},\"axes\":{\"axisY\":{\"title\":\"Requests\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Today - {{apiname}} - {{stage}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Yesterday - {{apiname}} - {{stage}}\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Last Week - {{apiname}} - {{stage}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count Statistic=samplecount apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | quantize using sum | sum by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count Statistic=samplecount apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | quantize using sum | sum by account, region, namespace, apiname, stage | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count Statistic=samplecount apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | quantize using sum | sum by account, region, namespace, apiname, stage | timeshift 7d", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel36230F3D8701C847", - "title": "API Calls Over Time", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/apigateway", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/apigateway", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiname", - "displayName": "apiname", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} !apiid=*", - "key": "apiname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "stage", - "displayName": "stage", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} !apiid=*", - "key": "stage" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "1. AWS API Gateway - Overview (REST API)", - "description": "AWS API Gateway - Overview (REST API) dashboard provides insights into API Gateway performance throughout your infrastructure, including API calls, latency, client and server-side errors, API cache hits, and back-end cache misses.", - "title": "1. AWS API Gateway - Overview (REST API)", - "theme": "Light", - "topologyLabelMap": { - "data": { - "7ae47b9d9e33e5ebc6814649ff94eff6": [ - "*" - ], - "namespace": [ - "aws/apigateway" - ], - "region": [ - "*" - ], - "_sumo_domain_name": [ - "aws" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-1282e8dc8b362944", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panelpane-d8cca1fd9e28fa4e", - "structure": "{\"height\":2,\"width\":12,\"x\":0,\"y\":27}" - }, - { - "key": "panelpane-be2d46b2823fbb44", - "structure": "{\"height\":2,\"width\":12,\"x\":12,\"y\":27}" - }, - { - "key": "panelpane-afb5d2309a793847", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":37}" - }, - { - "key": "panelpane-825676c9a42b7844", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":21}" - }, - { - "key": "panelpane-0f271c0fbb72984c", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":37}" - }, - { - "key": "panelpane-aac836daa8753b49", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":50}" - }, - { - "key": "panelpane-3f51a1d2b3563b4c", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":50}" - }, - { - "key": "panelpane-de1fae9b96f50949", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":21}" - }, - { - "key": "panelpane-86be2b008a2db942", - "structure": "{\"height\":1,\"width\":12,\"x\":0,\"y\":43}" - }, - { - "key": "panelpane-903472b3b1481b4a", - "structure": "{\"height\":1,\"width\":12,\"x\":12,\"y\":43}" - }, - { - "key": "panelpane-30914953bcc44b4e", - "structure": "{\"height\":1,\"width\":12,\"x\":0,\"y\":14}" - }, - { - "key": "panelpane-2e8c53a18e9a484c", - "structure": "{\"height\":1,\"width\":12,\"x\":12,\"y\":14}" - }, - { - "key": "panelpane-70bda313b0965946", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":8}" - }, - { - "key": "panelpane-7a458955b12bd94e", - "structure": "{\"height\":6,\"width\":6,\"x\":6,\"y\":8}" - }, - { - "key": "panelpane-c557c5d28b2c684f", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":8}" - }, - { - "key": "panelpane-51ff6a2cae479944", - "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":29}" - }, - { - "key": "panelpane-30c3b615b3da684f", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":29}" - }, - { - "key": "panelPANE-F43AE7E8952D5A40", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":1}" - }, - { - "key": "panel2E87BBF8B812DA42", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":15}" - }, - { - "key": "panel962E30A3A454D84C", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":15}" - }, - { - "key": "panel4AC14889953AE94B", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":44}" - }, - { - "key": "panel028E3741B861C84E", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":44}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-1282e8dc8b362944", - "title": "All API Calls", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-d8cca1fd9e28fa4e", - "title": "Latency", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\",\"alignment\":\"left\",\"fontSize\":16,\"format\":\"text\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "Overall Latency in ms" - }, - { - "id": null, - "key": "panelpane-be2d46b2823fbb44", - "title": "Integration Latency", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\",\"fontSize\":16,\"alignment\":\"left\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "Time in between API Gateway relays request to backend and receives response from backend" - }, - { - "id": null, - "key": "panelpane-afb5d2309a793847", - "title": "Average Latency (ms)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":1},\"axes\":{\"axisY\":{\"title\":\"\",\"unit\":{\"value\":\"ms\",\"isCustom\":false}},\"axisX\":{}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency statistic=Average apiname={{apiname}} !(apiid = *) !(stage = *) | avg by account, region, namespace, apiname", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-825676c9a42b7844", - "title": "5XX Errors", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":1,\"markerSize\":1},\"axes\":{\"axisY\":{\"title\":\"Sum of 5XX Errors\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=5XXError Statistic=Sum apiname={{apiname}} !(apiid = *) !(stage = *)| quantize using sum | sum by account, region, namespace, apiname", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-0f271c0fbb72984c", - "title": "Average Integration Latency (ms)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":1},\"axes\":{\"axisY\":{\"title\":\"\",\"unit\":{\"value\":\"ms\",\"isCustom\":false}},\"axisX\":{}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=Average apiname={{apiname}} !(apiid = *) !(stage = *) | avg by account, region, namespace, apiname", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-aac836daa8753b49", - "title": "Cache Hit Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Cache Hit Rate \"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=CacheHitCount statistic=Average apiname={{apiname}} !(apiid = *) !(stage = *) | avg by account, region, namespace, apiname | eval _value * 100", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-3f51a1d2b3563b4c", - "title": "Cache Miss Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Cache Miss Rate \"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=CacheMissCount statistic=Average apiname={{apiname}} !(apiid = *) !(stage = *) | avg by account, region, namespace, apiname | eval _value * 100", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-de1fae9b96f50949", - "title": "4XX Errors", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":12,\"titleFontFamily\":\"Lab Grotesque Medium, \\\"Arial Bold\\\", sans-serif\",\"titleFontColor\":\"#6D8DA6\",\"titleFontWeight\":\"normal\",\"labelFontColor\":\"#6D8DA6\",\"lineColor\":\"#DDE4E9\",\"stripLines\":[],\"gridThickness\":1,\"lineThickness\":0,\"labelFontSize\":12,\"tickColor\":\"#E6EAED\",\"logarithmic\":false,\"linear\":false,\"unit\":{\"value\":\"\",\"isCustom\":false},\"includeZero\":true,\"gridColor\":\"#dde4e9\",\"labelFontFamily\":\"Lab Grotesque Regular, \\\"Arial\\\", sans-serif\",\"labelFontWeight\":\"normal\",\"title\":\"Sum of 4XX Errors\"},\"axisY2\":{\"title\":\"\",\"titleFontSize\":12,\"titleFontFamily\":\"Lab Grotesque Medium, \\\"Arial Bold\\\", sans-serif\",\"titleFontColor\":\"#6D8DA6\",\"titleFontWeight\":\"normal\",\"labelFontColor\":\"#6D8DA6\",\"lineColor\":\"#DDE4E9\",\"stripLines\":[],\"lineThickness\":0,\"labelFontSize\":12,\"tickColor\":\"#E6EAED\",\"logarithmic\":false,\"linear\":false,\"unit\":{\"value\":\"\",\"isCustom\":false},\"gridThickness\":0,\"valueFormatString\":\"\",\"includeZero\":true,\"gridColor\":\"#E6EAED\",\"labelFontFamily\":\"Lab Grotesque Regular, \\\"Arial\\\", sans-serif\",\"labelFontWeight\":\"normal\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=4XXError Statistic=Sum apiname={{apiname}} !(apiid = *) !(stage = *) | quantize using sum | sum by account, region, namespace, apiname", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-86be2b008a2db942", - "title": " Requests Served From API Cache (Cache Hits)", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-903472b3b1481b4a", - "title": "Requests Served From Back-end (Cache Misses)", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-30914953bcc44b4e", - "title": "Client Side Errors", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-2e8c53a18e9a484c", - "title": "Server Side Errors", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-70bda313b0965946", - "title": "API Calls", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Total Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false},\"valueFontSize\":20},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count statistic=Sum apiname={{apiname}} !(apiid = *) !(stage = *) | quantize using sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-7a458955b12bd94e", - "title": "Unique API Calls", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Maximum\",\"label\":\"Unique Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false},\"valueFontSize\":20},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count statistic=Sum apiname={{apiname}} !(apiid = *) !(stage = *) | quantize using sum | sum by account, region, namespace, apiname | count", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-c557c5d28b2c684f", - "title": "API Calls by apiname", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"aggregationType\":\"sum\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Calls\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count statistic=Sum apiname={{apiname}} !(apiid = *) !(stage = *) | quantize using sum | sum by apiname | eval round(_value)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-51ff6a2cae479944", - "title": "Average Latency (ms)", - "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":500,\"color\":\"#75bf00\"},{\"from\":500,\"to\":1000,\"color\":\"#f6c851\"},{\"from\":1000,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency statistic=Average apiname={{apiname}} !(apiid = *) !(stage = *) | avg by account, region, namespace, apiname", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-30c3b615b3da684f", - "title": "Average Integration Latency (ms)", - "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":500,\"color\":\"#75bf00\"},{\"from\":500,\"to\":1000,\"color\":\"#f6c851\"},{\"from\":1000,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=Average apiname={{apiname}} !(apiid = *) !(stage = *) | avg by account, region, namespace, apiname", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-F43AE7E8952D5A40", - "title": "API Requests (Today, Yesterday, Last Week)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Last Week\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count Statistic=sum apiname={{apiname}} !(apiid = *) !(stage = *) | quantize using sum | sum by account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count Statistic=sum apiname={{apiname}} !(apiid = *) !(stage = *) | quantize using sum | sum by account, region, namespace | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count Statistic=sum apiname={{apiname}} !(apiid = *) !(stage = *) | quantize using sum | sum by account, region, namespace | timeshift 7d", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2E87BBF8B812DA42", - "title": "4XX Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#75bf00\"},{\"from\":1,\"to\":5,\"color\":\"#f6c851\"},{\"from\":5,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=4XXError Statistic=Sum apiname={{apiname}} !(apiid = *) !(stage = *) | quantize using sum | sum by account, region, namespace, apiname", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel962E30A3A454D84C", - "title": "5XX Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#75bf00\"},{\"from\":1,\"to\":5,\"color\":\"#f6c851\"},{\"from\":5,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=5XXError Statistic=Sum apiname={{apiname}} !(apiid = *) !(stage = *)| quantize using sum | sum by account, region, namespace, apiname", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4AC14889953AE94B", - "title": "Cache Hit Rate", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":75,\"to\":null,\"color\":\"#75bf00\"},{\"from\":30,\"to\":75,\"color\":\"#f6c851\"},{\"from\":0,\"to\":30,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=CacheHitCount statistic=Average apiname={{apiname}} !(apiid = *) !(stage = *) | avg by account, region, namespace, apiname | eval _value * 100", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel028E3741B861C84E", - "title": "Cache Miss Rate", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":30,\"color\":\"#75bf00\"},{\"from\":30,\"to\":75,\"color\":\"#f6c851\"},{\"from\":75,\"to\":101,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=CacheMissCount statistic=Average apiname={{apiname}} !(apiid = *) !(stage = *) | avg by account, region, namespace, apiname | eval _value * 100", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/apigateway", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/apigateway", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiname", - "displayName": "apiname", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} !apiid=*", - "key": "apiname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "2. AWS API Gateway - Latency (HTTP and WebSocket API)", - "description": "AWS API Gateway - Latency (HTTP and WebSocket API) dashboard provides insights into API Gateway performance including API requests, and latency.", - "title": "2. AWS API Gateway - Latency (HTTP and WebSocket API)", - "theme": "Light", - "topologyLabelMap": { - "data": { - "apiname": [ - "*" - ], - "7ae47b9d9e33e5ebc6814649ff94eff6": [ - "*" - ], - "a429f7579091c0359a5e252d2e30c75b": [ - "*" - ], - "namespace": [ - "aws/apigateway" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-1282e8dc8b362944", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":15}" - }, - { - "key": "panelpane-07fe4834864daa40", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":16}" - }, - { - "key": "panelpane-d8cca1fd9e28fa4e", - "structure": "{\"height\":2,\"width\":24,\"x\":0,\"y\":1}" - }, - { - "key": "panelpane-825676c9a42b7844", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":3}" - }, - { - "key": "panel8788D867B6D5FA45", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panel9EF47F71AD25DB4A", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":14}" - }, - { - "key": "panel154055B9B382FB47", - "structure": "{\"height\":2,\"width\":24,\"x\":0,\"y\":22}" - }, - { - "key": "panelD941E688AE001A47", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":16}" - }, - { - "key": "panel22D51E9DAC725B48", - "structure": "{\"height\":5,\"width\":24,\"x\":0,\"y\":30}" - }, - { - "key": "panel3B4EC738BA99F841", - "structure": "{\"height\":5,\"width\":24,\"x\":0,\"y\":9}" - }, - { - "key": "panel56731094A90FDB42", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":24,\"minHeight\":3,\"minWidth\":3}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-1282e8dc8b362944", - "title": "API Calls Over Time", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-07fe4834864daa40", - "title": "HTTP API Requests (Today, Yesterday, Last Week)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":1},\"axes\":{\"axisY\":{\"title\":\"Requests\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Today, {{apiname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Yesterday, {{apiname}}\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Last Week, {{apiname}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count Statistic=samplecount apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum by namespace, region, account, apiname", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count Statistic=samplecount apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum by namespace, region, account, apiname | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count Statistic=samplecount apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum by namespace, region, account, apiname | timeshift 7d", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-d8cca1fd9e28fa4e", - "title": "Latency", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\",\"alignment\":\"left\",\"fontSize\":16},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "Time in between API Gateway receives request from client and returns response to the client" - }, - { - "id": null, - "key": "panelpane-825676c9a42b7844", - "title": "Latency for HTTP API (ms)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":1},\"axes\":{\"axisY\":{\"title\":\"Millisecond\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"apiname={{apiname}} stage={{stage}} - avg\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"name\":\"apiname={{apiname}} stage={{stage}} - max\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency statistic=Average apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | avg by account, namespace, region, apiname, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency statistic=maximum apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using max | max by account, namespace, region, apiname, stage", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8788D867B6D5FA45", - "title": "HTTP API", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel9EF47F71AD25DB4A", - "title": "HTTP and WebSocket API", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel154055B9B382FB47", - "title": "Integration Latency", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\",\"fontSize\":16,\"alignment\":\"left\"},\"title\":{\"fontSize\":\"20\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "Time in between API Gateway relays request to backend and receives response from backend" - }, - { - "id": null, - "key": "panelD941E688AE001A47", - "title": "WebSocket API Requests (Today, Yesterday, Last Week)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":1},\"axes\":{\"axisY\":{\"title\":\"Requests\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Today, {{apiname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Yesterday, {{apiname}}\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Last Week, {{apiname}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=ConnectCount Statistic=samplecount apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum by namespace, region, account, apiname", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=ConnectCount Statistic=samplecount apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum by namespace, region, account, apiname | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=ConnectCount Statistic=samplecount apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum by namespace, region, account, apiname | timeshift 7d", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel22D51E9DAC725B48", - "title": "Percentile Integration Latency (ms)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"decimals\":2}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=average apiname={{apiname}} apiid={{apiid}} stage={{stage}} !(route=*) !(resource=*) | pct(99.0) by apiname, namespace, region, account, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=average apiname={{apiname}} apiid={{apiid}} stage={{stage}} !(route=*) !(resource=*) | pct(95.0) by apiname, namespace, region, account, stage", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=average apiname={{apiname}} apiid={{apiid}} stage={{stage}} !(route=*) !(resource=*) | pct(50.0) by apiname, namespace, region, account, stage", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [ - { - "id": "tCLgUWJIvWnEjJEIoja2JehqbzPm22kJLuF77O2IlT2b2gw9g6rWuFGigXyU", - "relativePath": "../../AWS Lambda/1. AWS Lambda - Request Analysis", - "includeTimeRange": true, - "includeVariables": true - } - ] - }, - { - "id": null, - "key": "panel3B4EC738BA99F841", - "title": "Percentile Latency (ms)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"decimals\":2}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency statistic=average apiname={{apiname}} apiid={{apiid}} stage={{stage}} !(route=*) !(resource=*) | pct(99.0) by apiname, namespace, region, account, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency statistic=average apiname={{apiname}} apiid={{apiid}} stage={{stage}} !(route=*) !(resource=*)| pct(95.0) by apiname, namespace, region, account, stage", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency statistic=average apiname={{apiname}} apiid={{apiid}} stage={{stage}} !(route=*) !(resource=*) | pct(50.0) by apiname, namespace, region, account, stage", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [ - { - "id": "tCLgUWJIvWnEjJEIoja2JehqbzPm22kJLuF77O2IlT2b2gw9g6rWuFGigXyU", - "relativePath": "../../AWS Lambda/1. AWS Lambda - Request Analysis", - "includeTimeRange": true, - "includeVariables": true - } - ] - }, - { - "id": null, - "key": "panel56731094A90FDB42", - "title": "Integration Latency (ms)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":1},\"axes\":{\"axisY\":{\"title\":\"Millisecond\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}} - {{stage}} - avg\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"{{apiname}} - {{stage}} - max\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=Average apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | avg by namespace, region, account, apiname, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=maximum apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using max | max by namespace, region, account, apiname, stage", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [ - { - "id": "tCLgUWJIvWnEjJEIoja2JehqbzPm22kJLuF77O2IlT2b2gw9g6rWuFGigXyU", - "relativePath": "../../AWS Lambda/1. AWS Lambda - Request Analysis", - "includeTimeRange": true, - "includeVariables": true - } - ] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/apigateway", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/apigateway", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiname", - "displayName": "apiname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiid=*", - "key": "apiname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "stage", - "displayName": "stage", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid=* !resource=* !route=*", - "key": "stage" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiid", - "displayName": "apiid", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}}", - "key": "apiid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "2. AWS API Gateway - Overview (HTTP API)", - "description": "AWS API Gateway - Overview (HTTP API) dashboard provides insights into API Gateway performance throughout your infrastructure, including API calls, latency, client and server-side errors, and data processed.", - "title": "2. AWS API Gateway - Overview (HTTP API)", - "theme": "Light", - "topologyLabelMap": { - "data": { - "7ae47b9d9e33e5ebc6814649ff94eff6": [ - "*" - ], - "namespace": [ - "aws/apigateway" - ], - "region": [ - "*" - ], - "_sumo_domain_name": [ - "aws" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-1282e8dc8b362944", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panelpane-d8cca1fd9e28fa4e", - "structure": "{\"height\":2,\"width\":24,\"x\":0,\"y\":27}" - }, - { - "key": "panelpane-afb5d2309a793847", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":29}" - }, - { - "key": "panelpane-30914953bcc44b4e", - "structure": "{\"height\":1,\"width\":12,\"x\":0,\"y\":14}" - }, - { - "key": "panelpane-2e8c53a18e9a484c", - "structure": "{\"height\":1,\"width\":12,\"x\":12,\"y\":14}" - }, - { - "key": "panelpane-70bda313b0965946", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":8}" - }, - { - "key": "panelpane-7a458955b12bd94e", - "structure": "{\"height\":6,\"width\":6,\"x\":6,\"y\":8}" - }, - { - "key": "panelpane-c557c5d28b2c684f", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":8}" - }, - { - "key": "panelpane-51ff6a2cae479944", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":29}" - }, - { - "key": "panelPANE-F43AE7E8952D5A40", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":1}" - }, - { - "key": "panel6D2C30B38A33B846", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":15}" - }, - { - "key": "panel9E3ABBF4B78F5942", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":15}" - }, - { - "key": "panel4FADD093BD9E7A44", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":37}" - }, - { - "key": "panel62E04976AA2BA94D", - "structure": "{\"height\":2,\"width\":24,\"x\":0,\"y\":35}" - }, - { - "key": "panelA8E74B1682E0CB45", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":37}" - }, - { - "key": "panel14ECF594AC8C0A48", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":21}" - }, - { - "key": "panelFEFE36E1BC8FA844", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":21}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-1282e8dc8b362944", - "title": "All API Calls", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-d8cca1fd9e28fa4e", - "title": "Latency", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\",\"alignment\":\"left\",\"fontSize\":16,\"format\":\"text\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "Overall Latency in ms" - }, - { - "id": null, - "key": "panelpane-afb5d2309a793847", - "title": "Average Latency (ms)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":1},\"axes\":{\"axisY\":{\"title\":\"\",\"unit\":{\"value\":\"ms\",\"isCustom\":false}},\"axisX\":{}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=Latency statistic=Average account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | avg by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-30914953bcc44b4e", - "title": "Client Side Errors", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"backgroundColor\":\"#dfe5e9\",\"fontSize\":20},\"series\":{},\"title\":{\"fontSize\":20}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-2e8c53a18e9a484c", - "title": "Server Side Errors", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"backgroundColor\":\"#dfe5e9\",\"fontSize\":20},\"series\":{},\"title\":{\"fontSize\":20}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-70bda313b0965946", - "title": "API Calls", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Total Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false},\"valueFontSize\":20},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=count statistic=samplecount account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-7a458955b12bd94e", - "title": "Unique API Calls", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Unique calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=count statistic=samplecount account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account | fillmissing 0 | count", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-c557c5d28b2c684f", - "title": "API Calls by apiname", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"aggregationType\":\"sum\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Calls\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=count statistic=samplecount account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname | eval round(_value)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-51ff6a2cae479944", - "title": "Average Latency (ms)", - "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":500,\"color\":\"#75bf00\"},{\"from\":500,\"to\":1000,\"color\":\"#f6c851\"},{\"from\":1000,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=Latency statistic=Average account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | avg by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-F43AE7E8952D5A40", - "title": "API Requests (Today, Yesterday, Last Week)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Last Week\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=count Statistic=samplecount account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=count Statistic=samplecount account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by account, region, namespace | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=count Statistic=samplecount account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by account, region, namespace | timeshift 7d", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel6D2C30B38A33B846", - "title": "4XX Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#75bf00\"},{\"from\":1,\"to\":5,\"color\":\"#f6c851\"},{\"from\":5,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=4XX Statistic=Sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel9E3ABBF4B78F5942", - "title": "5XX Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#75bf00\"},{\"from\":1,\"to\":5,\"color\":\"#f6c851\"},{\"from\":5,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=5XX Statistic=Sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4FADD093BD9E7A44", - "title": "Data Processed (Bytes)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":1},\"axes\":{\"axisY\":{\"title\":\"\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DataProcessed statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel62E04976AA2BA94D", - "title": "DataProcessed", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\",\"alignment\":\"left\",\"fontSize\":16,\"format\":\"text\"},\"title\":{\"fontSize\":\"20\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "Data processed in bytes" - }, - { - "id": null, - "key": "panelA8E74B1682E0CB45", - "title": "Data Processed (Bytes)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DataProcessed statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel14ECF594AC8C0A48", - "title": "4XX Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"Sum of 4XX Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=4XX Statistic=Sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelFEFE36E1BC8FA844", - "title": "5XX Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"Sum of 5XX Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=5XX Statistic=Sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/apigateway", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/apigateway", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiname", - "displayName": "apiname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiid=* metric=Count", - "key": "apiname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiid", - "displayName": "apiid", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} namespace={{namespace}} region={{region}} apiname={{apiname}} metric=Count", - "key": "apiid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "3. AWS API Gateway - Errors (REST API)", - "description": "AWS API Gateway - Errors (REST API) dashboard provides insights into API Gateway HTTP 4xx and 5xx code errors throughout your infrastructure, including API requests, client-side errors, and server-side errors.", - "title": "3. AWS API Gateway - Errors (REST API)", - "theme": "Light", - "topologyLabelMap": { - "data": { - "apiname": [ - "*" - ], - "a429f7579091c0359a5e252d2e30c75b": [ - "*" - ], - "namespace": [ - "aws/apigateway" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-4d3d7212b5a8484a", - "structure": "{\"height\":7,\"width\":19,\"x\":5,\"y\":16}" - }, - { - "key": "panelpane-ddc0c4fd966e4844", - "structure": "{\"height\":7,\"width\":19,\"x\":5,\"y\":24}" - }, - { - "key": "panelpane-62f5162ba859eb45", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":15}" - }, - { - "key": "panelpane-ecd366908889b943", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":23}" - }, - { - "key": "panel15B20501A2233943", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":16}" - }, - { - "key": "panel2A701D82B8BE384B", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":24}" - }, - { - "key": "panelCE46CDC4A5673A4A", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":0}" - }, - { - "key": "panel12260F0FADB3E945", - "structure": "{\"height\":7,\"width\":19,\"x\":5,\"y\":0}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-4d3d7212b5a8484a", - "title": "4XX Errors", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Sum of 4XX Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{apiname}} - {{stage}}\"}}],\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=4XXError Statistic=Sum apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | quantize using sum | sum by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-ddc0c4fd966e4844", - "title": "5XX Errors", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Sum of 5XX Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{apiname}} - {{stage}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=5XXError Statistic=Sum apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | quantize using sum | sum by account, region, namespace, apiname, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-62f5162ba859eb45", - "title": "Client Side Errors", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-ecd366908889b943", - "title": "Server Side Errors", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel15B20501A2233943", - "title": "4XX Errors ", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"4xx Errors\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=4XXError Statistic=Sum apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | quantize using sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2A701D82B8BE384B", - "title": "5XX Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"5xx Errors\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=5XXError Statistic=Sum apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | quantize using sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelCE46CDC4A5673A4A", - "title": "Average Error Rate", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Error Rate\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"hiddenQueryKeys\":[\"B\",\"A\"]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=4XXError statistic=average apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=5XXError statistic=average apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A + #B ", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel12260F0FADB3E945", - "title": "Average Error Rate", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"rate\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[\"B\",\"A\"],\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"name\":\"{{apiname}} - {{stage}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=4XXError statistic=average apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | avg by apiname, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=5XXError statistic=average apiname={{apiname}} stage={{stage}} !(apiid = *) !(resource=*) | avg by apiname, stage", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A + #B along apiname, stage", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/apigateway", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/apigateway", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiname", - "displayName": "apiname", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} !apiid=*", - "key": "apiname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "stage", - "displayName": "stage", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} !apiid=*", - "key": "stage" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "3. AWS API Gateway - Overview (WebSocket API)", - "description": "AWS API Gateway - Overview (WebSocket API) dashboard provides insights into API Gateway performance throughout your infrastructure, including API calls, latency, client and server-side errors, and data processed.", - "title": "3. AWS API Gateway - Overview (WebSocket API)", - "theme": "Light", - "topologyLabelMap": { - "data": { - "7ae47b9d9e33e5ebc6814649ff94eff6": [ - "*" - ], - "namespace": [ - "aws/apigateway" - ], - "region": [ - "*" - ], - "_sumo_domain_name": [ - "aws" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-1282e8dc8b362944", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panelpane-70bda313b0965946", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":7}" - }, - { - "key": "panelpane-7a458955b12bd94e", - "structure": "{\"height\":6,\"width\":6,\"x\":6,\"y\":7}" - }, - { - "key": "panelpane-c557c5d28b2c684f", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":27}" - }, - { - "key": "panelPANE-F43AE7E8952D5A40", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":1}" - }, - { - "key": "panel150DB07081F1E84C", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":34}" - }, - { - "key": "panel58BCB07D9E766944", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":27}" - }, - { - "key": "panel5B73376B86CB1B47", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":34}" - }, - { - "key": "panelF90B04CA81B9384D", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":26}" - }, - { - "key": "panelD081D324B35F2846", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":33}" - }, - { - "key": "panelPANE-CDFF4987B3217845", - "structure": "{\"height\":1,\"width\":8,\"x\":0,\"y\":13}" - }, - { - "key": "panel28C64184A8774840", - "structure": "{\"height\":1,\"width\":8,\"x\":8,\"y\":13}" - }, - { - "key": "panel00807DE8B3218843", - "structure": "{\"height\":1,\"width\":8,\"x\":16,\"y\":13}" - }, - { - "key": "panel94DB370FAB783840", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":14}" - }, - { - "key": "panel839CC0EB8B923B41", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":14}" - }, - { - "key": "panel3BC526D696B1D943", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":14}" - }, - { - "key": "panel221B679096F22949", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":20}" - }, - { - "key": "panel697C70258C829A4C", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":20}" - }, - { - "key": "panel3DBB28A0BC454A47", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":20}" - }, - { - "key": "panelPANE-B120A24C926A9845", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":7}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-1282e8dc8b362944", - "title": "All API Calls", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-70bda313b0965946", - "title": "API Calls", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Total Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false},\"valueFontSize\":20},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ConnectCount statistic=samplecount account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-7a458955b12bd94e", - "title": "Unique API Calls", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Maximum\",\"label\":\"Unique Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false},\"valueFontSize\":20},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ConnectCount statistic=samplecount account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account | count", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-c557c5d28b2c684f", - "title": "Connect Count", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"Connect Count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{apiname}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ConnectCount statistic=samplecount account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, account, region ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-F43AE7E8952D5A40", - "title": "API Requests (Today, Yesterday, Last Week)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Last Week\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ConnectCount Statistic=samplecount account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ConnectCount Statistic=samplecount account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by account, region, namespace | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ConnectCount Statistic=samplecount account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by account, region, namespace | timeshift 7d", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel150DB07081F1E84C", - "title": "Message Count", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"Message Count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{apiname}} \"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=MessageCount statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel58BCB07D9E766944", - "title": "Connect Count", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#75bf00\"},{\"from\":1,\"to\":10,\"color\":\"#f6c851\"},{\"from\":10,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ConnectCount statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5B73376B86CB1B47", - "title": "Message Count", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#75bf00\"},{\"from\":1,\"to\":10,\"color\":\"#f6c851\"},{\"from\":10,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=MessageCount statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelF90B04CA81B9384D", - "title": "Connect Count", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelD081D324B35F2846", - "title": "Message Count", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelPANE-CDFF4987B3217845", - "title": "Client Errors", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"backgroundColor\":\"#dfe5e9\",\"fontSize\":20},\"series\":{},\"title\":{\"fontSize\":20},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel28C64184A8774840", - "title": "Execution Errors", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"backgroundColor\":\"#dfe5e9\",\"fontSize\":20},\"series\":{},\"title\":{\"fontSize\":20},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel00807DE8B3218843", - "title": "Integration Errors", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"backgroundColor\":\"#dfe5e9\",\"fontSize\":20},\"series\":{},\"title\":{\"fontSize\":20},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel94DB370FAB783840", - "title": "Client Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#75bf00\"},{\"from\":1,\"to\":5,\"color\":\"#f6c851\"},{\"from\":5,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientError statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel839CC0EB8B923B41", - "title": "Execution Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#75bf00\"},{\"from\":1,\"to\":5,\"color\":\"#f6c851\"},{\"from\":5,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ExecutionError statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel3BC526D696B1D943", - "title": "Integration Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#75bf00\"},{\"from\":1,\"to\":5,\"color\":\"#f6c851\"},{\"from\":5,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=IntegrationError statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel221B679096F22949", - "title": "Client Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"Client Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientError statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel697C70258C829A4C", - "title": "Execution Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"Execution Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ExecutionError statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel3DBB28A0BC454A47", - "title": "Integration Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"Integration Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=IntegrationError statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-B120A24C926A9845", - "title": "API Calls by apiname", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"aggregationType\":\"sum\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Calls\"}}],\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ConnectCount statistic=samplecount account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} !(stage=*) | quantize using sum | sum by apiname | eval round(_value)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/apigateway", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/apigateway", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiname", - "displayName": "apiname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "namespace={{namespace}} account={{account}} region={{region}} apiid=* metric=ConnectCount", - "key": "apiname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiid", - "displayName": "apiid", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} namespace={{namespace}} region={{region}} metric=ConnectCount", - "key": "apiid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "4. AWS API Gateway - Access Logs - Overview", - "description": "AWS API Gateway - Access Logs - Overview dashboard provides insights on Request's latencies, Request trend, Distribution of requests by Method, Stage, and Protocol, Client's location, Request status code trend, and slowest requests.", - "title": "4. AWS API Gateway - Access Logs - Overview", - "theme": "Light", - "topologyLabelMap": { - "data": { - "7ae47b9d9e33e5ebc6814649ff94eff6": [ - "*" - ], - "namespace": [ - "aws/apigateway" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-5DAB5875B9EF284C", - "structure": "{\"height\":6,\"width\":4,\"x\":0,\"y\":0}" - }, - { - "key": "panelPANE-A62D5D26BF0B9948", - "structure": "{\"height\":3,\"width\":8,\"x\":16,\"y\":49}" - }, - { - "key": "panelPANE-10787B0BA28AD84C", - "structure": "{\"height\":12,\"width\":6,\"x\":10,\"y\":6}" - }, - { - "key": "panelPANE-52BE1670A81C7A47", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":0}" - }, - { - "key": "panelPANE-696D933FA9AE9943", - "structure": "{\"height\":5,\"width\":8,\"x\":0,\"y\":26}" - }, - { - "key": "panelB8FE0A02B6856A42", - "structure": "{\"height\":3,\"width\":8,\"x\":16,\"y\":46}" - }, - { - "key": "panelPANE-08707F0BB953084B", - "structure": "{\"height\":9,\"width\":12,\"x\":0,\"y\":52}" - }, - { - "key": "panelPANE-306769659531FA4B", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":46}" - }, - { - "key": "panelPANE-FFB3278B88373A47", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":46}" - }, - { - "key": "panelPANE-D2204D618BC4684A", - "structure": "{\"height\":9,\"width\":12,\"x\":12,\"y\":52}" - }, - { - "key": "panelPANE-A134ED068BA0BB4D", - "structure": "{\"height\":6,\"width\":6,\"x\":4,\"y\":0}" - }, - { - "key": "panel00D935B3A4D41A47", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":45}" - }, - { - "key": "panelPANE-61CECCAE84B7F944", - "structure": "{\"height\":12,\"width\":10,\"x\":0,\"y\":6}" - }, - { - "key": "panelPANE-6FB3915889947B4F", - "structure": "{\"height\":12,\"width\":8,\"x\":16,\"y\":6}" - }, - { - "key": "panelPANE-460F0F6F9AEE6849", - "structure": "{\"height\":6,\"width\":6,\"x\":10,\"y\":0}" - }, - { - "key": "panel1921EC25A3E8F947", - "structure": "{\"height\":9,\"width\":8,\"x\":0,\"y\":61}" - }, - { - "key": "panel358EB9E2968B9B4B", - "structure": "{\"height\":8,\"width\":8,\"x\":0,\"y\":18}" - }, - { - "key": "panel72379A4FA36F084E", - "structure": "{\"height\":9,\"width\":8,\"x\":0,\"y\":71}" - }, - { - "key": "panelPANE-FE358FEB955E9A45", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":70}" - }, - { - "key": "panelPANE-F23B8BA998B1494A", - "structure": "{\"height\":13,\"width\":16,\"x\":8,\"y\":18}" - }, - { - "key": "panelPANE-E1CDAD74B78C884C", - "structure": "{\"height\":9,\"width\":16,\"x\":8,\"y\":61}" - }, - { - "key": "panelPANE-0CA5F4E3B1E4A841", - "structure": "{\"height\":9,\"width\":16,\"x\":8,\"y\":71}" - }, - { - "key": "panelPANE-067D6048ABC71844", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":31}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-5DAB5875B9EF284C", - "title": "Total Requests", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Label\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":true,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-A62D5D26BF0B9948", - "title": "Avg Response Size for REST and HTTP API", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Average\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Bytes\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId responseLength\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| avg(responseLength)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-10787B0BA28AD84C", - "title": "Top 10 Client IPs", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"ip\"},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"count\"}},\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"distribution\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId identitySourceIp\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| count as freq by identitySourceIp\n| sort by freq, identitySourceIp asc\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-52BE1670A81C7A47", - "title": "Request Trend by Status Code", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId status\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| timeslice 1h\n| count by _timeslice, status\n| transpose row _timeslice column status", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-696D933FA9AE9943", - "title": "Integration Status Code Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId integrationStatus\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where !(integrationStatus matches \"-\")\n| timeslice 1h\n| count by _timeslice, integrationStatus\n| transpose row _timeslice column integrationStatus", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelB8FE0A02B6856A42", - "title": "Avg Response Time for REST and HTTP API", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Average\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"ms\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId responseLatency\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| avg(responseLatency)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-08707F0BB953084B", - "title": "Top 10 Slowest for Requests Rest and HTTP API", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId responseLatency\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus \n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| if (responseLatency==\"-\",0,responseLatency) as responseLatency\n| count by requestId, apiname, domainName, stage, path, responseLatency\n| sort by responseLatency\n| limit 10\n| fields - _count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-306769659531FA4B", - "title": "Distribution by Protocol for REST and HTTP API", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId protocol\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| count as protocolCount by protocol\n| sort by protocolCount, protocol asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-FFB3278B88373A47", - "title": "Distribution by Method for REST and HTTP API", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId httpMethod\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| count as methodCount by httpMethod\n| sort by methodCount, httpMethod asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-D2204D618BC4684A", - "title": "Top 10 APIs by Response Size REST and HTTP API", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId responseLength\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus \n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where !(responseLength matches \"-\")\n| count by requestId, apiname, domainName, stage, path, responseLength\n| sort by responseLength asc\n| limit 10\n| fields - _count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-A134ED068BA0BB4D", - "title": "Distribution of Stage", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId stage\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| count as stageCount by stage\n| sort by stageCount, stage asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel00D935B3A4D41A47", - "title": "REST and HTTP API", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelPANE-61CECCAE84B7F944", - "title": "Client IP Location", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId identitySourceIp\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| count by identitySourceIp\n| lookup latitude, longitude from geo://location on ip = identitySourceIp\n| where !isNull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-6FB3915889947B4F", - "title": "Top 10 UserAgents", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"identityUserAgent\",\"hideLabels\":true},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"api_calls\"}},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId identityUserAgent\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where !(identityUserAgent==\"-\") \n| count as api_calls by identityUserAgent\n| sort by api_calls, identityUserAgent asc\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-460F0F6F9AEE6849", - "title": "Request Status Code", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId status\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| count by status\n| sort by _count, status asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1921EC25A3E8F947", - "title": "Response Latency for REST and HTTP API", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":10,\"color\":\"#75bf00\"},{\"from\":10,\"to\":50,\"color\":\"#f6c851\"},{\"from\":50,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId responseLatency\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus \n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| avg(responseLatency) by account, region, apiname", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [ - { - "id": "qBQOkq6yssK5uYrXyWlc7XoZ2ariKJlyR7uIf7lKjO1u0vUH4m3i26rxOnQ1", - "relativePath": "../2. AWS API Gateway - Latency (HTTP and WebSocket API)", - "includeTimeRange": true, - "includeVariables": true - } - ] - }, - { - "id": null, - "key": "panel358EB9E2968B9B4B", - "title": "Average Integration Latency", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":10,\"color\":\"#75bf00\"},{\"from\":10,\"to\":50,\"color\":\"#f6c851\"},{\"from\":50,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId integrationLatency\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| avg(integrationLatency) by account, region, apiname", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [ - { - "id": "qBQOkq6yssK5uYrXyWlc7XoZ2ariKJlyR7uIf7lKjO1u0vUH4m3i26rxOnQ1", - "relativePath": "../2. AWS API Gateway - Latency (HTTP and WebSocket API)", - "includeTimeRange": true, - "includeVariables": true - } - ] - }, - { - "id": null, - "key": "panel72379A4FA36F084E", - "title": "WAF Latency for REST and WebSocket API", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":10,\"color\":\"#75bf00\"},{\"from\":10,\"to\":50,\"color\":\"#f6c851\"},{\"from\":50,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId wafLatency\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identitySourceIp\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identitySourceIp, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| avg(wafLatency) by account, region, apiname", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [ - { - "id": "qBQOkq6yssK5uYrXyWlc7XoZ2ariKJlyR7uIf7lKjO1u0vUH4m3i26rxOnQ1", - "relativePath": "../2. AWS API Gateway - Latency (HTTP and WebSocket API)", - "includeTimeRange": true, - "includeVariables": true - } - ] - }, - { - "id": null, - "key": "panelPANE-FE358FEB955E9A45", - "title": "REST and WebSocket API", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\",\"alignment\":\"left\",\"fontSize\":14},\"series\":{},\"legend\":{\"enabled\":false},\"title\":{\"fontSize\":14}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelPANE-F23B8BA998B1494A", - "title": "Percentile Integration Latency", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":10,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId integrationLatency\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where (integrationLatency!=\"-\") \n| pct(integrationLatency, 50) as integrationLatency50th, pct(integrationLatency, 95) as integrationLatency95th, pct(integrationLatency, 99) as integrationLatency99th by domainName, path, stage, apiname", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-E1CDAD74B78C884C", - "title": "Percentile Response Latency for REST and HTTP API", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId responseLatency\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where (responseLatency!=\"-\") \n| pct(responseLatency, 50) as responseLatency50th, pct(responseLatency, 95) as responseLatency95th, pct(responseLatency, 99) as responseLatency99th by apiname, domainName, path, stage\n\n\n ", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-0CA5F4E3B1E4A841", - "title": "Percentile WAF Latency for REST and WebSocket API", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId wafLatency\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identitySourceIp\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identitySourceIp, identityUserAgent, stage, integrationStatus \n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where (wafLatency!=\"-\") \n| pct(wafLatency, 50) as wafLatency50th, pct(wafLatency, 95) as wafLatency95th, pct(wafLatency, 99) as wafLatency99th by apiname, domainName, path, stage", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-067D6048ABC71844", - "title": "Recent 100 Successful Requests", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":10,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"routeKey\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, routeKey, identitySourceIp nodrop\n| where status matches \"200\"\n| timeslice 1s\n| count as api_calls by _timeslice, apiname, requestid, domainName, stage, httpMethod, path, status, routeKey\n| sort by _timeslice, apiname asc\n| limit 100\n| fields _timeslice, apiname, requestid, domainName, stage, httpMethod, path, status, routeKey", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/apigateway", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/apigateway", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiname", - "displayName": "apiname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiid={{apiid}}", - "key": "apiname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "4. AWS API Gateway - Errors (HTTP and WebSocket API)", - "description": "AWS API Gateway - Errors (HTTP and WebSocket API) dashboard provides insights into API Gateway HTTP 4xx and 5xx code errors throughout your infrastructure, including API requests, client-side errors, and server-side errors.", - "title": "4. AWS API Gateway - Errors (HTTP and WebSocket API)", - "theme": "Light", - "topologyLabelMap": { - "data": { - "apiname": [ - "*" - ], - "7ae47b9d9e33e5ebc6814649ff94eff6": [ - "*" - ], - "a429f7579091c0359a5e252d2e30c75b": [ - "*" - ], - "namespace": [ - "aws/apigateway" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-4d3d7212b5a8484a", - "structure": "{\"height\":7,\"width\":19,\"x\":5,\"y\":10}" - }, - { - "key": "panelpane-ddc0c4fd966e4844", - "structure": "{\"height\":7,\"width\":19,\"x\":5,\"y\":18}" - }, - { - "key": "panelpane-62f5162ba859eb45", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":9}" - }, - { - "key": "panelpane-ecd366908889b943", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":17}" - }, - { - "key": "panel78FE9B0FAA4F7B4C", - "structure": "{\"height\":7,\"width\":19,\"x\":5,\"y\":27}" - }, - { - "key": "panel3498BFF5B533A941", - "structure": "{\"height\":7,\"width\":19,\"x\":5,\"y\":34}" - }, - { - "key": "panel738E3ACFB40EEA4D", - "structure": "{\"height\":7,\"width\":19,\"x\":5,\"y\":41}" - }, - { - "key": "panel5E2D234184698942", - "structure": "{\"height\":2,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panelFF82621585D8E94F", - "structure": "{\"height\":2,\"width\":24,\"x\":0,\"y\":25}" - }, - { - "key": "panel79465744A28FEA42", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":10}" - }, - { - "key": "panel0F9A6D59A82E6A44", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":18}" - }, - { - "key": "panel2244DA2EA34EBB41", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":27}" - }, - { - "key": "panel302A138E9AAF3B4D", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":34}" - }, - { - "key": "panel5FAFB3DA81F2FB48", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":41}" - }, - { - "key": "panel9096BD31BA2E6945", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":2}" - }, - { - "key": "panel1D6ECE819613DB42", - "structure": "{\"height\":7,\"width\":19,\"x\":5,\"y\":2}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-4d3d7212b5a8484a", - "title": "4XX Errors", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Sum of 4XX Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{apiname}} - {{stage}}\"}}],\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=4XX Statistic=Sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum by apiname, namespace, region, account, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-ddc0c4fd966e4844", - "title": "5XX Errors", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Sum of 5XX Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{apiname}} - {{stage}}\"}}],\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=5XX Statistic=Sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum by apiname, namespace, region, account, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-62f5162ba859eb45", - "title": "Client Side Errors", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-ecd366908889b943", - "title": "Server Side Errors", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel78FE9B0FAA4F7B4C", - "title": "Client Errors", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Number of Requests\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{apiname}} - {{stage}}\"}}],\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientError statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum by apiname, namespace, region, account, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel3498BFF5B533A941", - "title": "Integration Errors", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Number of Requests\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{apiname}} - {{stage}}\"}}],\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=IntegrationError statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum by apiname, namespace, region, account, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel738E3ACFB40EEA4D", - "title": "Execution Errors", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Number of Requests\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{apiname}} - {{stage}}\"}}],\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ExecutionError statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum by apiname, namespace, region, account, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5E2D234184698942", - "title": "HTTP API", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":30,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\",\"horizontalAlignment\":\"center\"},\"series\":{},\"title\":{\"fontSize\":26}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelFF82621585D8E94F", - "title": "WebSocket API", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":30,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\",\"horizontalAlignment\":\"center\"},\"series\":{},\"title\":{\"fontSize\":26}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel79465744A28FEA42", - "title": "4XX Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"4xx Errors\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=4XX Statistic=sum apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel0F9A6D59A82E6A44", - "title": "5XX Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"5xx Errors\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=5XX Statistic=Sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2244DA2EA34EBB41", - "title": "Client Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Client Errors\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientError statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel302A138E9AAF3B4D", - "title": "Integration Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Integration Errors\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=IntegrationError statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*)| quantize using sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5FAFB3DA81F2FB48", - "title": "Execution Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Execution Errors\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ExecutionError statistic=sum account={{account}} region={{region}} apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | quantize using sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel9096BD31BA2E6945", - "title": "Average Error Rate", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Error Rate\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"hiddenQueryKeys\":[\"B\",\"A\"]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=4XX Statistic=sum apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | avg ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=5XX Statistic=sum apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | avg ", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A + #B", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1D6ECE819613DB42", - "title": "Average Error Rate", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[\"B\",\"A\"],\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"name\":\"{{apiname}} - {{stage}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=4XX Statistic=sum apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | avg by apiname, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=5XX Statistic=sum apiid={{apiid}} apiname={{apiname}} stage={{stage}} !(route=*) !(resource=*) | avg by apiname, stage", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A + #B along apiname, stage", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/apigateway", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/apigateway", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiname", - "displayName": "apiname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiid={{apiid}}", - "key": "apiname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "stage", - "displayName": "stage", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiid=* apiname={{apiname}} !resource=* !route=*", - "key": "stage" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiid", - "displayName": "apiid", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiid=*", - "key": "apiid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "5. AWS API Gateway - Access Logs - Errors", - "description": "AWS API Gateway - Access logs - Errors dashboard provide insights on statistics of Top 20 failed requests, Error messages trend, Client's location, Errors by response type, Recent authorizer errors, missing authentication token errors, and WAF errors.", - "title": "5. AWS API Gateway - Access Logs - Errors", - "theme": "Light", - "topologyLabelMap": { - "data": { - "7ae47b9d9e33e5ebc6814649ff94eff6": [ - "*" - ], - "a429f7579091c0359a5e252d2e30c75b": [ - "*" - ], - "namespace": [ - "aws/apigateway" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-10787B0BA28AD84C", - "structure": "{\"height\":8,\"width\":8,\"x\":16,\"y\":12}" - }, - { - "key": "panelPANE-471A8EB0B7338846", - "structure": "{\"height\":9,\"width\":24,\"x\":0,\"y\":35}" - }, - { - "key": "panelPANE-B86FF7E889BC0944", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":28}" - }, - { - "key": "panelPANE-266F5F6893A0DB47", - "structure": "{\"height\":6,\"width\":4,\"x\":0,\"y\":0}" - }, - { - "key": "panelPANE-F25CD3388B6BEA4F", - "structure": "{\"height\":8,\"width\":8,\"x\":8,\"y\":12}" - }, - { - "key": "panel72451CD78F367841", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":51}" - }, - { - "key": "panelE0B70183966A3B4C", - "structure": "{\"height\":8,\"width\":16,\"x\":8,\"y\":20}" - }, - { - "key": "panelDA11BA61A7F60B45", - "structure": "{\"height\":12,\"width\":12,\"x\":12,\"y\":0}" - }, - { - "key": "panelPANE-E522C871B4EB9A4E", - "structure": "{\"height\":8,\"width\":8,\"x\":0,\"y\":20}" - }, - { - "key": "panel67B4535490258840", - "structure": "{\"height\":8,\"width\":8,\"x\":0,\"y\":12}" - }, - { - "key": "panel961731DFAC523940", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":44}" - }, - { - "key": "panel145D5E629BFF4841", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":6}" - }, - { - "key": "panel0E1D491A85F9E84B", - "structure": "{\"height\":6,\"width\":8,\"x\":4,\"y\":0}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-10787B0BA28AD84C", - "title": "Top 10 Client IPs by Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"ip\"},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"count\"}},\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"distribution\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId identitySourceIp\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where !(status matches \"2*\")\n| count as freq by identitySourceIp\n| sort by freq, identitySourceIp asc\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-471A8EB0B7338846", - "title": "Top WAF Block Errors for REST and WebSocket API", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":10,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname \"WAF_BLOCK\"\n| json \"requestId\", \"apiId\", \"errorMessage\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus nodrop\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"wafResponseCode\", \"authorizerError\", \"wafError\", \"webaclArn\", \"identitySourceIp\", \"errorResponseType\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, wafResponseCode, authorizerError, wafError, webaclArn, identitySourceIp, errorResponseType nodrop\n| where wafResponseCode==\"WAF_BLOCK\" and !(status matches \"2*\")\n| count as api_calls by apiname, domainName, stage, httpMethod, path, wafError, wafStatus, wafResponseCode, webaclArn, errorMessage, errorResponseType, status\n| sort by api_calls, apiname asc\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-B86FF7E889BC0944", - "title": "Top Authorizer Errors", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10,\"paginationPageSize\":10},\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId authorizerError errorMessage errorResponseType status responseLatency UNAUTHORIZED\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"authorizerPrincipalId\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, authorizerPrincipalId, identitySourceIp nodrop\n| where !(authorizerError = \"-\") and !(status matches \"2*\")\n| count as api_calls by apiname, domainName, stage, httpMethod, path, authorizerError, authorizerPrincipalId, errorMessage, errorResponseType, status\n| sort by api_calls, apiname asc\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-266F5F6893A0DB47", - "title": "Failed Requests", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Label\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":true,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId errorMessage\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where !(status matches \"2*\")\n| count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-F25CD3388B6BEA4F", - "title": "Top 10 Failed APIs", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"distribution\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where !(status matches \"2*\")\n| count as requestCount by apiname\n| sort by requestCount, apiname asc\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel72451CD78F367841", - "title": "Recent Errors", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10,\"paginationPageSize\":10},\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identitySourceIp\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identitySourceIp, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"integrationError\", \"authenticateError\", \"wafError\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, integrationError, authenticateError, wafError nodrop\n| where !(status matches \"2*\")\n| timeslice 1s\n| count by _timeslice, requestId, apiname, domainName, stage, httpMethod, path, errorMessage, errorResponseType, status, responseLatency, responseLength\n| sort by _timeslice\n| limit 100\n| fields _timeslice, requestId, apiname, domainName, stage, httpMethod, path, errorMessage, errorResponseType, status, responseLatency, responseLength", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelE0B70183966A3B4C", - "title": "Error Response Type Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname errorResponseType\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus nodrop\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where !(status matches \"2*\")\n| timeslice 1h\n| count by _timeslice, errorResponseType\n| transpose row _timeslice column errorResponseType", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelDA11BA61A7F60B45", - "title": "Client IP Location on Error", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"map\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"map\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId identitySourceIp\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where !(status matches \"2*\")\n| count by identitySourceIp\n| lookup latitude, longitude from geo://location on ip = identitySourceIp\n| where !isNull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-E522C871B4EB9A4E", - "title": "Distribution by Error Response Type", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId errorMessage \n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus nodrop\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where !(isNull(errorResponseType)) and !(errorResponseType matches \"-\")\n| count as errorCount by errorResponseType\n| sort by errorCount, errorResponseType asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel67B4535490258840", - "title": "Top 10 Error Messages", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"distribution\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId errorMessage \n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where !(errorMessage matches \"-\") and !(status matches \"2*\")\n| count as errorCount by errorMessage\n| sort by errorCount, errorMessage asc\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel961731DFAC523940", - "title": "Top Integration Errors", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10,\"paginationPageSize\":10},\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId integrationError\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identitySourceIp\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identitySourceIp, identityUserAgent, stage, integrationStatus nodrop\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"integrationError\", \"integrationStatus\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, integrationError, integrationStatus nodrop\n| where !(integrationError matches \"-\")\n| count as api_calls by apiname, domainName, stage, integrationError, integrationStatus, errorMessage, errorResponseType, status\n| sort by api_calls, apiname asc\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel145D5E629BFF4841", - "title": "API Status Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId errorMessage\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where !(status matches \"2*\")\n| timeslice 1h\n| count by _timeslice, status\n| transpose row _timeslice column status", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel0E1D491A85F9E84B", - "title": "Distribution by API Status", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} apiid stage domainname requestId errorMessage\n| json \"requestId\", \"apiId\", \"errorMessage\", \"errorResponseType\", \"status\", \"integrationLatency\", \"domainName\", \"identityUserAgent\", \"stage\", \"integrationStatus\" as requestId, apiId, errorMessage, errorResponseType, status, integrationLatency, domainName, identityUserAgent, stage, integrationStatus\n| json \"wafLatency\", \"responseLatency\", \"responseLength\", \"path\", \"httpMethod\", \"protocol\", \"authorizerError\", \"identitySourceIp\" as wafLatency, responseLatency, responseLength, path, httpMethod, protocol, authorizerError, identitySourceIp nodrop\n| where !(status matches \"2*\")\n| count by status\n| sort by _count, status asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/apigateway", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/apigateway", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiname", - "displayName": "apiname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/apigateway apiid=* apiname=* | count by apiname ", - "field": "apiname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "5. AWS API Gateway - Enhanced Monitoring (REST API)", - "description": "AWS API Gateway - Enhanced Monitoring (REST API) dashboard provides detailed insights into API Gateway performance throughout your infrastructure, including the number and types of API calls, API resources, cache hits and misses, latency averages, and errors by HTTP method.", - "title": "5. AWS API Gateway - Enhanced Monitoring (REST API)", - "theme": "Light", - "topologyLabelMap": { - "data": { - "apiname": [ - "*" - ], - "a429f7579091c0359a5e252d2e30c75b": [ - "*" - ], - "namespace": [ - "aws/apigateway" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-bf711447aeb87a4d", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":16}" - }, - { - "key": "panelpane-0c6ca348a22a684a", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":35}" - }, - { - "key": "panelpane-fcf2a359aca4f947", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":42}" - }, - { - "key": "panelpane-1bd728408f442a49", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":3}" - }, - { - "key": "panelpane-134c2b108813b846", - "structure": "{\"height\":6,\"width\":5,\"x\":5,\"y\":3}" - }, - { - "key": "panelpane-8623b689ab09684a", - "structure": "{\"height\":6,\"width\":5,\"x\":10,\"y\":3}" - }, - { - "key": "panelpane-2c931e93b0a25940", - "structure": "{\"height\":6,\"width\":9,\"x\":15,\"y\":3}" - }, - { - "key": "panelpane-6052fefb99524948", - "structure": "{\"height\":8,\"width\":24,\"x\":0,\"y\":49}" - }, - { - "key": "panelpane-4f8a91c58c9d3b4e", - "structure": "{\"height\":3,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panelC761E55590F9EA4E", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":29}" - }, - { - "key": "panel3B5BB296B4CF7A46", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":22}" - }, - { - "key": "panel52AB9057A0972944", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":9}" - }, - { - "key": "panel58B650C4B5A54B45", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":9}" - }, - { - "key": "panel2871067C8284184C", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":57}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-bf711447aeb87a4d", - "title": "API Calls By HTTP Method", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Requests\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{method}} - {{resource}} - {{stage}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Count Statistic=Sum apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} !(apiid = *) | quantize 15m using sum | sum by apiname, stage, method, resource", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-0c6ca348a22a684a", - "title": "4XX Errors by HTTP Method", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Sum of 4XX Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{method}} - {{resource}} - {{stage}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=4XXError Statistic=Sum apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} !(apiid = *) | quantize 15m using sum | sum by apiname, stage, method, resource", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-fcf2a359aca4f947", - "title": "5XX Errors By HTTP Method", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Sum of 5XX Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{method}} - {{resource}} - {{stage}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=5XXError Statistic=Sum apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} !(apiid = *) | quantize 15m using sum | sum by apiname, stage, method, resource", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-1bd728408f442a49", - "title": "API Calls", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Total Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count statistic=Sum apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} !(apiid = *) | quantize using sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-134c2b108813b846", - "title": "Unique API Calls", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Unique Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count statistic=Sum apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} !(apiid = *) | quantize using sum | sum by account, region, namespace, apiname, stage, method, resource | count", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-8623b689ab09684a", - "title": "API Resources", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Maximum\",\"label\":\"Resource\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count statistic=Sum apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} !(apiid = *) | quantize to 15m using sum | sum by account, region, namespace, apiname, stage, method, resource | count by resource | count", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-2c931e93b0a25940", - "title": "API Call Breakdown", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"aggregationType\":\"sum\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Calls\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count statistic=Sum apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} !(apiid = *) | quantize using sum | sum by apiname, stage, method, resource | eval round(_value)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-6052fefb99524948", - "title": "Cache Hit Rate", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Rate\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{method}} - {{resource}} - {{stage}}\"}}],\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=CacheHitCount statistic=Average apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} !(apiid = *) | avg by apiname, stage, method, resource | eval _value * 100", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-4f8a91c58c9d3b4e", - "title": "Note", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"alignment\":\"left\",\"fontSize\":16,\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "This dashboard works on detailed CloudWatch metrics which needs to be explicitly enabled. You can do this in the AWS console by selecting \"Enable CloudWatch Metrics\" under a stage Settings tab. Alternatively, you can call the update-stage AWS CLI command to update the metricsEnabled property to true." - }, - { - "id": null, - "key": "panelC761E55590F9EA4E", - "title": "Average Latency by HTTP Method", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Average Latency\",\"unit\":{\"value\":\"ms\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{method}} - {{resource}} - {{stage}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency Statistic=Average apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} !(apiid = *) | quantize 15m using avg | avg by apiname, stage, method, resource", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel3B5BB296B4CF7A46", - "title": "Average Integration Latency by HTTP Method", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Average Integration Latency\",\"unit\":{\"value\":\"ms\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{method}} - {{resource}} - {{stage}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency Statistic=Average apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} !(apiid = *) | quantize 15m using avg | avg by apiname, stage, method, resource", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel52AB9057A0972944", - "title": "Average Latency (ms)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":500,\"color\":\"#75bf00\"},{\"from\":500,\"to\":1000,\"color\":\"#f6c851\"},{\"from\":1000,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[{\"label\":\"method\",\"value\":\"method\"}],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency Statistic=Average apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} !(apiid = *) | avg by apiname, stage, method, resource", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel58B650C4B5A54B45", - "title": "Average Integration Latency (ms)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":500,\"color\":\"#75bf00\"},{\"from\":500,\"to\":1000,\"color\":\"#f6c851\"},{\"from\":1000,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[{\"label\":\"method\",\"value\":\"method\"}],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency Statistic=Average apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} !(apiid = *) | avg by apiname, stage, method, resource", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2871067C8284184C", - "title": "Cache Miss Rate", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Rate\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{method}} - {{resource}} - {{stage}}\"}}],\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=CacheMissCount statistic=Average apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} !(apiid = *) | avg by apiname, stage, method, resource | eval _value * 100", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/apigateway", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/apigateway", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiname", - "displayName": "apiname", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} !apiid=*", - "key": "apiname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "stage", - "displayName": "stage", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} !apiid=*", - "key": "stage" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "resource", - "displayName": "resource", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} !apiid=* stage={{stage}}", - "key": "resource" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "method", - "displayName": "method", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} stage={{stage}} !apiid=*", - "key": "method" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "6. AWS API Gateway - Audit Events", - "description": "AWS API Gateway - Audit Events dashboard provides detailed audit insights into API Gateway events by various dimensions including event names, trends, regions, user agents, and recipient account IDs.", - "title": "6. AWS API Gateway - Audit Events", - "theme": "Light", - "topologyLabelMap": { - "data": { - "7ae47b9d9e33e5ebc6814649ff94eff6": [ - "*" - ], - "namespace": [ - "aws/apigateway" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-d39a82d0b687ab49", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":27}" - }, - { - "key": "panelpane-78017f49a1d96a4a", - "structure": "{\"height\":7,\"width\":6,\"x\":6,\"y\":27}" - }, - { - "key": "panelPANE-C60FE45FAF802B4D", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":0}" - }, - { - "key": "panelPANE-54D6935CA0D19846", - "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":0}" - }, - { - "key": "panelPANE-D3C4BB28A83C9947", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":8}" - }, - { - "key": "panelPANE-A9432A4D87BED943", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":8}" - }, - { - "key": "panelPANE-79C1069AAE9C2948", - "structure": "{\"height\":6,\"width\":6,\"x\":6,\"y\":8}" - }, - { - "key": "panelPANE-8D29F0E780F36846", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":14}" - }, - { - "key": "panelPANE-2EA5D39A9A67D846", - "structure": "{\"height\":6,\"width\":18,\"x\":6,\"y\":14}" - }, - { - "key": "panelPANE-A839F6B38A2CD840", - "structure": "{\"height\":7,\"width\":6,\"x\":0,\"y\":20}" - }, - { - "key": "panelPANE-FBDDCA8195930A44", - "structure": "{\"height\":7,\"width\":18,\"x\":6,\"y\":20}" - }, - { - "key": "panelPANE-A9420681BB19294B", - "structure": "{\"height\":7,\"width\":6,\"x\":0,\"y\":27}" - }, - { - "key": "panelPANE-E9024AE2A1BFCB4F", - "structure": "{\"height\":8,\"width\":24,\"x\":0,\"y\":34}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-d39a82d0b687ab49", - "title": "Events Trend by Event Name", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Events\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" eventName account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, error_code, error_message, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| where (tolowercase(ApiName) matches tolowercase(\"{{apiname}}\")) or isBlank(apiname)\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| timeslice 15m\n| count as event_count by _timeslice, event_name\n| transpose row _timeslice column event_name", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-78017f49a1d96a4a", - "title": "Top User Agents", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"legend\":{\"enabled\":false},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" userAgent account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, error_code, error_message, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| where (tolowercase(ApiName) matches tolowercase(\"{{apiname}}\")) or isBlank(apiname)\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| count as event_count by user_agent\n| sort by event_count, user_agent asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-C60FE45FAF802B4D", - "title": "Failure Activity Location", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\"},\"title\":{\"fontSize\":16},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" errorCode account={{account}} Namespace={{namespace}} region={{region}} sourceIPAddress\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, error_code, error_message, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\") and !isEmpty(error_code)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| where (tolowercase(ApiName) matches tolowercase(\"{{apiname}}\")) or isBlank(apiname)\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isnull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-54D6935CA0D19846", - "title": "Successful Activity Location", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\"},\"title\":{\"fontSize\":16},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" !errorCode account={{account}} Namespace={{namespace}} region={{region}} sourceIPAddress\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, error_code, error_message, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\") and isEmpty(error_code)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| where (tolowercase(ApiName) matches tolowercase(\"{{apiname}}\")) or isBlank(apiname)\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isnull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-D3C4BB28A83C9947", - "title": "Event Status", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":false},\"overrides\":[{\"series\":[\"Success\"],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#75bf00\",\"type\":\"pie\"}},{\"series\":[\"Failure\"],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#f36644\",\"type\":\"pie\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, error_code, error_message, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| where (tolowercase(ApiName) matches tolowercase(\"{{apiname}}\")) or isBlank(apiname)\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| count as event_count by event_status\n| sort by event_count, event_status asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-A9432A4D87BED943", - "title": "Event Status Trend", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[\"Failure\"],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#f36644\",\"type\":\"column\"}},{\"series\":[\"Success\"],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#75bf00\",\"type\":\"column\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, error_code, error_message, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| where (tolowercase(ApiName) matches tolowercase(\"{{apiname}}\")) or isBlank(apiname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(userName), user, userName) as user\n| timeslice 15m\n| count by _timeslice, event_status\n| fillmissing timeslice(15m), values (\"Success\", \"Failure\") in event_status\n| transpose row _timeslice column event_status", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-79C1069AAE9C2948", - "title": "Top Error Codes", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, error_code, error_message, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\" and !isEmpty(error_code)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| where (tolowercase(ApiName) matches tolowercase(\"{{apiname}}\")) or isBlank(apiname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(userName), user, userName) as user\n| count as event_count by error_code \n| top 10 error_code by event_count, error_code asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-8D29F0E780F36846", - "title": "Failed Events", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":false},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, error_code, error_message, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\" and !isEmpty(error_code)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| where (tolowercase(ApiName) matches tolowercase(\"{{apiname}}\")) or isBlank(apiname)\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| count as event_count by event_name\n| sort by event_count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-2EA5D39A9A67D846", - "title": "Failed Event Details", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, error_code, error_message, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\" and !isEmpty(error_code)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop \n| json field=responseElements \"name\", \"Message\" as ApiName, responseMessage nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| where (tolowercase(ApiName) matches tolowercase(\"{{apiname}}\")) or isBlank(apiname)\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(error_message), responseMessage, error_message) as error_message\n| timeslice 1s\n| count as event_count by _timeslice, event_name, error_code, error_message, region, src_ip, accountId, user, type, requestID, user_agent, apiname\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-A839F6B38A2CD840", - "title": "Successful Events", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":false},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" !errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, error_code, error_message, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\" and isBlank(error_code)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| where (tolowercase(ApiName) matches tolowercase(\"{{apiname}}\")) or isBlank(apiname)\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| count as event_count by event_name\n| sort by event_count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-FBDDCA8195930A44", - "title": "Successful Event Details", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" !errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, error_code, error_message, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\" and isBlank(error_code)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| where (tolowercase(ApiName) matches tolowercase(\"{{apiname}}\")) or isBlank(apiname)\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| timeslice 1s\n| count as event_count by _timeslice, event_name, region, src_ip, accountId, user, type, requestID, user_agent, ApiName\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-A9420681BB19294B", - "title": "Top Users", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, error_code, error_message, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| where (tolowercase(ApiName) matches tolowercase(\"{{apiname}}\")) or isBlank(apiname)\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| count as event_count by type, user\n| topk(10, event_count) by type | fields -_rank", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-E9024AE2A1BFCB4F", - "title": "Threat Table based on Caller IP Address", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, error_code, error_message, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\")\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| where (tolowercase(ApiName) matches tolowercase(\"{{apiname}}\")) or isBlank(apiname)\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(userName), user, userName) as user\n| count by src_ip, event_name // , user, user_agent, apiname\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=src_ip \n| where malicious_confidence = \"high\"\n| json field=raw \"labels[*].name\" as label_name nodrop\n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sort by _count\n| fields src_ip, event_name, type, actor, malicious_confidence // , user, user_agent, apiname", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/apigateway", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/apigateway", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiname", - "displayName": "apiname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/apigateway", - "key": "apiname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "6. AWS API Gateway - Enhanced Monitoring (HTTP API)", - "description": "AWS API Gateway - Enhanced Monitoring (HTTP API) dashboard provides detailed insights into API Gateway performance throughout your infrastructure, including the number and types of API calls, latency averages, and errors by HTTP method.", - "title": "6. AWS API Gateway - Enhanced Monitoring (HTTP API)", - "theme": "Light", - "topologyLabelMap": { - "data": { - "apiname": [ - "*" - ], - "7ae47b9d9e33e5ebc6814649ff94eff6": [ - "*" - ], - "a429f7579091c0359a5e252d2e30c75b": [ - "*" - ], - "namespace": [ - "aws/apigateway" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-1bd728408f442a49", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":3}" - }, - { - "key": "panelpane-134c2b108813b846", - "structure": "{\"height\":6,\"width\":5,\"x\":5,\"y\":3}" - }, - { - "key": "panelpane-2c931e93b0a25940", - "structure": "{\"height\":6,\"width\":9,\"x\":15,\"y\":3}" - }, - { - "key": "panelpane-4f8a91c58c9d3b4e", - "structure": "{\"height\":3,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panel9D43D46A8D572945", - "structure": "{\"height\":6,\"width\":5,\"x\":10,\"y\":3}" - }, - { - "key": "panel37DF585699B3CA4B", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":18}" - }, - { - "key": "panelA339B8FBAA119B48", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":48}" - }, - { - "key": "panel6AD7941EB83C384E", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":30}" - }, - { - "key": "panelBFAFA96694493B43", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":24}" - }, - { - "key": "panelF05A7322AF1DFA4D", - "structure": "{\"height\":9,\"width\":12,\"x\":0,\"y\":9}" - }, - { - "key": "panel6D8927A7A7C82A44", - "structure": "{\"height\":9,\"width\":12,\"x\":12,\"y\":9}" - }, - { - "key": "panelE5E0B67FAB830B45", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":36}" - }, - { - "key": "panel35E989548D49FB4B", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":42}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-1bd728408f442a49", - "title": "API Calls", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Total Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count statistic=samplecount apiid={{apiid}} apiname={{apiname}} method={{method}} stage={{stage}} resource={{resource}} !(route=*) | quantize using sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-134c2b108813b846", - "title": "Unique API Calls", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Unique Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count statistic=samplecount apiid={{apiid}} apiname={{apiname}} method={{method}} stage={{stage}} resource={{resource}} !(route=*) | quantize using sum | sum by apiname, namespace, region, account, stage, resource, method | count", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-2c931e93b0a25940", - "title": "API Call Breakdown", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"aggregationType\":\"sum\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Calls\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count statistic=samplecount apiid={{apiid}} apiname={{apiname}} method={{method}} stage={{stage}} resource={{resource}} !(route=*) | quantize using sum | sum by apiname, stage, method, resource | eval round(_value)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-4f8a91c58c9d3b4e", - "title": "Note", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"alignment\":\"left\",\"fontSize\":16,\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "This dashboard works on detailed CloudWatch metrics which needs to be explicitly enabled. You can do this in the AWS console by selecting \"Enable CloudWatch Metrics\" under a stage Settings tab. Alternatively, you can call the update-stage AWS CLI command to update the metricsEnabled property to true." - }, - { - "id": null, - "key": "panel9D43D46A8D572945", - "title": "API Resources", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Resources\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=count statistic=Sum apiid={{apiid}} apiname={{apiname}} method={{method}} stage={{stage}} resource={{resource}} !(route=*) | quantize using sum | sum by apiid, namespace, region, account, resource, stage | count by resource | count", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel37DF585699B3CA4B", - "title": "API Calls By HTTP Method", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"Requests\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{method}} - {{resource}} - {{stage}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Count Statistic=Sum apiid={{apiid}} apiname={{apiname}} method={{method}} stage={{stage}} resource={{resource}} !(route=*) | quantize 15m using sum | sum by apiname, stage, method, resource", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA339B8FBAA119B48", - "title": "Data Processed", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"\",\"unit\":{\"value\":\"B\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{method}} - {{resource}} - {{stage}} \"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=DataProcessed statistic=sum apiid={{apiid}} apiname={{apiname}} method={{method}} stage={{stage}} resource={{resource}} | quantize using sum | sum by apiname, stage, resource, method", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel6AD7941EB83C384E", - "title": "Average Latency by HTTP Method", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Average Latency\",\"unit\":{\"value\":\"ms\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{method}} - {{resource}} - {{stage}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency Statistic=Average apiid={{apiid}} apiname={{apiname}} method={{method}} stage={{stage}} resource={{resource}} | quantize 15m using avg | avg by apiname, method, resource, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelBFAFA96694493B43", - "title": "Average Integration Latency by HTTP Method", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Average Integration Latency\",\"unit\":{\"value\":\"ms\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{method}} - {{resource}} - {{stage}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency Statistic=Average apiid={{apiid}} apiname={{apiname}} method={{method}} stage={{stage}} resource={{resource}} | quantize 15m using avg | avg by apiname, method, resource, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelF05A7322AF1DFA4D", - "title": "Average Integration Latency (ms)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":500,\"color\":\"#75bf00\"},{\"from\":500,\"to\":1000,\"color\":\"#f6c851\"},{\"from\":1000,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[{\"label\":\"method\",\"value\":\"method\"}],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency Statistic=Average apiname={{apiname}} apiid={{apiid}} method={{method}} stage={{stage}} resource={{resource}} | avg by apiname, method, resource, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel6D8927A7A7C82A44", - "title": "Average Latency (ms)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":500,\"color\":\"#75bf00\"},{\"from\":500,\"to\":1000,\"color\":\"#f6c851\"},{\"from\":1000,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[{\"label\":\"method\",\"value\":\"method\"}],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=Latency Statistic=Average apiname={{apiname}} apiid={{apiid}} method={{method}} stage={{stage}} resource={{resource}} | avg by apiname, method, resource, stage", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelE5E0B67FAB830B45", - "title": "4XX Errors by HTTP Method", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Average Integration Latency\",\"unit\":{\"value\":\"ms\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{method}} - {{resource}} - {{stage}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=4XX Statistic=Sum apiid={{apiid}} apiname={{apiname}} method={{method}} stage={{stage}} resource={{resource}} | quantize 15m using sum | sum by apiname, stage, resource, method", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel35E989548D49FB4B", - "title": "5XX Errors by HTTP Method", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Average Integration Latency\",\"unit\":{\"value\":\"ms\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{method}} - {{resource}} - {{stage}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=5XX Statistic=Sum apiid={{apiid}} apiname={{apiname}} method={{method}} stage={{stage}} resource={{resource}} | quantize 15m using sum | sum by apiname, stage, resource, method", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/apigateway", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/apigateway", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiname", - "displayName": "apiname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiid=* metric=Count", - "key": "apiname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "stage", - "displayName": "stage", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} stage=* apiname={{apiname}}", - "key": "stage" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "resource", - "displayName": "resource", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiid={{apiid}} apiname={{apiname}} stage={{stage}} resource=*", - "key": "resource" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "method", - "displayName": "method", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiid={{apiid}} stage={{stage}} apiname={{apiname}} resource={{resource}}", - "key": "method" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiid", - "displayName": "apiid", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "apiid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "7. AWS API Gateway - Enhanced Monitoring (WebSocket API)", - "description": "AWS API Gateway - Enhanced Monitoring (WebSocket API) dashboard provides detailed insights into API Gateway performance throughout your infrastructure, including the number and types of API calls, latency averages, and errors by HTTP method.", - "title": "7. AWS API Gateway - Enhanced Monitoring (WebSocket API)", - "theme": "Light", - "topologyLabelMap": { - "data": { - "apiname": [ - "*" - ], - "7ae47b9d9e33e5ebc6814649ff94eff6": [ - "*" - ], - "a429f7579091c0359a5e252d2e30c75b": [ - "*" - ], - "namespace": [ - "aws/apigateway" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-1bd728408f442a49", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":3}" - }, - { - "key": "panelpane-134c2b108813b846", - "structure": "{\"height\":6,\"width\":5,\"x\":5,\"y\":3}" - }, - { - "key": "panelpane-2c931e93b0a25940", - "structure": "{\"height\":6,\"width\":9,\"x\":15,\"y\":3}" - }, - { - "key": "panelpane-4f8a91c58c9d3b4e", - "structure": "{\"height\":3,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panelBC95B8C9B4633940", - "structure": "{\"height\":5,\"width\":24,\"x\":0,\"y\":24}" - }, - { - "key": "panel1AB70A38BCE24B40", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":29}" - }, - { - "key": "panelDADC77CB9C5E9B43", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":49}" - }, - { - "key": "panel4E14CB9BB13C0B45", - "structure": "{\"height\":8,\"width\":24,\"x\":0,\"y\":41}" - }, - { - "key": "panel1103C43597B67B49", - "structure": "{\"height\":8,\"width\":24,\"x\":0,\"y\":56}" - }, - { - "key": "panel1FCBC7F180FD5A4C", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":35}" - }, - { - "key": "panel767DEB6D97383849", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":9}" - }, - { - "key": "panelPANE-A9255516BF768A4A", - "structure": "{\"height\":6,\"width\":5,\"x\":10,\"y\":3}" - }, - { - "key": "panelB0930CDBAF87F841", - "structure": "{\"height\":8,\"width\":8,\"x\":0,\"y\":16}" - }, - { - "key": "panelE6A4AA86A993784A", - "structure": "{\"height\":8,\"width\":8,\"x\":8,\"y\":16}" - }, - { - "key": "panel56DEFEBF83AA4B40", - "structure": "{\"height\":8,\"width\":8,\"x\":16,\"y\":16}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-1bd728408f442a49", - "title": "API Calls", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Total Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=ConnectCount statistic=samplecount apiid={{apiid}} apiname={{apiname}} stage={{stage}} route={{route}} !(resource=*) | quantize using sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-134c2b108813b846", - "title": "Unique API Calls", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Unique Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=ConnectCount statistic=samplecount apiid={{apiid}} apiname={{apiname}} stage={{stage}} route={{route}} !(resource=*) | quantize using sum | sum by apiname, stage, route, namespace, region, account | count", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-2c931e93b0a25940", - "title": "API Call Breakdown", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"aggregationType\":\"sum\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Calls\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=ConnectCount statistic=samplecount apiid={{apiid}} apiname={{apiname}} stage={{stage}} route={{route}} !(resource=*) | quantize using sum | sum by apiname, stage, route | eval round(_value)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-4f8a91c58c9d3b4e", - "title": "Note", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"alignment\":\"left\",\"fontSize\":16,\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "This dashboard works on detailed CloudWatch metrics which needs to be explicitly enabled. You can do this in the AWS console by selecting \"Enable CloudWatch Metrics\" under a stage Settings tab. Alternatively, you can call the update-stage AWS CLI command to update the metricsEnabled property to true." - }, - { - "id": null, - "key": "panelBC95B8C9B4633940", - "title": "Connect Count", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{stage}} - {{route}}\"}}],\"series\":{},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=ConnectCount statistic=sum apiid={{apiid}} apiname={{apiname}} stage={{stage}} route={{route}} !(resource=*) | quantize using sum | sum by apiname, stage, route", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1AB70A38BCE24B40", - "title": "Message Count", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{stage}} - {{route}}\"}}],\"series\":{},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=MessageCount statistic=sum apiid={{apiid}} apiname={{apiname}} stage={{stage}} route={{route}} !(resource=*) | quantize using sum | sum by apiname, stage, route", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelDADC77CB9C5E9B43", - "title": "Client Errors", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Number of Requests\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{stage}} - {{route}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=ClientError statistic=sum apiid={{apiid}} apiname={{apiname}} stage={{stage}} route={{route}} !(resource=*) | quantize using sum | sum by apiname, stage, route", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4E14CB9BB13C0B45", - "title": "Integration Errors", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{stage}} - {{route}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationError statistic=sum apiid={{apiid}} apiname={{apiname}} stage={{stage}} route={{route}} !(resource=*) | quantize using sum | sum by stage, route", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1103C43597B67B49", - "title": "Execution Errors", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{stage}} - {{route}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=ExecutionError statistic=sum apiid={{apiid}} apiname={{apiname}} stage={{stage}} route={{route}} !(resource=*) | quantize using sum | sum by apiname, stage, route", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1FCBC7F180FD5A4C", - "title": "Average Integration Latency (ms)", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{stage}} - {{route}}\"}}],\"series\":{},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=Average apiid={{apiid}} apiname={{apiname}} stage={{stage}} route={{route}} !(resource=*) | quantize using avg | avg by apiname, stage, route", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel767DEB6D97383849", - "title": "Integration Latency (ms)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":500,\"color\":\"#75bf00\"},{\"from\":500,\"to\":1000,\"color\":\"#f6c851\"},{\"from\":1000,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[{\"label\":\"route\",\"value\":\"route\"}],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationLatency statistic=Average apiid={{apiid}} apiname={{apiname}} stage={{stage}} route={{route}} !(resource=*) | quantize using avg | avg by apiname, stage, route", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-A9255516BF768A4A", - "title": "API Routes", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Routes\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ConnectCount statistic=Sum apiid={{apiid}} apiname={{apiname}} stage={{stage}} route={{route}} !(resource=*) | quantize using sum | sum by apiname, namespace, region, account, route, stage | count by route | count", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelB0930CDBAF87F841", - "title": "Execution Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[{\"label\":\"stage\",\"value\":\"stage\"}],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=ExecutionError statistic=sum apiid={{apiid}} apiname={{apiname}} stage={{stage}} route={{route}} !(resource=*) | quantize using sum | sum by apiname, stage, route", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelE6A4AA86A993784A", - "title": "Integration Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[{\"label\":\"stage\",\"value\":\"stage\"}],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=IntegrationError statistic=sum apiid={{apiid}} apiname={{apiname}} stage={{stage}} route={{route}} !(resource=*) | quantize using sum | sum by apiname, stage, route", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel56DEFEBF83AA4B40", - "title": "Client Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[{\"label\":\"stage\",\"value\":\"stage\"}],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} metric=ClientError statistic=sum apiid={{apiid}} apiname={{apiname}} stage={{stage}} route={{route}} !(resource=*) | quantize using sum | sum by apiname, stage, route", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/apigateway", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/apigateway", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiname", - "displayName": "apiname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiid={{apiid}} Metric=ConnectCount", - "key": "apiname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "stage", - "displayName": "stage", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiid={{apiid}} stage=*", - "key": "stage" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "route", - "displayName": "route", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} apiid={{apiid}} stage={{stage}}", - "key": "route" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "apiid", - "displayName": "apiid", - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} metric=ConnectCount", - "key": "apiid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - } - ] -} \ No newline at end of file diff --git a/aws-observability/json/ElastiCache-App.json b/aws-observability/json/ElastiCache-App.json deleted file mode 100644 index 1adce8b2..00000000 --- a/aws-observability/json/ElastiCache-App.json +++ /dev/null @@ -1,5177 +0,0 @@ -{ - "type": "FolderSyncDefinition", - "name": "Amazon ElastiCache", - "description": "The Sumo Logic App for Amazon ElastiCache provides visibility into key event and performance analytics that enable proactive diagnosis and response to system and environment issues. Use the preconfigured dashboards for at-a-glance analysis of event status trends, locations, successes and failures, as well as system health and performance metrics. The dashboards also have additional performance insights for Redis clusters.", - "children": [ - { - "type": "DashboardV2SyncDefinition", - "name": "1. Amazon ElastiCache - Host Performance Details", - "description": "The Amazon ElastiCache - Host Performance Details dashboard shows an overview of the resource utilization for a given ElastiCache cluster across its nodes and also showcases trends around CPU, memory, swap usage and network traffic.", - "title": "1. Amazon ElastiCache - Host Performance Details", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/elasticache" - ], - "region": [ - "*" - ], - "cacheclusterid": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-1161D6DCA0CF2842", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":19}" - }, - { - "key": "panel013CB3A4B9DC3A4C", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":26}" - }, - { - "key": "panelFE6ADF0195E64842", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":19}" - }, - { - "key": "panelA3C245028BD9D843", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":26}" - }, - { - "key": "panelA26E1E6397AB7B42", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":5}" - }, - { - "key": "panel3C352A88A33C0A4E", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":12}" - }, - { - "key": "panel3C01D90E9E2B7B4D", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":5}" - }, - { - "key": "panel84447385941EF844", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":12}" - }, - { - "key": "panelPANE-436BAC5F8F71C844", - "structure": "{\"height\":5,\"width\":24,\"x\":0,\"y\":0}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-1161D6DCA0CF2842", - "title": "Network Packets In", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Packets\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}} \"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsIn statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel013CB3A4B9DC3A4C", - "title": "Network Packets Out", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Packets\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}} \"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsOut statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelFE6ADF0195E64842", - "title": "Network Bytes In", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Bytes\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesIn statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA3C245028BD9D843", - "title": "Network Bytes Out", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Bytes\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesOut statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA26E1E6397AB7B42", - "title": "Freeable Memory (GB)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"GB\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}} \"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=FreeableMemory statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace | eval _value / (1024 * 1024 * 1024)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel3C352A88A33C0A4E", - "title": "Swap Usage (MB)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"MB\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}} \"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SwapUsage statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace | eval _value / (1024 * 1024)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel3C01D90E9E2B7B4D", - "title": "CPU Utilization", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Percent\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}} \"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel84447385941EF844", - "title": "Engine CPU Utilization", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Percent\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}} \"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EngineCPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-436BAC5F8F71C844", - "title": "Cluster and Node Details", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"decimals\":2},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"CPU Utilization\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"Freeable Memory (GB)\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"name\":\"Engine CPU Utilization\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=FreeableMemory statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region | eval _value / (1024 * 1024 * 1024) ", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EngineCPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/elasticache", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/elasticache", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheClusterId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "cacheclusterid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheNodeId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", - "key": "cachenodeid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "1. Amazon ElastiCache - Host Performance Overview", - "description": "The Amazon ElastiCache - Host Performance Overview dashboard provides detailed insights into CPU, memory and network performance metrics of hosts running your ElastiCache clusters.", - "title": "1. Amazon ElastiCache - Host Performance Overview", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/elasticache" - ], - "region": [ - "*" - ], - "_sumo_domain_name": [ - "aws" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-DAD554E4A6BCC843", - "structure": "{\"height\":5,\"width\":3,\"x\":15,\"y\":0}" - }, - { - "key": "panelPANE-3FF7DB0BB6188A4D", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":5}" - }, - { - "key": "panelPANE-AD09413E82EF994D", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":5}" - }, - { - "key": "panelPANE-6CF530B1B7B1384B", - "structure": "{\"height\":5,\"width\":3,\"x\":0,\"y\":0}" - }, - { - "key": "panelPANE-80FE1A5C8372F84F", - "structure": "{\"height\":5,\"width\":3,\"x\":6,\"y\":0}" - }, - { - "key": "panelPANE-EDD9E06BB32AEA42", - "structure": "{\"height\":5,\"width\":3,\"x\":3,\"y\":0}" - }, - { - "key": "panel989CF605A88D3844", - "structure": "{\"height\":5,\"width\":3,\"x\":21,\"y\":0}" - }, - { - "key": "panel64548DCEB83D194D", - "structure": "{\"height\":5,\"width\":3,\"x\":18,\"y\":0}" - }, - { - "key": "panelF38FB8BA80FD884B", - "structure": "{\"height\":5,\"width\":3,\"x\":9,\"y\":0}" - }, - { - "key": "panelD6156E21B17CA94F", - "structure": "{\"height\":5,\"width\":3,\"x\":12,\"y\":0}" - }, - { - "key": "panelPANE-DE9EBFD69FD53A46", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":11}" - }, - { - "key": "panel4A4045BBA3228A4F", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":11}" - }, - { - "key": "panel608F10C3A9631A40", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":17}" - }, - { - "key": "panel622549C5B893994A", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":17}" - }, - { - "key": "panel0E86E8BAA74A8842", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":17}" - }, - { - "key": "panel8E23238D95CBF942", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":11}" - }, - { - "key": "panelF634964B97D8CB4B", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":5}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-DAD554E4A6BCC843", - "title": "Bytes In", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"GB\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesIn statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum | eval _value / (1024 * 1024 * 1024)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-3FF7DB0BB6188A4D", - "title": "Average Engine CPU Utilization", - "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#75bf00\"},{\"from\":75,\"to\":85,\"color\":\"#f6c851\"},{\"from\":85,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EngineCPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by account, region, namespace, CacheClusterId, CacheNodeId", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-AD09413E82EF994D", - "title": "Average CPU Utilization", - "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#75bf00\"},{\"from\":75,\"to\":85,\"color\":\"#f6c851\"},{\"from\":85,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-6CF530B1B7B1384B", - "title": "Avg CPU Utilization", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Average\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#16943E\"},{\"from\":75,\"to\":85,\"color\":\"#DFBE2E\"},{\"from\":85,\"to\":101,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false},\"gauge\":{\"show\":true}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-80FE1A5C8372F84F", - "title": "Avg Free Memory (GB)", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"GB\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=FreeableMemory statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg | eval _value / (1024 * 1024 * 1024)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-EDD9E06BB32AEA42", - "title": "Avg Engine CPU Utilization ", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#16943E\"},{\"from\":75,\"to\":85,\"color\":\"#DFBE2E\"},{\"from\":85,\"to\":101,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false},\"gauge\":{\"show\":true,\"min\":0,\"max\":100}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EngineCPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel989CF605A88D3844", - "title": "Swap Usage", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"MB\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SwapUsage statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg | eval _value / (1024 * 1024)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel64548DCEB83D194D", - "title": "Bytes Out", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"GB\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesOut statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum | eval _value / (1024 * 1024 * 1024)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelF38FB8BA80FD884B", - "title": "Packets In", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Million\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsIn statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum | eval _value / 1000000", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelD6156E21B17CA94F", - "title": "Packets Out", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Million\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsOut statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum | eval _value / 1000000", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-DE9EBFD69FD53A46", - "title": "Bytes In - Today Vs Yesterday", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"Bytes In (Today)\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"},\"axisY2\":{\"title\":\"Bytes In (Yesterday)\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"axisYType\":\"secondary\",\"displayType\":\"smooth\",\"name\":\"Percentage Change\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesIn Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "((#A-#B)/#B)*100", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4A4045BBA3228A4F", - "title": "Bytes Out - Today Vs Yesterday", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"Bytes Out (Today)\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"},\"axisY2\":{\"title\":\"Bytes Out (Yesterday)\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"axisYType\":\"secondary\",\"displayType\":\"smooth\",\"name\":\"Percentage Change\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesOut Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "((#A-#B)/#B)*100", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel608F10C3A9631A40", - "title": "Net Difference of In and Out (Packets) Network Traffic", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Packets In, Out\"},\"axisY2\":{\"title\":\"Net Difference\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{\"A_metric=sum(NetworkPacketsIn)\":{\"visible\":true}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"PacketsIn\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"PacketsOut\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"axisYType\":\"secondary\",\"displayType\":\"smooth\",\"name\":\"Net Difference\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsIn Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsOut Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#B - #A", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel622549C5B893994A", - "title": "Packets Out - Today Vs Yesterday", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"Packets Out (Today)\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"},\"axisY2\":{\"title\":\"Packets Out (Yesterday)\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"axisYType\":\"secondary\",\"displayType\":\"smooth\",\"name\":\"Percentage Change\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsOut Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "((#A-#B)/#B)*100", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel0E86E8BAA74A8842", - "title": "Packets In - Today Vs Yesterday", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"Packets In (Today)\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"},\"axisY2\":{\"title\":\"Packets In (Yesterday)\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"axisYType\":\"secondary\",\"displayType\":\"smooth\",\"name\":\"Percentage Change\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsIn Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "((#A-#B)/#B)*100", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8E23238D95CBF942", - "title": "Net Difference of In and Out (Bytes) Network Traffic", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Bytes In, Out\"},\"axisY2\":{\"title\":\"Net Difference\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"BytesIn\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"BytesOut\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"axisYType\":\"secondary\",\"displayType\":\"smooth\",\"name\":\"Net Difference\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesIn Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesOut Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#B - #A", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelF634964B97D8CB4B", - "title": "Swap Usage (MB)", - "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":25,\"color\":\"#75bf00\"},{\"from\":25,\"to\":50,\"color\":\"#f6c851\"},{\"from\":50,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"max\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SwapUsage statistic=Maximum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | max by account, region, namespace, CacheClusterId, CacheNodeId | eval _value / (1024 * 1024)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/elasticache", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/elasticache", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheClusterId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "cacheclusterid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheNodeId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", - "key": "cachenodeid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "2. Amazon ElastiCache - Audit Event Overview", - "description": "The Amazon ElastiCache - Audit Event Overview dashboard provides detailed insights into all events associated with ElastiCache clusters and specifically helps identify changes, errors, users and replication groups.", - "title": "2. Amazon ElastiCache - Audit Event Overview", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/elasticache" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-9A6827ADAFD40B48", - "structure": "{\"height\":5,\"width\":6,\"x\":0,\"y\":0}" - }, - { - "key": "panel808FD9FD8BFB6846", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":23}" - }, - { - "key": "panelPANE-F6D67170A3207848", - "structure": "{\"height\":10,\"width\":12,\"x\":12,\"y\":0}" - }, - { - "key": "panelPANE-55BA9CD690905848", - "structure": "{\"height\":5,\"width\":12,\"x\":0,\"y\":10}" - }, - { - "key": "panelE1BCBDE685FB3944", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":29}" - }, - { - "key": "panelPANE-4D66006086774A44", - "structure": "{\"height\":5,\"width\":6,\"x\":6,\"y\":0}" - }, - { - "key": "panelPANE-829F6ADB86227949", - "structure": "{\"height\":6,\"width\":18,\"x\":6,\"y\":29}" - }, - { - "key": "panel1DA5F9AA9C03F945", - "structure": "{\"height\":6,\"width\":18,\"x\":6,\"y\":23}" - }, - { - "key": "panelPANE-9D1136C884776B4C", - "structure": "{\"height\":5,\"width\":6,\"x\":0,\"y\":5}" - }, - { - "key": "panelPANE-C6B1C1249FED294C", - "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":15}" - }, - { - "key": "panel422C79CD944AC840", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":15}" - }, - { - "key": "panelB86F7C84926F1844", - "structure": "{\"height\":5,\"width\":6,\"x\":6,\"y\":5}" - }, - { - "key": "panelABB275868F4B2A44", - "structure": "{\"height\":5,\"width\":12,\"x\":12,\"y\":10}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-9A6827ADAFD40B48", - "title": "Event Status", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"series\":{},\"legend\":{\"enabled\":false},\"overrides\":[{\"series\":[\"Success\"],\"queries\":[],\"properties\":{\"color\":\"#75bf00\"}},{\"series\":[\"Failure\"],\"queries\":[],\"properties\":{\"color\":\"#f36644\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\"\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| count by eventStatus\n| sort by _count, eventStatus asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel808FD9FD8BFB6846", - "title": "Successful Events", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" !errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and isEmpty(error_code)\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| count by event_name\n| sort by _count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-F6D67170A3207848", - "title": "Event Locations", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" sourceIPAddress\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\")\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isNull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-55BA9CD690905848", - "title": "Events Trend", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\"\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| timeslice 1h\n| count by _timeslice, event_name\n| transpose row _timeslice column event_name", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelE1BCBDE685FB3944", - "title": "Failed Events", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and !isEmpty(error_code)\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| count by event_name\n| sort by _count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-4D66006086774A44", - "title": "Top 10 Error Codes", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and !isEmpty(error_code)\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| count as Count by error_code | sort by Count, error_code asc | limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-829F6ADB86227949", - "title": "Failed Event Details", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and !isEmpty(error_code)\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| timeslice 1s\n| count as Count by _timeslice, event_name, error_code, error_message, src_ip, user, type, request_id, user_agent, engine, engine_version\n| sort by _timeslice", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1DA5F9AA9C03F945", - "title": "Successful Event Details", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" !errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and isEmpty(error_code)\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| timeslice 1s\n| count as Count by _timeslice, event_name, src_ip, user, type, request_id, user_agent, engine, engine_version\n| sort by _timeslice", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-9D1136C884776B4C", - "title": "Top 10 ReplicationGroupId's", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" replicationGroupId\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" \n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId nodrop\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| where !isEmpty(replicationgroupid)\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| res_status as Status\n| count as Count by replicationgroupid | sort by Count, replicationgroupid asc | limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-C6B1C1249FED294C", - "title": "Top 10 Users", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\"\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| count as Count by type, user\n| sort by Count, type asc, user asc | limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel422C79CD944AC840", - "title": "Events by User", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"bar\",\"displayType\":\"stacked\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\"\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| count by user, event_name\n| transpose row user column event_name", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelB86F7C84926F1844", - "title": "Event Types", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"overrides\":[],\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\"\n| if (event_name matches \"*Describe*\" or event_name matches \"*List*\", \"ReadOnly\", if (!(event_name matches \"*Describe*\") and !(event_name matches \"*List*\"), \"Update\", \"Unkown\")) as EventType\n| where EventType<>\"Unknown\"\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| count by EventType", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelABB275868F4B2A44", - "title": "Events Status Trend", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[\"Failure\"],\"queries\":[],\"properties\":{\"color\":\"#f36644\"}},{\"series\":[\"Success\"],\"queries\":[],\"properties\":{\"color\":\"#75bf00\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\"\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| timeslice 1h\n| count by _timeslice, eventStatus\n| transpose row _timeslice column eventStatus", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/elasticache", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/elasticache", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheClusterId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "cacheclusterid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheNodeId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", - "key": "cachenodeid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "2. Amazon ElastiCache - Redis Performance Details", - "description": "The Amazon ElastiCache - Redis Performance Details dashboard provides detailed insights into cache hits, keys, replication, connections and failures of Redis ElastiCache clusters.", - "title": "2. Amazon ElastiCache - Redis Performance Details", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/elasticache" - ], - "region": [ - "*" - ], - "cacheclusterid": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-3A698F8A9F87D943", - "structure": "{\"height\":5,\"width\":8,\"x\":8,\"y\":10}" - }, - { - "key": "panel4B06F578B4BFEA4B", - "structure": "{\"height\":5,\"width\":8,\"x\":0,\"y\":0}" - }, - { - "key": "panelD3510977A9100B4C", - "structure": "{\"height\":5,\"width\":8,\"x\":0,\"y\":5}" - }, - { - "key": "panel45FB62658515F940", - "structure": "{\"height\":5,\"width\":8,\"x\":0,\"y\":10}" - }, - { - "key": "panel4C36770FB66C0A41", - "structure": "{\"height\":5,\"width\":8,\"x\":8,\"y\":15}" - }, - { - "key": "panel2F33FBF99B938942", - "structure": "{\"height\":5,\"width\":8,\"x\":8,\"y\":5}" - }, - { - "key": "panelA7D4B21DAC6ECA4C", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":10}" - }, - { - "key": "panel531765FA95966846", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":15}" - }, - { - "key": "panel4900BEC9B252BB4C", - "structure": "{\"height\":5,\"width\":8,\"x\":8,\"y\":0}" - }, - { - "key": "panelD94772A7BD6BD941", - "structure": "{\"height\":5,\"width\":8,\"x\":0,\"y\":15}" - }, - { - "key": "panelEEE8CD57BDA0B840", - "structure": "{\"height\":5,\"width\":8,\"x\":8,\"y\":20}" - }, - { - "key": "panel4190B757A8B60B4E", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":5}" - }, - { - "key": "panel8CD5BE7AB40B3840", - "structure": "{\"height\":5,\"width\":8,\"x\":0,\"y\":20}" - }, - { - "key": "panel7B6650EFB77E4847", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":0}" - }, - { - "key": "panel322681E79C3C2A4A", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":20}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-3A698F8A9F87D943", - "title": "Background Save Status", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Save In Progress\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SaveInProgress statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4B06F578B4BFEA4B", - "title": "Cache Hits", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Hits\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CacheHits statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelD3510977A9100B4C", - "title": "Cache Misses", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Misses\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CacheMisses statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel45FB62658515F940", - "title": "Active Defrag Hits", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Hits\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ActiveDefragHits statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4C36770FB66C0A41", - "title": "Replication Bytes - Primary to Replicas", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Bytes\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ReplicationBytes statistic=average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2F33FBF99B938942", - "title": "Master Link Health Status", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Health Status\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=MasterLinkHealthStatus statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": " Primary node sync status with Redis on EC2", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA7D4B21DAC6ECA4C", - "title": "Reclaimed - Key Expiration Events", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Keys\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=Reclaimed statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel531765FA95966846", - "title": "Keys Tracked by Redis", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2,\"aggregationType\":\"max\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Keys\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=KeysTracked statistic=Maximum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | max by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4900BEC9B252BB4C", - "title": "Key - Time To Live", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Milliseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=DB0AverageTTL statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelD94772A7BD6BD941", - "title": "Number of Current Client Connections", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CurrConnections statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelEEE8CD57BDA0B840", - "title": "Replication Lag", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Seconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ReplicationLag statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4190B757A8B60B4E", - "title": "Keys Evicted Due To Max Memory Limit", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Keys\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=Evictions statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8CD5BE7AB40B3840", - "title": "New Connections Accepted By Server", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NewConnections statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel7B6650EFB77E4847", - "title": "Items in Cache", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Items\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CurrItems statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel322681E79C3C2A4A", - "title": "Authentication and Authorization Failures", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Failures\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=*Failures statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/elasticache", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/elasticache", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheClusterId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "cacheclusterid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheNodeId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", - "key": "cachenodeid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "3. Amazon ElastiCache - Redis Command Latency", - "description": "The Amazon ElastiCache - Redis Command Latency dashboard provides detailed insights into latency of various Redis commands.", - "title": "3. Amazon ElastiCache - Redis Command Latency", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/elasticache" - ], - "region": [ - "*" - ], - "cacheclusterid": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-DAD554E4A6BCC843", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":10}" - }, - { - "key": "panelPANE-80FE1A5C8372F84F", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":10}" - }, - { - "key": "panel989CF605A88D3844", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":20}" - }, - { - "key": "panel2439E90A96110842", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":5}" - }, - { - "key": "panelB9A9D10FBAA24946", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":5}" - }, - { - "key": "panel8855326E87766846", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":20}" - }, - { - "key": "panel5C5F34089624DB45", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":0}" - }, - { - "key": "panel213A8089AD47DB49", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":25}" - }, - { - "key": "panel68FD6E1FADC27840", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":15}" - }, - { - "key": "panel0A8F5410B2A40A47", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":25}" - }, - { - "key": "panel99529F87A22CD940", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":0}" - }, - { - "key": "panel509CEF36B7C8AB4B", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":30}" - }, - { - "key": "panel63CB5EBC9B50D943", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":15}" - }, - { - "key": "panelPANE-3A698F8A9F87D943", - "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":0}" - }, - { - "key": "panel4B06F578B4BFEA4B", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":0}" - }, - { - "key": "panel85BF423289A9A849", - "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":5}" - }, - { - "key": "panelD3510977A9100B4C", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":5}" - }, - { - "key": "panel26A5E8FFADB40B43", - "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":10}" - }, - { - "key": "panel45FB62658515F940", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":10}" - }, - { - "key": "panel8B618144B3D12B4F", - "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":15}" - }, - { - "key": "panelF21A4871A2A5EA43", - "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":20}" - }, - { - "key": "panel27C8934BB5EF8B4F", - "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":25}" - }, - { - "key": "panel4C36770FB66C0A41", - "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":30}" - }, - { - "key": "panel2F33FBF99B938942", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":15}" - }, - { - "key": "panelA7D4B21DAC6ECA4C", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":20}" - }, - { - "key": "panel531765FA95966846", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":25}" - }, - { - "key": "panelF914B054A0E02B48", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":30}" - }, - { - "key": "panel4900BEC9B252BB4C", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":30}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-DAD554E4A6BCC843", - "title": "Key Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=KeyBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-80FE1A5C8372F84F", - "title": "String Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StringBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel989CF605A88D3844", - "title": "Set Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2439E90A96110842", - "title": "Set Type Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetTypeCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelB9A9D10FBAA24946", - "title": "Get Type Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GetTypeCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8855326E87766846", - "title": "List Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ListBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5C5F34089624DB45", - "title": "Hash Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HashBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel213A8089AD47DB49", - "title": "SortedSet Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SortedSetBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel68FD6E1FADC27840", - "title": "HyperLogLog Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HyperLogLogBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel0A8F5410B2A40A47", - "title": "Stream Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StreamBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel99529F87A22CD940", - "title": "Eval Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EvalBasedCmdsLatency statistic=average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel509CEF36B7C8AB4B", - "title": "GeoSpatial Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GeoSpatialBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel63CB5EBC9B50D943", - "title": "PubSub Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=PubSubBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-3A698F8A9F87D943", - "title": "Eval Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EvalBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4B06F578B4BFEA4B", - "title": "Hash Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HashBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel85BF423289A9A849", - "title": "Get Type Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GetTypeCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelD3510977A9100B4C", - "title": "Set Type Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetTypeCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel26A5E8FFADB40B43", - "title": "Key Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=KeyBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel45FB62658515F940", - "title": "String Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StringBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8B618144B3D12B4F", - "title": "PubSub Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=PubSubBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelF21A4871A2A5EA43", - "title": "Set Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel27C8934BB5EF8B4F", - "title": "SortedSet Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SortedSetBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4C36770FB66C0A41", - "title": "GeoSpatial Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GeoSpatialBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2F33FBF99B938942", - "title": "HyperLogLog Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HyperLogLogBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA7D4B21DAC6ECA4C", - "title": "List Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ListBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel531765FA95966846", - "title": "Stream Based Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StreamBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelF914B054A0E02B48", - "title": "All *Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=*CmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4900BEC9B252BB4C", - "title": "All *Cmds Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=*CmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/elasticache", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/elasticache", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheClusterId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "cacheclusterid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheNodeId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", - "key": "cachenodeid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "3. Amazon ElastiCache - Redis Performance Overview", - "description": "The Amazon ElastiCache - Redis Performance Overview dashboard provides an overview into performance, evictions, authentication and authorization failures of ElastiCache Redis clusters.", - "title": "3. Amazon ElastiCache - Redis Performance Overview", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/elasticache" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-DAD554E4A6BCC843", - "structure": "{\"height\":5,\"width\":4,\"x\":4,\"y\":17}" - }, - { - "key": "panelPANE-3FF7DB0BB6188A4D", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":6}" - }, - { - "key": "panelPANE-1C688241A2863A4E", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":0}" - }, - { - "key": "panelPANE-801680AAAF52094B", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":6}" - }, - { - "key": "panelPANE-AD09413E82EF994D", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":0}" - }, - { - "key": "panelPANE-396C9FA3B219CB46", - "structure": "{\"height\":12,\"width\":8,\"x\":16,\"y\":0}" - }, - { - "key": "panelPANE-6CF530B1B7B1384B", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":12}" - }, - { - "key": "panelPANE-80FE1A5C8372F84F", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":17}" - }, - { - "key": "panelPANE-EDD9E06BB32AEA42", - "structure": "{\"height\":5,\"width\":4,\"x\":4,\"y\":12}" - }, - { - "key": "panelPANE-99CD4FA5B28B0B4C", - "structure": "{\"height\":5,\"width\":4,\"x\":8,\"y\":12}" - }, - { - "key": "panel344E0AB5B863A84E", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":12}" - }, - { - "key": "panel989CF605A88D3844", - "structure": "{\"height\":5,\"width\":4,\"x\":8,\"y\":17}" - }, - { - "key": "panel2439E90A96110842", - "structure": "{\"height\":5,\"width\":4,\"x\":20,\"y\":17}" - }, - { - "key": "panelB9A9D10FBAA24946", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":17}" - }, - { - "key": "panel8855326E87766846", - "structure": "{\"height\":5,\"width\":4,\"x\":16,\"y\":12}" - }, - { - "key": "panel5C5F34089624DB45", - "structure": "{\"height\":5,\"width\":4,\"x\":20,\"y\":12}" - }, - { - "key": "panelDFA21075A50A1943", - "structure": "{\"height\":5,\"width\":4,\"x\":16,\"y\":17}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-DAD554E4A6BCC843", - "title": "Current Connections", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CurrConnections statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-3FF7DB0BB6188A4D", - "title": "Engine CPU Utilization", - "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#75bf00\"},{\"from\":75,\"to\":85,\"color\":\"#f6c851\"},{\"from\":85,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EngineCPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by account, region, namespace, CacheClusterId, CacheNodeId", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-1C688241A2863A4E", - "title": "Database Memory Usage Percentage", - "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":85,\"color\":\"#75bf00\"},{\"from\":85,\"to\":95,\"color\":\"#f6c851\"},{\"from\":95,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=DatabaseMemoryUsagePercentage statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by account, region, namespace, CacheClusterId, CacheNodeId", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-801680AAAF52094B", - "title": "Replica Lag (seconds)", - "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":3,\"color\":\"#75bf00\"},{\"from\":3,\"to\":5,\"color\":\"#f6c851\"},{\"from\":5,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ReplicationLag statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-AD09413E82EF994D", - "title": "CPU Utilization", - "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#75bf00\"},{\"from\":75,\"to\":85,\"color\":\"#f6c851\"},{\"from\":85,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-396C9FA3B219CB46", - "title": "Cache Hit Rate", - "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":85,\"to\":100,\"color\":\"#75bf00\"},{\"from\":80,\"to\":85,\"color\":\"#f6c851\"},{\"from\":0,\"to\":80,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CacheHitRate statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by account, region, namespace, CacheClusterId, CacheNodeId", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-6CF530B1B7B1384B", - "title": "CPU Utilization", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Average\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#16943E\"},{\"from\":75,\"to\":85,\"color\":\"#DFBE2E\"},{\"from\":85,\"to\":101,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false},\"gauge\":{\"show\":true}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-80FE1A5C8372F84F", - "title": "Authentication Failures", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Failures\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":5,\"color\":\"#16943E\"},{\"from\":5,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=AuthenticationFailures statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-EDD9E06BB32AEA42", - "title": "Engine CPU Utilization ", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#16943E\"},{\"from\":75,\"to\":85,\"color\":\"#DFBE2E\"},{\"from\":85,\"to\":101,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false},\"gauge\":{\"show\":true,\"min\":0,\"max\":100}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EngineCPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-99CD4FA5B28B0B4C", - "title": "Database Memory Usage", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#16943E\"},{\"from\":75,\"to\":85,\"color\":\"#DFBE2E\"},{\"from\":85,\"to\":101,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false},\"gauge\":{\"show\":true,\"min\":0,\"max\":100}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=DatabaseMemoryUsagePercentage statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel344E0AB5B863A84E", - "title": "Cache Hit Rate", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":85,\"to\":101,\"color\":\"#16943E\"},{\"from\":75,\"to\":85,\"color\":\"#DFBE2E\"},{\"from\":0,\"to\":75,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false},\"gauge\":{\"show\":true}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CacheHitRate statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel989CF605A88D3844", - "title": "Key Authorization Failures", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Failures\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":5,\"color\":\"#16943E\"},{\"from\":5,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=KeyAuthorizationFailures statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | Sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2439E90A96110842", - "title": "Evictions", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Evictions\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=Evictions statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelB9A9D10FBAA24946", - "title": "New Connections", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NewConnections statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8855326E87766846", - "title": "Memory Fragmentation Ratio", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Ratio\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":1,\"to\":1.5,\"color\":\"#16943E\"},{\"from\":0,\"to\":1,\"color\":\"#DFBE2E\"},{\"from\":1.5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=MemoryFragmentationRatio statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5C5F34089624DB45", - "title": "Bytes Used For Cache", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"GB\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":1,\"to\":null,\"color\":\"#16943E\"},{\"from\":0.5,\"to\":1,\"color\":\"#DFBE2E\"},{\"from\":0,\"to\":0.5,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=BytesUsedForCache statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum | eval _value / (1024*1024*1024)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelDFA21075A50A1943", - "title": "Command Authorization Failures", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Failures\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":5,\"color\":\"#16943E\"},{\"from\":5,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CommandAuthorizationFailures statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/elasticache", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/elasticache", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheClusterId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "cacheclusterid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheNodeId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", - "key": "cachenodeid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "4. Amazon ElastiCache - Audit Event Details", - "description": "The Amazon ElastiCache - Audit Event Details dashboard provides detailed insights into key operations made on your ElastiCache clusters.", - "title": "4. Amazon ElastiCache - Audit Event Details", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/elasticache" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-4C321E5190BBC948", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panelE8A325FDA251DB4E", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":0,\"minHeight\":3,\"minWidth\":3}" - }, - { - "key": "panel8DB1C189BCAC284A", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":0,\"minHeight\":3,\"minWidth\":3}" - }, - { - "key": "panelD63592089E8E5A4A", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":0,\"minHeight\":3,\"minWidth\":3}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-4C321E5190BBC948", - "title": "Create, Add, Increase ElastiCache Events", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" (Create* or CreateCacheCluster or CacheClusterProvisioningComplete or AddCacheNodeComplete or IncreaseReplicaCount)\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and (event_name matches \"Create*\" or event_name in (\"CreateCacheCluster\", \"CacheClusterProvisioningComplete\", \"AddCacheNodeComplete\", \"IncreaseReplicaCount\"))\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\", \"cacheSubnetGroupName\", \"vpcId\", \"snapshotRetentionLimit\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId, cachesubnetgroupname, vpcid, snapshotretentionlimit nodrop\n| json field=responseElements \"autoMinorVersionUpgrade\", \"cacheNodeType\", \"numCacheNodes\" as auto_minorversion_upgrade, cachenodetype, numcachenodes nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| res_status as Status\n| timeslice 1s\n| count as Count by _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid // , engine, engine_version, cachesubnetgroupname, vpcid, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes\n| fields _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid // , engine, engine_version, cachesubnetgroupname, vpcid, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes, Count\n| sort by _timeslice", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelE8A325FDA251DB4E", - "title": "Modify ElastiCache Events", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" (Modify* or ModifyCacheCluster or CacheClusterParametersChanged or CacheClusterScalingComplete or CacheClusterSecurityGroupModified or IncreaseReplicaCount or DecreaseReplicaCount)\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and (event_name matches \"Modify*\" or event_name in (\"ModifyCacheCluster\", \"CacheClusterParametersChanged\", \"CacheClusterScalingComplete\", \"CacheClusterSecurityGroupModified\", \"IncreaseReplicaCount\", \"DecreaseReplicaCount\"))\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\", \"snapshotRetentionLimit\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId, snapshotretentionlimit nodrop\n| json field=responseElements \"autoMinorVersionUpgrade\", \"cacheNodeType\", \"numCacheNodes\" as auto_minorversion_upgrade, cachenodetype, numcachenodes nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| res_status as Status\n| timeslice 1s\n| count as Count by _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid // , engine, engine_version, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes\n| fields _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid // , engine, engine_version, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes, Count\n| sort by _timeslice", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8DB1C189BCAC284A", - "title": "Delete, Remove, Decrease, Revoke, Reset ElastiCache Events", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" (Delete* or Remove* or Decrease* or RemoveCacheNodeComplete or DeleteCacheClusterComplete or DecreaseReplicaCount or Revoke* or Reset*)\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and (event_name matches \"Delete*\" or event_name matches \"Remove*\" or event_name matches \"Decrease*\" or event_name matches \"Revoke*\" or event_name matches \"Reset*\" or event_name in (\"RemoveCacheNodeComplete\", \"DeleteCacheClusterComplete\", \"DecreaseReplicaCount\"))\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\", \"snapshotRetentionLimit\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId, snapshotretentionlimit nodrop\n| json field=responseElements \"autoMinorVersionUpgrade\", \"cacheNodeType\", \"numCacheNodes\" as auto_minorversion_upgrade, cachenodetype, numcachenodes nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| res_status as Status\n| timeslice 1s\n| count as Count by _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid //, engine, engine_version, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes\n| fields _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid //, engine, engine_version, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes, Count\n| sort by _timeslice", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelD63592089E8E5A4A", - "title": "Node Reboot ElastiCache Events", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" (Reboot* or CacheNodesRebooted)\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and (event_name matches \"Reboot*\" or event_name=\"CacheNodesRebooted\")\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\", \"res_cacheClusterStatus\", \"snapshotRetentionLimit\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId, res_cacheClusterStatus, snapshotretentionlimit nodrop\n| json field=responseElements \"autoMinorVersionUpgrade\", \"cacheNodeType\", \"numCacheNodes\" as auto_minorversion_upgrade, cachenodetype, numcachenodes nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| eventStatus as status\n| where (tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")) or IsBlank(cacheclusterid)\n| timeslice 1s\n| count as Count by _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid // , engine, engine_version, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes\n| fields _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid // , engine, engine_version, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes, Count\n| sort by _timeslice", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/elasticache", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/elasticache", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheClusterId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "cacheclusterid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheNodeId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", - "key": "cachenodeid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "4. Amazon ElastiCache - Redis Command Stats", - "description": "The Amazon ElastiCache - Redis Command Stats dashboard provides detailed insights into the number of commands being performed.", - "title": "4. Amazon ElastiCache - Redis Command Stats", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/elasticache" - ], - "region": [ - "*" - ], - "cacheclusterid": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-DAD554E4A6BCC843", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":10}" - }, - { - "key": "panelPANE-80FE1A5C8372F84F", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":10}" - }, - { - "key": "panel989CF605A88D3844", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":20}" - }, - { - "key": "panel2439E90A96110842", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":5}" - }, - { - "key": "panelB9A9D10FBAA24946", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":5}" - }, - { - "key": "panel8855326E87766846", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":20}" - }, - { - "key": "panel5C5F34089624DB45", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":0}" - }, - { - "key": "panel213A8089AD47DB49", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":25}" - }, - { - "key": "panel68FD6E1FADC27840", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":15}" - }, - { - "key": "panel0A8F5410B2A40A47", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":25}" - }, - { - "key": "panel99529F87A22CD940", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":0}" - }, - { - "key": "panel509CEF36B7C8AB4B", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":30}" - }, - { - "key": "panel63CB5EBC9B50D943", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":15}" - }, - { - "key": "panelPANE-3A698F8A9F87D943", - "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":0}" - }, - { - "key": "panel4B06F578B4BFEA4B", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":0}" - }, - { - "key": "panel85BF423289A9A849", - "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":5}" - }, - { - "key": "panelD3510977A9100B4C", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":5}" - }, - { - "key": "panel26A5E8FFADB40B43", - "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":10}" - }, - { - "key": "panel45FB62658515F940", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":10}" - }, - { - "key": "panel8B618144B3D12B4F", - "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":15}" - }, - { - "key": "panelF21A4871A2A5EA43", - "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":15,\"minHeight\":3,\"minWidth\":3}" - }, - { - "key": "panel27C8934BB5EF8B4F", - "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":15,\"minHeight\":3,\"minWidth\":3}" - }, - { - "key": "panel4C36770FB66C0A41", - "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":15,\"minHeight\":3,\"minWidth\":3}" - }, - { - "key": "panel2F33FBF99B938942", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":10,\"minHeight\":3,\"minWidth\":3}" - }, - { - "key": "panelA7D4B21DAC6ECA4C", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":10,\"minHeight\":3,\"minWidth\":3}" - }, - { - "key": "panel531765FA95966846", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":10,\"minHeight\":3,\"minWidth\":3}" - }, - { - "key": "panelF914B054A0E02B48", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":25,\"minHeight\":3,\"minWidth\":3}" - }, - { - "key": "panel4900BEC9B252BB4C", - "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":10,\"minHeight\":3,\"minWidth\":3}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-DAD554E4A6BCC843", - "title": "Key Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=KeyBasedCmds statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-80FE1A5C8372F84F", - "title": "String Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StringBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel989CF605A88D3844", - "title": "Set Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2439E90A96110842", - "title": "Set Type Cmds", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetTypeCmds statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelB9A9D10FBAA24946", - "title": "Get Type Cmds", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GetTypeCmds statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8855326E87766846", - "title": "List Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ListBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5C5F34089624DB45", - "title": "Hash Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HashBasedCmds statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel213A8089AD47DB49", - "title": "Sorted Set Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SortedSetBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel68FD6E1FADC27840", - "title": "HyperLogLog Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HyperLogLogBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel0A8F5410B2A40A47", - "title": "Stream Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StreamBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel99529F87A22CD940", - "title": "Eval Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EvalBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel509CEF36B7C8AB4B", - "title": "Geospatial Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GeoSpatialBasedCmds statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel63CB5EBC9B50D943", - "title": "PubSub Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=PubSubBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-3A698F8A9F87D943", - "title": "Eval Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EvalBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4B06F578B4BFEA4B", - "title": "Hash Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HashBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel85BF423289A9A849", - "title": "Get Type Cmds", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GetTypeCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelD3510977A9100B4C", - "title": "Set Type Cmds", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetTypeCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel26A5E8FFADB40B43", - "title": "Key Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=KeyBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel45FB62658515F940", - "title": "String Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StringBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8B618144B3D12B4F", - "title": "PubSub Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=PubSubBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelF21A4871A2A5EA43", - "title": "Set Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel27C8934BB5EF8B4F", - "title": "Sorted Set Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SortedSetBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4C36770FB66C0A41", - "title": "Geospatial Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GeoSpatialBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2F33FBF99B938942", - "title": "HyperLogLog Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HyperLogLogBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA7D4B21DAC6ECA4C", - "title": "List Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ListBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel531765FA95966846", - "title": "Stream Based Cmds", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StreamBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelF914B054A0E02B48", - "title": "All *Cmds", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=*Cmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4900BEC9B252BB4C", - "title": "All *Cmds", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=*Cmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/elasticache", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/elasticache", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheClusterId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "cacheclusterid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "CacheNodeId", - "displayName": null, - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", - "key": "cachenodeid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - } - ] -} \ No newline at end of file diff --git a/aws-observability/json/Rds-App.json b/aws-observability/json/Rds-App.json deleted file mode 100644 index 2431aaec..00000000 --- a/aws-observability/json/Rds-App.json +++ /dev/null @@ -1,17964 +0,0 @@ -{ - "type": "FolderSyncDefinition", - "name": "Amazon RDS", - "description": "The Sumo Logic Amazon RDS app dashboards provide visibility into the performance and operations of your Amazon Relational Database Service (RDS). Preconfigured dashboards allow you to monitor critical metrics of your RDS instance(s) or cluster(s) including CPU, memory, storage, network transmits and receive throughput, read and write operations, database connection count, disk queue depth, and more. CloudTrail Audit dashboards help you monitor activities performed on your RDS infrastructure. MySQL Logs dashboards helps you monitor database errors, slow queries, audit sql queries and generic activities. PostgreSQL logs dashboard help you to monitor database errors, slow queries, database security, and query execution timings.", - "children": [ - { - "type": "DashboardV2SyncDefinition", - "name": "01. Amazon RDS - Overview", - "description": "The Amazon RDS Overview dashboard provides insights into RDS resource statistics and utilization throughout your infrastructure, including CPU, memory, latency, storage, and network throughput.", - "title": "01. Amazon RDS - Overview", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/rds" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "region": [ - "*" - ], - "_sumo_domain_name": [ - "aws" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-4249b61cb6e8fa47", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":15}" - }, - { - "key": "panelpane-46a720e39003884a", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":33}" - }, - { - "key": "panelpane-40e7d821a935684a", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":34}" - }, - { - "key": "panelpane-25c1168ebcaafb4d", - "structure": "{\"height\":5,\"width\":4,\"x\":20,\"y\":15}" - }, - { - "key": "panelpane-c16c7d27adcd1b45", - "structure": "{\"height\":5,\"width\":4,\"x\":16,\"y\":15}" - }, - { - "key": "panelpane-c7b2b0dbba2e4b46", - "structure": "{\"height\":5,\"width\":4,\"x\":4,\"y\":15}" - }, - { - "key": "panelpane-9b2d25eaa1db9845", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":20}" - }, - { - "key": "panelpane-188b131cb1372b44", - "structure": "{\"height\":5,\"width\":4,\"x\":4,\"y\":20}" - }, - { - "key": "panelpane-f111287faf32ca42", - "structure": "{\"height\":5,\"width\":4,\"x\":8,\"y\":15}" - }, - { - "key": "panelpane-89fc811ab849da4f", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":15}" - }, - { - "key": "panelpane-dad8b840bf488947", - "structure": "{\"height\":5,\"width\":4,\"x\":8,\"y\":20}" - }, - { - "key": "panelpane-33d3a97b8753594f", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":20}" - }, - { - "key": "panelpane-906dd2db98e0bb4c", - "structure": "{\"height\":5,\"width\":4,\"x\":16,\"y\":20}" - }, - { - "key": "panelpane-fff436e982ec884e", - "structure": "{\"height\":5,\"width\":4,\"x\":20,\"y\":20}" - }, - { - "key": "panelpane-e17015018151084a", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panelpane-d3b2d8e68fa01a46", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":1}" - }, - { - "key": "panelpane-df1889bc92c61b49", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":40}" - }, - { - "key": "panelpane-6e09f228a5fa6b4f", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":40}" - }, - { - "key": "panelpane-ab8b759c89e43945", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":52}" - }, - { - "key": "panelpane-049268f8aee44948", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":34}" - }, - { - "key": "panelpane-d11fc902a4d24a4d", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":52}" - }, - { - "key": "panelpane-0ff07ba891988a45", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":46}" - }, - { - "key": "panelpane-e316b009aa112845", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":46}" - }, - { - "key": "panelpane-878b2956b5909944", - "structure": "{\"height\":8,\"width\":6,\"x\":0,\"y\":25}" - }, - { - "key": "panelpane-d7f5d0349d12484e", - "structure": "{\"height\":8,\"width\":6,\"x\":6,\"y\":25}" - }, - { - "key": "panelpane-4b33a91dbdca6b47", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":25}" - }, - { - "key": "panelpane-508fb785bf307a46", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":1}" - }, - { - "key": "panelPANE-BC3D8BDE8EF57A47", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":8}" - }, - { - "key": "panelPANE-F6BAC46F84480B42", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":8}" - }, - { - "key": "panelPANE-F768F8C3A4E31B47", - "structure": "{\"height\":3,\"width\":24,\"x\":0,\"y\":58}" - }, - { - "key": "panelPANE-7F38B7AE9E306B4F", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":61}" - }, - { - "key": "panelPANE-CDEEA98780783948", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":61}" - }, - { - "key": "panelPANE-4BD7B6EEA836A941", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":61}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-4249b61cb6e8fa47", - "title": "Avg CPU Utilization", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"option\":\"Latest\",\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#527b01\"},{\"from\":75,\"to\":85,\"color\":\"#b18209\"},{\"from\":85,\"to\":101,\"color\":\"#b63010\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":true,\"min\":0,\"max\":100},\"label\":\"%\",\"labelFontSize\":10}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=CPUUtilization statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-46a720e39003884a", - "title": "Resource Utilization", - "visualSettings": "{\"text\":{\"fontSize\":18,\"alignment\":\"left\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"white\"},\"title\":{\"fontSize\":\"20\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-40e7d821a935684a", - "title": "CPU Usage", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"axes\":{\"axisY\":{\"title\":\"%\"}},\"legend\":{\"enabled\":true},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=CPUUtilization statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-25c1168ebcaafb4d", - "title": "Database Connections", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"option\":\"Latest\",\"label\":\"Connections In use\",\"thresholds\":[{\"from\":null,\"to\":11,\"color\":\"#527b01\"},{\"from\":11,\"to\":21,\"color\":\"#b18209\"},{\"from\":21,\"to\":null,\"color\":\"#b63010\"}],\"labelFontSize\":10,\"noDataString\":\"0\",\"sparkline\":{\"show\":true,\"color\":\"\"},\"rounding\":0}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-c16c7d27adcd1b45", - "title": "Disk Queue Depth", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"option\":\"Latest\",\"label\":\"Queue Length\",\"thresholds\":[{\"from\":null,\"to\":2,\"color\":\"#527b01\"},{\"from\":2,\"to\":5,\"color\":\"#b18209\"},{\"from\":5,\"to\":null,\"color\":\"#b63010\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100},\"labelFontSize\":10,\"noDataString\":\"0\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DiskQueueDepth statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-c7b2b0dbba2e4b46", - "title": "Avg Free Memory", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"GB\",\"thresholds\":[{\"from\":4.1,\"to\":null,\"color\":\"#527b01\"},{\"from\":2.1,\"to\":4.1,\"color\":\"#b18209\"},{\"from\":null,\"to\":2.1,\"color\":\"#b63010\"}],\"rounding\":2,\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=FreeableMemory statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1073741824 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-9b2d25eaa1db9845", - "title": "Read IOPS", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"Operations/Second\",\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ReadIOPS statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-188b131cb1372b44", - "title": "Write IOPS", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"Operations/Second\",\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=WriteIOPS statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-f111287faf32ca42", - "title": "Read Latency", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"Seconds\",\"thresholds\":[{\"from\":null,\"to\":2,\"color\":\"#527b01\"},{\"from\":2,\"to\":5,\"color\":\"#b18209\"},{\"from\":5,\"to\":null,\"color\":\"#b63010\"}],\"labelFontSize\":10,\"noDataString\":\"0\",\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ReadLatency statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-89fc811ab849da4f", - "title": "Write Latency", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"Seconds\",\"thresholds\":[{\"from\":null,\"to\":2,\"color\":\"#527b01\"},{\"from\":2,\"to\":5,\"color\":\"#b18209\"},{\"from\":5,\"to\":null,\"color\":\"#b63010\"}],\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=WriteLatency statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-dad8b840bf488947", - "title": "Read Throughput", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"KB/Second\",\"labelFontSize\":10,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ReadThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1024 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-33d3a97b8753594f", - "title": "Write Throughput", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"KB/Second\",\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=WriteThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1024 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-906dd2db98e0bb4c", - "title": "Network Receive Throughput", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"KB/Second\",\"labelFontSize\":10,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=NetworkReceiveThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1024 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-fff436e982ec884e", - "title": "Network Transmit Throughput", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"KB/Second\",\"labelFontSize\":10,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=NetworkTransmitThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1024 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-e17015018151084a", - "title": "Resource Stats", - "visualSettings": "{\"text\":{\"alignment\":\"left\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"white\"},\"title\":{\"fontSize\":\"20\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-d3b2d8e68fa01a46", - "title": "Average Free Memory (GB)", - "visualSettings": "{\"general\":{\"type\":\"honeyComb\"},\"honeyComb\":{\"groupBy\":[],\"thresholds\":[{\"from\":4.1,\"to\":null,\"color\":\"#75bf00\"},{\"from\":2.1,\"to\":4.1,\"color\":\"#f6c851\"},{\"from\":0,\"to\":2.1,\"color\":\"#f36644\"}]},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=FreeableMemory statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / (1024 * 1024 * 1024) | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-df1889bc92c61b49", - "title": "Network Receive Throughput", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Bytes / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=NetworkReceiveThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-6e09f228a5fa6b4f", - "title": "Network Transmit Throughput", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Bytes / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=NetworkTransmitThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-ab8b759c89e43945", - "title": "Connections Over Time", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Number of Connections\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-049268f8aee44948", - "title": "Average Free Memory (GB)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"GB\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=FreeableMemory statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1073741824 | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-d11fc902a4d24a4d", - "title": "Free Storage Space Over Time", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"GB\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}],\"invisibleSeriesIds\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=FreeStorageSpace statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1073741824 | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-0ff07ba891988a45", - "title": "Read IOPS", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"IOPS\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ReadIOPS statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-e316b009aa112845", - "title": "Write IOPS", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"IOPS\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=WriteIOPS statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-878b2956b5909944", - "title": "Engines Used", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"fillOpacity\":1,\"innerRadius\":30,\"maxNumOfSlices\":10,\"startAngle\":0,\"fontSize\":12,\"paginationPageSize\":100},\"xy\":{\"xDimension\":[],\"yDimension\":[],\"zDimension\":[]},\"legend\":{\"enabled\":false},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{EngineName}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=CPUUtilization statistic=average account={{account}} region={{region}} enginename=* | sum by EngineName, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-d7f5d0349d12484e", - "title": "Database Classes Used", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"fillOpacity\":1,\"innerRadius\":30,\"maxNumOfSlices\":10,\"startAngle\":0,\"fontSize\":12,\"paginationPageSize\":100,\"aggregationType\":\"avg\",\"displayType\":\"default\"},\"xy\":{\"xDimension\":[],\"yDimension\":[],\"zDimension\":[]},\"legend\":{\"enabled\":false},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{databaseclass}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections region={{region}} account={{account}} databaseclass=* statistic=average | avg by databaseclass, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-4b33a91dbdca6b47", - "title": "Database Cluster Details", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"decimals\":2},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"DB_Connections\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by account, region, dbidentifier", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-508fb785bf307a46", - "title": "Average CPU Utilization", - "visualSettings": "{\"general\":{\"type\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":30,\"color\":\"#75bf00\"},{\"from\":30,\"to\":60,\"color\":\"#f6c851\"},{\"from\":60,\"to\":101,\"color\":\"#f36644\"}],\"groupBy\":[]}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=CPUUtilization statistic=Average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-BC3D8BDE8EF57A47", - "title": "Disk Queue Depth", - "visualSettings": "{\"general\":{\"type\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":2,\"color\":\"#75bf00\"},{\"from\":2,\"to\":5,\"color\":\"#f6c851\"},{\"from\":5,\"to\":null,\"color\":\"#f36644\"}],\"groupBy\":[]}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DiskQueueDepth statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-F6BAC46F84480B42", - "title": "Database Connections In Use", - "visualSettings": "{\"general\":{\"type\":\"honeyComb\"},\"honeyComb\":{\"groupBy\":[]}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-F768F8C3A4E31B47", - "title": "RDS Performance Insights", - "visualSettings": "{\"text\":{\"format\":\"markdown\",\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":20},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": " - __DBLoad__: The number of active sessions for the DB engine. Typically, you want the data for the average number of active sessions. In Performance Insights, this data is queried as db.load.avg.\n\n - __DBLoadCPU__: The number of active sessions where the wait event type is CPU. In Performance Insights, this data is queried as db.load.avg, filtered by the wait event type CPU.\n\n - __DBLoadNonCPU__: The number of active sessions where the wait event type is not CPU." - }, - { - "id": null, - "key": "panelPANE-7F38B7AE9E306B4F", - "title": "Relative DB Load", - "visualSettings": "{\"general\":{\"type\":\"honeyComb\"},\"honeyComb\":{\"groupBy\":[]}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DBLoad statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-CDEEA98780783948", - "title": "Relative DB Load CPU", - "visualSettings": "{\"general\":{\"type\":\"honeyComb\"},\"honeyComb\":{\"groupBy\":[]}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DBLoadCPU statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-4BD7B6EEA836A941", - "title": "Relative DB Load Non CPU", - "visualSettings": "{\"general\":{\"type\":\"honeyComb\"},\"honeyComb\":{\"groupBy\":[]}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DBLoadNonCPU statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "01. Amazon RDS - Overview By Database Instance", - "description": "The Amazon RDS Overview By Database Instance dashboard provides insights into resource statistics and utilization per database instance throughout your infrastructure. Panels display data for CPU, memory, latency, storage, and network throughput per database instance.", - "title": "01. Amazon RDS - Overview By Database Instance", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-4249b61cb6e8fa47", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":1}" - }, - { - "key": "panelpane-46a720e39003884a", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":21}" - }, - { - "key": "panelpane-40e7d821a935684a", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":22}" - }, - { - "key": "panelpane-25c1168ebcaafb4d", - "structure": "{\"height\":5,\"width\":4,\"x\":16,\"y\":1}" - }, - { - "key": "panelpane-c16c7d27adcd1b45", - "structure": "{\"height\":5,\"width\":4,\"x\":20,\"y\":1}" - }, - { - "key": "panelpane-c7b2b0dbba2e4b46", - "structure": "{\"height\":5,\"width\":4,\"x\":8,\"y\":1}" - }, - { - "key": "panelpane-819aa9e99cec6843", - "structure": "{\"height\":5,\"width\":4,\"x\":16,\"y\":11}" - }, - { - "key": "panelpane-62e15a4a9a790b40", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":1}" - }, - { - "key": "panelpane-9b2d25eaa1db9845", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":11}" - }, - { - "key": "panelpane-188b131cb1372b44", - "structure": "{\"height\":5,\"width\":4,\"x\":4,\"y\":11}" - }, - { - "key": "panelpane-f111287faf32ca42", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":6}" - }, - { - "key": "panelpane-89fc811ab849da4f", - "structure": "{\"height\":5,\"width\":4,\"x\":4,\"y\":6}" - }, - { - "key": "panelpane-dad8b840bf488947", - "structure": "{\"height\":5,\"width\":4,\"x\":8,\"y\":6}" - }, - { - "key": "panelpane-33d3a97b8753594f", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":6}" - }, - { - "key": "panelpane-906dd2db98e0bb4c", - "structure": "{\"height\":5,\"width\":4,\"x\":8,\"y\":11}" - }, - { - "key": "panelpane-fff436e982ec884e", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":11}" - }, - { - "key": "panelpane-bc5d63a4b5091947", - "structure": "{\"height\":5,\"width\":4,\"x\":20,\"y\":11}" - }, - { - "key": "panelpane-5b22c23f9876984a", - "structure": "{\"height\":5,\"width\":4,\"x\":16,\"y\":6}" - }, - { - "key": "panelpane-d7b4a059acb14a47", - "structure": "{\"height\":5,\"width\":4,\"x\":20,\"y\":6}" - }, - { - "key": "panelpane-e17015018151084a", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panelpane-df1889bc92c61b49", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":28}" - }, - { - "key": "panelpane-6e09f228a5fa6b4f", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":28}" - }, - { - "key": "panelpane-ab8b759c89e43945", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":40}" - }, - { - "key": "panelpane-049268f8aee44948", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":22}" - }, - { - "key": "panelpane-d11fc902a4d24a4d", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":40}" - }, - { - "key": "panelpane-0ff07ba891988a45", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":34}" - }, - { - "key": "panelpane-e316b009aa112845", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":34}" - }, - { - "key": "panelpane-d39432b9a27b684c", - "structure": "{\"height\":5,\"width\":4,\"x\":4,\"y\":1}" - }, - { - "key": "panelpane-9f1acb56b7178844", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":16}" - }, - { - "key": "panelpane-165cb00db08b1a41", - "structure": "{\"height\":5,\"width\":4,\"x\":4,\"y\":16}" - }, - { - "key": "panelpane-23e24294809c884c", - "structure": "{\"height\":5,\"width\":4,\"x\":8,\"y\":16}" - }, - { - "key": "panelpane-24a914cf8d51ea47", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":16}" - }, - { - "key": "panelpane-68f9b87e8443ba46", - "structure": "{\"height\":5,\"width\":4,\"x\":16,\"y\":16}" - }, - { - "key": "panelpane-8bf347c6819b4b4b", - "structure": "{\"height\":5,\"width\":4,\"x\":20,\"y\":16}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-4249b61cb6e8fa47", - "title": "Avg CPU Utilization", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"option\":\"Latest\",\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#527b01\"},{\"from\":75,\"to\":85,\"color\":\"#b18209\"},{\"from\":85,\"to\":101,\"color\":\"#b63010\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":true,\"min\":0,\"max\":100},\"label\":\"%\",\"labelFontSize\":10}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=CPUUtilization statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-46a720e39003884a", - "title": "Resource Utilization", - "visualSettings": "{\"text\":{\"fontSize\":18,\"alignment\":\"left\",\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-40e7d821a935684a", - "title": "CPU Usage", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"axes\":{\"axisY\":{\"title\":\"%\"}},\"legend\":{\"enabled\":true},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=CPUUtilization statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-25c1168ebcaafb4d", - "title": "Database Connections", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"option\":\"Latest\",\"label\":\"Connections In use\",\"thresholds\":[{\"from\":null,\"to\":11,\"color\":\"#527b01\"},{\"from\":11,\"to\":21,\"color\":\"#b18209\"},{\"from\":21,\"to\":null,\"color\":\"#b63010\"}],\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"},\"rounding\":0}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-c16c7d27adcd1b45", - "title": "Disk Queue Depth", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"option\":\"Latest\",\"label\":\"Queue Length\",\"thresholds\":[{\"from\":null,\"to\":2,\"color\":\"#527b01\"},{\"from\":2,\"to\":5,\"color\":\"#b18209\"},{\"from\":5,\"to\":null,\"color\":\"#b63010\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100},\"labelFontSize\":10}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DiskQueueDepth statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-c7b2b0dbba2e4b46", - "title": "Avg Free Memory (GB)", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"GB\",\"thresholds\":[{\"from\":4.1,\"to\":null,\"color\":\"#527b01\"},{\"from\":2.1,\"to\":4.1,\"color\":\"#b18209\"},{\"from\":null,\"to\":2.1,\"color\":\"#b63010\"}],\"rounding\":2,\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=FreeableMemory statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1073741824 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-819aa9e99cec6843", - "title": "Bin Log Disk Usage", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"KB\",\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"labelFontSize\":10,\"rounding\":2,\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=BinLogDiskUsage statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1024 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-62e15a4a9a790b40", - "title": "Avg Free Storage Space", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"GB\",\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"rounding\":2,\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=FreeStorageSpace statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1073741824 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-9b2d25eaa1db9845", - "title": "Read IOPS", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"Operations/Second.\",\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ReadIOPS statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-188b131cb1372b44", - "title": "Write IOPS", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"Operations/Second\",\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=WriteIOPS statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-f111287faf32ca42", - "title": "Read Latency", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"Seconds\",\"thresholds\":[{\"from\":null,\"to\":2,\"color\":\"#527b01\"},{\"from\":2,\"to\":5,\"color\":\"#b18209\"},{\"from\":5,\"to\":null,\"color\":\"#b63010\"}],\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ReadLatency statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-89fc811ab849da4f", - "title": "Write Latency", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"Seconds\",\"thresholds\":[{\"from\":null,\"to\":2,\"color\":\"#527b01\"},{\"from\":2,\"to\":5,\"color\":\"#b18209\"},{\"from\":5,\"to\":null,\"color\":\"#b63010\"}],\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=WriteLatency statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-dad8b840bf488947", - "title": "Read Throughput", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"KB/Second\",\"labelFontSize\":10,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ReadThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1024 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-33d3a97b8753594f", - "title": "Write Throughput", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"KB/Seconds\",\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=WriteThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1024 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-906dd2db98e0bb4c", - "title": "Network Receive Throughput", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"KB/Second\",\"labelFontSize\":10,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=NetworkReceiveThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1024 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-fff436e982ec884e", - "title": "Network Transmit Throughput", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"KB/Second\",\"labelFontSize\":10,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=NetworkTransmitThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1024 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-bc5d63a4b5091947", - "title": "Swap Usage", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"MB\",\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=SwapUsage statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1048576 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-5b22c23f9876984a", - "title": "CPU Credit Usage", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"vCPU-minutes\",\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=CPUCreditUsage statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "(T2 instances) The number of CPU credits spent by the instance for CPU utilization.", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-d7b4a059acb14a47", - "title": "CPU Credit Balance", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"vCPU-minutes\",\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"labelFontSize\":10,\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=CPUCreditBalance statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "\t(T2 instances) The number of earned CPU credits that an instance has accrued since it was launched or started. For T2 Standard, the CPUCreditBalance also includes the number of launch credits that have been accrued.", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-e17015018151084a", - "title": "Resource Stats", - "visualSettings": "{\"text\":{\"alignment\":\"left\",\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-df1889bc92c61b49", - "title": "Network Receive Throughput", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Bytes / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=NetworkReceiveThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-6e09f228a5fa6b4f", - "title": "Network Transmit Throughput", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Bytes / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=NetworkTransmitThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-ab8b759c89e43945", - "title": "Database Connections In Use", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Number of Connections\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-049268f8aee44948", - "title": "Free Memory (GB)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"GB\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=FreeableMemory statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1073741824 | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-d11fc902a4d24a4d", - "title": "Free Storage Space", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"GB\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=FreeStorageSpace statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1073741824 | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-0ff07ba891988a45", - "title": "Read IOPS", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"IOPS\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ReadIOPS statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-e316b009aa112845", - "title": "Write IOPS", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"IOPS\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=WriteIOPS statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-d39432b9a27b684c", - "title": "Burst Balance", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"%\",\"labelFontSize\":10,\"thresholds\":[{\"from\":85,\"to\":101,\"color\":\"#527b01\"},{\"from\":75,\"to\":85,\"color\":\"#b18209\"},{\"from\":0,\"to\":75,\"color\":\"#b63010\"}],\"option\":\"Latest\",\"gauge\":{\"show\":true},\"sparkline\":{\"show\":true,\"color\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=BurstBalance statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "\t\nThe percent of General Purpose SSD (gp2) burst-bucket I/O credits available", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-9f1acb56b7178844", - "title": "Max Used Transaction IDs", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Maximum\",\"label\":\"Count\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false},\"labelFontSize\":10}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=MaximumUsedTransactionIDs statistic=maximum account={{account}} region={{region}} dbidentifier={{dbidentifier}} | max", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-165cb00db08b1a41", - "title": "Transaction Logs Disk Usage", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"GB\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false},\"labelFontSize\":10}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=TransactionLogsDiskUsage statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1024 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-23e24294809c884c", - "title": "Transaction Logs Generation", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"KB/Second\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false},\"labelFontSize\":10}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=TransactionLogsGeneration statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / 1024 | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-24a914cf8d51ea47", - "title": "Oldest Replication Slot Lag", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"MB\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false},\"labelFontSize\":10}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=OldestReplicationSlotLag statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-68f9b87e8443ba46", - "title": "Replication Slot Disk Usage", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"MB\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false},\"labelFontSize\":10}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ReplicationSlotDiskUsage statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-8bf347c6819b4b4b", - "title": "Replica Lag", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Seconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false},\"labelFontSize\":10}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ReplicaLag statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "02. Amazon RDS - CloudTrail Audit Events", - "description": "The Amazon RDS CloudTrail Audit Events dashboard provides insights into audit events of your database clusters.", - "title": "02. Amazon RDS - CloudTrail Audit Events", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/rds" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-A04288C2A237EB46", - "structure": "{\"height\":9,\"width\":12,\"x\":0,\"y\":0}" - }, - { - "key": "panelPANE-71AA09498BB6D946", - "structure": "{\"height\":9,\"width\":12,\"x\":12,\"y\":0}" - }, - { - "key": "panelPANE-F8BE33E491B91848", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":9}" - }, - { - "key": "panelPANE-30579457B90CCB42", - "structure": "{\"height\":6,\"width\":11,\"x\":13,\"y\":9}" - }, - { - "key": "panelPANE-4834DC7D8AEF7B47", - "structure": "{\"height\":6,\"width\":7,\"x\":6,\"y\":9}" - }, - { - "key": "panelPANE-BD86AC76BB36F84D", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":15}" - }, - { - "key": "panelPANE-E63F0315B9D45A42", - "structure": "{\"height\":6,\"width\":18,\"x\":6,\"y\":15}" - }, - { - "key": "panelPANE-750E1A6CA27EEB4D", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":21}" - }, - { - "key": "panelPANE-1F55A2608352DA48", - "structure": "{\"height\":6,\"width\":18,\"x\":6,\"y\":21}" - }, - { - "key": "panelPANE-CC660D25B034AA44", - "structure": "{\"height\":6,\"width\":9,\"x\":6,\"y\":27}" - }, - { - "key": "panelPANE-469F20CF9413EA4E", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":33}" - }, - { - "key": "panelPANE-B0B0F243BB40184F", - "structure": "{\"height\":6,\"width\":9,\"x\":15,\"y\":27}" - }, - { - "key": "panelPANE-AD8F9E7BB14C484D", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":27}" - }, - { - "key": "panelPANE-F529A82EA659C844", - "structure": "{\"height\":9,\"width\":24,\"x\":0,\"y\":39}" - }, - { - "key": "panel30BDB1C4ACBA684A", - "structure": "{\"height\":6,\"width\":9,\"x\":6,\"y\":33}" - }, - { - "key": "panel209708ACA1D8AA48", - "structure": "{\"height\":6,\"width\":9,\"x\":15,\"y\":33}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-A04288C2A237EB46", - "title": "Location of Successful Events ", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\"},\"title\":{\"fontSize\":16},\"map\":{\"layerType\":\"Cluster\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" !errorCode account={{account}} Namespace={{namespace}} region={{region}} sourceIPAddress\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\") and isEmpty(error_code)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\"\n| if (isEmpty(userName), user, userName) as user\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isnull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-71AA09498BB6D946", - "title": "Location of Failure Events", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\"},\"title\":{\"fontSize\":16},\"map\":{\"layerType\":\"Cluster\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" errorCode account={{account}} Namespace={{namespace}} region={{region}} sourceIPAddress\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\") and !isEmpty(error_code)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\"\n| if (isEmpty(userName), user, userName) as user\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isnull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-F8BE33E491B91848", - "title": "Event Status", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":false},\"overrides\":[{\"series\":[\"Failure\"],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#f36644\",\"type\":\"pie\"}},{\"series\":[\"Success\"],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#75bf00\",\"type\":\"pie\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop \n| where event_source = \"rds.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isBlank(dbidentifier)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| count by event_status\n| sort by _count, event_status asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-30579457B90CCB42", - "title": "Top 10 Error Codes", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and !isEmpty(error_code)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isBlank(dbidentifier)\n| count as Frequency by error_code, error_message\n| top 10 error_code, error_message by Frequency, error_code asc, error_message asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-4834DC7D8AEF7B47", - "title": "Event Status Trend", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[\"Failure\"],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#f36644\",\"type\":\"column\"}},{\"series\":[\"Success\"],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#75bf00\",\"type\":\"column\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isBlank(dbidentifier)\n| timeslice 15m\n| count by _timeslice, event_status\n| fillmissing timeslice(15m), values (\"Success\", \"Failure\") in event_status\n| transpose row _timeslice column event_status", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-BD86AC76BB36F84D", - "title": "Failed Events", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":false},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and !isEmpty(error_code)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isBlank(dbidentifier)\n| if (isEmpty(userName), user, userName) as user\n| count as event_count by event_name\n| sort by event_count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-E63F0315B9D45A42", - "title": "Failed Event Details", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and !isEmpty(error_code)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isBlank(dbidentifier)\n| timeslice 1s\n| count as Frequency by _timeslice, event_name, error_code, error_message, src_ip, user, type, requestID, user_agent, region, accountId, dBClusterIdentifier, dBInstanceIdentifier\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-750E1A6CA27EEB4D", - "title": "Successful Events", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":false},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" !errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop \n| where event_source = \"rds.amazonaws.com\" and isBlank(error_code)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isBlank(dbidentifier)\n| count as event_count by event_name\n| sort by event_count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-1F55A2608352DA48", - "title": "Successful Event Details", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" !errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and isBlank(error_code)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isBlank(dbidentifier)\n| timeslice 1s\n| count as Frequency by _timeslice, event_name, src_ip, user, type, requestId, user_agent, region, accountId, dBClusterIdentifier, dBInstanceIdentifier\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-CC660D25B034AA44", - "title": "Top Users", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop \n| where event_source = \"rds.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\"\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| count as Frequency by type, user\n| topk(10, Frequency) by type | fields -_rank", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-469F20CF9413EA4E", - "title": "Most Active Engine", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" engine account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\"\n| json \"requestParameters.engine\", \"responseElements.engine\" as engine1, engine2 nodrop\n| if (!isEmpty(engine1), engine1, engine2) as engine\n| where !isEmpty(engine)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\"\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| count as Frequency by engine\n| sort by Frequency, engine asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-B0B0F243BB40184F", - "title": "Events Trend by Event Name", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isBlank(dbidentifier)\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| timeslice 15m\n| count as Frequency by _timeslice, event_name\n| transpose row _timeslice column event_name", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-AD8F9E7BB14C484D", - "title": "Events by User", - "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"hiddenQueryKeys\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop \n| where event_source = \"rds.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isBlank(dbidentifier)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| count by user, event_name | sort by _count, user asc, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-F529A82EA659C844", - "title": "Database Events from Known Malicious IP Addresses", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}} sourceIPAddress\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\")\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isBlank(dbidentifier)\n| count by src_ip, event_name, user, user_agent\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=src_ip\n| where malicious_confidence = \"high\"\n| json field=raw \"labels[*].name\" as label_name nodrop\n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sort by _count\n| fields src_ip, event_name, user, user_agent, type, actor, malicious_confidence", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel30BDB1C4ACBA684A", - "title": "Rebooted DB Instance or Cluster", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" engine account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and event_name = \"RebootDBInstance\"\n| json \"requestParameters.engine\", \"responseElements.engine\" as engine1, engine2 nodrop\n| if (!isEmpty(engine1), engine1, engine2) as engine\n| where !isEmpty(engine)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isBlank(dbidentifier)\n| timeslice 1s\n| count as Frequency by _timeslice, dbidentifier\n| sort by _timeslice, dbidentifier\n| limit 100 ", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel209708ACA1D8AA48", - "title": "Stopped DB Instance or Cluster", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" engine account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and event_name = \"StopDBInstance\"\n| json \"requestParameters.engine\", \"responseElements.engine\" as engine1, engine2 nodrop\n| if (!isEmpty(engine1), engine1, engine2) as engine\n| where !isEmpty(engine)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"dBInstanceIdentifier\", \"resourceName\", \"dBClusterIdentifier\" as dBInstanceIdentifier1, resourceName, dBClusterIdentifier1 nodrop\n| json field=responseElements \"dBInstanceIdentifier\" as dBInstanceIdentifier3 nodrop | json field=responseElements \"dBClusterIdentifier\" as dBClusterIdentifier3 nodrop\n| parse field=resourceName \"arn:*:rds:*:db:*\" as arn_part, f1, dBInstanceIdentifier2 nodrop | parse field=resourceName \"arn:*:rds:*:cluster:*\" as arn_part, f1, dBClusterIdentifier2 nodrop\n| if (resourceName matches \"arn:*:rds:*:db:*\", dBInstanceIdentifier2, if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier3) ) as dBInstanceIdentifier\n| if (resourceName matches \"arn:*:rds:*:cluster:*\", dBClusterIdentifier2, if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier3) ) as dBClusterIdentifier\n| if (isEmpty(dBInstanceIdentifier), dBClusterIdentifier, dBInstanceIdentifier) as dbidentifier | tolowercase(dbidentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isBlank(dbidentifier)\n| timeslice 1s\n| count as Frequency by _timeslice, dbidentifier\n| sort by _timeslice, dbidentifier\n| limit 100 ", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "02. Amazon RDS - Performance Insights", - "description": "The Amazon RDS Performance Insights dashboard provides intuitive performance data from throughout your RDS infrastructure across CPU load, non CPU load, active sessions, and performance trends.", - "title": "02. Amazon RDS - Performance Insights", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-c9f5a361a49c3a4a", - "structure": "{\"height\":4,\"width\":8,\"x\":0,\"y\":4}" - }, - { - "key": "panelpane-91d7cba085e2ab4a", - "structure": "{\"height\":4,\"width\":8,\"x\":8,\"y\":4}" - }, - { - "key": "panelpane-0aeca248b59a9a43", - "structure": "{\"height\":4,\"width\":8,\"x\":16,\"y\":4}" - }, - { - "key": "panelpane-9a779317b2bb494b", - "structure": "{\"height\":4,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panelpane-7fb660d7a48f4948", - "structure": "{\"height\":7,\"width\":8,\"x\":0,\"y\":8}" - }, - { - "key": "panelpane-6e8aa3d39e29bb4a", - "structure": "{\"height\":7,\"width\":8,\"x\":8,\"y\":8}" - }, - { - "key": "panelpane-b8d3c475a9c06b4f", - "structure": "{\"height\":7,\"width\":8,\"x\":16,\"y\":8}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-c9f5a361a49c3a4a", - "title": "DB Load", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"Active Session Count\",\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"labelFontSize\":10}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DBLoad statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-91d7cba085e2ab4a", - "title": "DB Load CPU", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"Active Session Count\",\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"labelFontSize\":10}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DBLoadCPU statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-0aeca248b59a9a43", - "title": "DB Load Non CPU", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"label\":\"Active Session Count\",\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"labelFontSize\":10}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DBLoadNonCPU statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-9a779317b2bb494b", - "title": "RDS Performance Insights", - "visualSettings": "{\"text\":{\"format\":\"markdown\",\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":20}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": " - __DBLoad__: The number of active sessions for the DB engine. Typically, you want the data for the average number of active sessions. In Performance Insights, this data is queried as db.load.avg.\n\n - __DBLoadCPU__: The number of active sessions where the wait event type is CPU. In Performance Insights, this data is queried as db.load.avg, filtered by the wait event type CPU.\n\n - __DBLoadNonCPU__: The number of active sessions where the wait event type is not CPU.\n \nTo enable Performance Insight on database instance read AWS document at https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.Enabling.html" - }, - { - "id": null, - "key": "panelpane-7fb660d7a48f4948", - "title": "DB Load", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Active Session Count\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DBLoad statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-6e8aa3d39e29bb4a", - "title": "DB Load CPU", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Active Session Count\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DBLoadCPU statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-b8d3c475a9c06b4f", - "title": "DB Load Non CPU", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"markerSize\":\"5\",\"markerType\":\"none\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Active Session Count\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DBLoadNonCPU statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "03. Amazon RDS - Aurora Generic", - "description": "The Amazon RDS Aurora Generic dashboard provides generic AWS Aurora performance statistics across your infrastructure for uptime, replica lag, latency, network throughput, volume, and storage.", - "title": "03. Amazon RDS - Aurora Generic", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-863e806b833b7948", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":0}" - }, - { - "key": "panelpane-cc0db7739c9ff945", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":6}" - }, - { - "key": "panelpane-ac000a2a8114584a", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":12}" - }, - { - "key": "panelpane-c492a7ae968a4843", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":18}" - }, - { - "key": "panelpane-f4839d6caede284b", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":12}" - }, - { - "key": "panelpane-eb70679d91c6c84e", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":12}" - }, - { - "key": "panelpane-528ead76937c0844", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":24}" - }, - { - "key": "panelpane-b01f015e9a044947", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":18}" - }, - { - "key": "panelpane-173df1c08ab79947", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":18}" - }, - { - "key": "panelpane-8e2c051ea4133b49", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":30}" - }, - { - "key": "panelpane-e86c8b1ab7ee7b4d", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":24}" - }, - { - "key": "panelpane-648303fe9bbc0949", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":24}" - }, - { - "key": "panelpane-a96b33e1abf59940", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":36}" - }, - { - "key": "panelpane-8525e66b8d7f0b46", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":30}" - }, - { - "key": "panelpane-68cc8b318181684c", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":30}" - }, - { - "key": "panelpane-c138d30d97dc1944", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":6}" - }, - { - "key": "panelPANE-1955E9F893A93947", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":0}" - }, - { - "key": "panelPANE-6930432F98A16844", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":0}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-863e806b833b7948", - "title": "Aurora Replica Lag", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Milliseconds\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AuroraReplicaLag statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-cc0db7739c9ff945", - "title": "Aurora Replica Lag Maximum", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Milliseconds\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AuroraReplicaLagMaximum statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-ac000a2a8114584a", - "title": "Aurora Replica Lag Minimum", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Milliseconds\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AuroraReplicaLagMinimum statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-c492a7ae968a4843", - "title": "Free Local Storage", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"GB\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=FreeLocalStorage statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / (1024 * 1024 * 1024) | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-f4839d6caede284b", - "title": "Network Throughput", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Bytes / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=NetworkThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-eb70679d91c6c84e", - "title": "Buffer Cache Hit Ratio", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"%\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=BufferCacheHitRatio statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-528ead76937c0844", - "title": "Deadlocks", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Deadlock Count\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=Deadlocks statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-b01f015e9a044947", - "title": "Commit Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Milliseconds\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=CommitLatency statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-173df1c08ab79947", - "title": "Commit Throughput", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Operations / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=CommitThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-8e2c051ea4133b49", - "title": "Volume Bytes Used", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"axes\":{\"axisY\":{\"title\":\"MB\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=VolumeBytesUsed statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | eval _value / (1024*1024) | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-e86c8b1ab7ee7b4d", - "title": "Volume Read IOPs", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"axes\":{\"axisY\":{\"title\":\"Number of Billed Read I/O Operations\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=VolumeReadIOPs statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-648303fe9bbc0949", - "title": "Volume Write IOPs", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"axes\":{\"axisY\":{\"title\":\"Number of Write Disk I/O Operations\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=VolumeWriteIOPs statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-a96b33e1abf59940", - "title": "Backup Retention Period Storage Used", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"axes\":{\"axisY\":{\"title\":\"Gibibytes (GiB)\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=BackupRetentionPeriodStorageUsed statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-8525e66b8d7f0b46", - "title": "Snapshot Storage Used", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"axes\":{\"axisY\":{\"title\":\"Gibibytes (GiB)\",\"labelFontSize\":12}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=SnapshotStorageUsed statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-68cc8b318181684c", - "title": "Total Backup Storage Billed by Engine", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"axes\":{\"axisY\":{\"title\":\"Gibibytes (GiB)\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{enginename}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=TotalBackupStorageBilled statistic=average account={{account}} region={{region}} EngineName=* | avg by account, region, namespace, EngineName", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-c138d30d97dc1944", - "title": "RDS To Aurora PostgreSQL Replica Lag", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"axes\":{\"axisY\":{\"title\":\"Seconds\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=RDSToAuroraPostgreSQLReplicaLag statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-1955E9F893A93947", - "title": "Buffer Cache Hit Ratio", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Hit Ratio\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":50,\"color\":\"#f36644\"},{\"from\":50,\"to\":80,\"color\":\"#f6c851\"},{\"from\":80,\"to\":null,\"color\":\"#75bf00\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=BufferCacheHitRatio statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-6930432F98A16844", - "title": "Engine Up Time", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Days\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=EngineUptime statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg | eval (_value / (3600 * 24))", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "03. Amazon RDS - Non-Describe CloudTrail Audit Events", - "description": "The Amazon RDS Non-Describe CloudTrail Audit Events dashboard provides statistical and detailed insights into Non-Describe DB Instance, SnapShot, Cluster, Security group events.", - "title": "03. Amazon RDS - Non-Describe CloudTrail Audit Events", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-6F1BBCF58FBA1B46", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panelPANE-CA7923E58BBB9B4E", - "structure": "{\"height\":13,\"width\":6,\"x\":0,\"y\":1}" - }, - { - "key": "panelPANE-D414E7689615EA49", - "structure": "{\"height\":7,\"width\":18,\"x\":6,\"y\":1}" - }, - { - "key": "panelPANE-22D39E5D9E0A8B4B", - "structure": "{\"height\":6,\"width\":18,\"x\":6,\"y\":8}" - }, - { - "key": "panelPANE-EBB48E3C8CC5C947", - "structure": "{\"height\":8,\"width\":5,\"x\":0,\"y\":15}" - }, - { - "key": "panelPANE-E8F74BED8B385A4B", - "structure": "{\"height\":8,\"width\":19,\"x\":5,\"y\":15}" - }, - { - "key": "panelPANE-9BD4B0B38C32EB4C", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":23}" - }, - { - "key": "panelPANE-CAB81959BB8A2B4C", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":24}" - }, - { - "key": "panelPANE-A9CDC7B5A58E9849", - "structure": "{\"height\":6,\"width\":19,\"x\":5,\"y\":24}" - }, - { - "key": "panelPANE-14271FE9A2992B40", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":14}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-6F1BBCF58FBA1B46", - "title": "Non-Describe DB Events ", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\"},\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelPANE-CA7923E58BBB9B4E", - "title": "DB Events", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":false},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"rds.amazonaws.com\\\"\" !Describe* !List* account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and !(event_name matches \"Describe*DBInstance*\") and !(event_name matches \"Describe*DBCluster*\") and !(event_name matches \"*DB*Snapshot*\")\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"engine\", \"dBInstanceClass\", \"dBClusterIdentifier\", \"dBInstanceIdentifier\", \"dBSnapshotIdentifier\", \"dBParameterGroupName\", \"dBClusterParameterGroupName\", \"optionGroupName\" as engine1, dBInstanceClass1, dBClusterIdentifier1, dBInstanceIdentifier1, dBSnapshotIdentifier, dBParameterGroupName, dBClusterParameterGroupName, optionGroupName nodrop \n| json field=responseElements \"dBName\", \"engine\", \"dBInstanceClass\", \"dBClusterIdentifier\", \"dBInstanceIdentifier\" as dbName, engine2, dBInstanceClass2, dBClusterIdentifier2, dBInstanceIdentifier2 nodrop\n| concat (dBInstanceIdentifier1, dBInstanceIdentifier2) as dBInstanceIdentifier | concat (engine1, engine2) as engine | concat (dBInstanceClass1, dBInstanceClass2) as dBInstanceClass | concat (dBClusterIdentifier1, dBClusterIdentifier2) as dBClusterIdentifier\n| if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier) as dBInstanceIdentifier\n| if (!isEmpty(engine1), engine1, engine) as engine\n| if (!isEmpty(dBInstanceClass1), dBInstanceClass1, dBInstanceClass) as dBInstanceClass\n| if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier) as dBClusterIdentifier\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| if (!isEmpty(dBInstanceIdentifier),dBInstanceIdentifier,dBClusterIdentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isempty(dbidentifier)\n| count as event_count by event_name\n| sort by event_count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-D414E7689615EA49", - "title": "DB Event Details", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"rds.amazonaws.com\\\"\" !Describe* !List* !*DB*Snapshot* !StartDB* !StopDB* !RebootDBInstance !RebootDBCluster account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and !(event_name matches \"Describe*DBInstance*\") and !(event_name matches \"Describe*DBCluster*\") and !(event_name in (\"StartDBInstance\", \"StopDBInstance\", \"RebootDBInstance\",\"RebootDBCluster\"))\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"engine\", \"dBInstanceClass\", \"dBClusterIdentifier\", \"dBInstanceIdentifier\", \"dBSnapshotIdentifier\", \"dBParameterGroupName\", \"dBClusterParameterGroupName\", \"optionGroupName\" as engine1, dBInstanceClass1, dBClusterIdentifier1, dBInstanceIdentifier1, dBSnapshotIdentifier, dBParameterGroupName, dBClusterParameterGroupName, optionGroupName nodrop \n| json field=responseElements \"dBName\", \"engine\", \"dBInstanceClass\", \"dBClusterIdentifier\", \"dBInstanceIdentifier\", \"dBClusterInstanceClass\" as dbName, engine2, dBInstanceClass2, dBClusterIdentifier2, dBInstanceIdentifier2, dBClusterInstanceClass nodrop\n| concat (dBInstanceIdentifier1, dBInstanceIdentifier2) as dBInstanceIdentifier | concat (engine1, engine2) as engine | concat (dBInstanceClass1, dBInstanceClass2) as dBInstanceClass | concat (dBClusterIdentifier1, dBClusterIdentifier2) as dBClusterIdentifier\n| if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier) as dBInstanceIdentifier\n| if (!isEmpty(engine1), engine1, engine) as engine\n| if (!isEmpty(dBInstanceClass1), dBInstanceClass1, dBInstanceClass) as dBInstanceClass\n| if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier) as dBClusterIdentifier\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| if (!isEmpty(dBInstanceIdentifier),dBInstanceIdentifier,dBClusterIdentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isempty(dbidentifier)\n| count as Frequency by eventTime, event_name, dbidentifier, engine, user, region, src_ip, event_status, dBInstanceClass, dBClusterInstanceClass, dbName, dBParameterGroupName, dBClusterParameterGroupName, optionGroupName, dBSnapshotIdentifier, error_code, error_message\n| sort by eventTime | limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-22D39E5D9E0A8B4B", - "title": "Start, Stop, Reboot DB Events", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"rds.amazonaws.com\\\"\" (StartDB* or StopDB* or RebootDBInstance or RebootDBCluster) account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and event_name in (\"StartDBInstance\", \"StartDBCluster\", \"StopDBInstance\", \"StopDBCluster\", \"RebootDBInstance\",\"RebootDBCluster\")\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"engine\", \"dBInstanceClass\", \"dBClusterIdentifier\", \"dBInstanceIdentifier\", \"dBSnapshotIdentifier\" as engine1, dBInstanceClass1, dBClusterIdentifier1, dBInstanceIdentifier1, dBSnapshotIdentifier nodrop \n| json field=responseElements \"dBName\", \"engine\", \"dBInstanceClass\", \"dBClusterIdentifier\", \"dBInstanceIdentifier\", \"dBClusterInstanceClass\", \"databaseName\" as dbName, engine2, dBInstanceClass2, dBClusterIdentifier2, dBInstanceIdentifier2, dBClusterInstanceClass, databaseName nodrop\n| concat (dBInstanceIdentifier1, dBInstanceIdentifier2) as dBInstanceIdentifier | concat (engine1, engine2) as engine | concat (dBInstanceClass1, dBInstanceClass2) as dBInstanceClass | concat (dBClusterIdentifier1, dBClusterIdentifier2) as dBClusterIdentifier\n| if (!isEmpty(dbName), dbName, databaseName) as dbName\n| if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier) as dBInstanceIdentifier\n| if (!isEmpty(engine1), engine1, engine) as engine\n| if (!isEmpty(dBInstanceClass1), dBInstanceClass1, dBInstanceClass) as dBInstanceClass\n| if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier) as dBClusterIdentifier\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| if (!isEmpty(dBInstanceIdentifier),dBInstanceIdentifier,dBClusterIdentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isempty(dbidentifier)\n| count as Frequency by eventTime, event_name, dbidentifier, engine, user, region, src_ip, event_status, dBInstanceClass, dBClusterInstanceClass, dbName, dBSnapshotIdentifier, error_code, error_message\n| sort by eventTime | limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-EBB48E3C8CC5C947", - "title": "DB Snapshot Events", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":false},\"color\":{\"family\":\"scheme9\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"rds.amazonaws.com\\\"\" *DB*Snapshot* !Describe*DB*Snapshot* account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and event_name matches \"*DB*Snapshot*\" and !(event_name matches \"Describe*DB*Snapshot*\")\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"engine\", \"dBInstanceClass\", \"dBClusterIdentifier\", \"dBInstanceIdentifier\", \"dBSnapshotIdentifier\", \"dBClusterSnapshotIdentifier\" as engine1, dBInstanceClass1, dBClusterIdentifier1, dBInstanceIdentifier1, dBSnapshotIdentifier1, dBClusterSnapshotIdentifier nodrop \n| json field=responseElements \"dBName\", \"engine\", \"dBInstanceClass\", \"dBClusterIdentifier\", \"dBInstanceIdentifier\", \"dBSnapshotIdentifier\" as dbName, engine2, dBInstanceClass2, dBClusterIdentifier2, dBInstanceIdentifier2, dBSnapshotIdentifier2 nodrop \n| concat (dBInstanceIdentifier1, dBInstanceIdentifier2) as dBInstanceIdentifier | concat (engine1, engine2) as engine | concat (dBInstanceClass1, dBInstanceClass2) as dBInstanceClass | concat (dBClusterIdentifier1, dBClusterIdentifier2) as dBClusterIdentifier | concat (dBSnapshotIdentifier1, dBSnapshotIdentifier2) as dBSnapshotIdentifier\n| if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier) as dBInstanceIdentifier\n| if (!isEmpty(engine1), engine1, engine) as engine\n| if (!isEmpty(dBInstanceClass1), dBInstanceClass1, dBInstanceClass) as dBInstanceClass\n| if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier) as dBClusterIdentifier\n| if (!isEmpty(dBSnapshotIdentifier1), dBSnapshotIdentifier1, dBSnapshotIdentifier) as dBSnapshotIdentifier\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| if (!isEmpty(dBInstanceIdentifier),dBInstanceIdentifier,dBClusterIdentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isempty(dbidentifier)\n| count as event_count by event_name\n| sort by event_count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-E8F74BED8B385A4B", - "title": "DB Snapshot Event Details", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"rds.amazonaws.com\\\"\" *DB*Snapshot* !Describe*DB*Snapshot* account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and event_name matches \"*DB*Snapshot*\" and !(event_name matches \"Describe*DB*Snapshot*\")\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"engine\", \"dBInstanceClass\", \"dBClusterIdentifier\", \"dBInstanceIdentifier\", \"dBSnapshotIdentifier\", \"dBClusterSnapshotIdentifier\" as engine1, dBInstanceClass1, dBClusterIdentifier1, dBInstanceIdentifier1, dBSnapshotIdentifier1, dBClusterSnapshotIdentifier nodrop \n| json field=responseElements \"dBName\", \"engine\", \"dBInstanceClass\", \"dBClusterIdentifier\", \"dBInstanceIdentifier\", \"dBSnapshotIdentifier\", \"dBClusterSnapshotIdentifier\" as dbName, engine2, dBInstanceClass2, dBClusterIdentifier2, dBInstanceIdentifier2, dBSnapshotIdentifier2, dBClusterSnapshotIdentifier nodrop \n| concat (dBInstanceIdentifier1, dBInstanceIdentifier2) as dBInstanceIdentifier | concat (engine1, engine2) as engine | concat (dBInstanceClass1, dBInstanceClass2) as dBInstanceClass | concat (dBClusterIdentifier1, dBClusterIdentifier2) as dBClusterIdentifier | concat (dBSnapshotIdentifier1, dBSnapshotIdentifier2) as dBSnapshotIdentifier\n| if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier) as dBInstanceIdentifier\n| if (!isEmpty(engine1), engine1, engine) as engine\n| if (!isEmpty(dBInstanceClass1), dBInstanceClass1, dBInstanceClass) as dBInstanceClass\n| if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier) as dBClusterIdentifier\n| if (!isEmpty(dBSnapshotIdentifier1), dBSnapshotIdentifier1, dBSnapshotIdentifier) as dBSnapshotIdentifier\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| if (!isEmpty(dBInstanceIdentifier),dBInstanceIdentifier,dBClusterIdentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isempty(dbidentifier)\n| count as Frequency by eventTime, event_name, dbidentifier, engine, dBSnapshotIdentifier, dBClusterSnapshotIdentifier, user, Region, src_ip, event_status, dBInstanceClass, dbName, error_code, error_message\n| sort by eventTime | limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-9BD4B0B38C32EB4C", - "title": "Non-Describe DB Security Group Events", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\"},\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelPANE-CAB81959BB8A2B4C", - "title": "DB Security Group Events", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":false},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"rds.amazonaws.com\\\"\" *DBSecurityGroup* !DescribeDBSecurityGroups account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and event_name matches \"*DBSecurityGroup*\" and event_name<>\"DescribeDBSecurityGroups\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"engine\", \"dBInstanceClass\", \"dBClusterIdentifier\", \"dBInstanceIdentifier\", \"dBSnapshotIdentifier\", \"dBSecurityGroupName\" as engine1, dBInstanceClass1, dBClusterIdentifier1, dBInstanceIdentifier1, dBSnapshotIdentifier, dBSecurityGroupName nodrop \n| json field=responseElements \"dBName\", \"engine\", \"dBInstanceClass\", \"dBClusterIdentifier\", \"dBInstanceIdentifier\" as dbName, engine2, dBInstanceClass2, dBClusterIdentifier2, dBInstanceIdentifier2 nodrop \n| concat (dBInstanceIdentifier1, dBInstanceIdentifier2) as dBInstanceIdentifier | concat (engine1, engine2) as engine | concat (dBInstanceClass1, dBInstanceClass2) as dBInstanceClass | concat (dBClusterIdentifier1, dBClusterIdentifier2) as dBClusterIdentifier\n| if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier) as dBInstanceIdentifier\n| if (!isEmpty(engine1), engine1, engine) as engine\n| if (!isEmpty(dBInstanceClass1), dBInstanceClass1, dBInstanceClass) as dBInstanceClass\n| if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier) as dBClusterIdentifier\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| if (!isEmpty(dBInstanceIdentifier),dBInstanceIdentifier,dBClusterIdentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isempty(dbidentifier)\n| count as event_count by event_name\n| sort by event_count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-A9CDC7B5A58E9849", - "title": "DB Security Group Event Details", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventSource\\\":\\\"rds.amazonaws.com\\\"\" *DBSecurityGroup* !DescribeDBSecurityGroups account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and event_name matches \"*DBSecurityGroup*\" and event_name<>\"DescribeDBSecurityGroups\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"engine\", \"dBInstanceClass\", \"dBClusterIdentifier\", \"dBInstanceIdentifier\", \"dBSnapshotIdentifier\", \"dBSecurityGroupName\" as engine1, dBInstanceClass1, dBClusterIdentifier1, dBInstanceIdentifier1, dBSnapshotIdentifier, dBSecurityGroupName nodrop \n| json field=responseElements \"dBName\", \"engine\", \"dBInstanceClass\", \"dBClusterIdentifier\", \"dBInstanceIdentifier\" as dbName, engine2, dBInstanceClass2, dBClusterIdentifier2, dBInstanceIdentifier2 nodrop\n| concat (dBInstanceIdentifier1, dBInstanceIdentifier2) as dBInstanceIdentifier | concat (engine1, engine2) as engine | concat (dBInstanceClass1, dBInstanceClass2) as dBInstanceClass | concat (dBClusterIdentifier1, dBClusterIdentifier2) as dBClusterIdentifier\n| if (!isEmpty(dBInstanceIdentifier1), dBInstanceIdentifier1, dBInstanceIdentifier) as dBInstanceIdentifier\n| if (!isEmpty(engine1), engine1, engine) as engine\n| if (!isEmpty(dBInstanceClass1), dBInstanceClass1, dBInstanceClass) as dBInstanceClass\n| if (!isEmpty(dBClusterIdentifier1), dBClusterIdentifier1, dBClusterIdentifier) as dBClusterIdentifier\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| if (!isEmpty(dBInstanceIdentifier),dBInstanceIdentifier,dBClusterIdentifier) as dbidentifier\n| where dbidentifier matches \"{{dbidentifier}}\" or isempty(dbidentifier)\n| count as Frequency by eventTime, event_name, dbidentifier, engine, dBSecurityGroupName, type, user, region, src_ip, event_status, error_code, error_message, dBInstanceClass, dbName\n| sort by eventTime | limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-14271FE9A2992B40", - "title": "Non-Describe DB Snapshot Events", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\"},\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "04. Amazon RDS - Aurora MySQL", - "description": "The Amazon RDS Aurora MySQL dashboard provides intuitive Aurora MySQL performance data from across your infrastructure for latency, throughput, active and blocked transactions, queries, login failures, and replica lag.", - "title": "04. Amazon RDS - Aurora MySQL", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-4d1721cf8a106944", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":0}" - }, - { - "key": "panelpane-1617ebb3b18df944", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":0}" - }, - { - "key": "panelpane-0034b33d96ee5a49", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":6}" - }, - { - "key": "panelpane-d554054b8f056b42", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":6}" - }, - { - "key": "panelpane-f4ece00d90a1794b", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":12}" - }, - { - "key": "panelpane-92e5f3b5a2d4db40", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":12}" - }, - { - "key": "panelpane-7b0f05369c3fcb44", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":18}" - }, - { - "key": "panelpane-e53f4447b8bab94d", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":18}" - }, - { - "key": "panelpane-b49637f3afa2084c", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":24}" - }, - { - "key": "panelpane-c01f5f9eac0f3a43", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":24}" - }, - { - "key": "panelpane-ad39bfc58d5e0947", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":30}" - }, - { - "key": "panelpane-19b0174e9bdb9949", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":30}" - }, - { - "key": "panelpane-5c58046da1e6694a", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":18}" - }, - { - "key": "panelpane-2f1abc5ebf907a4d", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":24}" - }, - { - "key": "panelpane-82733dab9e683b4a", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":12}" - }, - { - "key": "panelpane-4817ee4eba34b940", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":6}" - }, - { - "key": "panelpane-4c3d5946a9d6984c", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":0}" - }, - { - "key": "panelpane-bd401cb7bbb51b45", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":30}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-4d1721cf8a106944", - "title": "Select Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Milliseconds\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=SelectLatency statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-1617ebb3b18df944", - "title": "Select Throughput", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Queries / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=SelectThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-0034b33d96ee5a49", - "title": "Update Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Milliseconds\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=UpdateLatency statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-d554054b8f056b42", - "title": "Update Throughput", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Queries / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=UpdateThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-f4ece00d90a1794b", - "title": "Insert Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Milliseconds\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=InsertLatency statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-92e5f3b5a2d4db40", - "title": "Insert Throughput", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Queries / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=InsertThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-7b0f05369c3fcb44", - "title": "Delete Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Milliseconds\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DeleteLatency statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-e53f4447b8bab94d", - "title": "Delete Throughput", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Queries / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DeleteThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-b49637f3afa2084c", - "title": "DDL Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Milliseconds\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DDLLatency statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-c01f5f9eac0f3a43", - "title": "DDL Throughput", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Queries / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DDLThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-ad39bfc58d5e0947", - "title": "DML Latency", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Milliseconds\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DMLLatency statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-19b0174e9bdb9949", - "title": "DML Throughput", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Queries / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DMLThroughput statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-5c58046da1e6694a", - "title": "Active Transactions", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Transaction / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ActiveTransactions statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-2f1abc5ebf907a4d", - "title": "Blocked Transactions", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Transaction / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=BlockedTransactions statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-82733dab9e683b4a", - "title": "Login Failures", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Attempts / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=LoginFailures statistic=SampleCount account={{account}} region={{region}} dbidentifier={{dbidentifier}} | sum by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-4817ee4eba34b940", - "title": "Queries", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Queries / Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=Queries statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-4c3d5946a9d6984c", - "title": "ResultSet Cache Hit Ratio", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"%\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ResultSetCacheHitRatio statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-bd401cb7bbb51b45", - "title": "Aurora Binlog Replica Lag", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Second\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AuroraBinlogReplicaLag statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "05. Amazon RDS - Aurora MySQL Global Database and Backtrack Activity", - "description": "The Amazon RDS Aurora MySQL Global Database and BackTrack Activity dashboard provides insights into Aurora MySQL performance data from across your infrastructure for Global Database activity and Backtrack activity.", - "title": "05. Amazon RDS - Aurora MySQL Global Database and Backtrack Activity", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelpane-331d9c2a81957b4b", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":8}" - }, - { - "key": "panelpane-6446545c95420a4d", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":8}" - }, - { - "key": "panelpane-1e3a0fa4aa84284e", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":14}" - }, - { - "key": "panelpane-5b2a1d2284414a44", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":14}" - }, - { - "key": "panelpane-e1aabad296a0994e", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":7}" - }, - { - "key": "panelpane-493b25018f2cfb4f", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panelpane-4d5a606b8876ab43", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":1}" - }, - { - "key": "panelpane-9e65dd14af01ea46", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":1}" - }, - { - "key": "panelpane-97341b52b67a784b", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":1}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelpane-331d9c2a81957b4b", - "title": "Backtrack Change Records Creation Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Backtrack Change Record Rate\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=BacktrackChangeRecordsCreationRate statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "The number of backtrack change records created over five minutes for your DB cluster.", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-6446545c95420a4d", - "title": "Backtrack Change Records Stored", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Backtrack Change Records Used\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=BacktrackChangeRecordsStored statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "The actual number of backtrack change records used by your DB cluster.", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-1e3a0fa4aa84284e", - "title": "Backtrack Window Actual", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Target Vs Actual Backtrack Delta\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=BacktrackWindowActual statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "The difference between the target backtrack window and the actual backtrack window.", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-5b2a1d2284414a44", - "title": "Backtrack Window Alert", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Number of Alerts\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=BacktrackWindowAlert statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "The number of times that the actual backtrack window is smaller than the target backtrack window for a given period of time.", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-e1aabad296a0994e", - "title": "BackTrack Activity", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-493b25018f2cfb4f", - "title": "MySQL Global Database Activity", - "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelpane-4d5a606b8876ab43", - "title": "Aurora Global DB Replicated Write IO", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Bytes\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AuroraGlobalDBReplicatedWriteIO statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "In an Aurora Global Database, the number of write I/O operations replicated from the primary AWS Region to the cluster volume in a secondary AWS Region. The billing calculations for the secondary AWS Regions in a global database use VolumeWriteIOPS to account for writes performed within the cluster. The billing calculations for the primary AWS Region in a global database use VolumeWriteIOPS to account for the write activity within that cluster, and AuroraGlobalDBReplicatedWriteIO to account for cross-region replication within the global database.", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-9e65dd14af01ea46", - "title": "Aurora Global DB Data Transfer Bytes", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Bytes\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AuroraGlobalDBDataTransferBytes statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "In an Aurora Global Database, the amount of redo log data transferred from the master AWS Region to a secondary AWS Region.", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelpane-97341b52b67a784b", - "title": "Aurora Global DB Replication Lag", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":\"3\"},\"legend\":{\"enabled\":true},\"axes\":{\"axisY\":{\"title\":\"Milliseconds\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{dbidentifier}}\"}}]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AuroraGlobalDBReplicationLag statistic=average account={{account}} region={{region}} dbidentifier={{dbidentifier}} | avg by dbidentifier, account, region, namespace", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "For an Aurora Global Database, the amount of lag when replicating updates from the primary AWS Region, in milliseconds.", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": null, - "defaultValue": null, - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "06. Amazon RDS - MySQL Logs - Overview", - "description": "The Amazon RDS - MySQL Logs - Overview dashboard provides high-level analysis of database activity with details on authentication, connections, users, and slow query events using RDS CloudWatch logs.", - "title": "06. Amazon RDS - MySQL Logs - Overview", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelb1fed43d8353bb4c", - "structure": "{\"height\":8,\"width\":5,\"x\":0,\"y\":1}" - }, - { - "key": "panel16868c8a8b5a9b4b", - "structure": "{\"height\":8,\"width\":5,\"x\":5,\"y\":1}" - }, - { - "key": "panel9fc7c4839dd15949", - "structure": "{\"height\":8,\"width\":5,\"x\":10,\"y\":1}" - }, - { - "key": "panel5a0d4fe186af994b", - "structure": "{\"height\":8,\"width\":9,\"x\":15,\"y\":1}" - }, - { - "key": "panel7fe74a349d4f9a47", - "structure": "{\"height\":8,\"width\":5,\"x\":5,\"y\":19}" - }, - { - "key": "panel8a067655ab90a840", - "structure": "{\"height\":8,\"width\":5,\"x\":0,\"y\":10}" - }, - { - "key": "panel144f266182637946", - "structure": "{\"height\":8,\"width\":7,\"x\":17,\"y\":10}" - }, - { - "key": "panel629a5552ab9b5a4e", - "structure": "{\"height\":8,\"width\":6,\"x\":18,\"y\":19}" - }, - { - "key": "panelPANE-D6255555B5C7E94F", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panel9E76A5478CAAD946", - "structure": "{\"height\":1,\"width\":18,\"x\":0,\"y\":18}" - }, - { - "key": "panelA244567EB70BEA47", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":9}" - }, - { - "key": "panel4EC7628F9F13C848", - "structure": "{\"height\":1,\"width\":6,\"x\":18,\"y\":18}" - }, - { - "key": "panelPANE-DAC788C6A2F08A4F", - "structure": "{\"height\":8,\"width\":5,\"x\":0,\"y\":19}" - }, - { - "key": "panelPANE-1D0A5498A9A3E843", - "structure": "{\"height\":8,\"width\":5,\"x\":5,\"y\":10}" - }, - { - "key": "panelPANE-79C7263A825F1B4A", - "structure": "{\"height\":8,\"width\":7,\"x\":10,\"y\":10}" - }, - { - "key": "panelPANE-9C97E14DAF370A47", - "structure": "{\"height\":8,\"width\":8,\"x\":10,\"y\":19}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel7fe74a349d4f9a47", - "title": "DB Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":true,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Audit CONNECT\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,0,*,*,,0\" as instance, user, host, f1, action, database nodrop\n| where action = \"CONNECT\"\n| count as event_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5a0d4fe186af994b", - "title": "Failed Authentication - User Location", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\"},\"map\":{\"mainMetric\":{}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error \"Access denied for user\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n| parse field=message \" * [Note] Access denied for user '*'@'*' (using *: *)\" as requestid, user, host, authenticationType, flag nodrop\n| parse field=message \"[Warning] Access denied for user '*'@'*' (using *: *)\" as user, host, authenticationType, flag nodrop\n| where host != \"localhost\"\n| count by host\n| lookup latitude, longitude from geo://location on ip = host", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel629a5552ab9b5a4e", - "title": "Connection Type Used", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"frequency\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"right\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*general Connect\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| where cmdType = \"Connect\"\n| parse field=command \"*@* on using *\" as user, host, connectionType nodrop\n| parse field=command \"*@* on * using *\" as user, host, database, connectionType nodrop\n| parse field=command \"Out\\t*@*:*\" as user, host, port nodrop\n| parse field=message \"Access denied for user '*'@'*' (using *: *)\" as user, host, autenticationType, flag nodrop\n| if (message matches \"*Access denied*\", \"Fail\", \"Success\") as connectionStatus\n| where !isEmpty(connectionType)\n| count as frequency by connectionType\n| sort by frequency, connectionType asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel144f266182637946", - "title": "Top Users and IPs Firing Slow Queries", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| parse regex field=query_block \"# Query_time:\\s+(?[\\d.]*)\\s+Lock_time:\\s+(?[\\d.]*)\\s+Rows_sent:\\s+(?[\\d]*)\\s+Rows_examined:\\s+(?[\\d]*)\" nodrop\n| parse regex field=query_block \"SET timestamp=(?\\d*);\\n(?[\\s\\S]*);\" nodrop\n| parse regex field=sql_cmd \"[^a-zA-Z]*(?[a-zA-Z]+)\\s*\"\n| where user != \"rdsadmin\" and !isEmpty(user)\n| count as frequency by user, host_name, ip_addr\n| top 15 user, ip_addr by frequency, ip_addr asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel9fc7c4839dd15949", - "title": "Number of Notes", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":true,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":\"6\",\"color\":\"#16943e\"},{\"from\":\"6\",\"to\":\"11\",\"color\":\"#dfbe2e\"},{\"from\":\"11\",\"to\":null,\"color\":\"#bf2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Note\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"[*] *\" as LogLevel, msgDetails\n| where LogLevel = \"Note\"\n| count as event_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelb1fed43d8353bb4c", - "title": "Failed Authentications", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":true,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error \"Access denied for user\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n| parse field=message \" * [Note] Access denied for user '*'@'*' (using *: *)\" as requestid, user, host, authenticationType, flag nodrop\n| parse field=message \"[Warning] Access denied for user '*'@'*' (using *: *)\" as user, host, authenticationType, flag nodrop\n| count as event_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel16868c8a8b5a9b4b", - "title": "Number of Warnings", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":true,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":\"6\",\"color\":\"#16943e\"},{\"from\":\"6\",\"to\":\"26\",\"color\":\"#dfbe2e\"},{\"from\":\"26\",\"to\":null,\"color\":\"#bf2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Warning\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"[*] *\" as LogLevel, msgDetails\n| where LogLevel = \"Warning\"\n| count as event_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8a067655ab90a840", - "title": "Slow Queries", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\",\"noDataMessage\":\"0\"},\"svp\":{\"option\":\"Latest\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| parse regex field=query_block \"# Query_time:\\s+(?[\\d.]*)\\s+Lock_time:\\s+(?[\\d.]*)\\s+Rows_sent:\\s+(?[\\d]*)\\s+Rows_examined:\\s+(?[\\d]*)\" nodrop\n| parse regex field=query_block \"SET timestamp=(?\\d*);\\n(?[\\s\\S]*);\" nodrop\n| parse regex field=sql_cmd \"[^a-zA-Z]*(?[a-zA-Z]+)\\s*\"\n| where user != \"rdsadmin\"\n| count as event_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-D6255555B5C7E94F", - "title": "Error Logs", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel9E76A5478CAAD946", - "title": "Audit Logs", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelA244567EB70BEA47", - "title": "Slow Query Logs", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel4EC7628F9F13C848", - "title": "General Logs", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelPANE-DAC788C6A2F08A4F", - "title": "Failed DB Connections", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"noDataMessage\":\"0\"},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Audit FAILED_CONNECT\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| where action matches \"FAILED_CONNECT\"\n| count as eventCount", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-1D0A5498A9A3E843", - "title": "Top Users Firing Slow Queries", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| parse regex field=query_block \"# Query_time:\\s+(?[\\d.]*)\\s+Lock_time:\\s+(?[\\d.]*)\\s+Rows_sent:\\s+(?[\\d]*)\\s+Rows_examined:\\s+(?[\\d]*)\" nodrop\n| parse regex field=query_block \"SET timestamp=(?\\d*);\\n(?[\\s\\S]*);\" nodrop\n| parse regex field=sql_cmd \"[^a-zA-Z]*(?[a-zA-Z]+)\\s*\"\n| where user != \"rdsadmin\" and !isEmpty(user)\n| count as frequency by user \n| top 15 user by frequency, user asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-79C7263A825F1B4A", - "title": "Top Slow Queries by Cmd Type", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"SQL Cmd Type\"},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"frequency\"}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| parse regex field=query_block \"# Query_time:\\s+(?[\\d.]*)\\s+Lock_time:\\s+(?[\\d.]*)\\s+Rows_sent:\\s+(?[\\d]*)\\s+Rows_examined:\\s+(?[\\d]*)\" nodrop\n| parse regex field=query_block \"SET timestamp=(?\\d*);\\n(?[\\s\\S]*);\" nodrop\n| parse regex field=sql_cmd \"[^a-zA-Z]*(?[a-zA-Z]+)\\s*\"\n| where user != \"rdsadmin\" \n| where !isEmpty(sql_cmd_type)\n| toUpperCase(sql_cmd_type)\n| count as frequency group by sql_cmd_type\n| top 15 sql_cmd_type by frequency, sql_cmd_type asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-9C97E14DAF370A47", - "title": "Connected User Locations", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Audit CONNECT\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| where action = \"CONNECT\" and host != \"localhost\"\n| count by host\n| lookup latitude, longitude from geo://location on ip = host", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "07. Amazon RDS - MySQL Logs - Error Logs Analysis", - "description": "The Amazon RDS - MySQL Logs - Error Logs Analysis dashboard provides details for error logs, including failed authentications, error outliers, top and recent warnings, log levels, and aborted connections.", - "title": "07. Amazon RDS - MySQL Logs - Error Logs Analysis", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panel2382d5deabf2eb49", - "structure": "{\"height\":9,\"width\":4,\"x\":0,\"y\":0}" - }, - { - "key": "panel3aa09ce5a7114a40", - "structure": "{\"height\":9,\"width\":12,\"x\":4,\"y\":0}" - }, - { - "key": "panel9f38a3fd87a5f941", - "structure": "{\"height\":9,\"width\":8,\"x\":16,\"y\":0}" - }, - { - "key": "paneldc1cefea88af2a44", - "structure": "{\"height\":8,\"width\":6,\"x\":0,\"y\":9}" - }, - { - "key": "panel9341a2f99a9a8b42", - "structure": "{\"height\":8,\"width\":6,\"x\":6,\"y\":9}" - }, - { - "key": "panel21ecacb69ac5e84c", - "structure": "{\"height\":8,\"width\":6,\"x\":12,\"y\":9}" - }, - { - "key": "paneld196902690310a41", - "structure": "{\"height\":8,\"width\":6,\"x\":18,\"y\":9}" - }, - { - "key": "panel16d6002594033b4a", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":17}" - }, - { - "key": "panel617a92cd993e0b40", - "structure": "{\"height\":6,\"width\":8,\"x\":5,\"y\":17}" - }, - { - "key": "panel38673a7ca4c58842", - "structure": "{\"height\":6,\"width\":11,\"x\":13,\"y\":17}" - }, - { - "key": "panel33a04e3c8d593842", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":32}" - }, - { - "key": "panel4af85b368ef88a46", - "structure": "{\"height\":9,\"width\":12,\"x\":0,\"y\":23}" - }, - { - "key": "panel1c9603eea6e6b84d", - "structure": "{\"height\":9,\"width\":24,\"x\":0,\"y\":39}" - }, - { - "key": "panel801fcc80a31cc943", - "structure": "{\"height\":9,\"width\":12,\"x\":12,\"y\":23}" - }, - { - "key": "panelCEACA779BDDADA47", - "structure": "{\"height\":13,\"width\":24,\"x\":0,\"y\":48}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel21ecacb69ac5e84c", - "title": "Failed Auth Attempts by Host", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error \"Access denied for user\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n| parse field=message \" * [Note] Access denied for user '*'@'*' (using *: *)\" as requestid, user, host, authenticationType, flag nodrop\n| parse field=message \"[Warning] Access denied for user '*'@'*' (using *: *)\" as user, host, authenticationType, flag nodrop\n| count as frequency by host\n| top 10 host by frequency, host asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "paneld196902690310a41", - "title": "Error Events - Outlier", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":null,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n| timeslice 15m\n| count as errorEvents by _timeslice\n| outlier errorEvents window=10,threshold=3,consecutive=1,direction=+-", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "paneldc1cefea88af2a44", - "title": "Failed Authentication - Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"column\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"Event Count\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"right\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error \"Access denied for user\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n| parse field=message \" * [Note] Access denied for user '*'@'*' (using *: *)\" as requestid, user, host, authenticationType, flag nodrop\n| parse field=message \"[Warning] Access denied for user '*'@'*' (using *: *)\" as user, host, authenticationType, flag nodrop\n| timeslice 15m\n| count as event_count by _timeslice", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel33a04e3c8d593842", - "title": "Aborted Connections", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error \"Aborted connection\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n| parse field=message \"Aborted connection * to db: '*' user: '*' host: '*' (*)\" as requestId, database, user, host, errorDetails nodrop\n| timeslice 1s\n| count as frequency by _timeslice, dbidentifier, requestId, database, user, host, errorDetails\n| sort by _timeslice", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel38673a7ca4c58842", - "title": "Top Warnings", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Warning\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"[*] *\" as LogLevel, msgDetails\n| where LogLevel = \"Warning\"\n| count as frequency by msgDetails\n| top 10 msgDetails by frequency, msgDetails asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel16d6002594033b4a", - "title": "Log Level", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":\"10\",\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Default\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"right\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n|count by LogLevel\n| sort by _count, LogLevel asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1c9603eea6e6b84d", - "title": "Process Events (mysqld)", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account=* region=* namespace=aws/rds dbidentifier=* _sourceHost=/aws/rds/*Error (mysqld or starts or restarts or \"starting as process\") \n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n| parse field=message \"* [Note] /rdsdbbin/oscar/bin/*: *\" as requestid, process, msg nodrop\n| parse field=message \"* [Note] /rdsdbbin/oscar/bin/* (*) * ...\" as requestid, process, processDetails, msg nodrop\n| parse field=msg \"Version: '*' socket: '*' port: * *\" as version, socket, port, license nodrop\n| parse field=message \"/rdsdbbin/mysql/bin/* (*) starting as process\" as process, processDetails nodrop\n| parse field=message \"/rdsdbbin/oscar/bin/* (*) starting as process\" as process, processDetails nodrop\n| parse field=message \"/rdsdbbin/mysql/bin/*: * (*) *.\" as process, status, processDetails, license nodrop\n| parse field=message \"/rdsdbbin/mysql/bin/*: *. Version: '*' socket: '*' port: * *.\" as process, status, version, socket, port, license nodrop\n| parse field=message \"/rdsdbbin/mysql/bin/*: * user: '*'.\" as process, status, user nodrop\n| parse field=message \"Received SHUTDOWN from user *. Shutting down * (Version: *).\" as user, process, version nodrop\n| parse field=message \"/rdsdbbin/mysql/bin/* (initiated by: *[rdsadmin] @ * []): Normal shutdown\" as process, user, host nodrop\n| parse field= message \"/rdsdbbin/mysql/bin/*: Shutdown complete\" as process nodrop\n| if (message matches \"*starting as process*\", \"starting as process\", if (message matches \"*ready for connections*\", \"ready for connections\", if (message matches \"* Shutting down *\", \"Shutting down\", if (message matches \"* Normal shutdown\", \"Normal shutdown\", if (message matches \"* Shutdown complete\", \"Shutdown complete\", status))))) as status\n| timeslice 1s\n| count as frequency by _timeslice, dbidentifier, process, status, processDetails, version, socket, port, user, license\n| sort by _timeslice ", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel3aa09ce5a7114a40", - "title": "Failed Authentication - Details", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error \"Access denied for user\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n| parse field=message \" * [Note] Access denied for user '*'@'*' (using *: *)\" as requestid, user, host, authenticationType, flag nodrop\n| parse field=message \"[Warning] Access denied for user '*'@'*' (using *: *)\" as user, host, authenticationType, flag nodrop\n| timeslice 1s\n| count as frequency by _timeslice, requestid, user, host, authenticationType, flag\n| sort by _timeslice", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel9341a2f99a9a8b42", - "title": "Failed Auth Attempts by User", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error \"Access denied for user\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n| parse field=message \" * [Note] Access denied for user '*'@'*' (using *: *)\" as requestid, user, host, authenticationType, flag nodrop\n| parse field=message \"[Warning] Access denied for user '*'@'*' (using *: *)\" as user, host, authenticationType, flag nodrop\n| count as frequency by user\n| top 10 user by frequency, user asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4af85b368ef88a46", - "title": "Recent Warning Events", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Warning\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"[*] *\" as LogLevel, msgDetails\n| where LogLevel = \"Warning\"\n| timeslice 1s\n| count as frequency by _timeslice, msgDetails\n| sort by _timeslice, msgDetails asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel9f38a3fd87a5f941", - "title": "Failed Authentication - User Location", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\"},\"map\":{\"mainMetric\":{}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error \"Access denied for user\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n| parse field=message \" * [Note] Access denied for user '*'@'*' (using *: *)\" as requestid, user, host, authenticationType, flag nodrop\n| parse field=message \"[Warning] Access denied for user '*'@'*' (using *: *)\" as user, host, authenticationType, flag nodrop\n| where host != \"localhost\"\n| count by host\n| lookup latitude, longitude from geo://location on ip = host", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2382d5deabf2eb49", - "title": "Failed Auth Attempts", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":true,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error \"Access denied for user\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n| parse field=message \" * [Note] Access denied for user '*'@'*' (using *: *)\" as requestid, user, host, authenticationType, flag nodrop\n| parse field=message \"[Warning] Access denied for user '*'@'*' (using *: *)\" as user, host, authenticationType, flag nodrop\n| count as eventCount", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel801fcc80a31cc943", - "title": "Top Note Events", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Note\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"[*] *\" as LogLevel, msgDetails\n| where LogLevel = \"Note\"\n| count as frequency by msgDetails\n| sort by frequency, msgDetails asc | limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel617a92cd993e0b40", - "title": "Log Level - Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"Event Time\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"Event Count\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n| timeslice 15m\n| count by _timeslice, LogLevel\n| transpose row _timeslice column LogLevel", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelCEACA779BDDADA47", - "title": "RDS MySQL Cluster Replication Events", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account=* region=* namespace=aws/rds dbidentifier=* _sourceHost=/aws/rds/*Error \"[REPL]\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \" [*] \" as LogLevel\n| parse field=message \"[Repl] Slave I/O thread for channel '': * '*@*:*',* in log '*' at position *\" as state, user, host, port, processDetails, ReplicationLogFile, ReplicationPosition nodrop\n| parse field=message \"[Repl] Slave I/O for channel '': * '*@*:*' - retry-time: * retries: * message: * on \" as state, user, host, port, retrytime, retried, processDetails nodrop\n| timeslice 1s\n| count as frequency by _timeslice, dbidentifier, LogLevel, state,processDetails, user, host, port, message\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "08. Amazon RDS - MySQL Logs - Slow Query Analysis", - "description": "The Amazon RDS - MySQL Logs - Slow Query Analysis dashboard provides details on slow queries, including the number of slow queries, trends, execution times, time comparisons, command types, users, and IP addresses.", - "title": "08. Amazon RDS - MySQL Logs - Slow Query Analysis", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panel16da3b329a1ab844", - "structure": "{\"height\":8,\"width\":4,\"x\":0,\"y\":0}" - }, - { - "key": "panel66b8d385b646da4f", - "structure": "{\"height\":8,\"width\":6,\"x\":4,\"y\":0}" - }, - { - "key": "paneld6e2ebe0986fc84d", - "structure": "{\"height\":8,\"width\":7,\"x\":10,\"y\":0}" - }, - { - "key": "panel5c1319f8bcdad84e", - "structure": "{\"height\":8,\"width\":7,\"x\":17,\"y\":0}" - }, - { - "key": "panel86f1cc63bee12a44", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":8}" - }, - { - "key": "panel9e7ec694b3139945", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":8}" - }, - { - "key": "panel2ac93e949b592a4d", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":8}" - }, - { - "key": "panelb90234a5b3ba3a49", - "structure": "{\"height\":8,\"width\":24,\"x\":0,\"y\":14}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel9e7ec694b3139945", - "title": "Slow Queries Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":null,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"Event Time\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"Event Count\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"right\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(ip_addr) and ip_addr matches \"{{ip_address}}\"\n| parse regex field=query_block \"# Query_time:\\s+(?[\\d.]*)\\s+Lock_time:\\s+(?[\\d.]*)\\s+Rows_sent:\\s+(?[\\d]*)\\s+Rows_examined:\\s+(?[\\d]*)\" nodrop\n| parse regex field=query_block \"SET timestamp=(?\\d*);\\n(?[\\s\\S]*);\" nodrop\n| parse regex field=sql_cmd \"[^a-zA-Z]*(?[a-zA-Z]+)\\s*\"\n| timeslice 15m\n| count as queriesCount by _timeslice", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2ac93e949b592a4d", - "title": "Avg Exec Time by Slow Query Cmd", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"series\":{\"A_SELECT\":{\"visible\":true},\"A_SHOW\":{\"visible\":true}},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(ip_addr) and ip_addr matches \"{{ip_address}}\"\n| parse regex field=query_block \"# Query_time:\\s+(?[\\d.]*)\\s+Lock_time:\\s+(?[\\d.]*)\\s+Rows_sent:\\s+(?[\\d]*)\\s+Rows_examined:\\s+(?[\\d]*)\" nodrop\n| parse regex field=query_block \"SET timestamp=(?\\d*);\\n(?[\\s\\S]*);\" nodrop\n| parse regex field=sql_cmd \"[^a-zA-Z]*(?[a-zA-Z]+)\\s*\"\n| where !isEmpty(sql_cmd_type)\n| toupperCase(sql_cmd_type) as sql_cmd_type\n| timeslice 15m\n| avg(query_time) as avgQueryTime group by _timeslice, sql_cmd_type\n| transpose row _timeslice column sql_cmd_type", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "paneld6e2ebe0986fc84d", - "title": "Top IP Firing Slow Queries", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(ip_addr) and ip_addr matches \"{{ip_address}}\"\n| parse regex field=query_block \"# Query_time:\\s+(?[\\d.]*)\\s+Lock_time:\\s+(?[\\d.]*)\\s+Rows_sent:\\s+(?[\\d]*)\\s+Rows_examined:\\s+(?[\\d]*)\" nodrop\n| parse regex field=query_block \"SET timestamp=(?\\d*);\\n(?[\\s\\S]*);\" nodrop\n| parse regex field=sql_cmd \"[^a-zA-Z]*(?[a-zA-Z]+)\\s*\"\n| count as frequency by ip_addr \n| top 10 ip_addr by frequency, ip_addr asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelb90234a5b3ba3a49", - "title": "Top Slow Queries by Average Execution Time", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\",\"decimals\":2},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(ip_addr) and ip_addr matches \"{{ip_address}}\"\n| parse regex field=query_block \"# Query_time:\\s+(?[\\d.]*)\\s+Lock_time:\\s+(?[\\d.]*)\\s+Rows_sent:\\s+(?[\\d]*)\\s+Rows_examined:\\s+(?[\\d]*)\" nodrop\n| parse regex field=query_block \"SET timestamp=(?\\d*);\\n(?[\\s\\S]*);\" nodrop\n| parse regex field=sql_cmd \"[^a-zA-Z]*(?[a-zA-Z]+)\\s*\"\n| avg(query_time) as avgTime, sum(query_time) as totalTime, min(query_time) as minTime, max(query_time) as maxTime, avg(rows_examined) as avgRowsExamined, avg(rows_sent) as avgRowsSent, avg(Lock_Time) as avgLockTime, count as frequency group by sql_cmd, user, ip_addr\n| sort by avgTime | limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5c1319f8bcdad84e", - "title": "Slow Queries by Command Type", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(ip_addr) and ip_addr matches \"{{ip_address}}\"\n| parse regex field=query_block \"# Query_time:\\s+(?[\\d.]*)\\s+Lock_time:\\s+(?[\\d.]*)\\s+Rows_sent:\\s+(?[\\d]*)\\s+Rows_examined:\\s+(?[\\d]*)\" nodrop\n| parse regex field=query_block \"SET timestamp=(?\\d*);\\n(?[\\s\\S]*);\" nodrop\n| parse regex field=sql_cmd \"[^a-zA-Z]*(?[a-zA-Z]+)\\s*\"\n| toUpperCase(sql_cmd_type)\n| count as frequency group by sql_cmd_type\n| top 10 sql_cmd_type by frequency, sql_cmd_type asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel16da3b329a1ab844", - "title": "Slow Queries", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\",\"noDataMessage\":\"0\"},\"svp\":{\"option\":\"Latest\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(ip_addr) and ip_addr matches \"{{ip_address}}\"\n| parse regex field=query_block \"# Query_time:\\s+(?[\\d.]*)\\s+Lock_time:\\s+(?[\\d.]*)\\s+Rows_sent:\\s+(?[\\d]*)\\s+Rows_examined:\\s+(?[\\d]*)\" nodrop\n| parse regex field=query_block \"SET timestamp=(?\\d*);\\n(?[\\s\\S]*);\" nodrop\n| parse regex field=sql_cmd \"[^a-zA-Z]*(?[a-zA-Z]+)\\s*\"\n| count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel66b8d385b646da4f", - "title": "Top Users Firing Slow Queries", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(ip_addr) and ip_addr matches \"{{ip_address}}\"\n| parse regex field=query_block \"# Query_time:\\s+(?[\\d.]*)\\s+Lock_time:\\s+(?[\\d.]*)\\s+Rows_sent:\\s+(?[\\d]*)\\s+Rows_examined:\\s+(?[\\d]*)\" nodrop\n| parse regex field=query_block \"SET timestamp=(?\\d*);\\n(?[\\s\\S]*);\" nodrop\n| parse regex field=sql_cmd \"[^a-zA-Z]*(?[a-zA-Z]+)\\s*\"\n| count as frequency by user \n| top 10 user by frequency, user asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel86f1cc63bee12a44", - "title": "Slow Queries - Time Compare", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"Event Time\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"Event Count\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"series\":{},\"overrides\":[],\"general\":{\"type\":\"column\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"xy\":{\"xDimension\":[],\"yDimension\":[],\"zDimension\":[]}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(ip_addr) and ip_addr matches \"{{ip_address}}\"\n| parse regex field=query_block \"# Query_time:\\s+(?[\\d.]*)\\s+Lock_time:\\s+(?[\\d.]*)\\s+Rows_sent:\\s+(?[\\d]*)\\s+Rows_examined:\\s+(?[\\d]*)\" nodrop\n| parse regex field=query_block \"SET timestamp=(?\\d*);\\n(?[\\s\\S]*);\" nodrop\n| parse regex field=sql_cmd \"[^a-zA-Z]*(?[a-zA-Z]+)\\s*\"\n| timeslice 15m\n| count as count by _timeslice\n| fillmissing timeslice(15m)\n| compare with timeshift 1d as yesterday, timeshift 1d 7 avg as last_seven_days_avg", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "user", - "displayName": "user", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| where user != \"rdsadmin\" and !isEmpty(user)\n| count by user", - "field": "user" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "ip_address", - "displayName": "ip_address", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account={{account}} region={{region}} namespace=aws/rds dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*SlowQuery \"User@Host\" \"Query_time\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?# User@Host:[\\S\\s]+?SET timestamp=\\d+;[\\S\\s]+?;)\" multi\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*\\[(?\\S*?)\\]\\s*Id:\\s*(?\\d*)\" nodrop\n| parse regex field=query_block \"# User@Host:\\s*\\S+?\\[(?\\S*?)\\]\\s*@\\s*(?\\S+)\\s\\[(?\\S*?)\\]\\s+Id:\\s*(?\\d+)\"\n| where user != \"rdsadmin\" and !isEmpty(user)\n| where !isEmpty(ip_addr)\n| count by ip_addr", - "field": "ip_addr" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "09. Amazon RDS - MySQL Logs - Audit Log Analysis", - "description": "The Amazon RDS - MySQL Logs - Audit Logs Analysis dashboard provides an analysis of audit logs, including successful, failed db connections, most active users, clients, databases along with various SQL commands being executed on the RDS instances and clusters.", - "title": "09. Amazon RDS - MySQL Logs - Audit Log Analysis", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "region": [ - "*" - ], - "_sumo_domain_name": [ - "aws" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panele6f903b6900bbb46", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":0}" - }, - { - "key": "panel62334039bed4f944", - "structure": "{\"height\":6,\"width\":5,\"x\":5,\"y\":0}" - }, - { - "key": "panelfaef6da38306794d", - "structure": "{\"height\":6,\"width\":7,\"x\":10,\"y\":0}" - }, - { - "key": "paneld9e17cb781603844", - "structure": "{\"height\":6,\"width\":7,\"x\":17,\"y\":0}" - }, - { - "key": "panel01d3a5588e9b594f", - "structure": "{\"height\":8,\"width\":6,\"x\":0,\"y\":6}" - }, - { - "key": "panele27e4c7fad2b884b", - "structure": "{\"height\":8,\"width\":6,\"x\":6,\"y\":6}" - }, - { - "key": "panel6f3724e2a0f17843", - "structure": "{\"height\":8,\"width\":6,\"x\":18,\"y\":6}" - }, - { - "key": "panele32fce5a876ac84c", - "structure": "{\"height\":8,\"width\":6,\"x\":12,\"y\":14}" - }, - { - "key": "paneld4002ff8986ae94a", - "structure": "{\"height\":8,\"width\":6,\"x\":12,\"y\":6}" - }, - { - "key": "panelc61e58f7982bf949", - "structure": "{\"height\":8,\"width\":6,\"x\":6,\"y\":14}" - }, - { - "key": "panel14f5879daa6af944", - "structure": "{\"height\":8,\"width\":6,\"x\":18,\"y\":14}" - }, - { - "key": "panelbf0d37238e93384e", - "structure": "{\"height\":9,\"width\":8,\"x\":0,\"y\":22}" - }, - { - "key": "panelf5b9d6b4aaca394c", - "structure": "{\"height\":9,\"width\":16,\"x\":8,\"y\":22}" - }, - { - "key": "panelfdd548d9868f8a49", - "structure": "{\"height\":8,\"width\":24,\"x\":0,\"y\":31}" - }, - { - "key": "panel53DDD9B5A9537A4C", - "structure": "{\"height\":8,\"width\":6,\"x\":0,\"y\":14}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panele6f903b6900bbb46", - "title": "DB Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":true,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit CONNECT\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n| where action = \"CONNECT\"\n| count as eventCount", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel6f3724e2a0f17843", - "title": "Top Active Hosts", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit QUERY\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?\\d*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),\\'(?.*\\'?(?=\\'\\,))\\',(?\\d*)\" nodrop\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n| count as frequency by host\n| top 10 host by frequency, host asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelfaef6da38306794d", - "title": "Connected - User Location", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\"},\"map\":{\"mainMetric\":{}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit CONNECT\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n| where action = \"CONNECT\" and host != \"localhost\"\n| count as user_count by host\n| lookup latitude, longitude from geo://location on ip = host", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelf5b9d6b4aaca394c", - "title": "Recent User Management Activities", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit QUERY user (*crea* or *alte* or *drop)\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?\\d*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),\\'(?.*\\'?(?=\\'\\,))\\',(?\\d*)\" nodrop\n| parse field=database \"Access denied for user '*'@'*' to database '*'\" as user1, host1, database1 nodrop\n| if (database matches \"Access denied for user*\", database1, database) as database\n| parse regex field=sqlStatement \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| where action = \"QUERY\"\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n| where !isEmpty(sqlStatement) and ( host != \"localhost\" or user != \"rdsadmin\")\n| if (!isEmpty(sqlStatement2), sqlStatement2, sqlStatement) as sqlStatement\n| parse regex field=sqlStatement \"(?\\S+)\\s+\"\n| toUppercase(command) as command\n| where (command matches \"*CREA*\" or command matches \"*ALTE*\" or command matches \"*DROP*\") and (toUppercase(sqlStatement) matches \"* USER *\")\n| timeslice 1s\n| count as frequency by _timeslice, action, user, host, database, command, sqlStatement\n| sort by _timeslice, command asc\n| limit 20", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel62334039bed4f944", - "title": "Failed DB Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":true,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#16943e\"},{\"from\":1,\"to\":10,\"color\":\"#dfbe2e\"},{\"from\":10,\"to\":null,\"color\":\"#bf2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit FAILED_CONNECT\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n| where action matches \"FAILED_CONNECT\"\n| count as eventCount", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panele32fce5a876ac84c", - "title": "Multiple Host Connecting To DB With Same User", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit CONNECT\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| where action = \"CONNECT\"\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n| count_distinct (host) as %\"UniqueHosts\" by user\n| 0 as threshold // Feel free to change this threshold value based on your need. Anything above 0 is good\n| where %\"UniqueHosts\" > threshold\n| sort by %\"UniqueHosts\", user asc\n| fields -threshold", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel01d3a5588e9b594f", - "title": "Connect, Disconnect Events", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":\"10\",\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Default\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit (CONNECT or DISCONNECT or \"FAILED_CONNECT\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n| where action in (\"CONNECT\", \"DISCONNECT\", \"FAILED_CONNECT\")\n| count by action\n| sort by _count, action asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panele27e4c7fad2b884b", - "title": "Connect, Disconnect Event - Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"Event Count\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit (CONNECT or DISCONNECT or \"FAILED_CONNECT\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n| where action in (\"CONNECT\", \"DISCONNECT\", \"FAILED_CONNECT\")\n| timeslice 15m\n| count as event_count by _timeslice, action\n| transpose row _timeslice column action", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelfdd548d9868f8a49", - "title": "Recent Drop Activities", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit QUERY *DROP*\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?\\d*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),\\'(?.*\\'?(?=\\'\\,))\\',(?\\d*)\" nodrop\n| parse regex field=sqlStatement \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| parse field=database \"Access denied for user '*'@'*' to database '*'\" as user1, host1, database1 nodrop\n| if (database matches \"Access denied for user*\", database1, database) as database\n| where action = \"QUERY\"\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n| where !isEmpty(sqlStatement) and ( host != \"localhost\" or user != \"rdsadmin\")\n| if (!isEmpty(sqlStatement2), sqlStatement2, sqlStatement) as sqlStatement\n| parse regex field=sqlStatement \"(?\\S+)\\s+\"\n| toUppercase(command) as command\n| where command = \"DROP\" or toUppercase(sqlStatement) matches \"* DROP *\"\n| timeslice 1s\n| count as frequency by _timeslice, action, user, host, database, command, sqlStatement\n| sort by _timeslice, command asc\n| limit 20", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "paneld4002ff8986ae94a", - "title": "Top Active Users", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit QUERY\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?\\d*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),\\'(?.*\\'?(?=\\'\\,))\\',(?\\d*)\" nodrop\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n| where !isEmpty(user)\n| count as frequency by user\n| top 10 user by frequency, user asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "paneld9e17cb781603844", - "title": "Failed Connections - User Location", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\"},\"map\":{\"mainMetric\":{}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit FAILED_CONNECT\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n| where action matches \"FAILED_CONNECT\" and host != \"localhost\"\n| count as user_count by host\n| lookup latitude, longitude from geo://location on ip = host", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelbf0d37238e93384e", - "title": "Top SQL Statements", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit QUERY\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?\\d*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),\\'(?.*\\'?(?=\\'\\,))\\',(?\\d*)\" nodrop\n| parse regex field=sqlStatement \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| where action = \"QUERY\"\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n| if (!isEmpty(sqlStatement2), sqlStatement2, sqlStatement) as sqlStatement\n| parse regex field=sqlStatement \"(?\\S+)\\s+\"\n| toUppercase(command) as command\n| where !isEmpty(sqlStatement) and ( host != \"localhost\" or user != \"rdsadmin\")\n| count as frequency by sqlStatement\n| top 20 sqlStatement by frequency, sqlStatement asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelc61e58f7982bf949", - "title": "Top Active Databases", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit QUERY\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?\\d*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),\\'(?.*\\'?(?=\\'\\,))\\',(?\\d*)\" nodrop\n| parse field=database \"Access denied for user '*'@'*' to database '*'\" as user1, host1, database1 nodrop\n| if (database matches \"Access denied for user*\", database1, database) as database\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n| where !isEmpty(database)\n| count as frequency by database\n| top 10 database by frequency, database asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel14f5879daa6af944", - "title": "Multiple Users Connecting From Same Host", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit CONNECT\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| where action = \"CONNECT\"\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n|count_distinct (user) as %\"UniqueUsers\" by host\n| 0 as threshold // Feel free to change this threshold value based on your need. Anything above 0 is good\n| where %\"UniqueUsers\" > threshold\n| sort by %\"UniqueUsers\", host asc\n| fields -threshold", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel53DDD9B5A9537A4C", - "title": "Other Events ", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":\"10\",\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Default\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| where action not in (\"QUERY\", \"CONNECT\", \"DISCONNECT\", \"FAILED_CONNECT\")\n| where user matches \"{{user}}\" and host matches \"{{host}}\"\n| count by action\n| sort by _count, action asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "user", - "displayName": "user", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*/audit\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| count by user", - "field": "user" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "host", - "displayName": "host", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*/audit\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| count by host", - "field": "host" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "10. Amazon RDS - MySQL Logs - Audit Log SQL Statements", - "description": "The Amazon RDS - MySQL Logs - Audit Log SQL Statement dashboard provides an analysis of audit logs, including types of top SQL commands being executed on the RDS instances and clusters.", - "title": "10. Amazon RDS - MySQL Logs - Audit Log SQL Statements", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "region": [ - "*" - ], - "_sumo_domain_name": [ - "aws" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelcbdb0b8b9d2d9847", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":0}" - }, - { - "key": "panel07979bfa98830842", - "structure": "{\"height\":6,\"width\":16,\"x\":8,\"y\":0}" - }, - { - "key": "panel20841849bc73cb4c", - "structure": "{\"height\":8,\"width\":24,\"x\":0,\"y\":6}" - }, - { - "key": "panelbbb1bc26a4053b49", - "structure": "{\"height\":10,\"width\":24,\"x\":0,\"y\":14}" - }, - { - "key": "panel1a1aa75b9c1fd94c", - "structure": "{\"height\":8,\"width\":24,\"x\":0,\"y\":32}" - }, - { - "key": "panel50d2d1bf81db5849", - "structure": "{\"height\":8,\"width\":24,\"x\":0,\"y\":24}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel50d2d1bf81db5849", - "title": "Recent TCL SQL Statements", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit QUERY (*COMM* or *ROLLB* or *SAVE* or *SET* or *TRAN*)\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?\\d*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),\\'(?.*\\'?(?=\\'\\,))\\',(?\\d*)\" nodrop\n| parse field=database \"Access denied for user '*'@'*' to database '*'\" as user1, host1, database1 nodrop\n| if (database matches \"Access denied for user*\", database1, database) as database\n| parse regex field=sqlStatement \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| where !isEmpty(sqlStatement) and ( host != \"localhost\" or user != \"rdsadmin\")\n| where action = \"QUERY\"\n| where user matches \"{{user}}\" and host matches \"{{host}}\" and database matches \"{{database}}\"\n| if (!isEmpty(sqlStatement2), sqlStatement2, sqlStatement) as sqlStatement\n| parse regex field=sqlStatement \"(?\\S+)\\s+\"\n| if (isEmpty(command), sqlStatement, command) as command\n| toUppercase(command) as command\n| where (command matches \"*COMM*\" or command matches \"*ROLLB*\" or command matches \"*SAVE*\" or sqlStatement matches \"*COMM*\" or sqlStatement matches \"*ROLLB*\" or sqlStatement matches \"*SAVE*\" or sqlStatement matches \"*SET*TRAN*\")\n| timeslice 1s\n| count as count by _timeslice, action, user, host, database, command, sqlStatement\n| sort by _timeslice, command asc\n| limit 20", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1a1aa75b9c1fd94c", - "title": "Recent DCL SQL Statements", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit QUERY (*GRAN* or *REVO*)\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?\\d*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),\\'(?.*\\'?(?=\\'\\,))\\',(?\\d*)\" nodrop\n| parse field=database \"Access denied for user '*'@'*' to database '*'\" as user1, host1, database1 nodrop\n| if (database matches \"Access denied for user*\", database1, database) as database\n| parse regex field=sqlStatement \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| where !isEmpty(sqlStatement) and ( host != \"localhost\" or user != \"rdsadmin\")\n| where action = \"QUERY\"\n| where user matches \"{{user}}\" and host matches \"{{host}}\" and database matches \"{{database}}\"\n| if (!isEmpty(sqlStatement2), sqlStatement2, sqlStatement) as sqlStatement\n| parse regex field=sqlStatement \"(?\\S+)\\s+\"\n| toUppercase(command) as command\n| where (command matches \"*GRAN*\" or command matches \"*REVO*\")\n| timeslice 1s\n| count as count by _timeslice, action, user, host, database, command, sqlStatement\n| sort by _timeslice, command asc\n| limit 20", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelbbb1bc26a4053b49", - "title": "Recent DDL SQL Statements", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit QUERY (*crea* or *alte* or *drop* or *trun* or *comm* or *rena*)\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?\\d*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),\\'(?.*\\'?(?=\\'\\,))\\',(?\\d*)\" nodrop\n| parse field=database \"Access denied for user '*'@'*' to database '*'\" as user1, host1, database1 nodrop\n| if (database matches \"Access denied for user*\", database1, database) as database\n| parse regex field=sqlStatement \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| where !isEmpty(sqlStatement) and ( host != \"localhost\" or user != \"rdsadmin\")\n| where action = \"QUERY\"\n| where user matches \"{{user}}\" and host matches \"{{host}}\" and database matches \"{{database}}\"\n| if (!isEmpty(sqlStatement2), sqlStatement2, sqlStatement) as sqlStatement\n| parse regex field=sqlStatement \"(?\\S+)\\s+\"\n| toUppercase(command) as command\n| where (command matches \"*CREA*\" or command matches \"*ALTE*\" or command matches \"*DROP*\" or command matches \"*TRUN*\" or command matches \"*COMM*\" or command matches \"*RENA*\")\n| timeslice 1s\n| count as count by _timeslice, action, user, host, database, command, sqlStatement\n| sort by _timeslice, command\n| limit 20", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelcbdb0b8b9d2d9847", - "title": "Top SQL Commands", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"Event Count\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"right\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit QUERY\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?\\d*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),\\'(?.*\\'?(?=\\'\\,))\\',(?\\d*)\" nodrop\n| parse field=database \"Access denied for user '*'@'*' to database '*'\" as user1, host1, database1 nodrop\n| if (database matches \"Access denied for user*\", database1, database) as database\n| where action = \"QUERY\"\n| where user matches \"{{user}}\" and host matches \"{{host}}\" and database matches \"{{database}}\"\n| parse regex field=sqlStatement \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| parse regex field=sqlStatement \"\\'(?\\S+)\\s+\"\n| if (!isEmpty(sqlStatement2), sqlStatement2, sqlStatement) as sqlStatement\n| parse regex field=sqlStatement \"(?\\S+)\\s*\"\n| toUppercase(command) as command\n| count as event_count by Command\n| sort by event_count, Command asc\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel07979bfa98830842", - "title": "SQL Command Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"Event Count\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit QUERY\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?\\d*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),\\'(?.*\\'?(?=\\'\\,))\\',(?\\d*)\" nodrop\n| parse field=database \"Access denied for user '*'@'*' to database '*'\" as user1, host1, database1 nodrop\n| if (database matches \"Access denied for user*\", database1, database) as database\n| where action = \"QUERY\"\n| where user matches \"{{user}}\" and host matches \"{{host}}\" and database matches \"{{database}}\"\n| parse regex field=sqlStatement \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| parse regex field=sqlStatement \"\\'(?\\S+)\\s+\"\n| if (!isEmpty(sqlStatement2), sqlStatement2, sqlStatement) as sqlStatement\n| parse regex field=sqlStatement \"(?\\S+)\\s*\"\n| toUppercase(command) as command\n| timeslice 15m\n| count as event_count by _timeslice, command\n| transpose row _timeslice column command", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel20841849bc73cb4c", - "title": "Recent DML SQL Statements", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds/*Audit QUERY (*sele* or *inse* or *upda* or *dele* or *merg* or call or *expla* or lock or *REPL*)\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?\\d*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),(?[^,]*),\\'(?.*\\'?(?=\\'\\,))\\',(?\\d*)\" nodrop\n| parse field=database \"Access denied for user '*'@'*' to database '*'\" as user1, host1, database1 nodrop\n| if (database matches \"Access denied for user*\", database1, database) as database\n| parse regex field=sqlStatement \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| where !isEmpty(sqlStatement) and ( host != \"localhost\" or user != \"rdsadmin\")\n| where action = \"QUERY\"\n| where user matches \"{{user}}\" and host matches \"{{host}}\" and database matches \"{{database}}\"\n| if (!isEmpty(sqlStatement2), sqlStatement2, sqlStatement) as sqlStatement\n| parse regex field=sqlStatement \"(?\\S+)\\s+\"\n| toUppercase(command) as command\n| where (command matches \"*SELE*\" or command matches \"*INSE*\" or command matches \"*UPDA*\" or command matches \"*DELE*\" or command matches \"*MERG*\" or command matches \"*CALL*\" or command matches \"*EXPL*\" or command matches \"*LOCK*\" or command matches \"*REPL*\") \n| timeslice 1s\n| count as count by _timeslice, action, user, host, database, command, sqlStatement\n| sort by _timeslice, command asc\n| limit 20", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "user", - "displayName": "user", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*/audit\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| count by user", - "field": "user" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "host", - "displayName": "host", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*/audit\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| count by host", - "field": "host" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "database", - "displayName": "database", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*/audit\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \",*,*,*,*,*,*,*,*,*\" as instance, user, host, f1, f2, action, database, f3, f4 nodrop\n| parse field=database \"Access denied for user '*'@'*' to database '*'\" as user1, host1, database1 nodrop\n| if (database matches \"Access denied for user*\", database1, database) as database\n| where !IsBlank(database)\n| count by database", - "field": "database" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "11. Amazon RDS - MySQL Logs - General Log Analysis", - "description": "The Amazon RDS - MySQL Logs - Generic Log Analysis dashboard provides details for general logs, including command types and trends, user activity and management, host activity, connections, and SQL statements.", - "title": "11. Amazon RDS - MySQL Logs - General Log Analysis", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panel84924ee0891dcb42", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":0}" - }, - { - "key": "panel769acb66a1daab45", - "structure": "{\"height\":6,\"width\":9,\"x\":6,\"y\":0}" - }, - { - "key": "panelc8407dd9a380994b", - "structure": "{\"height\":6,\"width\":9,\"x\":15,\"y\":0}" - }, - { - "key": "panelc5d4888d9f0a9948", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":6}" - }, - { - "key": "panele1ef9c4ca38c8b45", - "structure": "{\"height\":8,\"width\":4,\"x\":0,\"y\":7}" - }, - { - "key": "panel8cc671a0973e7945", - "structure": "{\"height\":8,\"width\":5,\"x\":4,\"y\":7}" - }, - { - "key": "panelb449df4aaaf3eb4e", - "structure": "{\"height\":8,\"width\":5,\"x\":9,\"y\":7}" - }, - { - "key": "panel38a03a2580fa4b49", - "structure": "{\"height\":8,\"width\":10,\"x\":14,\"y\":7}" - }, - { - "key": "panel9afaa33f9417cb4d", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":15}" - }, - { - "key": "panel57180085a5fca842", - "structure": "{\"height\":5,\"width\":5,\"x\":4,\"y\":15}" - }, - { - "key": "panel006c00e281a92848", - "structure": "{\"height\":5,\"width\":15,\"x\":9,\"y\":15}" - }, - { - "key": "panela25cd053b4094b4e", - "structure": "{\"height\":9,\"width\":15,\"x\":9,\"y\":20}" - }, - { - "key": "panel33eeb31aa53b4a45", - "structure": "{\"height\":9,\"width\":9,\"x\":0,\"y\":20}" - }, - { - "key": "panel595fa3b09765884b", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":29}" - }, - { - "key": "panel1cffcaf1afe39a49", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":30}" - }, - { - "key": "paneld869c4b48944db48", - "structure": "{\"height\":6,\"width\":16,\"x\":8,\"y\":30}" - }, - { - "key": "panel56a39f0c86d9bb43", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":36}" - }, - { - "key": "panel51071cabb058ca44", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":36}" - }, - { - "key": "panel534db752809df94a", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":42}" - }, - { - "key": "panel31827498b0b75842", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":42}" - }, - { - "key": "panel438c5e13971c794a", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":48}" - }, - { - "key": "panel11e62e79a8bf8849", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":48}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel57180085a5fca842", - "title": "Connection Attempts", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":true,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Connect\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| where cmdType = \"Connect\"\n| parse field=command \"*@* on using *\" as user, host, connectionType nodrop\n| parse field=command \"*@* on * using *\" as user, host, database, connectionType nodrop\n| parse field=command \"Out\\t*@*:*\" as user, host, port nodrop\n| parse field=message \"Access denied for user '*'@'*' (using *: *)\" as user, host, autenticationType, flag nodrop\n| where host != \"localhost\"\n| if (message matches \"*Access denied*\", \"Fail\", \"Success\") as connectionStatus\n| count as connectionAttempts", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelc8407dd9a380994b", - "title": "Connection Type - Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Connect\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| where cmdType = \"Connect\"\n| parse field=command \"*@* on using *\" as user, host, connectionType nodrop\n| parse field=command \"*@* on * using *\" as user, host, database, connectionType nodrop\n| parse field=message \"Access denied for user '*'@'*' (using *: *)\" as user, host, autenticationType, flag nodrop\n| if (message matches \"*Access denied*\", \"Fail\", \"Success\") as connectionStatus\n| where !isEmpty(connectionType)\n| timeslice 15m\n| count by _timeslice, connectionType\n| transpose row _timeslice column connectionType", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel9afaa33f9417cb4d", - "title": "Failed Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":true,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Connect *Access denied\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| where cmdType = \"Connect\"\n| parse field=command \"*@* on using *\" as user, host, connectionType nodrop\n| parse field=command \"*@* on * using *\" as user, host, database, connectionType nodrop\n| parse field=command \"Out\\t*@*:*\" as user, host, port nodrop\n| parse field=message \"Access denied for user '*'@'*' (using *: *)\" as user, host, autenticationType, flag nodrop\n| where host != \"localhost\" and message matches \"*Access denied*\"\n| if (message matches \"*Access denied*\", \"Fail\", \"Success\") as connectionStatus\n| count as failedConnections", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "paneld869c4b48944db48", - "title": "SQL Statements Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Query\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| parse regex field=command \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| where cmdType = \"Query\"\n| if (!isEmpty(command2), command2, command) as command\n| parse regex field=command \"(?\\S+)\\s+\"\n| toUppercase(sqlStatement) as sqlStatement\n| timeslice 15m\n| count by _timeslice, sqlStatement\n| transpose row _timeslice column sqlStatement", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelb449df4aaaf3eb4e", - "title": "Top Active Hosts", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Connect\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| where cmdType = \"Connect\"\n| parse field=command \"*@* on using *\" as user, host, connectionType nodrop\n| parse field=command \"*@* on * using *\" as user, host, database, connectionType nodrop\n| parse field=command \"Out\\t*@*:*\" as user, host, port nodrop\n| parse field=message \"Access denied for user '*'@'*' (using *: *)\" as user, host, autenticationType, flag nodrop\n| if (message matches \"*Access denied*\", \"Fail\", \"Success\") as connectionStatus\n| count as count by host\n| sort by count, host asc | limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel31827498b0b75842", - "title": "Recent TCL SQL Statements", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Query (*COMM* or *ROLLB* or *SAVE* or *SET*TRAN*)\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| parse regex field=command \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| where cmdType = \"Query\"\n| if (!isEmpty(command2), command2, command) as command\n| parse regex field=command \"(?\\S+)\\s+\"\n| toUppercase(sqlStatement) as sqlStatement\n| where (sqlStatement matches \"*COMM*\" or sqlStatement matches \"*ROLLB*\" or sqlStatement matches \"*SAVE*\" or sqlStatement matches \"*SET*TRAN*\")\n| timeslice 1s\n| count as count by _timeslice, cmdType, sqlStatement, command\n| sort by _timeslice, sqlStatement asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel56a39f0c86d9bb43", - "title": "Recent DML SQL Statements", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Query (*sele* or *inse* or *upda* or *dele* or *merg* or call or *expla* or lock or *REPL*)\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| parse regex field=command \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| where cmdType = \"Query\"\n| if (!isEmpty(command2), command2, command) as command\n| parse regex field=command \"(?\\S+)\\s+\"\n| toUppercase(sqlStatement) as sqlStatement\n| where (sqlStatement matches \"*SELE*\" or sqlStatement matches \"*INSE*\" or sqlStatement matches \"*UPDA*\" or sqlStatement matches \"*DELE*\" or sqlStatement matches \"*MERG*\" or sqlStatement matches \"*CALL*\" or sqlStatement matches \"*EXPL*\" or sqlStatement matches \"*LOCK*\" or sqlStatement matches \"*REPL*\")\n| timeslice 1s\n| count as count by _timeslice, cmdType, sqlStatement, command\n| sort by _timeslice, sqlStatement asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel769acb66a1daab45", - "title": "General Logs - Command Type Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| timeslice 15m\n| count by _timeslice, cmdType\n| transpose row _timeslice column cmdType", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panela25cd053b4094b4e", - "title": "Recent Connection Requests", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Connect\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| where cmdType = \"Connect\"\n| parse field=command \"*@* on using *\" as user, host, connectionType nodrop\n| parse field=command \"*@* on * using *\" as user, host, database, connectionType nodrop\n| parse field=command \"Out\\t*@*:*\" as user, host, port nodrop\n| parse field=message \"Access denied for user '*'@'*' (using *: *)\" as user, host, autenticationType, flag nodrop\n| where host != \"localhost\"\n| if (message matches \"*Access denied*\", \"Fail\", \"Success\") as connectionStatus\n| count as count by _messagetime, user, host, database, connectionType\n| sort by _messagetime\n| formatDate(_messagetime, \"MM/dd/yyyy HH:mm:ss:SSS z\") as messageDate\n| fields messageDate, user, host, database, connectionType, count\n| fields -_messagetime", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1cffcaf1afe39a49", - "title": "Top SQL Statements", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"Count\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"right\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Query\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| parse regex field=command \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| where cmdType = \"Query\"\n| if (!isEmpty(command2), command2, command) as command\n| parse regex field=command \"(?\\S+)\\s+\"\n| toUppercase(sqlStatement) as sqlStatement\n| count as event_count by sqlStatement\n| sort by event_count, sqlStatement asc\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel33eeb31aa53b4a45", - "title": "Recent Failed Connection Requests", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Connect *Access denied\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\" nodrop\n| where cmdType = \"Connect\"\n| parse field=command \"*@* on using *\" as user, host, connectionType nodrop\n| parse field=command \"*@* on * using *\" as user, host, database, connectionType nodrop\n| parse field=command \"Out\\t*@*:*\" as user, host, port nodrop\n| parse field=message \"Access denied for user '*'@'*' (using *: *)\" as user, host, autenticationType, flag nodrop\n| where host != \"localhost\" and message matches \"*Access denied*\"\n| if (message matches \"*Access denied*\", \"Fail\", \"Success\") as connectionStatus\n| count as count by _messagetime, user, host, autenticationType, connectionStatus\n| sort by _messagetime\n| formatDate(_messagetime, \"MM/dd/yyyy HH:mm:ss:SSS z\") as messageDate\n| fields messageDate, user, host, autenticationType, count\n| fields -_messagetime", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8cc671a0973e7945", - "title": "Top Active Users", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Connect\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| where cmdType = \"Connect\"\n| parse field=command \"*@* on using *\" as user, host, connectionType nodrop\n| parse field=command \"*@* on * using *\" as user, host, database, connectionType nodrop\n| parse field=command \"Out\\t*@*:*\" as user, host, port nodrop\n| parse field=message \"Access denied for user '*'@'*' (using *: *)\" as user, host, autenticationType, flag nodrop\n| if (message matches \"*Access denied*\", \"Fail\", \"Success\") as connectionStatus\n| count as count by user\n| sort by count, user asc | limit 20", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panele1ef9c4ca38c8b45", - "title": "Connection Type", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":\"10\",\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Default\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Connect\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| where cmdType = \"Connect\"\n| parse field=command \"*@* on using *\" as user, host, connectionType nodrop\n| parse field=command \"*@* on * using *\" as user, host, database, connectionType nodrop\n| parse field=command \"Out\\t*@*:*\" as user, host, port nodrop\n| parse field=message \"Access denied for user '*'@'*' (using *: *)\" as user, host, autenticationType, flag nodrop\n| if (message matches \"*Access denied*\", \"Fail\", \"Success\") as connectionStatus\n| where !isEmpty(connectionType)\n| count as event_count by connectionType\n| sort by event_count, connectionType asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel51071cabb058ca44", - "title": "Recent DDL SQL Statements", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Query (*crea* or *alte* or *drop* or *trun* or *comm* or *rena*)\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| parse regex field=command \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| where cmdType = \"Query\"\n| if (!isEmpty(command2), command2, command) as command\n| parse regex field=command \"(?\\S+)\\s+\"\n| toUppercase(sqlStatement) as sqlStatement\n| where (sqlStatement matches \"*CREA*\" or sqlStatement matches \"*ALTE*\" or sqlStatement matches \"*DROP*\" or sqlStatement matches \"*TRUN*\" or sqlStatement matches \"*COMM*\" or sqlStatement matches \"*RENA*\")\n| timeslice 1s\n| count as count by _timeslice, cmdType, sqlStatement, command\n| sort by _timeslice, sqlStatement asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel38a03a2580fa4b49", - "title": "DB Connection Attempts By Hosts", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"area\",\"displayType\":\"default\",\"markerSize\":null,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"fillOpacity\":0.25,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Connect\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| where cmdType = \"Connect\"\n| parse field=command \"*@* on using *\" as user, host, connectionType nodrop\n| parse field=command \"*@* on * using *\" as user, host, database, connectionType nodrop\n| parse field=command \"Out\\t*@*:*\" as user, host, port nodrop\n| parse field=message \"Access denied for user '*'@'*' (using *: *)\" as user, host, autenticationType, flag nodrop\n| if (message matches \"*Access denied*\", \"Fail\", \"Success\") as connectionStatus\n| timeslice 15m\n| count as %\"ConnectionCount\" by _timeslice, host\n| transpose row _timeslice column host", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel84924ee0891dcb42", - "title": "General Logs - Command Type", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":\"10\",\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Default\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"right\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| count as event_count by cmdType\n| sort by event_count, cmdType asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel438c5e13971c794a", - "title": "Recent DROP Activities", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Query *DROP*\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| parse regex field=command \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| where cmdType = \"Query\"\n| if (!isEmpty(command2), command2, command) as command\n| parse regex field=command \"(?\\S+)\\s+\"\n| toUppercase(sqlStatement) as sqlStatement\n| where sqlStatement = \"DROP\" or toUppercase(command) matches \"* DROP *\"\n| timeslice 1s\n| count as count by _timeslice, cmdType, sqlStatement, command\n| sort by _timeslice, sqlStatement asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelc5d4888d9f0a9948", - "title": "Connect", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"text\",\"displayType\":\"default\",\"mode\":\"TextPanel\"},\"legend\":{\"enabled\":false},\"text\":{\"format\":\"markdownV2\",\"fontSize\":14,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel534db752809df94a", - "title": "Recent DCL SQL Statements", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Query (*GRAN* or *REVO*)\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| parse regex field=command \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| where cmdType = \"Query\"\n| if (!isEmpty(command2), command2, command) as command\n| parse regex field=command \"(?\\S+)\\s+\"\n| toUppercase(sqlStatement) as sqlStatement\n| where (sqlStatement matches \"*GRAN*\" or sqlStatement matches \"*REVO*\")\n| timeslice 1s\n| count as count by _timeslice, cmdType, sqlStatement, command\n| sort by _timeslice, sqlStatement asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel11e62e79a8bf8849", - "title": "Recent User Management Activities", - "visualSettings": "{\"title\":{\"fontSize\":12},\"series\":{},\"general\":{\"type\":\"table\",\"fontSize\":12,\"mode\":\"timeSeries\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Query user (*crea* or *alte* or *drop)\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| parse regex field=command \"/\\*[^*/]*\\*/\\s*(?.*)\" nodrop // incase start of command is commented.\n| where cmdType = \"Query\"\n| if (!isEmpty(command2), command2, command) as command\n| parse regex field=command \"(?\\S+)\\s+\"\n| toUppercase(sqlStatement) as sqlStatement\n| where (sqlStatement matches \"*CREA*\" or sqlStatement matches \"*ALTE*\" or sqlStatement matches \"*DROP*\") and (toUppercase(command) matches \"* USER *\")\n| timeslice 1s\n| count as count by _timeslice, cmdType, sqlStatement, command\n| sort by _timeslice, sqlStatement asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel595fa3b09765884b", - "title": "Query", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"text\",\"displayType\":\"default\",\"mode\":\"TextPanel\"},\"legend\":{\"enabled\":false},\"text\":{\"format\":\"markdownV2\",\"fontSize\":14,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel006c00e281a92848", - "title": "Failed to Connection Attempt Ratio - Outlier", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":null,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"hideLabels\":false,\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"\",\"minimum\":null,\"maximum\":null}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"thresholdsSettings\":{\"fillRemainingGreen\":false,\"showThresholds\":false,\"numberThresholds\":{\"warning\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":80},\"critical\":{\"display\":true,\"comparator\":\"greater_or_equal\",\"value\":100}}},\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} dbidentifier={{dbidentifier}} namespace=aws/rds _sourceHost=/aws/rds*general Connect\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\s*\\d+\\s+(?\\S+)\\s*(?.*)\"\n| where cmdType = \"Connect\"\n| parse field=command \"*@* on using *\" as user, host, connectionType nodrop\n| parse field=command \"*@* on * using *\" as user, host, database, connectionType nodrop\n| parse field=command \"Out\\t*@*:*\" as user, host, port nodrop\n| parse field=message \"Access denied for user '*'@'*' (using *: *)\" as user, host, autenticationType, flag nodrop\n| where host != \"localhost\"\n| if (message matches \"*Access denied*\", 1, 0) as failedConnection\n| timeslice 15m\n| count as connectionAttempt, sum(failedConnection) as failedConnection by _timeslice\n| (failedConnection/connectionAttempt)*100 as ratio\n| outlier ratio", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": null, - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "12. Amazon RDS - PostgreSQL Logs - Overview", - "description": "The Amazon RDS - PostgreSQL Logs - Overview dashboard provides a high level analysis of database activity with details on errors, slow logs, and authentication using RDS CloudWatch logs.", - "title": "12. Amazon RDS - PostgreSQL Logs - Overview", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-5", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":0}" - }, - { - "key": "panelFEA4DAC2947CDB4F", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":0}" - }, - { - "key": "panelPANE-550748B7AA1ECB47", - "structure": "{\"height\":6,\"width\":7,\"x\":12,\"y\":0}" - }, - { - "key": "panelPANE-60AE92B08013B948", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":14}" - }, - { - "key": "panelPANE-3B94E327B4CC0A47", - "structure": "{\"height\":7,\"width\":6,\"x\":5,\"y\":14}" - }, - { - "key": "panelPANE-274445AC843D5A4A", - "structure": "{\"height\":7,\"width\":8,\"x\":11,\"y\":14}" - }, - { - "key": "panelPANE-628BE05DBEEDC84E", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":7}" - }, - { - "key": "panelPANE-25E2AFAEBE9AB842", - "structure": "{\"height\":6,\"width\":5,\"x\":6,\"y\":7}" - }, - { - "key": "panelPANE-7C5C86C7B14EC84C", - "structure": "{\"height\":6,\"width\":13,\"x\":11,\"y\":7}" - }, - { - "key": "panel446C83E99C076941", - "structure": "{\"height\":7,\"width\":5,\"x\":19,\"y\":14}" - }, - { - "key": "panelPANE-66AB340A839FA94E", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":6}" - }, - { - "key": "panel9E16D6A983642A4C", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":13}" - }, - { - "key": "panelPANE-CEBBA608BA70E841", - "structure": "{\"height\":6,\"width\":5,\"x\":19,\"y\":0}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-5", - "title": "Log Severity", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{},\"legend\":{\"enabled\":false},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}}\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg\n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\" \n| count by severity\n| sort by _count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelFEA4DAC2947CDB4F", - "title": "Log Severity - Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"severity\"},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[],\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}}\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg\n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\" \n| timeslice 15m\n| count by _timeslice, severity\n| transpose row _timeslice column severity", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-550748B7AA1ECB47", - "title": "User Activity by Database", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"user\"},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"Database\"}},\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"distribution\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} (\"ERROR\" OR \"FATAL\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg\n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| where severity in (\"ERROR\",\"FATAL\")\n| count as events by user,database\n| transpose row user column database", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-60AE92B08013B948", - "title": "Slow Queries", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Sum\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Queries\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| number (execution_time_ms)\n| count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-3B94E327B4CC0A47", - "title": "Top Users Firing Slow Queries", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"distribution\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| count as frequency by user \n| top 10 user by frequency, user asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-274445AC843D5A4A", - "title": "Slow Query by Command Type", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"\"},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"frequency\"}},\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"distribution\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg\n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\" \n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| count by date,time,user,database,execution_time_ms,query,dbidentifier\n| number (execution_time_ms)\n| parse regex field=query \"(?:\\s|\\\\n|\\n)+(?(?i)CREATE|DROP|ALTER|TRUNCATE|COMMENT|RENAME|SELECT|INSERT|UPDATE|DELETE|GRANT|INVOKE|BEGIN|COMMIT|ROLLBACK)(?:\\s|\\\\n|\\n)+\"\n| toupperCase(sql_cmd_type) as sql_cmd_type\n| count as frequency by sql_cmd_type", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-628BE05DBEEDC84E", - "title": "Failed Authentications", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Sum\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":1,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} \"authentication failed\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| count as %\"Count\" ", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-25E2AFAEBE9AB842", - "title": "User DB Connection", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} \"connection authorized\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\" \n| parse regex field=msg \"user=(?[\\S]+) database=(?[\\S]+)\"\n| where user!=\"rdsadmin\"\n| count as %\"Count\" ", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-7C5C86C7B14EC84C", - "title": "Geo Location of Authorized Connections", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} \"connection authorized\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| where user!=\"rdsadmin\"\n| where !(host matches \"localhost\" or host matches \"127.0.0.1\") \n| count by host\n| lookup latitude, longitude from geo://location on ip = host\n| where !isnull(latitude)\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel446C83E99C076941", - "title": "Top Users and IPs Firing Slow Queries", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"\"},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"frequency\"}},\"series\":{},\"overrides\":[],\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg\n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\" \n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| count by date,time,user,database,execution_time_ms,query,dbidentifier,host\n| number (execution_time_ms)\n| parse regex field=query \"(?:\\s|\\\\n|\\n)+(?(?i)CREATE|DROP|ALTER|TRUNCATE|COMMENT|RENAME|SELECT|INSERT|UPDATE|DELETE|GRANT|INVOKE|BEGIN|COMMIT|ROLLBACK)(?:\\s|\\\\n|\\n)+\"\n| toupperCase(sql_cmd_type) as sql_cmd_type\n| count as frequency by user,host\n| sort by frequency, user asc, host asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-66AB340A839FA94E", - "title": "Security", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel9E16D6A983642A4C", - "title": "Slow Queries", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelPANE-CEBBA608BA70E841", - "title": "Query Executed by Database", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms\" \n| number (execution_time_ms)\n| count by dbidentifier, database", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "database", - "displayName": "database", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by database\n| sort by database asc", - "field": "database" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "user", - "displayName": "user", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by user\n| sort by user asc", - "field": "user" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "host", - "displayName": "host", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by host\n| sort by host asc", - "field": "host" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "13. Amazon RDS - PostgreSQL Logs - Errors", - "description": "The Amazon RDS - PostgreSQL Logs - Errors dashboard provide details on error occurring on your PostgreSQL instance by keeping track of log severity using postgresql.log.", - "title": "13. Amazon RDS - PostgreSQL Logs - Errors", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-5", - "structure": "{\"height\":8,\"width\":5,\"x\":0,\"y\":0}" - }, - { - "key": "panelPANE-6", - "structure": "{\"height\":6,\"width\":13,\"x\":11,\"y\":14}" - }, - { - "key": "panelE960C202B77F0B45", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":8}" - }, - { - "key": "panelE6B35B1CB9E7294A", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":8}" - }, - { - "key": "panelE168B103B2A6184D", - "structure": "{\"height\":6,\"width\":11,\"x\":0,\"y\":14}" - }, - { - "key": "panel5CC6A74F8A521946", - "structure": "{\"height\":8,\"width\":7,\"x\":5,\"y\":0}" - }, - { - "key": "panel191C7DD8A4233B43", - "structure": "{\"height\":9,\"width\":10,\"x\":0,\"y\":20}" - }, - { - "key": "panelFEA4DAC2947CDB4F", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":8}" - }, - { - "key": "panel108F4F54BDE0C840", - "structure": "{\"height\":9,\"width\":14,\"x\":10,\"y\":20}" - }, - { - "key": "panelPANE-E3D2BA8D95A79840", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":29}" - }, - { - "key": "panel220F24D8B1E37B4C", - "structure": "{\"height\":8,\"width\":6,\"x\":12,\"y\":0}" - }, - { - "key": "panelD02C5D46A1E97940", - "structure": "{\"height\":8,\"width\":6,\"x\":18,\"y\":0}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-5", - "title": "Log Severity", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"hiddenQueryKeys\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}}\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| count by severity\n| sort by _count,severity asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-6", - "title": "Recent Fatal Events", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} (\"FATAL\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| format(\"%s %s\", date, time) as datetime\n| count as frequency by datetime, dbidentifier, database,host, user, msg", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelE960C202B77F0B45", - "title": "Errors by User Over Time", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"Errors\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} (\"ERROR\" OR \"FATAL\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| where severity in (\"ERROR\",\"FATAL\")\n| timeslice 15m\n| count as %\"Count\" by user, _timeslice\n| transpose row _timeslice column user", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelE6B35B1CB9E7294A", - "title": "Errors by Database Over Time", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"Errors\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} (\"ERROR\" OR \"FATAL\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| where severity in (\"ERROR\",\"FATAL\")\n| timeslice 15m\n| count as %\"Count\" by database, _timeslice\n| transpose row _timeslice column database", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelE168B103B2A6184D", - "title": "Errors Events - Outlier", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} (ERROR or FATAL)\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| where severity in (\"ERROR\", \"FATAL\")\n| timeslice 15m\n| count as event_count by _timeslice\n| outlier event_count window=5,threshold=3,consecutive=2,direction=+", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5CC6A74F8A521946", - "title": "Database Activity by Severity", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"bar\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"axes\":{\"axisX\":{\"title\":\"Severity\",\"titleFontSize\":12,\"labelFontSize\":12,\"hideLabels\":false},\"axisY\":{\"title\":\"Count\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} (\"ERROR\" OR \"FATAL\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg\n| where severity in (\"ERROR\",\"FATAL\")\n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| count as events by severity,database\n| transpose row severity column database", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel191C7DD8A4233B43", - "title": "Top Errors and Fatal Messages", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} (\"ERROR\" OR \"FATAL\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,x,user,database,processid,severity,msg \n| where severity IN (\"ERROR\", \"FATAL\") and user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| count as frequency by msg\n| sort by frequency,msg asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelFEA4DAC2947CDB4F", - "title": "Log Severity Over Time", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"severity\"},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[],\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}}\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| timeslice 15m\n| count by _timeslice, severity\n| transpose row _timeslice column severity", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel108F4F54BDE0C840", - "title": "Recent Errors Events", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} (\"ERROR\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg \n| where severity=\"ERROR\" and user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| format(\"%s %s\", date, time) as datetime\n| count as frequency by datetime,dbidentifier, database, user, msg", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-E3D2BA8D95A79840", - "title": "Recent Errors and Error Query", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} (\"STATEMENT\" OR \"ERROR\" )\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| if (severity = \"STATEMENT\", msg, \"\") as query\n| where severity in (\"ERROR\", \"FATAL\", \"STATEMENT\")\n| format(\"%s %s\", date, time) as datetime\n| count as frequency by datetime, dbidentifier, database, user, msg, query\n| sort by datetime", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel220F24D8B1E37B4C", - "title": "User Activity by Severity", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"bar\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"Severity\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} (\"ERROR\" OR \"FATAL\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| where severity in (\"ERROR\",\"FATAL\")\n| count as count by user,severity\n| transpose row severity column user\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelD02C5D46A1E97940", - "title": "Host Activity by Severity ", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"bar\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"Severity\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} (\"ERROR\" OR \"FATAL\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| where severity in (\"ERROR\",\"FATAL\")\n| count as count by host,severity\n| transpose row severity column host\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "database", - "displayName": "database", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by database\n| sort by database asc", - "field": "database" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "user", - "displayName": "user", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,x,user,db,processid,severity,msg\n| count by user\n| sort by user asc", - "field": "user" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "host", - "displayName": "host", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,db,processid,severity,msg\n| count by host\n| sort by host asc", - "field": "host" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "14. Amazon RDS - PostgreSQL Logs - Slow Query Overview", - "description": "The Amazon RDS - PostgreSQL Logs - Slow Query Overview dashboard provides an overview of the slow query logs. AWS RDS will report slow logs with statement taking more than threshold value given through log_min_duration_statement. This dashboard can be filtered with different values for query execution time through slow_query_latency_ms.", - "title": "14. Amazon RDS - PostgreSQL Logs - Slow Query Overview", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "*" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-2", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":19}" - }, - { - "key": "panelPANE-5", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":26}" - }, - { - "key": "panelPANE-7E3EC36DA4661B4B", - "structure": "{\"height\":6,\"width\":3,\"x\":0,\"y\":1}" - }, - { - "key": "panel2E0A4402BC7B7A42", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":13}" - }, - { - "key": "panelC36DFFC38D1F984E", - "structure": "{\"height\":6,\"width\":6,\"x\":18,\"y\":1}" - }, - { - "key": "panel82FC37909D944B43", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":7}" - }, - { - "key": "panel8B9D1EE791779A42", - "structure": "{\"height\":6,\"width\":6,\"x\":7,\"y\":1}" - }, - { - "key": "panelD06C695EABAECA4F", - "structure": "{\"height\":6,\"width\":5,\"x\":13,\"y\":1}" - }, - { - "key": "panel3258999488C5884A", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":7}" - }, - { - "key": "panelA6D0CF578A1A3B45", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":13}" - }, - { - "key": "panel17937CE9B7143A41", - "structure": "{\"height\":6,\"width\":4,\"x\":3,\"y\":1}" - }, - { - "key": "panelPANE-CCADDF3EA825884F", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-2", - "title": "Top Slow Queries by Average Execution Time", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[],\"decimals\":2},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}}\n| avg(execution_time_ms) as avgTime, sum(execution_time_ms) as totalTime, min(execution_time_ms) as minTime, max(execution_time_ms) as maxTime, count as frequency group by query,dbidentifier, database, user, host\n| sort by avgTime | limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-5", - "title": "Average Slow Query Execution Time by Database - One Day/Week Time Comparison", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[],\"decimals\":3},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| where execution_time_ms > {{slow_query_latency_ms}} \n| avg(execution_time_ms) as today by dbidentifier, database\n| compare with timeshift 1d as yesterday, timeshift 1w as last_week\n| today_yesterday as yesterday\n| today_last_week as last_week\n| fields - today_yesterday,today_last_week", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-7E3EC36DA4661B4B", - "title": "Slow Queries", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Sum\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}}\n| count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2E0A4402BC7B7A42", - "title": "Avg Execution Time by Slow SQL Commands", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"Avg Execution Time\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"unit\":{\"value\":\"ms\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}} \n| toUpperCase(query) as query\n| parse regex field=query \"(?:\\s|\\\\n|\\n)+(?(?i)CREATE|DROP|ALTER|TRUNCATE|COMMENT|RENAME|SELECT|INSERT|UPDATE|DELETE|GRANT|INVOKE|BEGIN|COMMIT|ROLLBACK|REVOKE|SAVEPOINT)(?:\\s|\\\\n|\\n)+\"\n| timeslice 15m\n| avg(execution_time_ms) as avg_query_time group by _timeslice, sql_cmd_type\n| transpose row _timeslice column sql_cmd_type", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelC36DFFC38D1F984E", - "title": "Slow Query by Command Type", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"overrides\":[],\"hiddenQueryKeys\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| count by date,time,user,database,execution_time_ms,query,dbidentifier\n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}}\n| toUpperCase(query) as query\n| parse regex field=query \"(?:\\s|\\\\n|\\n)+(?(?i)CREATE|DROP|ALTER|TRUNCATE|COMMENT|RENAME|SELECT|INSERT|UPDATE|DELETE|GRANT|INVOKE|BEGIN|COMMIT|ROLLBACK|REVOKE|SAVEPOINT)(?:\\s|\\\\n|\\n)+\"\n| toupperCase(sql_cmd_type) as sql_cmd_type\n| count as frequency by sql_cmd_type\n| sort by frequency, sql_cmd_type asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel82FC37909D944B43", - "title": "Slow Queries by Database Over Time", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"Queries\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}} \n| timeslice 15m\n| count by _timeslice,database\n| transpose row _timeslice column database", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8B9D1EE791779A42", - "title": "Top Users Firing Slow Queries", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| where execution_time_ms > {{slow_query_latency_ms}} \n| count as frequency by user \n| top 10 user by frequency, user asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelD06C695EABAECA4F", - "title": "Top IP Firing Slow Queries", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| where execution_time_ms > {{slow_query_latency_ms}}\n| count as frequency by host \n| top 10 host by frequency, host asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel3258999488C5884A", - "title": "Slow Queries by User Over Time ", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"Queries\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| where execution_time_ms > {{slow_query_latency_ms}}\n| timeslice 15m\n| fillmissing timeslice(15m)\n| count by _timeslice, user\n| transpose row _timeslice column user", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA6D0CF578A1A3B45", - "title": "Slow Queries - Time Compare", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"Queries\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| where execution_time_ms > {{slow_query_latency_ms}}\n| timeslice 15m\n| count as today by _timeslice\n| fillmissing timeslice(15m)\n| compare with timeshift 1d as yesterday, timeshift 1d 7 avg as last_week_avg\n| today_yesterday as yesterday \n| today_last_week_avg as last_week_avg\n| fields - today_last_week_avg,today_yesterday", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel17937CE9B7143A41", - "title": "Unique Slow Queries", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Sum\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| parse regex field=msg \"duration: (?[\\S]+) ms (?.+)\" \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}}\n| count_distinct(query) as unique_queries", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-CCADDF3EA825884F", - "title": "Untitled", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"series\":{},\"text\":{\"format\":\"markdownV2\",\"showTitle\":false,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "This dashboard works with **log_min_duration_statement** flag. For more details refer [AWS RDS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.PostgreSQL.CommonDBATasks.Parameters.html)." - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "database", - "displayName": "database", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by database\n| sort by database asc", - "field": "database" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "user", - "displayName": "user", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by user\n| sort by user asc", - "field": "user" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "host", - "displayName": "host", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by host\n| sort by host asc", - "field": "host" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "slow_query_latency_ms", - "displayName": "slow_query_latency_ms", - "defaultValue": "2000", - "sourceDefinition": { - "variableSourceType": "CsvVariableSourceDefinition", - "values": "100,500,1000,2000,5000,10000,20000" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "15. Amazon RDS - PostgreSQL Logs - Slow Query Details", - "description": "The Amazon RDS - PostgreSQL Logs - Slow Query Details dashboard provides details on slow log query. Also, this dashboards displays the distribution of slow queries along with parameters like database and query type.", - "title": "15. Amazon RDS - PostgreSQL Logs - Slow Query Details", - "theme": "Light", - "topologyLabelMap": { - "data": { - "3b83b479b7b7dd7d7de0edc4728461ae": [ - "*" - ], - "9e35882821c4dc1d083f5c8d5dce08c9": [ - "*" - ], - "76433308488e87fd9ca495f7b6335b44": [ - "*" - ], - "f46bea18869088043e593437b004527b": [ - "*" - ], - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "7478db846bd6c5245d2c861e7895bf89": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "81df06ff4cf02af487dea1eecf1582ed": [ - "*" - ], - "508f93d0b19653be3056df2387717e54": [ - "*" - ], - "eea522f0547cb32d9514336faeaf6b30": [ - "*" - ], - "fab7ff86a1327f848f8f483d7a764f4f": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "fc7035d5ec07e158f2017d653d7b6d82": [ - "*" - ], - "region": [ - "*" - ], - "90eff265ccc7c85baf439778c2183e92": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-1", - "structure": "{\"height\":7,\"width\":8,\"x\":0,\"y\":0}" - }, - { - "key": "panelE9C994DAAFA7694D", - "structure": "{\"height\":7,\"width\":10,\"x\":8,\"y\":0}" - }, - { - "key": "panelEFD699CBA7800A4D", - "structure": "{\"height\":7,\"width\":6,\"x\":18,\"y\":0}" - }, - { - "key": "panel0735E1F3AE0E6A4D", - "structure": "{\"height\":8,\"width\":24,\"x\":0,\"y\":7}" - }, - { - "key": "panel1282583F9AD31A47", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":49}" - }, - { - "key": "panelA703269D94501847", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":43}" - }, - { - "key": "panelB7700AF0A38C1845", - "structure": "{\"height\":9,\"width\":24,\"x\":0,\"y\":15}" - }, - { - "key": "panelC9D2B74F873DC844", - "structure": "{\"height\":9,\"width\":24,\"x\":0,\"y\":24}" - }, - { - "key": "panel327426F38DC7694E", - "structure": "{\"height\":10,\"width\":24,\"x\":0,\"y\":33}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-1", - "title": "Top SQL Commands", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\"},\"axisY\":{\"title\":\"event_count\"}},\"legend\":{\"enabled\":false},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| parse regex field=msg \"duration: (?[\\S]+) ms statement:(?.+)\" \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}}\n| parse regex field=query \"(?\\S+)\\s*\"\n| toUppercase(command) as command\n| count as event_count by Command\n| sort by event_count, Command asc\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelE9C994DAAFA7694D", - "title": "SQL Command Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[],\"series\":{},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| parse regex field=msg \"duration: (?[\\S]+) ms statement:(?.+)\" \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}}\n| parse regex field=query \"(?\\S+)\\s*\"\n| toUppercase(command) as command\n| timeslice 15m\n| count as event_count by _timeslice, command\n| transpose row _timeslice column command", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelEFD699CBA7800A4D", - "title": "Top Active Database", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"hiddenQueryKeys\":[],\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| parse regex field=msg \"duration: (?[\\S]+) ms statement:(?.+)\" \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}}\n| parse regex field=query \"(?\\S+)\\s*\"\n| where !isEmpty(database)\n| count as frequency by database\n| top 10 database by frequency, database asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel0735E1F3AE0E6A4D", - "title": "Frequent SQL Statements", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"hiddenQueryKeys\":[],\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| parse regex field=msg \"duration: (?[\\S]+) ms statement:(?.+)\" \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}}\n| parse regex field=query \"(?\\S+)\\s*\"\n| toUppercase(command) as command\n| where !isEmpty(query) and ( host != \"localhost\" or user != \"rdsadmin\")\n| count as frequency by query\n| top 20 query by frequency, query asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1282583F9AD31A47", - "title": "Recent User Management Activities", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"hiddenQueryKeys\":[],\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| parse regex field=msg \"duration: (?[\\S]+) ms statement:(?.+)\" \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}}\n| parse regex field=query \"(?\\S+)\\s*\"\n| toUppercase(command) as command\n| where (command matches \"*CREA*\" or command matches \"*ALTE*\" or command matches \"*DROP*\") and (toUppercase(query) matches \"* USER *\")\n| timeslice 15m\n| count as frequency by _timeslice, user, host, database, command, query\n| sort by _timeslice, command asc\n| limit 20", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA703269D94501847", - "title": "Recent Drop Activities", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"hiddenQueryKeys\":[],\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| parse regex field=msg \"duration: (?[\\S]+) ms statement:(?.+)\" \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}}\n| parse regex field=query \"(?\\S+)\\s*\"\n| toUppercase(command) as command\n| where command = \"DROP\" or toUppercase(query) matches \"* DROP *\"\n| timeslice 15m\n| count as frequency by _timeslice, user, host, database, command, query\n| sort by _timeslice, command asc\n| limit 20", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelB7700AF0A38C1845", - "title": "Recent DML SQL Statements", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"hiddenQueryKeys\":[],\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| parse regex field=msg \"duration: (?[\\S]+) ms statement:(?.+)\" \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}}\n| parse regex field=query \"(?\\S+)\\s*\"\n| toUppercase(command) as command\n| where (command matches \"*SELE*\" or command matches \"*INSE*\" or command matches \"*UPDA*\" or command matches \"*DELE*\" or command matches \"*MERG*\" or command matches \"*CALL*\" or command matches \"*EXPL*\" or command matches \"*LOCK*\" or command matches \"*REPL*\") \n| timeslice 15m\n| count as count by _timeslice, user, host, database, command, query\n| sort by _timeslice, command asc\n| limit 20", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelC9D2B74F873DC844", - "title": "Recent DDL SQL Statements", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"hiddenQueryKeys\":[],\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| parse regex field=msg \"duration: (?[\\S]+) ms statement:(?.+)\" \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}}\n| parse regex field=query \"(?\\S+)\\s*\"\n| toUppercase(command) as command\n| where (command matches \"*CREA*\" or command matches \"*ALTE*\" or command matches \"*DROP*\" or command matches \"*TRUN*\" or command matches \"*COMM*\" or command matches \"*RENA*\")\n| timeslice 15m\n| count as count by _timeslice, user, host, database, command, query\n| sort by _timeslice, command\n| limit 20", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel327426F38DC7694E", - "title": "Recent TCL SQL Statements", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"hiddenQueryKeys\":[],\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| parse regex field=msg \"duration: (?[\\S]+) ms statement:(?.+)\" \n| where database matches \"{{database}}\" and user matches \"{{user}}\" and host matches \"{{host}}\"\n| number (execution_time_ms)\n| where execution_time_ms > {{slow_query_latency_ms}}\n| parse regex field=query \"(?\\S+)\\s*\"\n| toUppercase(command) as command\n| where (command matches \"*COMM*\" or command matches \"*ROLLB*\" or command matches \"*SAVE*\")\n| timeslice 15m\n| count as count by _timeslice, user, host, database, command, query\n| sort by _timeslice, command asc\n| limit 20", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "database", - "displayName": "database", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by database", - "field": "database" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "user", - "displayName": "user", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by user\n| sort by user asc", - "field": "user" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "host", - "displayName": "host", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by host\n| sort by host asc", - "field": "host" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "slow_query_latency_ms", - "displayName": "slow_query_latency_ms", - "defaultValue": "2000", - "sourceDefinition": { - "variableSourceType": "CsvVariableSourceDefinition", - "values": "100,500,1000,2000,5000,10000,20000" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "16. Amazon RDS - PostgreSQL Logs - Security", - "description": "The Amazon RDS - PostgreSQL Logs - Security dashboard provides details with respect to login failures and threat intel along with activity by default user.", - "title": "16. Amazon RDS - PostgreSQL Logs - Security", - "theme": "Light", - "topologyLabelMap": { - "data": { - "3b83b479b7b7dd7d7de0edc4728461ae": [ - "*" - ], - "9e35882821c4dc1d083f5c8d5dce08c9": [ - "*" - ], - "76433308488e87fd9ca495f7b6335b44": [ - "*" - ], - "f46bea18869088043e593437b004527b": [ - "*" - ], - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "7478db846bd6c5245d2c861e7895bf89": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "81df06ff4cf02af487dea1eecf1582ed": [ - "*" - ], - "508f93d0b19653be3056df2387717e54": [ - "*" - ], - "eea522f0547cb32d9514336faeaf6b30": [ - "*" - ], - "fab7ff86a1327f848f8f483d7a764f4f": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "fc7035d5ec07e158f2017d653d7b6d82": [ - "*" - ], - "region": [ - "*" - ], - "90eff265ccc7c85baf439778c2183e92": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-0", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":19}" - }, - { - "key": "panelPANE-1", - "structure": "{\"height\":6,\"width\":10,\"x\":14,\"y\":7}" - }, - { - "key": "panelPANE-7", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":13}" - }, - { - "key": "panelPANE-8", - "structure": "{\"height\":6,\"width\":8,\"x\":6,\"y\":7}" - }, - { - "key": "panel6E5FDCD68787D845", - "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":13}" - }, - { - "key": "panel5DF79E59AC11EB40", - "structure": "{\"height\":6,\"width\":4,\"x\":0,\"y\":1}" - }, - { - "key": "panel5D2861D8874AD848", - "structure": "{\"height\":6,\"width\":4,\"x\":4,\"y\":1}" - }, - { - "key": "panel3026F5F68BF51A43", - "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":7}" - }, - { - "key": "panelA24C5BCEBB62184B", - "structure": "{\"height\":6,\"width\":6,\"x\":8,\"y\":1}" - }, - { - "key": "panel2C108CCFAD21784F", - "structure": "{\"height\":6,\"width\":10,\"x\":14,\"y\":1}" - }, - { - "key": "panelPANE-02E5D0E3AC09784A", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":31}" - }, - { - "key": "panelD07426F890220840", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":32}" - }, - { - "key": "panel5E16C4D1BAB97841", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":38}" - }, - { - "key": "panelPANE-5009B41EBFE45A40", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":25}" - }, - { - "key": "panelPANE-405586CCB51D8846", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":25}" - }, - { - "key": "panel4F33FEF8AD697B4C", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":13}" - }, - { - "key": "panelPANE-A832879ABB219840", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-0", - "title": "Failed Authentications - Details", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} \"authentication failed\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| count as %\"Count\" by date,time,time_zone, user, database,host,severity,msg\n| sort by date,time", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-1", - "title": "Geo Location of Authorized Connections", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"map\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} \"connection authorized\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg\n| where msg matches \"*connection authorized*\" \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"user=(?[\\S]+) database=(?[\\S]+)\"\n| where user!=\"rdsadmin\"\n| where !(host matches \"localhost\" or host matches \"127.0.0.1\") \n| count by host\n| lookup latitude, longitude from geo://location on ip = host\n| where !isnull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-7", - "title": "Connections Authorized by Database - Over Time", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\",\"displayType\":\"stacked\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{\"axisX\":{},\"axisY\":{\"title\":\"\"}},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} \"connection authorized\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| timeslice 15m\n| count by _timeslice, database\n| transpose row _timeslice column database", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-8", - "title": "Threat Intel Analysis of Incoming Connections", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} connection\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg\n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\" \n| parse field=msg \"connection received: host=* port=*\" as ip,port \n| count by ip\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=ip\n| json field=raw \"labels[*].name\" as label_name nodrop\n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| count by type, actor, ip, malicious_confidence, label_name", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel6E5FDCD68787D845", - "title": "Failed Authentication by Database - Over Time", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{},\"axisY\":{\"title\":\"\"}},\"legend\":{},\"color\":{\"family\":\"Diverging 2\"},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[],\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"aggregationType\":\"average\",\"groupBy\":[]}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} \"authentication failed\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg\n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| where msg matches \"*authentication failed*\"\n| timeslice 15m\n| count by _timeslice, database\n| transpose row _timeslice column database", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5DF79E59AC11EB40", - "title": "Failed Authentications", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Sum\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":0,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":1,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"hiddenQueryKeys\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} \"authentication failed\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| where msg matches \"*authentication failed*\"\n| count as %\"Count\" ", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5D2861D8874AD848", - "title": "Authorized DB Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Sum\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":1,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"hiddenQueryKeys\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} \"connection authorized\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"user=(?[\\S]+) database=(?[\\S]+)\"\n| where user!=\"rdsadmin\"\n| count as %\"Count\" ", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel3026F5F68BF51A43", - "title": "Failed Authentications by User", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} \"authentication failed\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg\n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\" \n| where msg matches \"*authentication failed*\"\n| count as %\"Count\" by user\n| sort by %\"Count\"", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA24C5BCEBB62184B", - "title": "Failed Authentications by Host", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} \"authentication failed\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| where msg matches \"*authentication failed*\"\n| count as %\"Count\" by host\n| sort by %\"Count\"", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2C108CCFAD21784F", - "title": "Geo Location of Failed Authentication", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"map\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} \"authentication failed\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| where msg matches \"*authentication failed*\"\n| where !(host matches \"localhost\" or host matches \"127.0.0.1\") \n| count by host\n| lookup latitude, longitude from geo://location on ip = host\n| where !isnull(latitude)\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-02E5D0E3AC09784A", - "title": "Default User Activity", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelD07426F890220840", - "title": "Default User - Authentication Status", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} (\"authentication failed\" or \"connection authorized\" or \"canceling authentication due to timeout\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where database matches \"{{database}}\" and host matches \"{{host}}\"\n| where user in (\"postgres\")\n| count as %\"Count\" by date,time,time_zone, user, database,host,severity,msg\n| sort by date,time", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5E16C4D1BAB97841", - "title": "Default User - Generic Activity", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"aggregationType\":\"average\",\"groupBy\":[]},\"axes\":{},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"overrides\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} !\"authentication failed\" !\"connection authorized\" !\"canceling authentication due to timeout\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where database matches \"{{database}}\" and host matches \"{{host}}\"\n| where user in (\"postgres\")\n| count as %\"Count\" by date,time,time_zone, user, database,host,severity,msg\n| sort by date,time", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-5009B41EBFE45A40", - "title": "Database System Shut Down Events", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} (\"database system\" AND \"shut down\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *::@:[*]:*:*\" as date,time,time_zone,thread_id,severity,msg \n| count as count by date, time, account, region, dbidentifier, msg", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-405586CCB51D8846", - "title": "Database System Up Events", - "visualSettings": "{\"title\":{\"fontSize\":14},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} \"database system is ready to accept connections\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *::@:[*]:*:*\" as date,time,time_zone,thread_id,severity,msg \n| count as count by date, time, account, region, dbidentifier, msg", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4F33FEF8AD697B4C", - "title": "Failed Authentication by Country - Over Time", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{},\"axisY\":{\"title\":\"\"}},\"legend\":{},\"color\":{\"family\":\"Diverging 2\"},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[],\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"aggregationType\":\"average\",\"groupBy\":[]}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} \"authentication failed\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg\n| where msg matches \"*authentication failed*\"\n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| timeslice 15m\n| count by _timeslice, host\n| lookup latitude, longitude, country_name from geo://location on ip = host\n| where !isNull(latitude)\n| sum(_count) as events by _timeslice, country_name\n| transpose row _timeslice column country_name", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-A832879ABB219840", - "title": "Untitled", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"series\":{},\"text\":{\"format\":\"markdownV2\",\"showTitle\":false,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "This dashboard works with **log_connections** flag. For more details refer [AWS RDS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.PostgreSQL.CommonDBATasks.Parameters.html)." - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "database", - "displayName": "database", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by database\n| sort by database asc", - "field": "database" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "user", - "displayName": "user", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by user\n| sort by user asc", - "field": "user" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "host", - "displayName": "host", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by host\n| sort by host asc", - "field": "host" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "17. Amazon RDS - PostgreSQL Logs - Query Execution Time", - "description": "The Amazon RDS - PostgreSQL Logs - Query Execution Time dashboard provides details around the time its taking to execute queries on your PostgreSQL instance.", - "title": "17. Amazon RDS - PostgreSQL Logs - Query Execution Time", - "theme": "Light", - "topologyLabelMap": { - "data": { - "3b83b479b7b7dd7d7de0edc4728461ae": [ - "*" - ], - "9e35882821c4dc1d083f5c8d5dce08c9": [ - "*" - ], - "76433308488e87fd9ca495f7b6335b44": [ - "*" - ], - "f46bea18869088043e593437b004527b": [ - "*" - ], - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "7478db846bd6c5245d2c861e7895bf89": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "81df06ff4cf02af487dea1eecf1582ed": [ - "*" - ], - "508f93d0b19653be3056df2387717e54": [ - "*" - ], - "eea522f0547cb32d9514336faeaf6b30": [ - "*" - ], - "fab7ff86a1327f848f8f483d7a764f4f": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "fc7035d5ec07e158f2017d653d7b6d82": [ - "*" - ], - "region": [ - "*" - ], - "90eff265ccc7c85baf439778c2183e92": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-0", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":13}" - }, - { - "key": "panelPANE-1", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":1}" - }, - { - "key": "panelPANE-3", - "structure": "{\"height\":6,\"width\":16,\"x\":8,\"y\":1}" - }, - { - "key": "panelPANE-4", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":13}" - }, - { - "key": "panel2B2B0D8B9C2C094E", - "structure": "{\"height\":6,\"width\":16,\"x\":8,\"y\":7}" - }, - { - "key": "panelPANE-ADD19D0A84424A48", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panel840FEC15B3186B4E", - "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":7}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-0", - "title": "Queries Executed Over Time", - "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{},\"axisY\":{\"title\":\"Queries\"}},\"legend\":{},\"color\":{},\"hiddenQueryKeys\":[],\"series\":{},\"overrides\":[],\"general\":{\"type\":\"area\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"fillOpacity\":0.25,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms\" \n| number (execution_time_ms)\n| timeslice 15m\n| count by _timeslice, database\n| transpose row _timeslice column database ", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-1", - "title": "Queries Executed", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"hiddenQueryKeys\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms\" \n| number (execution_time_ms)\n| count by dbidentifier,database\n| sort by _count,dbidentifier asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-3", - "title": "Queries Executed - Time Comparison", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"hiddenQueryKeys\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms\" \n| number (execution_time_ms)\n| count as queries_today by dbidentifier,database \n| compare with timeshift 1d, timeshift 1w \n| queries_today_1d as queries_yesterday\n| queries_today_1w as queries_last_week\n| fields - queries_today_1d,queries_today_1w\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-4", - "title": "Average Query Execution Time by Database", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"area\",\"displayType\":\"stacked\",\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"fillOpacity\":0.25,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"unit\":{\"value\":\"ms\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"hiddenQueryKeys\":[],\"series\":{\"A_postgres\":{\"visible\":false}},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms\" \n| number (execution_time_ms)\n| timeslice 15m\n| avg(execution_time_ms) group by _timeslice, database\n| transpose row _timeslice column database", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2B2B0D8B9C2C094E", - "title": "Query Execution - Time Comparison", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"decimals\":2},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"hiddenQueryKeys\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms\" \n| number (execution_time_ms)\n| avg(execution_time_ms) as execution_time_ms_today by dbidentifier,database \n| compare with timeshift 1d, timeshift 1w \n| execution_time_ms_today_1d as execution_time_ms_yesterday\n| execution_time_ms_today_1w as execution_time_ms_last_week\n| fields - execution_time_ms_today_1d,execution_time_ms_today_1w\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-ADD19D0A84424A48", - "title": "", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"series\":{},\"legend\":{\"enabled\":false},\"text\":{\"format\":\"markdownV2\",\"showTitle\":false,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "This dashboard works with **log_duration** flag. For more details refer [AWS RDS Documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.PostgreSQL.CommonDBATasks.Parameters.html)." - }, - { - "id": null, - "key": "panel840FEC15B3186B4E", - "title": "Average Query Execution Time", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"hiddenQueryKeys\":[],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier={{dbidentifier}} duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread_id,user,database,processid,severity,msg \n| where user matches \"{{user}}\" and database matches \"{{database}}\" and host matches \"{{host}}\"\n| parse regex field=msg \"duration: (?[\\S]+) ms\" \n| number (execution_time_ms)\n| avg(execution_time_ms) group by dbidentifier,database", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "database", - "displayName": "database", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by database", - "field": "database" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "user", - "displayName": "user", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by user\n| sort by user asc", - "field": "user" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "host", - "displayName": "host", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds _sourceHost=/aws/rds/*postgresql dbidentifier=* \n| parse \"* * *:*(*):*@*:[*]:*:*\" as date,time,time_zone,host,thread,user,database,processid,severity,msg\n| count by host\n| sort by host asc", - "field": "host" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "18. Amazon RDS - MSSQL Logs - Error Logs - Logon Analysis", - "description": "The Amazon RDS - MSSQL Logs - Error Logs - Logon Analysis dashboard provides information about the error logs, including failed authentications and logon errors.", - "title": "18. Amazon RDS - MSSQL Logs - Error Logs - Logon Analysis", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-5556565F9FF73B4A", - "structure": "{\"height\":5,\"width\":6,\"x\":0,\"y\":0}" - }, - { - "key": "panelPANE-C97F5EDEB22FB84E", - "structure": "{\"height\":8,\"width\":16,\"x\":0,\"y\":10}" - }, - { - "key": "panelPANE-1359B3B4A25FF947", - "structure": "{\"height\":10,\"width\":8,\"x\":16,\"y\":0}" - }, - { - "key": "panel2C0BFEAFBAC60849", - "structure": "{\"height\":8,\"width\":8,\"x\":16,\"y\":10}" - }, - { - "key": "panel1B3270DCA521BA4A", - "structure": "{\"height\":8,\"width\":8,\"x\":16,\"y\":18}" - }, - { - "key": "panelPANE-28DC265CAE0DEB4F", - "structure": "{\"height\":8,\"width\":16,\"x\":0,\"y\":18}" - }, - { - "key": "panelA414E941A506CB41", - "structure": "{\"height\":10,\"width\":10,\"x\":6,\"y\":0}" - }, - { - "key": "panel4F5E4422BA291842", - "structure": "{\"height\":5,\"width\":6,\"x\":0,\"y\":5}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-5556565F9FF73B4A", - "title": "Failed Authentication Attempts", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Logon Login failed for user\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* Logon Login failed for user '*'. Reason: * [CLIENT: *]\" as time, user, reason, client_ip\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(client_ip) and client_ip matches \"{{client_ip}}\"\n| count as eventCount", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-C97F5EDEB22FB84E", - "title": "Failed Authentication - Details", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Logon Login failed for user\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* Logon Login failed for user '*'. Reason: * [CLIENT: *]\" as time, user, reason, client_ip\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(client_ip) and client_ip matches \"{{client_ip}}\"\n| timeslice 1s\n| count as frequency by _timeslice, user, dbidentifier, reason, client_ip\n| sort by _timeslice\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-1359B3B4A25FF947", - "title": "Failed Authentication - User Location", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\",\"displayType\":\"default\",\"roundDataPoints\":true},\"title\":{\"fontSize\":14},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Logon Login failed for user\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* Logon Login failed for user '*'. Reason: * [CLIENT: *]\" as time, user, reason, client_ip\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(client_ip) and !isBlank(client_ip) and client_ip matches \"{{client_ip}}\"\n| count by client_ip\n| lookup latitude, longitude from geo://location on ip = client_ip\n| where !isNull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2C0BFEAFBAC60849", - "title": "Failed Auth Attempts by User", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Logon Login failed for user\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* Logon Login failed for user '*'. Reason: * [CLIENT: *]\" as time, user, reason, client_ip\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(client_ip) and client_ip matches \"{{client_ip}}\"\n| count as frequency by user\n| sort by frequency, user asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1B3270DCA521BA4A", - "title": "Failed Auth Attempts by Client IP", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Logon Login failed for user\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* Logon Login failed for user '*'. Reason: * [CLIENT: *]\" as time, user, reason, client_ip\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(client_ip) and client_ip matches \"{{client_ip}}\"\n| count as frequency by client_ip\n| sort by frequency, client_ip asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-28DC265CAE0DEB4F", - "title": "Logon Errors", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Logon Error\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"Error: *, Severity: *, State: *.\" as error_code, severity, state\n| count as frequency by dbidentifier, error_code, severity, state\n| sort by severity, frequency", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA414E941A506CB41", - "title": "Failed Authentication Attempts - Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"Failed Auth Attempts\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Logon Login failed for user\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* Logon Login failed for user '*'. Reason: * [CLIENT: *]\" as time, user, reason, client_ip\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(client_ip) and client_ip matches \"{{client_ip}}\"\n| timeslice 15m\n| count as failedLogonAttempts by _timeslice, dbidentifier\n| transpose row _timeslice column dbidentifier", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4F5E4422BA291842", - "title": "Failed Authentication Attempts by dbidentifier", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Logon Login failed for user\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* Logon Login failed for user '*'. Reason: * [CLIENT: *]\" as time, user, reason, client_ip\n| where user != \"rdsadmin\" and !isEmpty(user) and user matches \"{{user}}\"\n| where !isEmpty(client_ip) and client_ip matches \"{{client_ip}}\"\n| count as eventCount by dbidentifier\n| sort by eventCount, dbidentifier asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region=*", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "user", - "displayName": "user", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds dbidentifier=* _sourceHost=/aws/rds/*Error Logon Login failed for user\n| parse \"* Logon Login failed for user '*'. Reason: * [CLIENT: *]\" as time, user, reason, client_ip\n| count by user\n| sort by user asc", - "field": "user" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "client_ip", - "displayName": "client_ip", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "LogQueryVariableSourceDefinition", - "query": "account=* region=* namespace=aws/rds dbidentifier=* _sourceHost=/aws/rds/*Error Logon Login failed for user\n| parse \"* Logon Login failed for user '*'. Reason: * [CLIENT: *]\" as time, user, reason, client_ip\n| count by client_ip\n| sort by client_ip asc", - "field": "client_ip" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "19. Amazon RDS - MSSQL Logs - Error Logs - Infrastructure Overview", - "description": "The Amazon RDS - MSSQL Logs - Error Logs - Infrastructure Overview dashboard provides details for hardware, authentications mode, collation, process, recent SQL Server terminations, and newly created databases.", - "title": "19. Amazon RDS - MSSQL Logs - Error Logs - Infrastructure Overview", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-1B625C63AFF01A43", - "structure": "{\"height\":6,\"width\":6,\"x\":18,\"y\":0}" - }, - { - "key": "panelPANE-44D782B2B2738B48", - "structure": "{\"height\":6,\"width\":6,\"x\":5,\"y\":0}" - }, - { - "key": "panel76EEA97B9A431944", - "structure": "{\"height\":6,\"width\":9,\"x\":7,\"y\":6}" - }, - { - "key": "panelAFCBC601BB5F4A4D", - "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":6}" - }, - { - "key": "panel9F73C967AECF9A4C", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":0}" - }, - { - "key": "panel227CB3299FF30948", - "structure": "{\"height\":6,\"width\":14,\"x\":10,\"y\":12}" - }, - { - "key": "panelE0A53C29AD3B3840", - "structure": "{\"height\":6,\"width\":7,\"x\":11,\"y\":0}" - }, - { - "key": "panelPANE-E8CD03B485782844", - "structure": "{\"height\":6,\"width\":7,\"x\":0,\"y\":6}" - }, - { - "key": "panel7B61E36EAF144940", - "structure": "{\"height\":6,\"width\":10,\"x\":0,\"y\":12}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-1B625C63AFF01A43", - "title": "Configured Authentication mode", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Authentication mode\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"Authentication mode is *.\" as mode\n| withtime mode\n| most_recent(mode_withtime) as mode by dbidentifier", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-44D782B2B2738B48", - "title": "DB Setup Details", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error System Manufacturer\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"System Manufacturer: '*', System Model: '*'\" as service, instance_class\n| concat(service, \" - \", instance_class) as db_setup\n| withtime db_setup\n| most_recent(db_setup_withtime) as instance_class by dbidentifier", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel76EEA97B9A431944", - "title": "DB Process IDs", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error SQL Server has been using a process ID\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"This instance of SQL Server has been using a process ID of * since * (local) * (UTC)\" as process_id, local_created_time, utc_created_time\n| withtime process_id\n| most_recent(process_id_withtime) as process_id by dbidentifier, process_id, utc_created_time", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelAFCBC601BB5F4A4D", - "title": "DB Collation Details", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Default collation\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"Default collation: *\" as collation\n| withtime collation\n| most_recent(collation_withtime) as collation by dbidentifier, collation", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel9F73C967AECF9A4C", - "title": "DB Instance Type", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error System Manufacturer\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"System Manufacturer: '*', System Model: '*'\" as service, instance_class\n| withtime instance_class\n| most_recent(instance_class_withtime) as instance_class by dbidentifier\n| count by instance_class\n| sort by _count, instance_class asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel227CB3299FF30948", - "title": "Recently Created Databases", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Starting up database\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"Starting up database '*'.\" as db_name\n| dedup by db_name, dbidentifier\n| values(db_name) as db_name by dbidentifier", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelE0A53C29AD3B3840", - "title": "SQL Server Versions", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error Microsoft SQL Server\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"Microsoft SQL Server (?\\d{4})\" \n| parse regex field=message \"\\n(?[\\w\\s]+ Edition \\(\\d+-bit\\))\"\n| trim(edition) as edition\n| withtime edition \n| most_recent(edition_withtime) as edition by dbidentifier, version", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-E8CD03B485782844", - "title": "DBCC CHECK DB", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error DBCC CHECKDB\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"DBCC CHECKDB (rdsadmin) WITH all_errormsgs, no_infomsgs, tableresults executed by NT AUTHORITY\\\\SYSTEM found * errors and repaired * errors.\" as error, repaired_error\n| count as frequency by dbidentifier, error, repaired_error", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel7B61E36EAF144940", - "title": "Recently Terminated SQL Servers", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*Error SQL Server is terminating\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| withtime dbidentifier \n| most_recent(dbidentifier_withtime) as dbidentifier by dbidentifier", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region=*", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "20. Amazon RDS - Oracle Logs - Alert Logs Analysis", - "description": "The Amazon RDS - Oracle Logs - Alert Logs Analysis dashboard provides details on Oracle errors, including counts of various error types, ORA messages, Oracle instance states, and other data derived from the Oracle Alert log.", - "title": "20. Amazon RDS - Oracle Logs - Alert Logs Analysis", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panel58491646AE36784B", - "structure": "{\"height\":8,\"width\":8,\"x\":0,\"y\":6}" - }, - { - "key": "panel48893B4FBF128A40", - "structure": "{\"height\":8,\"width\":16,\"x\":8,\"y\":6}" - }, - { - "key": "panel34187D19AF2DF94C", - "structure": "{\"height\":8,\"width\":16,\"x\":8,\"y\":14}" - }, - { - "key": "panelFA3CEBDEA0DDAA4C", - "structure": "{\"height\":8,\"width\":8,\"x\":0,\"y\":14}" - }, - { - "key": "panel1C5ACABF8E90E846", - "structure": "{\"height\":8,\"width\":8,\"x\":16,\"y\":22}" - }, - { - "key": "panelA387BC04AEAE7A4F", - "structure": "{\"height\":8,\"width\":8,\"x\":8,\"y\":22}" - }, - { - "key": "panel378F2A469B369B42", - "structure": "{\"height\":8,\"width\":8,\"x\":0,\"y\":22}" - }, - { - "key": "panel263D97759E5C1942", - "structure": "{\"height\":8,\"width\":24,\"x\":0,\"y\":30}" - }, - { - "key": "panel47F26B7F8A638B43", - "structure": "{\"height\":6,\"width\":4,\"x\":20,\"y\":0}" - }, - { - "key": "panel20974C0EBE703A4A", - "structure": "{\"height\":6,\"width\":4,\"x\":16,\"y\":0}" - }, - { - "key": "panelFC5E4BB4A770CB42", - "structure": "{\"height\":6,\"width\":4,\"x\":8,\"y\":0}" - }, - { - "key": "panel7C05075E9F41AA49", - "structure": "{\"height\":6,\"width\":4,\"x\":4,\"y\":0}" - }, - { - "key": "panelFEF01260854FC84C", - "structure": "{\"height\":6,\"width\":4,\"x\":0,\"y\":0}" - }, - { - "key": "panel9210CAD08472B945", - "structure": "{\"height\":6,\"width\":4,\"x\":12,\"y\":0}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel58491646AE36784B", - "title": "Top ORA Messages", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"xy\":{\"xDimension\":[],\"yDimension\":[],\"zDimension\":[]},\"svp\":{},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*alert ORA-*\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message \n| parse regex field=message \"(?ORA-\\d{5}): (?.*)\" multi\n| timeslice 1s\n| count as eventCount by oraerr, _timeslice\n| count by oraerr\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel48893B4FBF128A40", - "title": "ORA Messages Over Time", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false,\"title\":\"errorCount\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*alert ORA-*\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message \n| parse regex field=message \"(?ORA-\\d{5}): (?.*)\" multi\n| timeslice 1s\n| count as eventCount by oraerr, _timeslice\n| transpose row _timeslice column oraerr", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel34187D19AF2DF94C", - "title": "Top 10 TNS Errors", - "visualSettings": "{\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"svp\":{},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*alert TNS-*\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message \n| parse regex field=message \"(?TNS-\\d{5}): (?.*)\" multi\n| count as Frequency by tnserr, tnsmsg \n| sort by Frequency, tnserr asc\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelFA3CEBDEA0DDAA4C", - "title": "Top TNS Errors", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"xy\":{\"xDimension\":[],\"yDimension\":[],\"zDimension\":[]},\"svp\":{},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*alert TNS-*\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message \n| parse regex field=message \"(?TNS-\\d{5}): (?.*)\" multi\n| timeslice 1s\n| count as eventCount by tnserr, tnsmsg \n| count by tnserr\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1C5ACABF8E90E846", - "title": "Failures, Warnings and Errors by Instance Source", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"area\",\"displayType\":\"default\"},\"series\":{},\"legend\":{\"enabled\":false},\"axes\":{\"axisY\":{\"unit\":{\"value\":\" \",\"isCustom\":true},\"title\":\"errorCount\"},\"axisX\":{}},\"color\":{\"family\":\"Categorical Light\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*alert (fail* or warn* or error*)\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| timeslice by 1h\n| count as eventCount by _source, _timeslice \n| transpose row _timeslice column _source", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA387BC04AEAE7A4F", - "title": "Archival Errors by Instance", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\",\"displayType\":\"default\"},\"series\":{},\"overrides\":[],\"axes\":{\"axisX\":{},\"axisY\":{\"title\":\"errorCount\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*alert \"Archival Error\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"ORACLE Instance * - Archival Error\" as instance \n| timeslice by 1h\n| count as eventCount by instance, _timeslice\n| transpose row _timeslice column instance", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel378F2A469B369B42", - "title": "Log Switch Activity By Hosts", - "visualSettings": "{\"series\":{},\"overrides\":[],\"general\":{\"type\":\"area\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"fillOpacity\":0.25,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*alert\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?LGWR switch)\"\n| timeslice 1s\n| count as eventCount by _timeslice", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel263D97759E5C1942", - "title": "Unable To Extend Tablespace Errors", - "visualSettings": "{\"general\":{\"mode\":\"table\",\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":25,\"decimals\":0},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*alert unable to extend by tablespace\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message \n| parse regex field=message \"(?ORA-\\d{4,5}): (?.*)\" multi\n| parse regex field=oramsg \"unable to extend (?[\\S\\s]+?)\\s+by \\d+ in tablespace\\s+(?\\S+)\"\n| timeslice 1s\n| count as Frequency by _timeslice, oraerr, oramsg, dbidentifier, object, tablespace\n| sort by _timeslice\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel47F26B7F8A638B43", - "title": "Fatal NI Connect Errors", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Latest\",\"label\":\"Errors\",\"useBackgroundColor\":true,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":1,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*alert\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"Fatal NI connect error (?\\d+?)(?:,|\\.)\"\n| count as eventCount", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel20974C0EBE703A4A", - "title": "Internal Errors", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Latest\",\"label\":\"Errors\",\"useBackgroundColor\":true,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":1,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*alert (\"ORA-00600\" or \"ORA-07445\") \n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?ORA-\\d{5}): (?.*)\" multi\n| where oraerr in (\"ORA-00600\", \"ORA-07445\")\n| count as eventCount", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelFC5E4BB4A770CB42", - "title": "Database Crash Errors", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Latest\",\"label\":\"Errors\",\"useBackgroundColor\":true,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":1,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*alert (\"ORA-00603\" or \"ORA-00449\" or \"ORA-00471\" or \"ORA-01092\") \n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?ORA-\\d{5}): (?.*)\" multi\n| where oraerr in (\"ORA-00603\", \"ORA-00449\", \"ORA-00471\", \"ORA-01092\")\n| count as eventCount", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel7C05075E9F41AA49", - "title": "Block Corruption Errors", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Latest\",\"label\":\"Errors\",\"useBackgroundColor\":true,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":1,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*alert\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?ORA-\\d{5}): (?.*)\" multi\n| where oraerr = \"ORA-01578\"\n| count as eventCount", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelFEF01260854FC84C", - "title": "Dead Lock Errors", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Latest\",\"label\":\"Errors\",\"useBackgroundColor\":true,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":1,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*alert\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?ORA-\\d{5}): (?.*)\" multi\n| where oraerr = \"ORA-00060\"\n| count as eventCount", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel9210CAD08472B945", - "title": "Archival Log Creation Errors", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Latest\",\"label\":\"Errors\",\"useBackgroundColor\":true,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":1,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*alert \"ORA-00270\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"(?ORA-\\d{5}): (?.*)\" multi\n| where oraerr = \"ORA-00270\"\n| count as eventCount", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region=*", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "21. Amazon RDS - Oracle Logs - Audit Logs Analysis", - "description": "The Amazon RDS - Oracle Logs - Audit Logs Analysis dashboard provides details on syslog audit trail, including successful and failed activities, and top usage by client, database user, and privileges used.", - "title": "21. Amazon RDS - Oracle Logs - Audit Logs Analysis", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelAFA7A65EA57C9A43", - "structure": "{\"height\":9,\"width\":10,\"x\":0,\"y\":9}" - }, - { - "key": "panel6ED4F9518AE1CB42", - "structure": "{\"height\":9,\"width\":14,\"x\":10,\"y\":0}" - }, - { - "key": "panel28558F1E8AA84B4A", - "structure": "{\"height\":9,\"width\":10,\"x\":0,\"y\":0}" - }, - { - "key": "panelF3320885872F1A44", - "structure": "{\"height\":9,\"width\":8,\"x\":0,\"y\":18}" - }, - { - "key": "panelA3851B0BA3CB4A40", - "structure": "{\"height\":9,\"width\":14,\"x\":10,\"y\":9}" - }, - { - "key": "panel6A2949C18DC6684D", - "structure": "{\"height\":9,\"width\":8,\"x\":8,\"y\":18}" - }, - { - "key": "panelE2CC446A902A5B4D", - "structure": "{\"height\":9,\"width\":8,\"x\":16,\"y\":18}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelAFA7A65EA57C9A43", - "title": "Status Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\",\"displayType\":\"stacked\"},\"series\":{},\"legend\":{\"enabled\":true},\"axes\":{\"axisX\":{\"title\":\"\"},\"axisY\":{\"title\":\" \"}},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*audit LENGTH\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"\\nLENGTH : '*'\\nACTION :[*] '*'\\nDATABASE USER:[*] '*'\\nPRIVILEGE :[*] '*'\\nCLIENT USER:[*] '*'\\nCLIENT TERMINAL:[*] '*'\\nSTATUS:[*] '*'\\nDBID:[*] '*'\" as totallength, actionlength, Action, databaseuserlength, databaseUser, privilegelength, privilege, clientuserlength, clientUser, clientterminallength, clientTerminal, statuslength, status, dbidlength, dbid\n| if (status=\"0\", \"Sucess\", \"Failure\") as ActivityStatus\n| timeslice 1h\n| count as eventCount by _timeslice, ActivityStatus\n| transpose row _timeslice column ActivityStatus", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel6ED4F9518AE1CB42", - "title": "Recent 20 Failure Activities", - "visualSettings": "{\"general\":{\"mode\":\"table\",\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":25,\"decimals\":5},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*audit LENGTH\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"\\nLENGTH : '*'\\nACTION :[*] '*'\\nDATABASE USER:[*] '*'\\nPRIVILEGE :[*] '*'\\nCLIENT USER:[*] '*'\\nCLIENT TERMINAL:[*] '*'\\nSTATUS:[*] '*'\\nDBID:[*] '*'\" as totallength, actionlength, Action, databaseuserlength, databaseUser, privilegelength, privilege, clientuserlength, clientUser, clientterminallength, clientTerminal, statuslength, status, dbidlength, dbid\n| where status!=\"0\"\n| timeslice 1s\n| count as eventCount by _timeslice, Action, databaseUser, privilege, clientUser, clientTerminal, status, dbid\n| sort by _timeslice | fields -eventCount\n| limit 20", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel28558F1E8AA84B4A", - "title": "Failure Status Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\",\"displayType\":\"stacked\"},\"series\":{},\"legend\":{\"enabled\":true},\"color\":{\"family\":\"Categorical Light\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*audit LENGTH\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"\\nLENGTH : '*'\\nACTION :[*] '*'\\nDATABASE USER:[*] '*'\\nPRIVILEGE :[*] '*'\\nCLIENT USER:[*] '*'\\nCLIENT TERMINAL:[*] '*'\\nSTATUS:[*] '*'\\nDBID:[*] '*'\" as totallength, actionlength, Action, databaseuserlength, databaseUser, privilegelength, privilege, clientuserlength, clientUser, clientterminallength, clientTerminal, statuslength, status, dbidlength, dbid\n| where status!=\"0\"\n| timeslice 1h\n| count as eventCount by _timeslice, status\n| transpose row _timeslice column status", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelF3320885872F1A44", - "title": "Top 10 Client Users", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*audit LENGTH\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"\\nLENGTH : '*'\\nACTION :[*] '*'\\nDATABASE USER:[*] '*'\\nPRIVILEGE :[*] '*'\\nCLIENT USER:[*] '*'\\nCLIENT TERMINAL:[*] '*'\\nSTATUS:[*] '*'\\nDBID:[*] '*'\" as totallength, actionlength, Action, databaseuserlength, databaseUser, privilegelength, privilege, clientuserlength, clientUser, clientterminallength, clientTerminal, statuslength, status, dbidlength, dbid\n| where clientUser != \"\"\n| count as eventCount by clientUser\n| top 10 clientUser by eventCount, clientUser asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA3851B0BA3CB4A40", - "title": "Recent 20 Successful Activities", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"table\",\"displayType\":\"default\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*audit LENGTH\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"\\nLENGTH : '*'\\nACTION :[*] '*'\\nDATABASE USER:[*] '*'\\nPRIVILEGE :[*] '*'\\nCLIENT USER:[*] '*'\\nCLIENT TERMINAL:[*] '*'\\nSTATUS:[*] '*'\\nDBID:[*] '*'\" as totallength, actionlength, Action, databaseuserlength, databaseUser, privilegelength, privilege, clientuserlength, clientUser, clientterminallength, clientTerminal, statuslength, status, dbidlength, dbid\n| where status=\"0\"\n| timeslice 1s\n| count as eventCount by _timeslice, Action, databaseUser, privilege, clientUser, clientTerminal, status, dbid\n| sort by _timeslice | fields -eventCount\n| limit 20", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel6A2949C18DC6684D", - "title": "Top 10 Database Users", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*audit LENGTH\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"\\nLENGTH : '*'\\nACTION :[*] '*'\\nDATABASE USER:[*] '*'\\nPRIVILEGE :[*] '*'\\nCLIENT USER:[*] '*'\\nCLIENT TERMINAL:[*] '*'\\nSTATUS:[*] '*'\\nDBID:[*] '*'\" as totallength, actionlength, Action, databaseuserlength, databaseUser, privilegelength, privilege, clientuserlength, clientUser, clientterminallength, clientTerminal, statuslength, status, dbidlength, dbid\n| count as eventCount by databaseUser\n| top 10 databaseUser by eventCount, databaseUser asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelE2CC446A902A5B4D", - "title": "Top 10 Privileges Used", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"table\",\"displayType\":\"default\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*audit LENGTH \n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"\\nLENGTH : '*'\\nACTION :[*] '*'\\nDATABASE USER:[*] '*'\\nPRIVILEGE :[*] '*'\\nCLIENT USER:[*] '*'\\nCLIENT TERMINAL:[*] '*'\\nSTATUS:[*] '*'\\nDBID:[*] '*'\" as totallength, actionlength, Action, databaseuserlength, databaseUser, privilegelength, privilege, clientuserlength, clientUser, clientterminallength, clientTerminal, statuslength, status, dbidlength, dbid\n| count as eventCount by privilege\n| top 10 privilege by eventCount, privilege asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region=*", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "22. Amazon RDS - Oracle Logs - Listener Troubleshooting", - "description": "The Amazon RDS - Oracle Logs - Listener Troubleshooting dashboard provides insights into Oracle listener process activity, including database connections by host and application, connection failures, command execution statuses and trends, and additional data from the Oracle Listener log.", - "title": "22. Amazon RDS - Oracle Logs - Listener Troubleshooting", - "theme": "Light", - "topologyLabelMap": { - "data": { - "ffe0d04967abc0c87d695d4a7f2700e0": [ - "*" - ], - "namespace": [ - "aws/rds" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "region": [ - "*" - ], - "f049c8a107a343b5188930219d3063f5": [ - "*" - ], - "dbidentifier": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panel37C3A046A1DDDA44", - "structure": "{\"height\":9,\"width\":12,\"x\":12,\"y\":0}" - }, - { - "key": "panelPANE-4967562181D97840", - "structure": "{\"height\":9,\"width\":12,\"x\":0,\"y\":0}" - }, - { - "key": "panel1574861796B07840", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":18}" - }, - { - "key": "panel538E876187F8084E", - "structure": "{\"height\":9,\"width\":7,\"x\":0,\"y\":9}" - }, - { - "key": "panelCCE28972AB613A49", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":30}" - }, - { - "key": "panel7C85397E9FE04843", - "structure": "{\"height\":9,\"width\":9,\"x\":7,\"y\":9}" - }, - { - "key": "panelA1500972A6C33943", - "structure": "{\"height\":9,\"width\":8,\"x\":16,\"y\":9}" - }, - { - "key": "panel8E0DB386BACE784D", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":24}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel37C3A046A1DDDA44", - "title": "DB Connections by Applications", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\",\"displayType\":\"stacked\"},\"series\":{},\"legend\":{\"enabled\":true},\"axes\":{\"axisX\":{\"title\":\"\"},\"axisY\":{\"title\":\" \"}},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*listener establish \"PROGRAM=\" (\"SID=\" or \"SERVICE_NAME=\") \n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?SERVICE_NAME=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?service_name=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?SID=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?sid=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?PROGRAM=(?[^)]*)\\)[\\s\\S]+?HOST=(?[^)]*)\\)[\\s\\S]+?USER=(?[^)]*)\\)\" nodrop\n| timeslice 1d\n| count as %\"ConnectionCount\" by _timeslice, userProgramName\n| transpose row _timeslice column userProgramName", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-4967562181D97840", - "title": "DB Connections By Host", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"roundDataPoints\":true,\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{\"A_101.99.94.54\":{\"visible\":true},\"A_103.159.133.209\":{\"visible\":false},\"A_103.230.15.121\":{\"visible\":false},\"A_103.230.15.214\":{\"visible\":false},\"A_104.168.163.124\":{\"visible\":false},\"A_104.238.222.128\":{\"visible\":false},\"A_104.36.229.110\":{\"visible\":false},\"A_107.148.130.22\":{\"visible\":false},\"A_127.0.0.1\":{\"visible\":false},\"A_128.254.207.87\":{\"visible\":false},\"A_137.220.61.94\":{\"visible\":false},\"A_139.180.157.81\":{\"visible\":false},\"A_141.98.234.31\":{\"visible\":false},\"A_142.132.224.223\":{\"visible\":false},\"A_146.190.214.190\":{\"visible\":false},\"A_146.70.161.15\":{\"visible\":false},\"A_146.70.92.153\":{\"visible\":false},\"A_147.124.212.89\":{\"visible\":false},\"A_147.124.213.11\":{\"visible\":false},\"A_148.72.168.13\":{\"visible\":false},\"A_149.248.14.222\":{\"visible\":false},\"A_15.235.130.5\":{\"visible\":false},\"A_150.109.103.16\":{\"visible\":false},\"A_152.228.248.230\":{\"visible\":false},\"A_152.89.198.214\":{\"visible\":false},\"A_154.204.24.0\":{\"visible\":false},\"A_154.204.26.120\":{\"visible\":false},\"A_154.204.27.130\":{\"visible\":false},\"A_154.204.27.181\":{\"visible\":false},\"A_157.245.221.70\":{\"visible\":false},\"A_158.255.213.74\":{\"visible\":false},\"A_159.203.171.196\":{\"visible\":false},\"A_167.99.156.161\":{\"visible\":false},\"A_168.100.11.29\":{\"visible\":false},\"A_172.31.31.24\":{\"visible\":false},\"A_172.67.132.165\":{\"visible\":false},\"A_172.86.121.179\":{\"visible\":false},\"A_174.207.39.190\":{\"visible\":false},\"A_176.9.47.240\":{\"visible\":false},\"A_179.60.149.219\":{\"visible\":false},\"A_18.228.138.181\":{\"visible\":false},\"A_18.230.180.104\":{\"visible\":false},\"A_181.41.200.209\":{\"visible\":false},\"A_185.113.8.123\":{\"visible\":false},\"A_185.156.172.62\":{\"visible\":false},\"A_185.16.39.253\":{\"visible\":false},\"A_185.172.128.11\":{\"visible\":false},\"A_185.172.128.170\":{\"visible\":false},\"A_185.196.8.22\":{\"visible\":false},\"A_185.212.11.196\":{\"visible\":false},\"A_185.237.206.77\":{\"visible\":false},\"A_185.70.104.90\":{\"visible\":false},\"A_188.127.224.64\":{\"visible\":false},\"A_188.40.171.91\":{\"visible\":false},\"A_192.161.184.21\":{\"visible\":false},\"A_192.81.210.219\":{\"visible\":false},\"A_193.109.85.219\":{\"visible\":false},\"A_193.233.132.30\":{\"visible\":false},\"A_193.233.22.122\":{\"visible\":false},\"A_193.242.211.154\":{\"visible\":false},\"A_194.49.94.194\":{\"visible\":false},\"A_194.59.183.59\":{\"visible\":false},\"A_195.133.88.98\":{\"visible\":false},\"A_195.201.215.181\":{\"visible\":false},\"A_198.105.127.69\":{\"visible\":false},\"A_198.105.127.72\":{\"visible\":false},\"A_198.105.127.98\":{\"visible\":false},\"A_20.189.125.71\":{\"visible\":false},\"A_20.201.119.163\":{\"visible\":false},\"A_207.148.113.177\":{\"visible\":false},\"A_213.252.232.134\":{\"visible\":false},\"A_216.189.159.197\":{\"visible\":false},\"A_23.254.164.50\":{\"visible\":false},\"A_23.88.117.132\":{\"visible\":false},\"A_23.88.55.108\":{\"visible\":false},\"A_31.210.173.10\":{\"visible\":false},\"A_31.41.244.38\":{\"visible\":false},\"A_34.31.226.230\":{\"visible\":false},\"A_34.80.156.164\":{\"visible\":false},\"A_34.82.20.84\":{\"visible\":false},\"A_35.167.150.110\":{\"visible\":false},\"A_38.60.217.34\":{\"visible\":false},\"A_38.60.217.4\":{\"visible\":false},\"A_45.11.59.67\":{\"visible\":false},\"A_45.134.174.78\":{\"visible\":false},\"A_45.134.83.4\":{\"visible\":false},\"A_45.140.146.156\":{\"visible\":false},\"A_45.147.199.21\":{\"visible\":false},\"A_45.155.250.90\":{\"visible\":false},\"A_45.32.174.131\":{\"visible\":false},\"A_45.40.96.97\":{\"visible\":false},\"A_45.61.169.99\":{\"visible\":false},\"A_45.63.60.39\":{\"visible\":false},\"A_47.76.46.65\":{\"visible\":false},\"A_49.13.32.37\":{\"visible\":false},\"A_5.181.159.76\":{\"visible\":false},\"A_5.182.87.130\":{\"visible\":false},\"A_5.182.87.146\":{\"visible\":false},\"A_5.188.230.23\":{\"visible\":false},\"A_5.199.168.24\":{\"visible\":false},\"A_5.22.216.77\":{\"visible\":false},\"A_5.255.99.87\":{\"visible\":false},\"A_5.42.64.45\":{\"visible\":false},\"A_5.42.65.55\":{\"visible\":false},\"A_54.168.223.109\":{\"visible\":false},\"A_54.204.26.120\":{\"visible\":false},\"A_62.173.146.41\":{\"visible\":false},\"A_62.204.41.234\":{\"visible\":false},\"A_64.190.113.73\":{\"visible\":false},\"A_64.227.162.106\":{\"visible\":false},\"A_65.109.80.185\":{\"visible\":false},\"A_65.21.212.85\":{\"visible\":false},\"A_77.105.132.124\":{\"visible\":false},\"A_77.105.132.70\":{\"visible\":false},\"A_77.105.132.92\":{\"visible\":false},\"A_77.105.132.94\":{\"visible\":false},\"A_77.73.131.73\":{\"visible\":false},\"A_78.141.243.154\":{\"visible\":false},\"A_78.24.180.93\":{\"visible\":false},\"A_79.132.130.163\":{\"visible\":false},\"A_81.31.197.38\":{\"visible\":false},\"A_84.32.131.21\":{\"visible\":false},\"A_85.192.63.35\":{\"visible\":false},\"A_87.121.45.14\":{\"visible\":false},\"A_88.119.174.102\":{\"visible\":false},\"A_89.208.103.177\":{\"visible\":false},\"A_91.211.247.248\":{\"visible\":false},\"A_91.211.247.89\":{\"visible\":false},\"A_91.242.229.3\":{\"visible\":false},\"A_91.92.242.183\":{\"visible\":false},\"A_91.92.244.186\":{\"visible\":false},\"A_91.92.254.193\":{\"visible\":false},\"A_92.118.112.208\":{\"visible\":false},\"A_92.246.139.143\":{\"visible\":false},\"A_93.115.28.51\":{\"visible\":false},\"A_95.164.10.156\":{\"visible\":false},\"A_95.216.227.177\":{\"visible\":false},\"A_95.216.98.218\":{\"visible\":false}},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*listener establish \"PROGRAM=\" (\"SID=\" or \"SERVICE_NAME=\") \n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?SERVICE_NAME=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?service_name=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?SID=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?sid=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?PROGRAM=(?[^)]*)\\)[\\s\\S]+?HOST=(?[^)]*)\\)[\\s\\S]+?USER=(?[^)]*)\\)\" nodrop\n| parse field=message \"(ADDRESS=(PROTOCOL=*)(HOST=*)(PORT=*))\" as clientProtocol, clientHost, clientPort nodrop\n| timeslice 1h\n| count as %\"ConnectionCount\" by _timeslice, clientHost\n| transpose row _timeslice column clientHost", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1574861796B07840", - "title": "Recent Failed Connection Attempts", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"table\",\"displayType\":\"default\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*listener establish \"PROGRAM=\" (\"SID=\" or \"SERVICE_NAME=\") and (\"\\nTNS-\" or \"TNS-\")\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\* \\(CONNECT_DATA[\\s\\S]+?\\* establish \\* \\S+ \\* (?\\d+)\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?SERVICE_NAME=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?service_name=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?SID=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?sid=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?PROGRAM=(?[^)]*)\\)[\\s\\S]+?HOST=(?[^)]*)\\)[\\s\\S]+?USER=(?[^)]*)\\)\" nodrop\n| parse field=message \"(ADDRESS=(PROTOCOL=*)(HOST=*)(PORT=*))\" as clientProtocol, clientHost, clientPort nodrop\n| parse regex field=message \"(?TNS-\\d{5}): (?.*)\" nodrop\n| where status != \"0\"\n| timeslice 1s\n| count as eventCount by _timeslice, SID, serviceName, status, userProgramName, userHost, databaseUser, clientProtocol, clientHost, clientPort, TNSerr, tnsmsg\n| sort by _timeslice\n| limit 10\n| fields -eventCount", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel538E876187F8084E", - "title": "Failed to Success Connection Ratio - Outlier", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#8be2ff\",\"outlierBandMarkerColor\":\"#005982\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":1,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"series\":{},\"color\":{\"family\":\"Categorical Default\"},\"legend\":{\"enabled\":false},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*listener establish \n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message \n| parse regex field=message \"\\* \\(CONNECT_DATA[\\s\\S]+?\\* establish \\* \\S+ \\* (?\\d+)\" nodrop\n| if (status=\"0\", 1, 0) as Connected\n| if (status!=\"0\",1, 0) as NotConnected\n| timeslice 1h\n| sum(Connected) as Connected, sum(NotConnected) as NotConnected by _timeslice\n| (NotConnected/Connected)*100 as ratio\n| outlier ratio", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelCCE28972AB613A49", - "title": "SID or Service Name Connections", - "visualSettings": "{\"general\":{\"mode\":\"table\",\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":25,\"decimals\":0},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*listener establish \"PROGRAM=\" (\"SID=\" or \"SERVICE_NAME=\") \n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?SERVICE_NAME=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?service_name=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?SID=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?sid=(?[^)]*)\\)[\\s\\S]+establish\" nodrop\n| parse regex field=message \"CONNECT_DATA[\\s\\S]+?PROGRAM=(?[^)]*)\\)[\\s\\S]+?HOST=(?[^)]*)\\)[\\s\\S]+?USER=(?[^)]*)\\)\" nodrop\n| parse field=message \"(ADDRESS=(PROTOCOL=*)(HOST=*)(PORT=*))\" as clientProtocol, clientHost, clientPort nodrop\n| count as %\"ConnectionCount\" by SID, serviceName, userHost, clientHost, databaseUser\n| sort by SID, serviceName, userHost, clientHost, databaseUser, %\"ConnectionCount\"", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel7C85397E9FE04843", - "title": "Command Execution Status", - "visualSettings": "{\"general\":{\"mode\":\"table\",\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":25,\"decimals\":0},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*listener \"COMMAND=\" \n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\* \\(CONNECT_DATA[\\s\\S]+?COMMAND=(?[^)]*)\\)[\\s\\S]+?\\* (?[^\\s]+)\\s+\\*\\s+(?\\d+)\"\n| tolowercase(connect_data_command) as connect_data_command\n| if (status=\"0\", \"Success\", \"Failure\") as CommandExecutionStatus\n| count as eventCount by connect_data_command, CommandExecutionStatus\n| transpose row connect_data_command column CommandExecutionStatus", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA1500972A6C33943", - "title": "Command Execution Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\",\"displayType\":\"stacked\"},\"series\":{},\"legend\":{\"enabled\":true},\"color\":{\"family\":\"Categorical Default\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*listener \"COMMAND=\" | json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\* \\(CONNECT_DATA[\\s\\S]+?COMMAND=(?[^)]*)\\)[\\s\\S]+?\\* (?[^\\s]+)\\s+\\*\\s+(?\\d+)\"\n| tolowercase(connect_data_command) as connect_data_command\n| timeslice 1d\n| count as eventCount by _timeslice, connect_data_command\n| transpose row _timeslice column connect_data_command", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8E0DB386BACE784D", - "title": "Recent Listener Stopped Events", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"table\",\"displayType\":\"default\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} dbidentifier={{dbidentifier}} _sourceHost=/aws/rds/*listener COMMAND stop \"COMMAND=stop\" \n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"(CONNECT_DATA=(CID=(PROGRAM=)(HOST=*)(USER=*))(COMMAND=*)(ARGUMENTS=*)(SERVICE=*)(VERSION=*))\" as userHost, databaseUser, connect_data_command, connect_data_arguments, connect_data_service, connect_data_version nodrop\n| parse regex field=message \"\\* \\(CONNECT_DATA[\\s\\S]+?COMMAND=(?[^)]*)\\)[\\s\\S]+?\\* (?[^\\s]+)\\s+\\*\\s+(?\\d+)\"\n| where connect_data_command=\"stop\"\n| if (status=\"0\", \"Success\", \"Failure\") as %\"CommandExecutionStatus\"\n| timeslice 1s\n| count as eventCount by _timeslice, userHost, databaseUser, connect_data_service, %\"CommandExecutionStatus\", status\n| sort by _timeslice | limit 10| fields -eventCount", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region=*", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "dbidentifier", - "displayName": "dbidentifier", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "dbidentifier" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "23. Amazon RDS - Proxy Overview", - "description": "The Amazon RDS Proxy Overview dashboard provides insights into proxy availability, client and database connections, and connection pool limits to help optimise database connectivity and performance.", - "title": "23. Amazon RDS - Proxy Overview", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-0C7AFD1199E1894F", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":10}" - }, - { - "key": "panel279F3A6A835F2B46", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":18}" - }, - { - "key": "panelF91BE44C87BFF84C", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":26}" - }, - { - "key": "panel60A58E0896F8CA42", - "structure": "{\"height\":5,\"width\":4,\"x\":20,\"y\":0}" - }, - { - "key": "panel4A05A27ABE885A42", - "structure": "{\"height\":5,\"width\":4,\"x\":16,\"y\":5}" - }, - { - "key": "panel596E1E38B3AFF944", - "structure": "{\"height\":5,\"width\":4,\"x\":4,\"y\":5}" - }, - { - "key": "panelD713D7A38368384E", - "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":10}" - }, - { - "key": "panel557187729CCA9A41", - "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":18}" - }, - { - "key": "panel839F358992534B42", - "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":26}" - }, - { - "key": "panelPANE-C738EF10AF4A794E", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":0}" - }, - { - "key": "panelPANE-650E2E7EBF5F2940", - "structure": "{\"height\":5,\"width\":4,\"x\":20,\"y\":5}" - }, - { - "key": "panelPANE-BE91B56DAB854B4E", - "structure": "{\"height\":5,\"width\":4,\"x\":16,\"y\":0}" - }, - { - "key": "panelPANE-F3E7E1C79BCA3B44", - "structure": "{\"height\":5,\"width\":4,\"x\":8,\"y\":0}" - }, - { - "key": "panelPANE-65505D95903E6A47", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":5}" - }, - { - "key": "panelPANE-C02282F0A847CB45", - "structure": "{\"height\":5,\"width\":4,\"x\":8,\"y\":5}" - }, - { - "key": "panelPANE-4C52EC15B73EF94D", - "structure": "{\"height\":5,\"width\":4,\"x\":4,\"y\":0}" - }, - { - "key": "panelEA59D7A7BE0CC941", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":5}" - }, - { - "key": "panel38F7CBB7B654CA4A", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":0}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-0C7AFD1199E1894F", - "title": "Availability Percentage - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"\",\"unit\":{\"value\":\"%100\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{\"A_account=proxy metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1\":{\"visible\":false},\"A_account=proxy metric=avg namespace=AWS/RDS proxyname=proxy-1747819191933-database-4 region=us-east-1\":{\"visible\":false},\"A_account=proxy metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1\":{\"visible\":false},\"A_account=proxy metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-1\":{\"visible\":false},\"A_account=proxy metric=avg namespace=AWS/RDS proxyname=proxy-1747816896327-database-3 region=us-east-1\":{\"visible\":false},\"B_metric=avg\":{\"visible\":true}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AvailabilityPercentage Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} targetgroup=* targetrole=* | avg by proxyname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AvailabilityPercentage Statistic=average account={{account}} region={{region}} proxyname=* targetgroup=* targetrole=*| Avg ", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel279F3A6A835F2B46", - "title": "Client Connections - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname=* | avg by proxyname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnections Statistic=Sum account={{account}} region={{region}} proxyname=* endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelF91BE44C87BFF84C", - "title": "Database Connections - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} TargetGroup=* Target=* | avg by proxyname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections Statistic=Sum account={{account}} region={{region}} proxyname=* TargetGroup=* Target=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel60A58E0896F8CA42", - "title": "Max Database Connections Allowed", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=MaxDatabaseConnectionsAllowed Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} TargetGroup=* Target=* | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel4A05A27ABE885A42", - "title": "Client Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel596E1E38B3AFF944", - "title": "Database Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup=* target=* | avg ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelD713D7A38368384E", - "title": "Availability Percentage", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[{\"label\":\"proxyname\",\"value\":\"proxyname\"}],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AvailabilityPercentage Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} targetgroup=* targetrole=readwrite | avg by account, namespace, region, proxyname, targetgroup", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel557187729CCA9A41", - "title": "Client Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[{\"label\":\"proxyname\",\"value\":\"proxyname\"}],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname=* | avg by proxyname, namespace, region, account, endpointname", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel839F358992534B42", - "title": "Database Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[{\"label\":\"proxyname\",\"value\":\"proxyname\"}],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup=* target=* | avg by account, region, namespace, proxyname, targetgroup, target", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-C738EF10AF4A794E", - "title": "Avg Query Database Response Latency", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryDatabaseResponseLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-650E2E7EBF5F2940", - "title": "Client Connections Received", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsReceived Statistic=sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-BE91B56DAB854B4E", - "title": "Avg Database Connections Borrow Latency", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsBorrowLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-F3E7E1C79BCA3B44", - "title": "Query Response Latency", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryResponseLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-65505D95903E6A47", - "title": "Avg Client Connections Setup Failed Auth", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsSetupFailedAuth Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-C02282F0A847CB45", - "title": "Database Connections Setup Failed", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupFailed Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-4C52EC15B73EF94D", - "title": "Query Requests", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Requests\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryRequests Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelEA59D7A7BE0CC941", - "title": "Database Connections Setup Failure Ratio", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":5,\"color\":\"#16943E\"},{\"from\":5,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":101,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":true}},\"hiddenQueryKeys\":[\"B\",\"A\"],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupFailed Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupSucceeded Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A/(#A+#B) * 100", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel38F7CBB7B654CA4A", - "title": "Availability Percentage", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":30,\"to\":101,\"color\":\"#16943E\"},{\"from\":10,\"to\":30,\"color\":\"#DFBE2E\"},{\"from\":0,\"to\":10,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":true,\"min\":0,\"max\":100}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AvailabilityPercentage Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} targetgroup=* targetrole=readwrite | avg ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account=*", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region=*", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "proxyname", - "displayName": "proxyname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds proxyname=*", - "key": "proxyname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "24. Amazon RDS - Proxy Client Connection Endpoint Performance", - "description": "The Amazon RDS - Proxy Client Connection Endpoint Performance dashboard provides insights into client connections, TLS usage, authentication success/failure, and connection latencies, helping you monitor and optimize proxy-managed database interactions.", - "title": "24. Amazon RDS - Proxy Client Connection Endpoint Performance", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-B7F5A8589BBC7B40", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":24}" - }, - { - "key": "panelD18AA898942AEB4A", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":18}" - }, - { - "key": "panel997CC5E5B3645B48", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":36}" - }, - { - "key": "panelEB6B0771B99C4B44", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":36}" - }, - { - "key": "panelB614CE43BD8AC843", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":6}" - }, - { - "key": "panelPANE-68CDF0289995EB4C", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":12}" - }, - { - "key": "panel5FAFB5249FF7084F", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":12}" - }, - { - "key": "panelPANE-89674EEA93314B4F", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":12}" - }, - { - "key": "panel88EBAD47BC7A1B4E", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":18}" - }, - { - "key": "panel8494B9C190740845", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":18}" - }, - { - "key": "panelD1785AE3B1995848", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":24}" - }, - { - "key": "panel1B9BADA9B5E95B4B", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":24}" - }, - { - "key": "panel72B72C7382C54A4D", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":6}" - }, - { - "key": "panel604BEFC18486EA45", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":6}" - }, - { - "key": "panel8254EEF3A5B9494A", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":0}" - }, - { - "key": "panelE465B304962AB94A", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":0}" - }, - { - "key": "panel65D5F56EB97B4841", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":0}" - }, - { - "key": "panelB6D1040C97D2784A", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":30}" - }, - { - "key": "panel8C8B14DF84454A4C", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":30}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-B7F5A8589BBC7B40", - "title": "Avg Client Connections Closed - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsClosed Statistic=sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsClosed Statistic=sum account={{account}} region={{region}} proxyname=* endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelD18AA898942AEB4A", - "title": "Avg Client Connections Received - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsReceived Statistic=sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsReceived Statistic=sum account={{account}} region={{region}} proxyname=* endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel997CC5E5B3645B48", - "title": "Avg Client Connections No TLS - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsNoTLS Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsNoTLS Statistic=sum account={{account}} region={{region}} proxyname=* endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelEB6B0771B99C4B44", - "title": "Avg Client Connections TLS - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsTLS Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsTLS Statistic=sum account={{account}} region={{region}} proxyname=* endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelB614CE43BD8AC843", - "title": "Avg Database Connections Borrow Latency Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"\",\"unit\":{\"value\":\"\u00b5s\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsBorrowLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname,endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsBorrowLatency Statistic=average account={{account}} region={{region}} proxyname=* endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-68CDF0289995EB4C", - "title": "Client Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5FAFB5249FF7084F", - "title": "Avg Client Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-89674EEA93314B4F", - "title": "Client Connections - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnections Statistic=Sum account={{account}} region={{region}} proxyname=* endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel88EBAD47BC7A1B4E", - "title": "Client Connections Received", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsReceived Statistic=sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8494B9C190740845", - "title": "Avg Client Connections Received", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsReceived Statistic=sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelD1785AE3B1995848", - "title": "Client Connections Closed", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsClosed Statistic=sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1B9BADA9B5E95B4B", - "title": "Avg Client Connections Closed", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsClosed Statistic=sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel72B72C7382C54A4D", - "title": "Avg Database Connections Borrow Latency", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsBorrowLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel604BEFC18486EA45", - "title": "Avg Database Connections Borrow Latency Trend (Copy) (Copy)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsBorrowLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8254EEF3A5B9494A", - "title": "Avg Client Connections Setup Failed Auth Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsSetupFailedAuth Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} EndpointName=* | avg by proxyname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsSetupFailedAuth Statistic=Sum account={{account}} region={{region}} proxyname=* EndpointName=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelE465B304962AB94A", - "title": "Avg Client Connections Setup Failed Auth Trend", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsSetupFailedAuth Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel65D5F56EB97B4841", - "title": "Avg Client Connections Setup Failed Auth", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsSetupFailedAuth Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelB6D1040C97D2784A", - "title": "Client Connections Setup Succeeded - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsSetupSucceeded Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsSetupSucceeded Statistic=Sum account={{account}} region={{region}} proxyname=* endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8C8B14DF84454A4C", - "title": "Client Connections Setup Succeeded", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=ClientConnectionsSetupSucceeded Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account=*", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region=*", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "proxyname", - "displayName": "proxyname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds proxyname=*", - "key": "proxyname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "endpointname", - "displayName": "endpointname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds proxyname={{proxyname}} endpointname=*", - "key": "endpointname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "25. Amazon RDS - Proxy Query Endpoint Performance", - "description": "The Amazon RDS Proxy Query Endpoint Performance dashboard tracks query TLS usage, and response latency to help monitor and optimise the performance.", - "title": "25. Amazon RDS - Proxy Query Endpoint Performance", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-616BF2DF9AA2194C", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panel6D5840B3B0BCDA4E", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":1}" - }, - { - "key": "panelCEDA4A95839A9A42", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":13}" - }, - { - "key": "panelB5BF8A159D0C5A4B", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":13}" - }, - { - "key": "panel000E8992BBA2A842", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":7}" - }, - { - "key": "panelA56E49A784023941", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":1}" - }, - { - "key": "panel7C6E7603B3D2B849", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":1}" - }, - { - "key": "panel99C1671DBF2E3A40", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":7}" - }, - { - "key": "panel69A2DAE2AC1BD945", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":7}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-616BF2DF9AA2194C", - "title": "Performance Trends", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel6D5840B3B0BCDA4E", - "title": "Avg Query Requests - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Requests\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryRequests Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryRequests Statistic=Sum account={{account}} region={{region}} proxyname=* endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelCEDA4A95839A9A42", - "title": "Avg Query Requests NoTLS Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Requests\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryRequestsNoTLS Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryRequestsNoTLS Statistic=Sum account={{account}} region={{region}} proxyname=* endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelB5BF8A159D0C5A4B", - "title": "Avg Query Requests TLS - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Requests\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryRequestsTLS Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryRequestsTLS Statistic=Sum account={{account}} region={{region}} proxyname=* endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel000E8992BBA2A842", - "title": "Avg Query Response Latency Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"\",\"unit\":{\"value\":\"\u00b5s\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryResponseLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryResponseLatency Statistic=average account={{account}} region={{region}} proxyname=* endpointname=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA56E49A784023941", - "title": "Query Requests", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Requests\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryRequests Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel7C6E7603B3D2B849", - "title": "Avg Query Requests", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryRequests Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel99C1671DBF2E3A40", - "title": "Avg Query Response Latency", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryResponseLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg by proxyname, endpointname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel69A2DAE2AC1BD945", - "title": "Query Response Latency", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryResponseLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} endpointname={{endpointname}} | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account=*", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region=*", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "proxyname", - "displayName": "proxyname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds proxyname=*", - "key": "proxyname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "endpointname", - "displayName": "endpointname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds proxyname={{proxyname}} endpointname=*", - "key": "endpointname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "26. Amazon RDS - Proxy Target Performance", - "description": "The Amazon RDS - Proxy Target Performance dashboard provides visibility into backend database connection usage, response latency, TLS adoption, and connection setup success rates. It helps monitor connection health, availability, and transaction behaviour to optimise performance and reliability of proxy-to-database interactions.", - "title": "26. Amazon RDS - Proxy Target Performance", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-E4F7E0B2BE19CA4D", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":12}" - }, - { - "key": "panelD9ED30008E437840", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":12}" - }, - { - "key": "panelPANE-001F992694E7E849", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":24}" - }, - { - "key": "panelPANE-1C285DF9B9E9594B", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":6}" - }, - { - "key": "panelA9CE389A8C99D94E", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":6}" - }, - { - "key": "panel196D847A9384284A", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":6}" - }, - { - "key": "panel731CB60097C16941", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":18}" - }, - { - "key": "panel57B1C2829BEF5B4C", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":18}" - }, - { - "key": "panel63CE07529A072841", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":18}" - }, - { - "key": "panelPANE-209A8F8EA4C84846", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":24}" - }, - { - "key": "panelC52A30E1A1A29941", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":12}" - }, - { - "key": "panelDB7EB0B7A48D6B45", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":42}" - }, - { - "key": "panel248629DD8F3D5947", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":36}" - }, - { - "key": "panelB7C0F195B2E1B94A", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":42}" - }, - { - "key": "panel3D068B49B9F24840", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":30}" - }, - { - "key": "panelBCBD7C60A5D55944", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":30}" - }, - { - "key": "panel6A6E0AB189728B40", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":36}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-E4F7E0B2BE19CA4D", - "title": "Database Connections Setup Failed", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupFailed Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelD9ED30008E437840", - "title": "Database Connections Setup Failed - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupFailed Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg by proxyname, targetgroup, target, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupFailed Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-001F992694E7E849", - "title": "Avg Database Connections With TLS - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsWithTLS Statistic=sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg by proxyname, targetgroup, target, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsWithTLS Statistic=sum account={{account}} region={{region}} proxyname=* targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-1C285DF9B9E9594B", - "title": "Avg Query Database Response Latency - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"\",\"unit\":{\"value\":\"\u00b5s\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryDatabaseResponseLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg by proxyname, targetgroup, target, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryDatabaseResponseLatency Statistic=average account={{account}} region={{region}} proxyname=* targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA9CE389A8C99D94E", - "title": "Avg Query Database Response Latency", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"microsecond\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryDatabaseResponseLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel196D847A9384284A", - "title": "Avg Query Database Response Latency", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryDatabaseResponseLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg by proxyname, targetgroup, target, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel731CB60097C16941", - "title": "Database Connections - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg by proxyname, targetgroup, target, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel57B1C2829BEF5B4C", - "title": "Database Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg by proxyname, targetgroup, target, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel63CE07529A072841", - "title": "Database Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-209A8F8EA4C84846", - "title": "Max Database Connections Allowed - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=MaxDatabaseConnectionsAllowed Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg by proxyname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=MaxDatabaseConnectionsAllowed Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelC52A30E1A1A29941", - "title": "Database Connections Setup Failed", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupFailed Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg by proxyname, targetgroup, target, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelDB7EB0B7A48D6B45", - "title": "Avg Database Connections Currently Borrowed - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsCurrentlyBorrowed Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg by proxyname, targetgroup, target, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsCurrentlyBorrowed Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel248629DD8F3D5947", - "title": "Avg Database Connections Currently In Transaction - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsCurrentlyInTransaction Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg by proxyname, targetgroup, target, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsCurrentlyInTransaction Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelB7C0F195B2E1B94A", - "title": "Avg Database Connections Currently Session Pinned - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsCurrentlySessionPinned Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg by proxyname, targetgroup, target, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsCurrentlySessionPinned Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel3D068B49B9F24840", - "title": "Avg Database Connection Requests - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionRequests Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg by proxyname, targetgroup, target, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionRequests Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelBCBD7C60A5D55944", - "title": "Avg Database Connection Requests With TLS - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionRequestsWithTLS Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg by proxyname, targetgroup, target, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionRequestsWithTLS Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel6A6E0AB189728B40", - "title": "Avg Database Connections Setup Succeeded - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-2 target=db:auroradbcluster01 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:mssql-database-1 targetgroup=default\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:auroradbcluster01 targetgroup=default\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:auroradbcluster01 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-2 target=db:auroradbcluster01 targetgroup=default\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:database-1 targetgroup=default\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-1 target=db:database-1 targetgroup=default\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:auroradbcluster01 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:auroradbcluster01 targetgroup=default\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:auroradbcluster01 targetgroup=default\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:mssql-database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:database-1 targetgroup=default\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-1 target=db:auroradbcluster01 targetgroup=default\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:database-1 targetgroup=default\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-1 target=db:auroradbcluster01 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:auroradbcluster01 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:auroradbcluster01 targetgroup=default\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:auroradbcluster01 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:auroradbcluster01 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:auroradbcluster01 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-2 target=db:database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-2 target=db:auroradbcluster01 targetgroup=default\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:auroradbcluster01 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:auroradbcluster01 targetgroup=default\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:mssql-database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:auroradbcluster01 targetgroup=default\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:mssql-database-1 targetgroup=default\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:auroradbcluster01 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:mssql-database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:auroradbcluster01 targetgroup=default\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:database-1 targetgroup=default\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-1 target=db:mssql-database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:auroradbcluster01 targetgroup=default\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:database-1 targetgroup=default\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-2 target=db:database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:database-1 targetgroup=default\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:auroradbcluster01 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:mssql-database-1 targetgroup=default\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:mssql-database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:auroradbcluster01 targetgroup=default\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:auroradbcluster01 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:mssql-database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:auroradbcluster01 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-1 target=db:auroradbcluster01 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:database-1 targetgroup=default\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:mssql-database-1 targetgroup=default\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-1 target=db:mssql-database-1 targetgroup=default\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-2 target=db:mssql-database-1 targetgroup=default\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:mssql-database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:mssql-database-1 targetgroup=default\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:mssql-database-1 targetgroup=default\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:auroradbcluster01 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:auroradbcluster01 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:auroradbcluster01 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:mssql-database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-1 target=db:database-1 targetgroup=default\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:mssql-database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:mssql-database-1 targetgroup=default\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:mssql-database-1 targetgroup=default\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:database-1 targetgroup=default\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:database-1 targetgroup=default\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-2 target=db:database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-2 target=db:mssql-database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:mssql-database-1 targetgroup=default\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-1 target=db:mssql-database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747743298629-database-2 region=us-east-2 target=db:auroradbcluster01 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:mssql-database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=dev metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:auroradbcluster01 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=prod metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-1 target=db:auroradbcluster01 targetgroup=tg-auth-backend\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=mymysqlproxy region=us-east-2 target=db:mssql-database-1 targetgroup=tg-customer-portal\":{\"visible\":false},\"A_account=stage metric=avg namespace=AWS/RDS proxyname=proxy-1747816643975-mssqldb-3 region=us-east-2 target=db:mssql-database-1 targetgroup=tg-auth-backend\":{\"visible\":false},\"B_metric=avg\":{\"visible\":false}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupSucceeded Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} target={{target}} | avg by proxyname, targetgroup, target, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupSucceeded Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* target=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region=*", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "proxyname", - "displayName": "proxyname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds proxyname=*", - "key": "proxyname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "targetgroup", - "displayName": "targetgroup", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds proxyname={{proxyname}} targetgroup=*", - "key": "targetgroup" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "target", - "displayName": "target", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds proxyname={{proxyname}} targetgroup={{targetgroup}} target=*", - "key": "target" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "27. Amazon RDS - Proxy TargetRole Performance", - "description": "The Amazon RDS - Proxy TargetRole Performance dashboard provides visibility into backend database connection usage, response latency, TLS adoption, and connection setup success rates. It helps monitor connection health, availability, and transaction behaviour to optimise performance and reliability of proxy-to-database interactions.", - "title": "27. Amazon RDS - Proxy TargetRole Performance", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-E4F7E0B2BE19CA4D", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":12}" - }, - { - "key": "panelD9ED30008E437840", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":12}" - }, - { - "key": "panelPANE-001F992694E7E849", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":24}" - }, - { - "key": "panelPANE-1C285DF9B9E9594B", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":6}" - }, - { - "key": "panelA9CE389A8C99D94E", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":6}" - }, - { - "key": "panel196D847A9384284A", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":6}" - }, - { - "key": "panel731CB60097C16941", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":18}" - }, - { - "key": "panel57B1C2829BEF5B4C", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":18}" - }, - { - "key": "panel63CE07529A072841", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":18}" - }, - { - "key": "panelPANE-209A8F8EA4C84846", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":24}" - }, - { - "key": "panelPANE-0131D34D97324A4F", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":0}" - }, - { - "key": "panel12ADCB9AA9252A4F", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":0}" - }, - { - "key": "panelA34EBAB4B13B4A44", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":0}" - }, - { - "key": "panelC52A30E1A1A29941", - "structure": "{\"height\":6,\"width\":7,\"x\":5,\"y\":12}" - }, - { - "key": "panelDB7EB0B7A48D6B45", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":42}" - }, - { - "key": "panel248629DD8F3D5947", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":36}" - }, - { - "key": "panelB7C0F195B2E1B94A", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":42}" - }, - { - "key": "panel3D068B49B9F24840", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":30}" - }, - { - "key": "panelBCBD7C60A5D55944", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":30}" - }, - { - "key": "panel6A6E0AB189728B40", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":36}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-E4F7E0B2BE19CA4D", - "title": "Database Connections Setup Failed", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupFailed Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelD9ED30008E437840", - "title": "Database Connections Setup Failed - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupFailed Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, targetgroup, targetrole, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupFailed Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* targetrole=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-001F992694E7E849", - "title": "Avg Database Connections With TLS - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsWithTLS Statistic=sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, targetgroup, targetrole, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsWithTLS Statistic=sum account={{account}} region={{region}} proxyname=* targetgroup=* targetrole=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-1C285DF9B9E9594B", - "title": "Avg Query Database Response Latency - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"\",\"unit\":{\"value\":\"\u00b5s\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryDatabaseResponseLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryDatabaseResponseLatency Statistic=average account={{account}} region={{region}} proxyname=* targetgroup=* targetrole=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA9CE389A8C99D94E", - "title": "Avg Query Database Response Latency", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryDatabaseResponseLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel196D847A9384284A", - "title": "Avg Query Database Response Latency", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=QueryDatabaseResponseLatency Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, targetgroup, targetrole, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel731CB60097C16941", - "title": "Database Connections - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, targetgroup, targetrole, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* targetrole=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel57B1C2829BEF5B4C", - "title": "Database Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, targetgroup, targetrole, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel63CE07529A072841", - "title": "Database Connections", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnections Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-209A8F8EA4C84846", - "title": "Max Database Connections Allowed - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=MaxDatabaseConnectionsAllowed Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=MaxDatabaseConnectionsAllowed Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* targetrole=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-0131D34D97324A4F", - "title": "Availability Percentage - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"\",\"unit\":{\"value\":\"%100\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AvailabilityPercentage Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | Sum by proxyname, targetgroup, targetrole, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AvailabilityPercentage Statistic=average account={{account}} region={{region}} proxyname=* targetgroup=* targetrole=*| Avg ", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel12ADCB9AA9252A4F", - "title": "Availability Percentage", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AvailabilityPercentage Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, targetgroup, targetrole, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA34EBAB4B13B4A44", - "title": "Availability Percentage", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Latest\",\"unitify\":false,\"textColor\":\"\",\"backgroundColor\":\"\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":30,\"to\":101,\"color\":\"#16943E\"},{\"from\":10,\"to\":30,\"color\":\"#DFBE2E\"},{\"from\":0,\"to\":10,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":true}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=AvailabilityPercentage Statistic=average account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelC52A30E1A1A29941", - "title": "Database Connections Setup Failed", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"honeyComb\",\"displayType\":\"default\",\"roundDataPoints\":true,\"mode\":\"honeyComb\"},\"honeyComb\":{\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#98ECA9\"},{\"from\":null,\"to\":null,\"color\":\"#F2DA73\"},{\"from\":null,\"to\":null,\"color\":\"#FFB5B5\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\",\"noDataMessage\":\"\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupFailed Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, targetgroup, targetrole, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelDB7EB0B7A48D6B45", - "title": "Avg Database Connections Currently Borrowed - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsCurrentlyBorrowed Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, targetgroup, targetrole, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsCurrentlyBorrowed Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* targetrole=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel248629DD8F3D5947", - "title": "Avg Database Connections Currently In Transaction - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsCurrentlyInTransaction Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, targetgroup, targetrole, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsCurrentlyInTransaction Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* targetrole=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelB7C0F195B2E1B94A", - "title": "Avg Database Connections Currently Session Pinned - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsCurrentlySessionPinned Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, targetgroup, targetrole, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsCurrentlySessionPinned Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* targetrole=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel3D068B49B9F24840", - "title": "Avg Database Connection Requests - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{\"B_metric=avg\":{\"visible\":false}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionRequests Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, targetgroup, targetrole, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionRequests Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* targetrole=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelBCBD7C60A5D55944", - "title": "Avg Database Connection Requests With TLS - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionRequestsWithTLS Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, targetgroup, targetrole, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionRequestsWithTLS Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* targetrole=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel6A6E0AB189728B40", - "title": "Avg Database Connections Setup Succeeded - Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"circle\",\"lineThickness\":\"3\"},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{proxyname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Across All Entities\"}}],\"series\":{\"B_metric=avg\":{\"visible\":false}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupSucceeded Statistic=Sum account={{account}} region={{region}} proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole={{targetrole}} | avg by proxyname, targetgroup, targetrole, namespace, region, account", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "Namespace={{namespace}} metric=DatabaseConnectionsSetupSucceeded Statistic=Sum account={{account}} region={{region}} proxyname=* targetgroup=* targetrole=* | avg", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region=*", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "proxyname", - "displayName": "proxyname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds proxyname=*", - "key": "proxyname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "targetgroup", - "displayName": "targetgroup", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds proxyname={{proxyname}} targetgroup=*", - "key": "targetgroup" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "targetrole", - "displayName": "targetrole", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds proxyname={{proxyname}} targetgroup={{targetgroup}} targetrole=*", - "key": "targetrole" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "28. Amazon RDS - Proxy Audit", - "description": "The Amazon RDS - Proxy Audit dashboard tracks CUD operations, read-only events, and the most active proxies, helping you monitor changes, user activity.", - "title": "28. Amazon RDS - Proxy Audit", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panel99502F8DB981AA43", - "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":0}" - }, - { - "key": "panelCA96A6AD8AA46B49", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":0}" - }, - { - "key": "panelA7998319B740994F", - "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":8}" - }, - { - "key": "panel7A2CC9EEB3B0D944", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":8}" - }, - { - "key": "panelC605D969A7A0BA40", - "structure": "{\"height\":8,\"width\":17,\"x\":7,\"y\":16}" - }, - { - "key": "panelC8DE12798C1CBA43", - "structure": "{\"height\":8,\"width\":7,\"x\":0,\"y\":16}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel99502F8DB981AA43", - "title": "CUD Events", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and event_name in (\"CreateDBProxy\", \"ModifyDBProxy\", \"DeleteDBProxy\")\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"dBProxyName\" as dBProxyName1 nodrop\n| json field=responseElements \"dBProxy.dBProxyName\", \"dBProxyTargetGroup.dBProxyName\" as dBProxyName2, dBProxyName3 nodrop\n| if (!isEmpty(dBProxyName1), dBProxyName1, if (!isEmpty(dBProxyName2), dBProxyName2, dBProxyName3)) as dBProxyName\n| tolowercase(dBProxyName) as proxyname\n| where proxyname matches \"{{proxyname}}\"\n| timeslice 1s\n| count as Frequency by _timeslice, event_name, proxyname, error_code, error_message, src_ip, user, type, requestID, user_agent, region, accountId\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelCA96A6AD8AA46B49", - "title": "Endpoint CUD Events", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and event_name in (\"CreateDBProxyEndpoint\", \"ModifyDBProxyEndpoint\", \"DeleteDBProxyEndpoint\")\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"dBProxyName\" as dBProxyName1 nodrop\n| json field=responseElements \"dBProxy.dBProxyName\", \"dBProxyTargetGroup.dBProxyName\", \"dBProxyEndpoint.dBProxyName\" as dBProxyName2, dBProxyName3, dBProxyName4 nodrop\n| if (!isEmpty(dBProxyName1), dBProxyName1, if (!isEmpty(dBProxyName2), dBProxyName2, if (!isEmpty(dBProxyName3), dBProxyName3, dBProxyName4))) as dBProxyName\n| tolowercase(dBProxyName) as proxyname\n| where proxyname matches \"{{proxyname}}\"\n| timeslice 1s\n| count as Frequency by _timeslice, event_name, proxyname, error_code, error_message, src_ip, user, type, requestID, user_agent, region, accountId\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA7998319B740994F", - "title": "Target Registration Event Operations", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}} \n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and event_name matches \"*egisterDBProxyTargets\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"dBProxyName\" as dBProxyName1 nodrop\n| json field=responseElements \"dBProxy.dBProxyName\", \"dBProxyTargetGroup.dBProxyName\" as dBProxyName2, dBProxyName3 nodrop\n| if (!isEmpty(dBProxyName1), dBProxyName1, if (!isEmpty(dBProxyName2), dBProxyName2, dBProxyName3)) as dBProxyName\n| tolowercase(dBProxyName) as proxyname\n| where proxyname matches \"{{proxyname}}\"\n| timeslice 1s\n| count as Frequency by _timeslice, event_name, proxyname, error_code, error_message, src_ip, user, type, requestID, user_agent, region, accountId\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel7A2CC9EEB3B0D944", - "title": "Modify DB Proxy TargetGroup Event Operations", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and event_name = \"ModifyDBProxyTargetGroup\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"dBProxyName\" as dBProxyName1 nodrop\n| json field=responseElements \"dBProxy.dBProxyName\", \"dBProxyTargetGroup.dBProxyName\" as dBProxyName2, dBProxyName3 nodrop\n| if (!isEmpty(dBProxyName1), dBProxyName1, if (!isEmpty(dBProxyName2), dBProxyName2, dBProxyName3)) as dBProxyName\n| tolowercase(dBProxyName) as proxyname\n| where proxyname matches \"{{proxyname}}\"\n| timeslice 1s\n| count as Frequency by _timeslice, event_name, proxyname, error_code, error_message, src_ip, user, type, requestID, user_agent, region, accountId\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelC605D969A7A0BA40", - "title": "Read Only Events", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and event_name matches \"DescribeDBProx*\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId, arn, username, type nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| json field=requestParameters \"dBProxyName\" as dBProxyName1 nodrop\n| json field=responseElements \"dBProxy.dBProxyName\", \"dBProxyTargetGroup.dBProxyName\" as dBProxyName2, dBProxyName3 nodrop\n| if (!isEmpty(dBProxyName1), dBProxyName1, if (!isEmpty(dBProxyName2), dBProxyName2, dBProxyName3)) as dBProxyName\n| tolowercase(dBProxyName) as proxyname\n| where proxyname matches \"{{proxyname}}\"\n| timeslice 1s\n| count as Frequency by _timeslice, event_name, proxyname, error_code, error_message, src_ip, user, type, requestID, user_agent, region, accountId\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelC8DE12798C1CBA43", - "title": "Top 10 Most Active Proxy", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "\"\\\"eventsource\\\":\\\"rds.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventTime\", \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"errorCode\", \"errorMessage\", \"requestID\", \"sourceIPAddress\" as eventTime, event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, error_code, error_message, requestID, src_ip nodrop\n| where event_source = \"rds.amazonaws.com\" and event_name matches \"*Prox*\"\n| json field=requestParameters \"dBProxyName\" as dBProxyName1 nodrop\n| json field=responseElements \"dBProxy.dBProxyName\", \"dBProxyTargetGroup.dBProxyName\" as dBProxyName2, dBProxyName3 nodrop\n| if (!isEmpty(dBProxyName1), dBProxyName1, if (!isEmpty(dBProxyName2), dBProxyName2, dBProxyName3)) as dBProxyName\n| tolowercase(dBProxyName) as proxyname\n| where proxyname matches \"{{proxyname}}\"\n| count as Frequency by proxyname\n| sort by Frequency\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account=*", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region=*", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "proxyname", - "displayName": "proxyname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds proxyname=*", - "key": "proxyname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "29. Amazon RDS - Proxy Log Analysis", - "description": "The Amazon RDS - Proxy Log Analysis dashboard provides insights into connection activity trends, including top database connection events, client connection pool usage, and event distribution by proxy. It also highlights failed or error events, database availability, and authentication events to help you monitor and troubleshoot proxy operations effectively.", - "title": "29. Amazon RDS - Proxy Log Analysis", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/rds" - ], - "region": [ - "*" - ], - "0b4d0d38df6d35b3906157b6ffd2f602": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panelPANE-AAA1BD12B5796B41", - "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":32}" - }, - { - "key": "panel2E20C96CA5161849", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":24}" - }, - { - "key": "panel0FAA4D47AB26884C", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":40}" - }, - { - "key": "panelF822162FB745684E", - "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":40}" - }, - { - "key": "panel6C8392A3B4227B48", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":32}" - }, - { - "key": "panel5CE33B798A51EA41", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":0}" - }, - { - "key": "panel74618E41AA33294A", - "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":0}" - }, - { - "key": "panelF3487D53A8127A4A", - "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":8}" - }, - { - "key": "panel368D05B3B4388848", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":8}" - }, - { - "key": "panel78697B18943CEA46", - "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":16}" - }, - { - "key": "panel044F88AFAF0E1A46", - "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":24}" - }, - { - "key": "panelBAA9D8EFA0224B44", - "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":16}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panelPANE-AAA1BD12B5796B41", - "title": "Top 10 TCP DB Connection Established", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} proxyname={{proxyname}} _sourceHost=/aws/rds/proxy/*\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"* [dbConnection=*] A TCP connection was established from the proxy at *:* to the database at *:*.\" \n as logLevel, db_connection, proxy_ip, proxy_port, db_ip, db_port\n| count as count by _messageTime, proxyname, db_connection, proxy_ip, db_ip\n| sort by _messageTime desc\n| formatDate(_messageTime, \"yyyy/MM/dd HH:mm:ss Z\") as time\n| fields -_messagetime\n| fields time, proxyname, db_connection, proxy_ip, db_ip\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2E20C96CA5161849", - "title": "Top 10 DB Connection Closed", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} proxyname={{proxyname}} _sourceHost=/aws/rds/proxy/* \"The database connection closed.\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"[dbConnection=*]\" as db_connection\n| count as count by _messageTime, db_connection, proxyname\n| sort by _messageTime desc\n| formatDate(_messageTime, \"yyyy/MM/dd HH:mm:ss Z\") as time\n| fields -_messagetime\n| fields time, proxyname, db_connection\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel0FAA4D47AB26884C", - "title": "Top 10 Client Borrowed Connection Released", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} proxyname={{proxyname}} _sourceHost=/aws/rds/proxy/* \"borrowed from the connection pool is being released\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"[proxyEndpoint=*]\" as proxy_endpoint\n| parse field=message \"[clientConnection=*]\" as client_connection\n| parse field=message \"[dbConnection=*]\" as db_connection\n| count as count by _messageTime, proxyname, db_connection, proxy_endpoint, client_connection\n| sort by _messageTime desc\n| formatDate(_messageTime, \"yyyy/MM/dd HH:mm:ss Z\") as time\n| fields -_messagetime\n| fields time, proxyname, proxy_endpoint, client_connection, db_connection\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelF822162FB745684E", - "title": "Top 10 Client Borrowed Connection From Pool", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} proxyname={{proxyname}} _sourceHost=/aws/rds/proxy/* \"The client connection borrowed the database connection\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"[proxyEndpoint=*] [clientConnection=*] The client connection borrowed the database connection [dbConnection=*]\" as proxy_endpoint, client_connection, db_connection\n| count as count by _messageTime, proxyname, proxy_endpoint, client_connection, db_connection\n| sort by _messageTime desc\n| formatDate(_messageTime, \"yyyy/MM/dd HH:mm:ss Z\") as time\n| fields -_messagetime\n| fields time, proxyname, proxy_endpoint, client_connection, db_connection\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel6C8392A3B4227B48", - "title": "Top 10 New Client Connection", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} proxyname={{proxyname}} _sourceHost=/aws/rds/proxy/* \"A new client connected from\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse field=message \"[proxyEndpoint=*] [clientConnection=*] A new client connected from *:*.\" as proxy_endpoint, client_connection, proxy_ip, proxy_port\n| count as count by _messageTime, proxyname, proxy_endpoint, client_connection, proxy_ip, proxy_port\n| sort by _messageTime desc\n| formatDate(_messageTime, \"yyyy/MM/dd HH:mm:ss Z\") as time\n| fields -_messagetime\n| fields time, proxyname, proxy_endpoint, client_connection, proxy_ip, proxy_port\n| limit 10", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5CE33B798A51EA41", - "title": "Events Trend By Proxy", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"roundDataPoints\":true,\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} proxyname={{proxyname}} _sourceHost=/aws/rds/proxy/* \n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| timeslice 15m\n| count by _timeslice, proxyname\n| transpose row _timeslice column proxyname", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel74618E41AA33294A", - "title": "Events By Proxy", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} proxyname={{proxyname}} _sourceHost=/aws/rds/proxy/* \n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| count by proxyname\n| sort by _count, proxyname asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelF3487D53A8127A4A", - "title": "Failed or Error Events", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"overrides\":[],\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} proxyname={{proxyname}} _sourceHost=/aws/rds/proxy/* failed or error\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"^\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}\\.\\d+Z (?.*)\" nodrop\n| where !isBlank(proxyname)\n| dedup proxyname, message\n| timeslice 15m\n| count by _timeslice, proxyname, message\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel368D05B3B4388848", - "title": "Database Availability Events", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} proxyname={{proxyname}} _sourceHost=/aws/rds/proxy/* \"Database\" and \"is now available for read/write access\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"\\\"(?[^\\\"]+)\\\" at (?\\d{1,3}(?:\\.\\d{1,3}){3}):(?\\d+) is now available for read/write access from (?\\d{1,3}(?:\\.\\d{1,3}){3})(?:\\. Version: (?.+))?\" nodrop\n| sort by _messageTime desc\n| dedup proxyname, dbidentifier, db_host, db_port, db_version\n| count as count by _messageTime, proxyname, dbidentifier, db_host, db_port, db_version\n| formatDate(_messageTime, \"yyyy/MM/dd HH:mm:ss Z\") as time\n| fields -_messagetime\n| fields time, proxyname, dbidentifier, db_host, db_port, db_version", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel78697B18943CEA46", - "title": "Database Authentication Events", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} proxyname={{proxyname}} _sourceHost=/aws/rds/proxy/* \"Proxy authentication with\" and \"succeeded for user\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"authentication with (?\\w+) native password authentication succeeded for user \\\"(?[^\\\"]+)\\\" with (?TLSv\\d+\\.\\d+|TLS off)\" nodrop\n| parse regex \"\\[clientConnection=(?\\d+)\\]\" nodrop\n| sort by _messageTime desc\n| dedup proxyname, engine, username, tls_version\n| count as count by _messageTime, proxyname, engine, username, tls_version\n| formatDate(_messageTime, \"yyyy/MM/dd HH:mm:ss Z\") as time\n| fields -_messagetime\n| sort by time desc\n| fields time, proxyname, engine, username, tls_version", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel044F88AFAF0E1A46", - "title": "Database Max Connections & Flags", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} proxyname={{proxyname}} _sourceHost=/aws/rds/proxy/* \"The proxy discovered settings for database\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"database \\\"(?[^\\\"]+)\\\" at (?\\d{1,3}(?:\\.\\d{1,3}){3}):(?\\d+) from (?\\d{1,3}(?:\\.\\d{1,3}){3})\\. Max connections: (?\\d+)(?:\\. (?.*))?\"\n| dedup proxyname, dbidentifier, db_host, port, source_ip, max_connections, optional_flags\n| count as count by _messageTime, proxyname, dbidentifier, db_host, port, source_ip, max_connections, optional_flags\n| sort by _messageTime desc\n| formatDate(_messageTime, \"yyyy/MM/dd HH:mm:ss Z\") as time\n| fields -_messagetime\n| fields time, proxyname, dbidentifier, db_host, port, source_ip, max_connections, optional_flags", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelBAA9D8EFA0224B44", - "title": "Database Engine with Proxy", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"roundDataPoints\":true,\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} proxyname={{proxyname}} _sourceHost=/aws/rds/proxy/* \"Proxy authentication with\" and \"succeeded for user\"\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n| parse regex field=message \"authentication with (?\\w+) native password authentication succeeded for user \\\"(?[^\\\"]+)\\\" with (?TLSv\\d+\\.\\d+|TLS off)\" nodrop\n| parse regex \"\\[clientConnection=(?\\d+)\\]\" nodrop\n| dedup proxyname, engine, username, tls_version\n| count by proxyname, engine", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account=*", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region=*", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/rds", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "proxyname", - "displayName": "proxyname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/rds proxyname=*", - "key": "proxyname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null - } - ] -} \ No newline at end of file diff --git a/aws-observability/json/Sns-App.json b/aws-observability/json/Sns-App.json deleted file mode 100644 index 296f20f4..00000000 --- a/aws-observability/json/Sns-App.json +++ /dev/null @@ -1,2312 +0,0 @@ -{ - "type": "FolderSyncDefinition", - "name": "Amazon SNS", - "description": "The Sumo Logic App for Amazon SNS collects CloudTrail logs and CloudWatch metrics to provide insights into the operations and utilization of your SNS service. The preconfigured dashboards help you monitor the key metrics by application, platform, and topic name, view the SNS events for activities, and help you plan the capacity of your SNS service.", - "children": [ - { - "type": "DashboardV2SyncDefinition", - "name": "1. Amazon SNS - Messages, Notifications ", - "description": "The Amazon SNS - Messages, Notifications dashboard provides insights across metrics by messages, notifications, SMS rates.", - "title": "1. Amazon SNS - Messages, Notifications ", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/sns" - ], - "topicname": [ - "*" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panel82FC587B9BACF941", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":21}" - }, - { - "key": "panelPANE-A3ADC6ED8EDF2B4C", - "structure": "{\"height\":4,\"width\":5,\"x\":0,\"y\":0}" - }, - { - "key": "panel1FA1906D834C9B46", - "structure": "{\"height\":4,\"width\":5,\"x\":10,\"y\":0}" - }, - { - "key": "panel815D399A933C5940", - "structure": "{\"height\":4,\"width\":5,\"x\":15,\"y\":0}" - }, - { - "key": "panel81AC01C88E6C8B46", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":21}" - }, - { - "key": "panel5DD1E582BAA4A84F", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":27}" - }, - { - "key": "panel71CB92F989A1D84E", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":27}" - }, - { - "key": "panel27A5906DA65FE84B", - "structure": "{\"height\":4,\"width\":5,\"x\":5,\"y\":0}" - }, - { - "key": "panel99D65C5790DDC84F", - "structure": "{\"height\":4,\"width\":4,\"x\":20,\"y\":0}" - }, - { - "key": "panel53EF06C4A2B08A4A", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":4}" - }, - { - "key": "panel9B5290EA9C1C1849", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":9}" - }, - { - "key": "panel8197657DAE4A394C", - "structure": "{\"height\":10,\"width\":20,\"x\":4,\"y\":4}" - }, - { - "key": "panelEC8A062C923DBA4E", - "structure": "{\"height\":7,\"width\":8,\"x\":0,\"y\":14}" - }, - { - "key": "panel8DF75C14B6BC3A49", - "structure": "{\"height\":7,\"width\":8,\"x\":16,\"y\":14}" - }, - { - "key": "panel0344AFB8A76FF84C", - "structure": "{\"height\":7,\"width\":8,\"x\":8,\"y\":14}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel82FC587B9BACF941", - "title": "Message Publish Size (Today, Yesterday, Last Week)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\"},\"series\":{},\"hiddenQueryKeys\":[],\"overrides\":[{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"type\":\"line\",\"color\":\"#50caf2\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"D\"],\"properties\":{\"type\":\"line\",\"color\":\"#f0731f\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"E\"],\"properties\":{\"type\":\"line\",\"color\":\"#4f3aab\",\"name\":\"Last Week\"}}],\"axes\":{\"axisY\":{\"title\":\"Message Size\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=PublishSize Statistic=Average | avg ", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#C | timeshift 1d", - "queryType": "Metrics", - "queryKey": "D", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#C | timeshift 7d", - "queryType": "Metrics", - "queryKey": "E", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-A3ADC6ED8EDF2B4C", - "title": "Messages Published", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Sum\",\"label\":\"Messages\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#6cae01\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfMessagesPublished Statistic=Sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel1FA1906D834C9B46", - "title": "Notifications Delivered", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Sum\",\"label\":\"Notifications\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#6cae01\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsDelivered Statistic=Sum | sum \n\n", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel815D399A933C5940", - "title": "Notifications Failed", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Sum\",\"label\":\"Notifications\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#6cae01\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsFailed Statistic=Sum | sum ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel81AC01C88E6C8B46", - "title": "Messages Published (Today, Yesterday, Last Week)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\",\"aggregationType\":\"avg\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"Messages\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"type\":\"line\",\"color\":\"#50caf2\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"type\":\"line\",\"color\":\"#f0731f\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"type\":\"line\",\"color\":\"#4f3aab\",\"name\":\"Last Week\"}}],\"hiddenQueryKeys\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfMessagesPublished Statistic=Sum | sum ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 7d", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5DD1E582BAA4A84F", - "title": "Notifications Delivered (Today, Yesterday, Last Week)", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\",\"aggregationType\":\"avg\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"Notifications\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"type\":\"line\",\"color\":\"#50caf2\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"type\":\"line\",\"color\":\"#f0731f\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"type\":\"line\",\"color\":\"#4f3aab\",\"name\":\"Last Week\"}}],\"hiddenQueryKeys\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsDelivered Statistic=Sum | sum ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 7d", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel71CB92F989A1D84E", - "title": "Notifications Failed (Today, Yesterday, Last Week) ", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\",\"aggregationType\":\"avg\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"Notifications\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"Categorical Default\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"type\":\"line\",\"color\":\"#50caf2\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"type\":\"line\",\"color\":\"#f0731f\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"type\":\"line\",\"color\":\"#4f3aab\",\"name\":\"Last Week\"}}],\"hiddenQueryKeys\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsFailed Statistic=Sum | sum ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 7d", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel27A5906DA65FE84B", - "title": "Avg Message Size", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Average\",\"label\":\"Bytes\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#6cae01\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=PublishSize Statistic=Average | avg ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel99D65C5790DDC84F", - "title": "Failure Rate", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Average\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#6cae01\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false},\"hiddenQueryKeys\":[\"A\",\"B\"]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsDelivered Statistic=Sum | sum \n\n", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsFailed Statistic=Sum | sum \n", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#B/(#A+#B)*100", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel53EF06C4A2B08A4A", - "title": "SMS Success Rate", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Sum\",\"label\":\"SMS\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SMSSuccessRate Statistic=Sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel9B5290EA9C1C1849", - "title": "SMS Month To Date Spent USD", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Sum\",\"label\":\"USD\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":1,\"color\":\"#16943E\"},{\"from\":1,\"to\":5,\"color\":\"#DFBE2E\"},{\"from\":5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SMSMonthToDateSpentUSD Statistic=Sum | sum", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8197657DAE4A394C", - "title": "Notifications Detail", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"Notifications\"},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"NumberOfNotifications\"},\"axisY2\":{\"title\":\"\",\"unit\":{\"value\":\"\",\"isCustom\":false}}},\"series\":{},\"hiddenQueryKeys\":[],\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"NotificationsFilteredOut\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"NotificationsFilteredOut-InvalidAttributes\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"name\":\"NotificationsFilteredOut-NoMessageAttributes \"}},{\"series\":[],\"queries\":[\"D\"],\"properties\":{\"name\":\"NotificationsRedrivenToDlq\"}},{\"series\":[],\"queries\":[\"E\"],\"properties\":{\"name\":\"NotificationsFailedToRedriveToDlq\"}}],\"general\":{\"type\":\"bar\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"distribution\",\"aggregationType\":\"sum\"},\"color\":{\"family\":\"Categorical Default\"},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsFilteredOut Statistic=Sum | sum by metric", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsFilteredOut-InvalidAttributes Statistic=Sum | sum by metric", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsFilteredOut-NoMessageAttributes Statistic=Sum | sum by metric", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsRedrivenToDlq Statistic=Sum | sum by metric", - "queryType": "Metrics", - "queryKey": "D", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsFailedToRedriveToDlq Statistic=Sum | sum by metric", - "queryType": "Metrics", - "queryKey": "E", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelEC8A062C923DBA4E", - "title": "Top 10 Active Topics by Messages Published", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"TopicName\"},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"NumberOfMessagesPublished\"}},\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\",\"aggregationType\":\"sum\"},\"color\":{\"family\":\"Categorical Light\"},\"legend\":{\"enabled\":false},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfMessagesPublished Statistic=Sum | sum by metric , TopicName | topk (10, sum)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8DF75C14B6BC3A49", - "title": "Top 10 Active Topics by Notifications Failed", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"TopicName\"},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"NumberOfNotificationsFailed\"}},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{}}],\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\",\"aggregationType\":\"sum\"},\"color\":{\"family\":\"Categorical Light\"},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsFailed Statistic=Sum | sum by metric , TopicName | topk (10, sum)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel0344AFB8A76FF84C", - "title": "Top 10 Active Topics by Notifications Delivered", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"TopicName\"},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12,\"title\":\"NumberOfNotificationsDelivered\"}},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{}}],\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\",\"aggregationType\":\"sum\"},\"color\":{\"family\":\"Categorical Light\"},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsDelivered Statistic=Sum | sum by metric , TopicName | topk (10, sum)", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/sns", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/sns", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "topicname", - "displayName": "topicname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "topicname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "1. Amazon SNS - Overview", - "description": "The Amazon SNS - Overview dashboard provides insights across CloudTrail events and metrics.", - "title": "1. Amazon SNS - Overview", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/sns" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panel40B571E3A8CF694E", - "structure": "{\"height\":9,\"width\":12,\"x\":0,\"y\":13}" - }, - { - "key": "panel93252B51B57EDB4D", - "structure": "{\"height\":5,\"width\":5,\"x\":0,\"y\":1}" - }, - { - "key": "panel246853BDA98F894A", - "structure": "{\"height\":5,\"width\":5,\"x\":5,\"y\":1}" - }, - { - "key": "panel8E6DF23A8D775A4B", - "structure": "{\"height\":5,\"width\":7,\"x\":10,\"y\":1}" - }, - { - "key": "panelDA2DFDF2A4D19A44", - "structure": "{\"height\":5,\"width\":7,\"x\":17,\"y\":1}" - }, - { - "key": "panel9CBE3510857A6845", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":6}" - }, - { - "key": "panel6BF3727D86A0E949", - "structure": "{\"height\":9,\"width\":12,\"x\":0,\"y\":22}" - }, - { - "key": "panelCB717EB5B480A948", - "structure": "{\"height\":9,\"width\":12,\"x\":12,\"y\":22}" - }, - { - "key": "panel5C761868A14A7B40", - "structure": "{\"height\":9,\"width\":12,\"x\":12,\"y\":13}" - }, - { - "key": "panel2C1AFF3CADD60947", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":6}" - }, - { - "key": "panelPANE-88E3C816ADF55B44", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panel46CCAA8DAA25C848", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":12}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel40B571E3A8CF694E", - "title": "Messages Published (Today, Yesterday, Last Week)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"color\":\"#50caf2\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"color\":\"#f0731f\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"color\":\"#4f3aab\",\"name\":\"Last Week\"}}],\"axes\":{\"axisY\":{\"title\":\"Messages\"},\"axisX\":{\"title\":\"\"}},\"hiddenQueryKeys\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfMessagesPublished Statistic=Sum | sum ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 1d ", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 7d", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel93252B51B57EDB4D", - "title": "Successful Events", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Sum\",\"label\":\"Events\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" !errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and isBlank(error_code) \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as event_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel246853BDA98F894A", - "title": "Error Events", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Sum\",\"label\":\"Events\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":1,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":1,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and !isblank(error_code)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as event_count \n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8E6DF23A8D775A4B", - "title": "Events by Status", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count by event_status\n| sort by _count,event_status asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelDA2DFDF2A4D19A44", - "title": "Events by Event Name", - "visualSettings": "{\"title\":{\"fontSize\":14},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count by event_name\n| sort by _count,event_name asc\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel9CBE3510857A6845", - "title": "Events by Users and Types", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"title\":\"User\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"Event Types\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"color\":{\"family\":\"Categorical Light\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| timeslice 1h\n| count as eventCount by user, event_name\n| transpose row user column event_name", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel6BF3727D86A0E949", - "title": "Notifications Delivered (Today, Yesterday, Last Week)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"color\":\"#50caf2\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"color\":\"#f0731f\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"color\":\"#4f3aab\",\"name\":\"Last Week\"}}],\"axes\":{\"axisY\":{\"title\":\"Notifications\"},\"axisX\":{\"title\":\"\"}},\"hiddenQueryKeys\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsDelivered Statistic=Sum | sum ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 7d", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelCB717EB5B480A948", - "title": "Notifications Failed (Today, Yesterday, Last Week) ", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"color\":\"#50caf2\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"color\":\"#f0731f\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"color\":\"#4f3aab\",\"name\":\"Last Week\"}}],\"axes\":{\"axisY\":{\"title\":\"Notifications\"},\"axisX\":{\"title\":\"\"}},\"hiddenQueryKeys\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=NumberOfNotificationsFailed Statistic=Sum | sum ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 7d", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5C761868A14A7B40", - "title": "Message Publish Size (Today, Yesterday, Last Week)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"color\":\"#6fb9d1\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"color\":\"#f0731f\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"color\":\"#4f3aab\",\"name\":\"Last Week\"}}],\"axes\":{\"axisY\":{\"title\":\"Message Size\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"hiddenQueryKeys\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} TopicName={{topicname}} metric=PublishSize Statistic=Average | avg ", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 1d", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - }, - { - "transient": false, - "queryString": "#A | timeshift 7d", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2C1AFF3CADD60947", - "title": "Topic Names by Event Count", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"title\":\"Topic Name\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"Event Count\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"series\":{\"A_11-solutions-awslogs\":{\"visible\":true},\"A_12-solutions-awslogs\":{\"visible\":true},\"A_13-solutions-awslogs\":{\"visible\":true},\"A_BI-LogsCollector-BICWEmailSNSTopic-1MQUDFLZF0NOS\":{\"visible\":true},\"A_CPU_usage\":{\"visible\":true},\"A_NitinAuroraCWLogAudit-SumoCWEmailSNSTopic-12RYDWUON6XVT\":{\"visible\":true},\"A_NitinAuroraCWLogError-SumoCWEmailSNSTopic-LQKJDO1CY9S8\":{\"visible\":true},\"A_NitinAuroraCWLogGeneral-SumoCWEmailSNSTopic-C4YC53ZVBBOE\":{\"visible\":true},\"A_NitinAuroraCWLogSlowQuery-SumoCWEmailSNSTopic-AHZLA5G60USS\":{\"visible\":true},\"A_NotifyMe\":{\"visible\":true},\"A_SESNotificationTestByNitin\":{\"visible\":true},\"A_SESbyNitin\":{\"visible\":true},\"A_SNSAppSomya01\":{\"visible\":true},\"A_SNSAppSomya02\":{\"visible\":true},\"A_SNSAppSomya03\":{\"visible\":true},\"A_SNSAppTest-Somya01\":{\"visible\":true},\"A_SNSAppTest-Somya02\":{\"visible\":true},\"A_SNSTopic4\":{\"visible\":true},\"A_SourabhCloudWatch-SumoCWEmailSNSTopic-XRUAPIF2HPWL\":{\"visible\":true},\"A_SumoContent_Billing\":{\"visible\":true},\"A_SumoInspectorTrigger\":{\"visible\":true},\"A_SumoLogic-Aws-Observability-Module-8apyj2ekn2\":{\"visible\":true},\"A_SumoLogic-Aws-Observability-Module-zn3s2z6i0t\":{\"visible\":true},\"A_SumoLogic-Terraform-CloudTrail-Module-7ze3ita3x9\":{\"visible\":true},\"A_SumoSNSTopic-anema-elb-classic-log-s3-sns\":{\"visible\":true},\"A_SumoSNSTopic-event-based-field-enablement\":{\"visible\":true},\"A_SumoSNSTopic-test-event-based-cf\":{\"visible\":true},\"A_TestLambdaLogFmt-SumoCWEmailSNSTopic-16AT76WQUY8IH\":{\"visible\":true},\"A_auroraCWCollection-SumoCWEmailSNSTopic-9L52U6PPO88T\":{\"visible\":true},\"A_awso-testautomation-do-not-delete\":{\"visible\":true},\"A_config-topic\":{\"visible\":true},\"A_dynamodb\":{\"visible\":true},\"A_redis01\":{\"visible\":true},\"A_securityHub-sns\":{\"visible\":true},\"A_sumo-bi-test\":{\"visible\":true},\"A_sumo-sns-topic-956882708938-45f7b250\":{\"visible\":true},\"A_sumo-sns-topic-956882708938-465d1a50\":{\"visible\":true},\"A_sumo-sns-topic-content-ed5aadf0\":{\"visible\":true},\"A_testnull-SumoCWEmailSNSTopic-1NV3GQ8XZ4DFY\":{\"visible\":true},\"A_topic-name\":{\"visible\":true}},\"overrides\":[],\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"color\":{\"family\":\"Categorical Light\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" topicArn\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| where !isEmpty(topic_arn)\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, topic_region, topic_accountid, topicname\n| timeslice 1h\n| count as event_count by _timeslice, topicname\n| transpose row _timeslice column topicname\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-88E3C816ADF55B44", - "title": "CloudTrail Audit Events", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#b6b3b3\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel46CCAA8DAA25C848", - "title": "SNS Metrics", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#b6b3b3\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/sns", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/sns", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "topicname", - "displayName": "topicname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "topicname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "2. Amazon SNS - Audit Events", - "description": "The Amazon SNS - Audit Events dashboard provides insights across CloudTrail events across location, status, and topic names.", - "title": "2. Amazon SNS - Audit Events", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/sns" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panel9724CE95BF93284E", - "structure": "{\"height\":9,\"width\":12,\"x\":0,\"y\":0}" - }, - { - "key": "panel13A28BCF9195784A", - "structure": "{\"height\":9,\"width\":12,\"x\":12,\"y\":0}" - }, - { - "key": "panel8295225DA9487941", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":9}" - }, - { - "key": "panel63133FE7966C3B44", - "structure": "{\"height\":7,\"width\":6,\"x\":5,\"y\":21}" - }, - { - "key": "panelA3841CC48DC37A4E", - "structure": "{\"height\":6,\"width\":9,\"x\":15,\"y\":9}" - }, - { - "key": "panel08DA60FCB6CBA94F", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":21}" - }, - { - "key": "panel554DCC97A661E840", - "structure": "{\"height\":7,\"width\":13,\"x\":11,\"y\":21}" - }, - { - "key": "panel8BD78A42A42E2941", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":15}" - }, - { - "key": "panel04C58849BF85EA40", - "structure": "{\"height\":6,\"width\":19,\"x\":5,\"y\":15}" - }, - { - "key": "panelEB163726B40EDB42", - "structure": "{\"height\":7,\"width\":13,\"x\":0,\"y\":35}" - }, - { - "key": "panelFA76DDA1858D6941", - "structure": "{\"height\":6,\"width\":10,\"x\":5,\"y\":9}" - }, - { - "key": "panelEA26769CA251884A", - "structure": "{\"height\":7,\"width\":11,\"x\":13,\"y\":28}" - }, - { - "key": "panelDCAE9CBE8FF65945", - "structure": "{\"height\":7,\"width\":13,\"x\":0,\"y\":28}" - }, - { - "key": "panel81CB1F119E659A4D", - "structure": "{\"height\":7,\"width\":11,\"x\":13,\"y\":35}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel9724CE95BF93284E", - "title": "Successful Events Location", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" !errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and isBlank(error_code) and !(src_ip matches \"*.amazonaws.com\")\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isNull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel13A28BCF9195784A", - "title": "Error Events Location", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and !isBlank(error_code) and !(src_ip matches \"*.amazonaws.com\")\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isNull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8295225DA9487941", - "title": "Event by Status", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"innerRadius\":\"30%\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop | json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count by event_status\n| sort by _count, event_status asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel63133FE7966C3B44", - "title": "Top 10 Error Codes", - "visualSettings": "{\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Light\"},\"overrides\":[],\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"title\":\"Error Code\",\"hideLabels\":false},\"axisY\":{\"title\":\"Event Count\"}},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and !isblank(error_code)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as event_count by error_code \n| top 10 error_code by event_count\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA3841CC48DC37A4E", - "title": "Event Status Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\",\"displayType\":\"stacked\"},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| timeslice 1h\n| count by _timeslice, event_status\n| fillmissing timeslice(1d), values (\"Success\", \"Failure\") in event_status\n| transpose row _timeslice column event_status", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel08DA60FCB6CBA94F", - "title": "Error Events by Event Name", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"innerRadius\":\"30%\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and !isblank(error_code)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as event_count by event_name\n| sort by event_count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-4w2d" - }, - "to": null - }, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel554DCC97A661E840", - "title": "Error Events Detail", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"table\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and !isblank(error_code)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| timeslice 1s\n| count as event_count by _timeslice, event_name, error_code, error_message, region, src_ip, accountid, user, type, request_id, topicname, topic_arn, user_agent\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8BD78A42A42E2941", - "title": "Successful Events by Event Name", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"innerRadius\":\"30%\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" !errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and isBlank(error_code)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as event_count by event_name\n| sort by event_count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel04C58849BF85EA40", - "title": "Successful Events Detail", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"table\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" !errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and isBlank(error_code)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| timeslice 1s\n| count as event_count by _timeslice, event_name, region, src_ip, accountid, user, type, request_id, topicname, topic_arn, user_agent\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelEB163726B40EDB42", - "title": "Top 10 Users by Events", - "visualSettings": "{\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Light\"},\"legend\":{\"enabled\":false},\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"title\":\"User\",\"hideLabels\":false},\"axisY\":{\"title\":\"Event Count\"}},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as event_count by user\n| top 10 user by event_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelFA76DDA1858D6941", - "title": "Events Trend ", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\",\"displayType\":\"stacked\"},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| timeslice 1h\n| count as event_count by _timeslice, event_name\n| transpose row _timeslice column event_name\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelEA26769CA251884A", - "title": "Top 10 TopicNames by Error Events", - "visualSettings": "{\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Light\"},\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"title\":\"Topic Name\",\"hideLabels\":false},\"axisY\":{\"title\":\"Event Count\"}},\"legend\":{\"enabled\":false},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" topicArn errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and !isblank(error_code)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| where !isEmpty(topic_arn)\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, topic_region, topic_accountid, topicname\n| count as event_count by topicname\n| top 10 topicname by event_count, topicname asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelDCAE9CBE8FF65945", - "title": "Top 10 Active TopicNames by Events", - "visualSettings": "{\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Light\"},\"legend\":{\"enabled\":false},\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"title\":\"Topic Name\",\"hideLabels\":false},\"axisY\":{\"title\":\"Event Count\"},\"axisY2\":{\"title\":\"\"}},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" topicArn\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| where !isEmpty(topic_arn)\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, topic_region, topic_accountid, topicname\n| count as event_count by topicname\n| top 10 topicname by event_count, topicname asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel81CB1F119E659A4D", - "title": "Top 10 Users by Error Events", - "visualSettings": "{\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Light\"},\"legend\":{\"enabled\":false},\"overrides\":[],\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"title\":\"User\",\"hideLabels\":false},\"axisY\":{\"title\":\"Event Count\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and !isblank(error_code)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as event_count by user\n| top 10 user by event_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/sns", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/sns", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "topicname", - "displayName": "topicname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "topicname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "3. Amazon SNS - Threat Intel", - "description": "The Amazon SNS - Threat Intel dashboard provides insights across threat locations, count, malicious confidence and details.", - "title": "3. Amazon SNS - Threat Intel", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/sns" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panel9724CE95BF93284E", - "structure": "{\"height\":12,\"width\":9,\"x\":0,\"y\":0}" - }, - { - "key": "panelPANE-EF5A8C1DA61C1940", - "structure": "{\"height\":6,\"width\":6,\"x\":9,\"y\":0}" - }, - { - "key": "panel55B0B116B41A8B41", - "structure": "{\"height\":6,\"width\":9,\"x\":15,\"y\":0}" - }, - { - "key": "panel93F3942D894F494E", - "structure": "{\"height\":6,\"width\":15,\"x\":9,\"y\":6}" - }, - { - "key": "panel587D1A2C81DA4947", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":12}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel9724CE95BF93284E", - "title": "Threat Locations", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" sourceIPAddress\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\")\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as ip_count by src_ip\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=src_ip\n| where !isNull(malicious_confidence)\n| json field=raw \"labels[*].name\" as label_name nodrop\n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| if (isEmpty(actor), \"Unassigned\", actor) as actor\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isnull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-EF5A8C1DA61C1940", - "title": "All IP Threat Count", - "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"svp\":{\"option\":\"Latest\",\"label\":\"Threats\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"hideLabel\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" sourceIPAddress\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\")\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as ip_count by src_ip\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=src_ip\n| where !isNull(malicious_confidence)\n| json field=raw \"labels[*].name\" as label_name nodrop\n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| if (isEmpty(actor), \"Unassigned\", actor) as actor\n| sum(ip_count) as threat_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel55B0B116B41A8B41", - "title": "Malicious Confidence", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"color\":{\"family\":\"Categorical Default\"},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" sourceIPAddress\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\")\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as ip_count by src_ip\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=src_ip\n| where !isNull(malicious_confidence)\n| json field=raw \"labels[*].name\" as label_name nodrop\n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| if (isEmpty(actor), \"Unassigned\", actor) as actor\n| count as Threats by malicious_confidence\n| sort by Threats, malicious_confidence", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel93F3942D894F494E", - "title": "Highly Malicious IP Threats Table", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"series\":{},\"color\":{\"family\":\"Categorical Default\"},\"overrides\":[],\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" sourceIPAddress\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, user_type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user_type, username) as user_type\n| count as ip_count by src_ip, event_name, region, accountid,user_type\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=src_ip\n| where malicious_confidence = \"high\"\n| json field=raw \"labels[*].name\" as label_name nodrop\n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| if (isEmpty(actor), \"Unassigned\", actor) as actor\n| sort by ip_count\n| fields src_ip, event_name, region, accountid, user_type, actor, malicious_confidence", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel587D1A2C81DA4947", - "title": "All IP Threats Table", - "visualSettings": "{\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"title\":\"\",\"titleFontSize\":12,\"labelFontSize\":12,\"logarithmic\":false}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"series\":{},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" sourceIPAddress\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, user_type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user_type, username) as user_type\n| count as ip_count by src_ip, event_name, region, accountid,user_type\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=src_ip\n| where !isNull(malicious_confidence)\n| json field=raw \"labels[*].name\" as label_name nodrop\n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| if (isEmpty(actor), \"Unassigned\", actor) as actor\n| sort by ip_count\n| sum(ip_count) as threat_count by src_ip, event_name, region, accountid, user_type, malicious_confidence, actor, label_name\n| sort by malicious_confidence", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/sns", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/sns", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "topicname", - "displayName": "topicname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "topicname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "4. Amazon SNS - Audit Events Details", - "description": "The Amazon SNS - Audit Events Details dashboard provides insights across topics, subscriptions, read only and non read only events.", - "title": "4. Amazon SNS - Audit Events Details", - "theme": "Light", - "topologyLabelMap": { - "data": { - "namespace": [ - "aws/sns" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panel04C58849BF85EA40", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panelC8C6B83597FE3847", - "structure": "{\"height\":8,\"width\":24,\"x\":0,\"y\":7,\"minHeight\":3,\"minWidth\":3}" - }, - { - "key": "panel0DFBD478BF18BA43", - "structure": "{\"height\":8,\"width\":24,\"x\":0,\"y\":7,\"minHeight\":3,\"minWidth\":3}" - }, - { - "key": "panel9D704C229408EB46", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":0,\"minHeight\":3,\"minWidth\":3}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel04C58849BF85EA40", - "title": "Create/Delete Topic Event Details", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"table\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" (CreateTopic or DeleteTopic)\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and (event_name= \"CreateTopic\" or event_name= \"DeleteTopic\")\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| timeslice 1s\n| count as event_count by _timeslice, event_name, region, src_ip, accountid, user, type, request_id, topicname, topic_arn, user_agent\n| sort by _timeslice\n| limit 100\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelC8C6B83597FE3847", - "title": "Read Only Event Details", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"table\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" (Get* or List* or Verify*)\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and (event_name matches \"List*\" or event_name matches \"Get*\" or event_name matches \"Verify*\")\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| timeslice 1s\n| count as event_count by _timeslice, event_name, region, src_ip, accountid, user, type, request_id, topicname, topic_arn, user_agent\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel0DFBD478BF18BA43", - "title": "Non Read Only Event Details", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"table\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" \n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and !(event_name matches \"List*\") and !(event_name matches \"Get*\") and !(event_name matches \"Verify*\")\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| timeslice 1s\n| count as event_count by _timeslice, event_name, region, src_ip, accountid, user, type, request_id, topicname, topic_arn, user_agent\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel9D704C229408EB46", - "title": "Subscription Event Details", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"table\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"sns.amazonaws.com\\\"\" (ConfirmSubscription or Subscribe or Unsubscribe)\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"sns.amazonaws.com\" and (event_name= \"ConfirmSubscription\" or event_name= \"Subscribe\" or event_name= \"Unsubscribe\")\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"topicArn\", \"name\", \"resourceArn\", \"subscriptionArn\" as req_topic_arn, req_topic_name, resource_arn, subscription_arn nodrop \n| json field=responseElements \"topicArn\" as res_topic_arn nodrop\n| if (isBlank(req_topic_arn), res_topic_arn, req_topic_arn) as topic_arn\n| if (isBlank(topic_arn), resource_arn, topic_arn) as topic_arn\n| parse field=topic_arn \"arn:*:sns:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp nodrop\n| parse field=subscription_arn \"arn:*:sns:*:*:*:*\" as arn_part, region_temp, accountid_temp, topic_arn_name_temp, arn_value_temp nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| if (isBlank(req_topic_name), topic_arn_name_temp, req_topic_name) as topicname\n| where (tolowercase(topicname) matches tolowercase(\"{{topicname}}\")) or isBlank(topicname)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| timeslice 1s\n| count as event_count by _timeslice, event_name, region, src_ip, accountid, user, type, request_id, topicname, topic_arn, user_agent\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}}", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/sns", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/sns", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "topicname", - "displayName": "topicname", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "topicname" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] - } - ] -} \ No newline at end of file diff --git a/aws-observability/scripts/JsonToS3.sh b/aws-observability/scripts/JsonToS3.sh deleted file mode 100755 index 495862e6..00000000 --- a/aws-observability/scripts/JsonToS3.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/sh - -echo "Start S3 upload Script....." - -export AWS_PROFILE="prod" - -export bucket_name=sumologic-appdev-aws-sam-apps -export version=v2.14.0 -export match_case="App" - -if [[ ${AWS_PROFILE} == 'default' ]] -then - your_file_names=`ls ../json/*.json` - for app_file in ${your_file_names} - do - if [[ "${app_file}" == *"${match_case}"* ]]; then - - aws s3 cp ${app_file} s3://${bucket_name}/aws-observability-versions/${version}/appjson/ --acl public-read --profile ${AWS_PROFILE} - - echo "Uploaded File Name -> ${app_file} to bucket -> ${bucket_name}" - - fi - done -fi - -echo "End S3 upload Script....." \ No newline at end of file diff --git a/aws-observability/scripts/TestTemplate.sh b/aws-observability/scripts/TestTemplate.sh deleted file mode 100644 index e4c69e80..00000000 --- a/aws-observability/scripts/TestTemplate.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -export folder_name=rootcause -export template_version="v2.14.0" -export template_bucket="sumologic-appdev-aws-sam-apps" -export lambda_arn="arn:aws:lambda:ap-south-1:668508221233:function:LambdaFucntion-LambdaHelper-1C1GGLRYPWBB0" - -sumocfntester -f ../apps/${folder_name}/test/TestTemplate.yaml \ No newline at end of file diff --git a/aws-observability/scripts/YamlToS3.sh b/aws-observability/scripts/YamlToS3.sh deleted file mode 100755 index 0e37b06d..00000000 --- a/aws-observability/scripts/YamlToS3.sh +++ /dev/null @@ -1,62 +0,0 @@ -#!/bin/sh - -echo "Start S3 upload Script....." - -export AWS_PROFILE="prod" - -declare -a regions=("us-east-2" "us-east-1" "us-west-1" "us-west-2" "ap-south-1" "ap-northeast-2" "ap-southeast-1" "ap-southeast-2" "ap-northeast-1" "ca-central-1" "eu-central-1" "eu-west-1" "eu-west-2" "eu-west-3" "eu-north-1s" "sa-east-1" "ap-east-1s" "af-south-1s" "eu-south-1" "me-south-1s" "me-central-1" "eu-central-2s" "ap-northeast-3s" "ap-southeast-3") - -# Some buckets names have 's' or 'ss' in the region suffix. It is kept intentional as bucket names were not available. -# Buckets names which are intentional - -# 1. appdevzipfiles-eu-north-1s -# 2. appdevzipfiles-ap-east-1s -# 3. appdevzipfiles-af-south-1s -# 4. appdevzipfiles-me-south-1s -# 5. appdevzipfiles-eu-central-2ss -# 6. appdevzipfiles-ap-northeast-3s - -cd ..\/ - -# Upload the ZIP file to bucket appdevzipfiles- in every region with the new version. -if [[ ${AWS_PROFILE} == 'default' ]] -then - for region in "${regions[@]}" - do - bucket_name=appdevzipfiles-$region - - if [[ `echo ${region} | awk '{print substr($0,length,1)}'` == "s" ]] - then - export region=`echo "${region%?}"` - fi - - aws s3 cp apps/SumoLogicAWSObservabilityHelper/ s3://${bucket_name}/sumologic-aws-observability/apps/SumoLogicAWSObservabilityHelper/ --recursive --include '*.zip' --exclude '*.sh' --region ${region} --acl public-read --profile ${AWS_PROFILE} - - echo "ZIP Upload complete for Region -> ${region} and Bucket Name -> ${bucket_name}" - done -fi - -# Upload Control Tower and Permission Check template to sumologic-appdev-aws-sam-apps bucket -export bucket_name=sumologic-appdev-aws-sam-apps - -if [[ ${AWS_PROFILE} == 'default' ]] -then - aws s3 cp apps/permissionchecker/permissioncheck.template.yaml s3://${bucket_name}/ --acl public-read --profile ${AWS_PROFILE} - echo "Upload complete for Permission check Template to Bucket Name -> ${bucket_name}" - - aws s3 cp apps/controltower/controltower.template.yaml s3://${bucket_name}/ --acl public-read --profile ${AWS_PROFILE} - echo "Upload complete for Control Tower Template to Bucket Name -> ${bucket_name}" -fi - -# Upload all templates to sumologic-appdev-aws-sam-apps bucket with version information. -if [[ ${AWS_PROFILE} == 'default' ]] -then - export version=v2.14.0 - - aws s3 cp apps/ s3://${bucket_name}/aws-observability-versions/${version}/ --recursive --include "*.template.yaml" --exclude '*.zip' --exclude '*.sh' --exclude 'apps/*/test/*' --exclude '*/test/*' --acl public-read --profile ${AWS_PROFILE} - - aws s3 cp templates/sumologic_observability.master.template.yaml s3://${bucket_name}/aws-observability-versions/${version}/ --acl public-read --profile ${AWS_PROFILE} - - echo "Upload complete for Master and Nested Template to Bucket Name -> ${bucket_name}" -fi - -echo "End S3 upload Script....." \ No newline at end of file diff --git a/aws-observability/templates/test/testbundles/upgrade_update_bundle.yaml b/aws-observability/templates/test/testbundles/upgrade_update_bundle.yaml deleted file mode 100644 index 4d7c8bb0..00000000 --- a/aws-observability/templates/test/testbundles/upgrade_update_bundle.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -Global: - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' -TestBundleName: upgradeUpdateBundle -TestSuites: - - 'test/testsuites/upgrade_update_v2_10_testsuite.yaml' - - 'test/testsuites/upgrade_update_v2_11_testsuite.yaml' diff --git a/aws-observability/templates/test/testcases/upgrade_update/update/v2_11/disabled_telemetry.yaml b/aws-observability/templates/test/testcases/upgrade_update/update/v2_11/disabled_telemetry.yaml deleted file mode 100644 index e76a0688..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/update/v2_11/disabled_telemetry.yaml +++ /dev/null @@ -1,259 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Update: - Section1fSumoLogicSendTelemetry: 'true' -TestCase: - TestName: disabledTelemetry - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.AutoEnableOptions.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert['AutoEnableOptions#AutoEnableS3LogsAlbAWSResources'].BucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "updatet1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_log_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section1fSumoLogicSendTelemetry: 'true' - Section2aAccountAlias: 'updatet1' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'None' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' - Section5bALBCreateLogSource: 'Yes' - Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section8aRootCauseExplorerOptions: 'Xray Source' - Section9bELBCreateLogSource: 'No' - UpdateParameters: - Values: - Section1fSumoLogicSendTelemetry: 'false' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - RootCauseAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoAlbMetricsAppStack.SumoALBMetricsUpdateSource - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.SumoHTTPUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - RootCauseAppStack.RootCauseRole - - RootCauseAppStack.SumoLogicHostedCollector - - RootCauseAppStack.XraySource - - RootCauseAppStack.AccountAliasValue - - RootCauseAppStack.LambdaHelper - - RootCauseAppStack.LambdaRole - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.SumoELBMetricsUpdateSource - - sumoLambdaMetricsAppStack.AccountAliasValue - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - sumoLambdaMetricsAppStack.ExistingCloudWatchLogSourceName - - sumoAlbMetricsAppStack.ExistingMetricSourceName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "updatet1" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "cf-templates-qpf3unpuo1hw-ap-southeast-4" - ALBS3BucketPathExpression: '/elasticloadbalancing//*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'Yes' - ALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoSubscribeLogGroups: 'No' - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources: - BucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoEnableResourceOptions: 'Existing' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'updatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - RootCauseAppStack: - Section2aInstallApp: 'No' - Section2bCollectorName: "" - Section3aCreateAwsInventorySource: 'No' - Section3bAwsInventorySourceName: "inventory-" - Section3dInventorySourceCategory: "aws/observability/inventory" - Section4aCreateAwsXRaySource: 'Yes' - Section4bAwsXRaySourceName: "xray-" - Section4cXraySourceCategory: "aws/observability/xray" - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'updatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/update/v2_12/disabled_telemetry.yaml b/aws-observability/templates/test/testcases/upgrade_update/update/v2_12/disabled_telemetry.yaml deleted file mode 100644 index c2bc7f90..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/update/v2_12/disabled_telemetry.yaml +++ /dev/null @@ -1,243 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.12.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Update: - Section1fSumoLogicSendTelemetry: 'true' -TestCase: - TestName: disabledTelemetry - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.AutoEnableOptions.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert['AutoEnableOptions#AutoEnableS3LogsAlbAWSResources'].BucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "updatet1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_log_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section1fSumoLogicSendTelemetry: 'true' - Section2aAccountAlias: 'updatet1' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'None' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' - Section5bALBCreateLogSource: 'Yes' - Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section9bELBCreateLogSource: 'No' - UpdateParameters: - Values: - Section1fSumoLogicSendTelemetry: 'false' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - RootCauseAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoAlbMetricsAppStack.SumoALBMetricsUpdateSource - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.SumoHTTPUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.SumoELBMetricsUpdateSource - - sumoLambdaMetricsAppStack.AccountAliasValue - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - sumoLambdaMetricsAppStack.ExistingCloudWatchLogSourceName - - sumoAlbMetricsAppStack.ExistingMetricSourceName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "updatet1" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "cf-templates-qpf3unpuo1hw-ap-southeast-4" - ALBS3BucketPathExpression: '/elasticloadbalancing//*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'Yes' - ALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoSubscribeLogGroups: 'No' - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources: - BucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoEnableResourceOptions: 'Existing' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'updatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'updatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/update/v2_12/only_cloudtrail_with_loggroup_tags.yaml b/aws-observability/templates/test/testcases/upgrade_update/update/v2_12/only_cloudtrail_with_loggroup_tags.yaml deleted file mode 100644 index 3d9a30f1..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/update/v2_12/only_cloudtrail_with_loggroup_tags.yaml +++ /dev/null @@ -1,239 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.12.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'infrat6' -TestCase: - TestName: onlyCloudTrailWithLoggroupTags - Regions: '${SUMO_REGIONS}' - Skip: false - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'infrat6' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'Kinesis Firehose Metrics Source' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS, cwgent' - Section5aAutoEnableS3LogsALBResourcesOptions: 'New' - Section5bALBCreateLogSource: 'No' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Kinesis Firehose Log Source' - Section7cAutoSubscribeLogGroupsOptions: 'Existing' - Section9aAutoEnableS3LogsELBResourcesOptions: 'New' - Section9bELBCreateLogSource: 'No' - UpdateParameters: - Values: - Section4dAWSMetricsTagFilters: '{ "AWS/ApiGateway": { "tags": [ "env=prod;dev" ] }, "AWS/DynamoDB": { "tags": [ "env=dev", "creator=himan" , "creator=aki" ] }, "AWS/ElastiCache": { "tags": [ "env=prod;dev", "creator=himan" ] }, "All": { "tags": [ "env=dev" ] } }' - Section7eAutoSubscribeLogGroupByTags: 'env=prod,creator=himan,team=app' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - RootCauseAppStack - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - CreateCommonResources.KinesisFirehoseLogsSource - - CreateCommonResources.KinesisFirehoseLogsStack - - CreateCommonResources.KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroup - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.SubscriptionFilter - - CreateCommonResources.KinesisFirehoseMetricsStack - - CreateCommonResources.KinesisFirehoseMetricsSource - - CreateCommonResources.KinesisFirehoseMetricsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogGroup - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogStreamS3 - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRolePolicy - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambda - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambdaRole - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - CreateCommonResources.KinesisMetricsRoleARN - - CreateCommonResources.KinesisMetricsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRoleARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogGroupARN - - CreateCommonResources.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRoleARN - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "infrat6" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS, cwgent' - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'No' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'No' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'Yes' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'Yes' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseMetricsStack: - Section2aCreateS3Bucket: 'No' - Section1bNamespaceFilter: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS, cwgent' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'infrat6' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'infrat6' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'infrat6' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '*cloudwatch-logs*' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' diff --git a/aws-observability/templates/test/testcases/upgrade_update/update/v2_13/existing_cloudtrail_alb_source.yaml b/aws-observability/templates/test/testcases/upgrade_update/update/v2_13/existing_cloudtrail_alb_source.yaml deleted file mode 100644 index 493e3494..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/update/v2_13/existing_cloudtrail_alb_source.yaml +++ /dev/null @@ -1,320 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'infrat8' - Update: - Section10aAppInstallLocation: "Admin Recommended Folder" - Section10bShare: 'True' -TestCase: - TestName: existingCloudTrailAlbSource - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "infrat8" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_role.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicOrganizationId: '${SUMO_ORG_ID}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudtrail_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - CloudTrailLogsBucketName: '${BucketName}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudTrailAPIURL: - - "parameters.Section6bCloudTrailLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section5aCloudTrailLogsAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_kinesis_firehose_metrics_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchMetricsAPIURL: - - "parameters.Section4cCloudWatchExistingSourceAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_lb_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - LBLogsBucketName: '${BucketName}' - ImpactedParametersPath: - SumoLoadBalancerLogAPIURL: - - "parameters.Section5cALBLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoAlbMetricsAppStack.Section5aALBLogsAPIUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section5aALBLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'infrat8' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'Yes' - Section4aCreateMetricsSourceOptions: 'Kinesis Firehose Metrics Source' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Both' - Section5bALBCreateLogSource: 'No' - Section5cALBLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5dALBS3LogsBucketName: 'newapigateway' - Section6aCreateCloudTrailLogSource: 'No' - Section6bCloudTrailLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'No' - UpdateParameters: - Values: - Section10aAppInstallLocation: "Admin Recommended Folder" - Section10bShare: 'True' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.AddApiIdField - - CreateCommonResources.AddApiNameField - - CreateCommonResources.AddCacheClusterIdField - - CreateCommonResources.AddClusterNameField - - CreateCommonResources.AddDBIdentifierField - - CreateCommonResources.AddFunctionNameField - - CreateCommonResources.AddInstanceIdField - - CreateCommonResources.AddLoadBalancerField - - CreateCommonResources.AddLoadBalancerNameField - - CreateCommonResources.AddNETLoadBalancerField - - CreateCommonResources.AddQueueNameField - - CreateCommonResources.AddTableNameField - - CreateCommonResources.AddTopicNameField - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.SumoLogicSourceRole - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.AutoEnableAlbLogEventsInvokePermission - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.AutoEnableAlbLogEventsRuleTrigger - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableNewAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoEC2MetricsAppStack.sumoApp - - sumoEC2MetricsAppStack.sumoOverview - - sumoEC2MetricsAppStack.sumoMonitorAlerts - - sumoAlbMetricsAppStack.sumoApp - - sumoAlbMetricsAppStack.SumoALBLogsUpdateSource - - sumoDynamoDBMetricsAppStack.sumoApp - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.sumoApp - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoApiGatewayMetricsAppStack.sumoApp - - sumoSNSAppStack.sumoApp - - sumoSQSAppStack.sumoApp - - sumoLambdaMetricsAppStack.sumoApp - - sumoLambdaMetricsAppStack.SumoCloudTrailLogsUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.sumoApp - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.sumoApp - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - sumoNlbMetricsAppStack.sumoApp - - sumoEC2MetricsAppStack.sumoAppCW - - CreateCommonResources.KinesisFirehoseMetricsStack - - CreateCommonResources.KinesisFirehoseMetricsSource - - CreateCommonResources.KinesisFirehoseMetricsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseMetricsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogGroup - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogStreamS3 - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRolePolicy - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambda - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambdaRole - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.sumoApp - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoNlbMetricsAppStack.NlbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - sumoLambdaMetricsAppStack.ExistingCloudTrailLogSourceName - - sumoAlbMetricsAppStack.ExistingLogSourceName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableNewAWSResourcesLambda - - CreateCommonResources.KinesisMetricsRoleARN - - CreateCommonResources.KinesisMetricsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRoleARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogGroupARN - - CreateCommonResources.KinesisFirehoseMetricsStack.FailedDataBucketArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "infrat8" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'No' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'No' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'Yes' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseMetricsStack: - Section2aCreateS3Bucket: 'Yes' - Section1bNamespaceFilter: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'Yes' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'infrat8' - Section3aInstallApp: 'Yes' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5bALBLogsSourceName: '' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-existingCloudTrailAlbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-existingCloudTrailAlbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-existingCloudTrailAlbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoSNSAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-existingCloudTrailAlbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoSQSAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-existingCloudTrailAlbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'infrat8' - Section3aInstallApp: 'Yes' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5bCloudTrailLogsSourceName: '' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-existingCloudTrailAlbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-existingCloudTrailAlbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' diff --git a/aws-observability/templates/test/testcases/upgrade_update/update/v2_13/existing_cloudtrail_bucket.yaml b/aws-observability/templates/test/testcases/upgrade_update/update/v2_13/existing_cloudtrail_bucket.yaml deleted file mode 100644 index 80046214..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/update/v2_13/existing_cloudtrail_bucket.yaml +++ /dev/null @@ -1,227 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'infrat9' - Update: - Section10aAppInstallLocation: "Admin Recommended Folder" - Section10bShare: 'True' -TestCase: - TestName: existingCloudTrailBucket - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section6cCloudTrailLogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.CloudTrailLogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'infrat9' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6cCloudTrailLogsBucketName: 'cf-templates-1qpf3unpuo1hw-' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/EC2' - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section10aAppInstallLocation: "Admin Recommended Folder" - Section10bShare: 'False' - UpdateParameters: - Values: - Section10aAppInstallLocation: "Admin Recommended Folder" - Section10bShare: 'True' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.FifthCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "infrat9" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'Yes' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '*AWSLogs/*/elasticloadbalancing/*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'Yes' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: 'classicloadbalancing/AWSLogs/' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "cf-templates-1qpf3unpuo1hw-" - CloudTrailBucketPathExpression: '*abc*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'infrat9' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'infrat9' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'infrat9' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/update/v2_13/existing_cloudtrail_elb_source.yaml b/aws-observability/templates/test/testcases/upgrade_update/update/v2_13/existing_cloudtrail_elb_source.yaml deleted file mode 100644 index 62c33f71..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/update/v2_13/existing_cloudtrail_elb_source.yaml +++ /dev/null @@ -1,321 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'infrat10' - Update: - Section10aAppInstallLocation: "Admin Recommended Folder" - Section10bShare: 'True' -TestCase: - TestName: existingCloudTrailElbSource - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section9dELBS3LogsBucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "lbt1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_role.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicOrganizationId: '${SUMO_ORG_ID}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudtrail_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - CloudTrailLogsBucketName: '${BucketName}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudTrailAPIURL: - - "parameters.Section6bCloudTrailLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section5aCloudTrailLogsAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_kinesis_firehose_metrics_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchMetricsAPIURL: - - "parameters.Section4cCloudWatchExistingSourceAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_lb_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - LBLogsBucketName: '${BucketName}' - ImpactedParametersPath: - SumoLoadBalancerLogAPIURL: - - "parameters.Section9cELBLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoElbMetricsAppStack.Section5aELBLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'infrat10' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'Yes' - Section4aCreateMetricsSourceOptions: 'Kinesis Firehose Metrics Source' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'No' - Section6aCreateCloudTrailLogSource: 'No' - Section6bCloudTrailLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section9aAutoEnableS3LogsELBResourcesOptions: 'Both' - Section9bELBCreateLogSource: 'No' - Section9cELBLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section9dELBS3LogsBucketName: 'anemaelblogs-' - Section10aAppInstallLocation: "Admin Recommended Folder" - Section10bShare: 'True' - UpdateParameters: - Values: - Section10aAppInstallLocation: "Personal Folder" - Section10bShare: 'True' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.AddApiIdField - - CreateCommonResources.AddApiNameField - - CreateCommonResources.AddCacheClusterIdField - - CreateCommonResources.AddClusterNameField - - CreateCommonResources.AddDBIdentifierField - - CreateCommonResources.AddFunctionNameField - - CreateCommonResources.AddInstanceIdField - - CreateCommonResources.AddLoadBalancerField - - CreateCommonResources.AddLoadBalancerNameField - - CreateCommonResources.AddNETLoadBalancerField - - CreateCommonResources.AddQueueNameField - - CreateCommonResources.AddTableNameField - - CreateCommonResources.AddTopicNameField - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.SumoLogicSourceRole - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.AutoEnableElbLogEventsInvokePermission - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.AutoEnableElbLogEventsRuleTrigger - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableNewAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.SumoLambdaRole - - sumoEC2MetricsAppStack.sumoApp - - sumoEC2MetricsAppStack.sumoOverview - - sumoEC2MetricsAppStack.sumoMonitorAlerts - - sumoElbMetricsAppStack.sumoApp - - sumoElbMetricsAppStack.SumoELBLogsUpdateSource - - sumoDynamoDBMetricsAppStack.sumoApp - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.sumoApp - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoApiGatewayMetricsAppStack.sumoApp - - sumoSNSAppStack.sumoApp - - sumoSQSAppStack.sumoApp - - sumoLambdaMetricsAppStack.sumoApp - - sumoLambdaMetricsAppStack.SumoCloudTrailLogsUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.sumoApp - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.sumoApp - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - sumoNlbMetricsAppStack.sumoApp - - sumoEC2MetricsAppStack.sumoAppCW - - CreateCommonResources.KinesisFirehoseMetricsStack - - CreateCommonResources.KinesisFirehoseMetricsSource - - CreateCommonResources.KinesisFirehoseMetricsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseMetricsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogGroup - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogStreamS3 - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRolePolicy - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambda - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambdaRole - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.sumoApp - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - sumoNlbMetricsAppStack.NlbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - sumoLambdaMetricsAppStack.ExistingCloudTrailLogSourceName - - sumoElbMetricsAppStack.ExistingLogSourceName - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableNewAWSResourcesLambda - - CreateCommonResources.KinesisMetricsRoleARN - - CreateCommonResources.KinesisMetricsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRoleARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogGroupARN - - CreateCommonResources.KinesisFirehoseMetricsStack.FailedDataBucketArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "infrat10" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateELBLogSource: 'No' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'No' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'Yes' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseMetricsStack: - Section2aCreateS3Bucket: 'Yes' - Section1bNamespaceFilter: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'Yes' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'infrat10' - Section3aInstallApp: 'Yes' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5bELBLogsSourceName: '' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-existingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-existingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-existingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoSNSAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-existingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoSQSAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-existingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'infrat10' - Section3aInstallApp: 'Yes' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5bCloudTrailLogsSourceName: '' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-existingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-existingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/update/v2_14/disabled_telemetry.yaml b/aws-observability/templates/test/testcases/upgrade_update/update/v2_14/disabled_telemetry.yaml deleted file mode 100644 index aa6a667c..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/update/v2_14/disabled_telemetry.yaml +++ /dev/null @@ -1,239 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Update: - Section1fSumoLogicSendTelemetry: 'false' -TestCase: - TestName: disabledTelemetry - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.AutoEnableOptions.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert['AutoEnableOptions#AutoEnableS3LogsAlbAWSResources'].BucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "updatet1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_log_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section1fSumoLogicSendTelemetry: 'true' - Section2aAccountAlias: 'updatet1' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'None' - Section4cCloudWatchExistingSourceAPIUrl: '' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' - Section5bALBCreateLogSource: 'Yes' - Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section9bELBCreateLogSource: 'No' - UpdateParameters: - Values: - Section1fSumoLogicSendTelemetry: 'false' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.SumoHTTPUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - sumoLambdaMetricsAppStack.ExistingCloudWatchLogSourceName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "updatet1" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "cf-templates-qpf3unpuo1hw-ap-southeast-4" - ALBS3BucketPathExpression: '/elasticloadbalancing//*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'Yes' - ALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoSubscribeLogGroups: 'No' - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources: - BucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoEnableResourceOptions: 'Existing' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'updatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'updatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/update/v2_15/disabled_telemetry.yaml b/aws-observability/templates/test/testcases/upgrade_update/update/v2_15/disabled_telemetry.yaml deleted file mode 100644 index f530cb5c..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/update/v2_15/disabled_telemetry.yaml +++ /dev/null @@ -1,239 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Update: - Section1fSumoLogicSendTelemetry: 'false' -TestCase: - TestName: disabledTelemetry - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.AutoEnableOptions.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert['AutoEnableOptions#AutoEnableS3LogsAlbAWSResources'].BucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "updatet1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_log_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section1fSumoLogicSendTelemetry: 'true' - Section2aAccountAlias: 'updatet1' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'None' - Section4cCloudWatchExistingSourceAPIUrl: '' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' - Section5bALBCreateLogSource: 'Yes' - Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section9bELBCreateLogSource: 'No' - UpdateParameters: - Values: - Section1fSumoLogicSendTelemetry: 'false' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.SumoHTTPUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - sumoLambdaMetricsAppStack.ExistingCloudWatchLogSourceName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "updatet1" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "cf-templates-qpf3unpuo1hw-ap-southeast-4" - ALBS3BucketPathExpression: '/elasticloadbalancing//*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'Yes' - ALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoSubscribeLogGroups: 'No' - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources: - BucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoEnableResourceOptions: 'Existing' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'updatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'updatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/update/v2_15/existing_cloudtrail_bucket.yaml b/aws-observability/templates/test/testcases/upgrade_update/update/v2_15/existing_cloudtrail_bucket.yaml deleted file mode 100644 index 7347dd13..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/update/v2_15/existing_cloudtrail_bucket.yaml +++ /dev/null @@ -1,227 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'infrat9' - Update: - Section10aAppInstallLocation: "Admin Recommended Folder" - Section10bShare: 'True' -TestCase: - TestName: existingCloudTrailBucket - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section6cCloudTrailLogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.CloudTrailLogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'infrat9' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6cCloudTrailLogsBucketName: 'cf-templates-1qpf3unpuo1hw-' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/EC2' - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section10aAppInstallLocation: "Admin Recommended Folder" - Section10bShare: 'False' - UpdateParameters: - Values: - Section10aAppInstallLocation: "Admin Recommended Folder" - Section10bShare: 'True' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.FifthCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "infrat9" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'Yes' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '*AWSLogs/*/elasticloadbalancing/*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'Yes' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: 'classicloadbalancing/AWSLogs/' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "cf-templates-1qpf3unpuo1hw-" - CloudTrailBucketPathExpression: '*abc*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'infrat9' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'infrat9' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'infrat9' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_11/v2_10_create_source_existing_bucket_existing_sources.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_11/v2_10_create_source_existing_bucket_existing_sources.yaml deleted file mode 100644 index 6a25115f..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_11/v2_10_create_source_existing_bucket_existing_sources.yaml +++ /dev/null @@ -1,312 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.10.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev210to211' -TestCase: - TestName: v2_10ToV2_11CreateSourceExistingBucketExistingSources - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.10.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "parameters.Section6cCloudTrailLogsBucketName" - - "parameters.Section9dELBS3LogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev210to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section5cALBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5dALBS3LogsBucketName: 'newapigateway' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section6cCloudTrailLogsBucketName: 'newapigateway' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" - Section7cAutoSubscribeLogGroupsOptions: "Both" - Section8aRootCauseExplorerOptions: 'Inventory Source' - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-' - Section9eELBS3BucketPathExpression: '*abc*' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - RootCauseAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack.FirstCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSTopic - - CreateCommonResources.ELBSNSpolicy - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - RootCauseAppStack.RootCauseRole - - RootCauseAppStack.SumoLogicHostedCollector - - RootCauseAppStack.InventorySource - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.KinesisFirehoseLogsStack - - CreateCommonResources.KinesisFirehoseLogsSource - - CreateCommonResources.KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseLogsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroup - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.SubscriptionFilter - - AutoEnableOptions - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.InvokeLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTrigger - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTriggerPermission - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.sumoIAMPassRolePolicy - - CreateCommonResources.CloudWatchEventFunction - - CreateCommonResources.CloudWatchHTTPSource - - CreateCommonResources.CloudWatchEventFunction.SumoCWDeadLetterQueue - - CreateCommonResources.CloudWatchEventFunction.SumoCWEmailSNSTopic - - CreateCommonResources.CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogGroup - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CreateCommonResources.CloudWatchEventFunction.SumoCWSpilloverAlarm - - CreateCommonResources.AccountAliasValue - - RootCauseAppStack.AccountAliasValue - - RootCauseAppStack.LambdaHelper - - RootCauseAppStack.LambdaRole - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucketArn - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - CreateCommonResources.CloudWatchLambdaARN - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambdaArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev210to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'Yes' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'Yes' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'No' - ELBAutoEnableS3Logs: 'No' - AutoSubscribeLogGroups: 'Yes' - AutoSubscribeLogGroupsOptions: 'Both' - AutoSubscribeDestinationARNType: 'Kinesis' - AutoSubscribeDestinationARNValue: 'arn:aws:firehose:' - AutoSubscribeLogGroupPattern: 'lambda' - AutoSubscribeRoleArn: "arn:aws:iam::" - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources: - UseExistingLogs: 'true' - DestinationArnType: 'Kinesis' - DestinationArnValue: 'arn:aws:firehose:' - LogGroupPattern: 'lambda' - RoleArn: "arn:aws:iam::" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - RootCauseAppStack: - Section2aInstallApp: 'No' - Section2bCollectorName: "" - Section3aCreateAwsInventorySource: 'Yes' - Section3bAwsInventorySourceName: "inventory-" - Section3dInventorySourceCategory: "aws/observability/inventory" - Section4aCreateAwsXRaySource: 'No' - Section4bAwsXRaySourceName: "xray-" - Section4cXraySourceCategory: "aws/observability/xray" - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '*cloudwatch-logs*' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_11/v2_7_existing_source_with_alb_bucket.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_11/v2_7_existing_source_with_alb_bucket.yaml deleted file mode 100644 index bcba4fd8..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_11/v2_7_existing_source_with_alb_bucket.yaml +++ /dev/null @@ -1,276 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.7.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' -TestCase: - TestName: v2_7ToV2_11ExistingSourceWithAlbBucket - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.7.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.AutoEnableOptions.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert['AutoEnableOptions#AutoEnableS3LogsAlbAWSResources'].BucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "upgradev27to211" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_log_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_role.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicOrganizationId: '${SUMO_ORG_ID}' - - CFNTemplateURL: "test/setup-infra/create_sumo_kinesis_firehose_metrics_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchMetricsAPIURL: - - "parameters.Section4cCloudWatchExistingSourceAPIUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoAlbMetricsAppStack.Section4aCloudWatchExistingSourceAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'lbt1' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'None' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' - Section5bALBCreateLogSource: 'Yes' - Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section8aRootCauseExplorerOptions: 'Xray Source' - Section9bELBCreateLogSource: 'No' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - RootCauseAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoAlbMetricsAppStack.SumoALBMetricsUpdateSource - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.SumoHTTPUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - RootCauseAppStack.RootCauseRole - - RootCauseAppStack.SumoLogicHostedCollector - - RootCauseAppStack.XraySource - - RootCauseAppStack.AccountAliasValue - - RootCauseAppStack.LambdaHelper - - RootCauseAppStack.LambdaRole - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.SumoELBMetricsUpdateSource - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - sumoLambdaMetricsAppStack.ExistingCloudWatchLogSourceName - - sumoAlbMetricsAppStack.ExistingMetricSourceName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "lbt1" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "cf-templates-qpf3unpuo1hw-ap-southeast-4" - ALBS3BucketPathExpression: '/elasticloadbalancing//*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'Yes' - ALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoSubscribeLogGroups: 'No' - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources: - BucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoEnableResourceOptions: 'Existing' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'lbt1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - RootCauseAppStack: - Section2aInstallApp: 'No' - Section2bCollectorName: "" - Section3aCreateAwsInventorySource: 'No' - Section3bAwsInventorySourceName: "inventory-" - Section3dInventorySourceCategory: "aws/observability/inventory" - Section4aCreateAwsXRaySource: 'Yes' - Section4bAwsXRaySourceName: "xray-" - Section4cXraySourceCategory: "aws/observability/xray" - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'lbt1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_11/v2_9_existing_cloudtrail_elb_source.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_11/v2_9_existing_cloudtrail_elb_source.yaml deleted file mode 100644 index ad5e19e4..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_11/v2_9_existing_cloudtrail_elb_source.yaml +++ /dev/null @@ -1,333 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.9.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev29to211' -TestCase: - TestName: v2_9ToV2_11ExistingCloudTrailElbSource - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.9.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section9dELBS3LogsBucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "lbt1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_role.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicOrganizationId: '${SUMO_ORG_ID}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudtrail_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - CloudTrailLogsBucketName: '${BucketName}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudTrailAPIURL: - - "parameters.Section6bCloudTrailLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section5aCloudTrailLogsAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_kinesis_firehose_metrics_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchMetricsAPIURL: - - "parameters.Section4cCloudWatchExistingSourceAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_lb_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - LBLogsBucketName: '${BucketName}' - ImpactedParametersPath: - SumoLoadBalancerLogAPIURL: - - "parameters.Section9cELBLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoElbMetricsAppStack.Section5aELBLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev29to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'Yes' - Section4aCreateMetricsSourceOptions: 'Kinesis Firehose Metrics Source' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'No' - Section6aCreateCloudTrailLogSource: 'No' - Section6bCloudTrailLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section8aRootCauseExplorerOptions: 'Both' - Section9aAutoEnableS3LogsELBResourcesOptions: 'Both' - Section9bELBCreateLogSource: 'No' - Section9cELBLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section9dELBS3LogsBucketName: 'anemaelblogs-' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - RootCauseAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.AddApiIdField - - CreateCommonResources.AddApiNameField - - CreateCommonResources.AddCacheClusterIdField - - CreateCommonResources.AddClusterNameField - - CreateCommonResources.AddDBIdentifierField - - CreateCommonResources.AddFunctionNameField - - CreateCommonResources.AddInstanceIdField - - CreateCommonResources.AddLoadBalancerField - - CreateCommonResources.AddLoadBalancerNameField - - CreateCommonResources.AddNETLoadBalancerField - - CreateCommonResources.AddQueueNameField - - CreateCommonResources.AddTableNameField - - CreateCommonResources.AddTopicNameField - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.SumoLogicSourceRole - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.AutoEnableElbLogEventsInvokePermission - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.AutoEnableElbLogEventsRuleTrigger - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableNewAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.SumoLambdaRole - - sumoEC2MetricsAppStack.sumoApp - - sumoEC2MetricsAppStack.sumoOverview - - sumoEC2MetricsAppStack.sumoMonitorAlerts - - sumoElbMetricsAppStack.sumoApp - - sumoElbMetricsAppStack.SumoELBLogsUpdateSource - - sumoDynamoDBMetricsAppStack.sumoApp - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.sumoApp - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoApiGatewayMetricsAppStack.sumoApp - - sumoSNSAppStack.sumoApp - - sumoSQSAppStack.sumoApp - - sumoLambdaMetricsAppStack.sumoApp - - sumoLambdaMetricsAppStack.SumoCloudTrailLogsUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.sumoApp - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.sumoApp - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - sumoNlbMetricsAppStack.sumoApp - - sumoEC2MetricsAppStack.sumoAppCW - - CreateCommonResources.KinesisFirehoseMetricsStack - - CreateCommonResources.KinesisFirehoseMetricsSource - - CreateCommonResources.KinesisFirehoseMetricsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseMetricsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogGroup - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogStreamS3 - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRolePolicy - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambda - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambdaRole - - CreateCommonResources.AccountAliasValue - - RootCauseAppStack.CloudTrailDevOps - - RootCauseAppStack.InventorySource - - RootCauseAppStack.RootCauseRole - - RootCauseAppStack.SumoLogicHostedCollector - - RootCauseAppStack.XraySource - - RootCauseAppStack.AccountAliasValue - - RootCauseAppStack.LambdaHelper - - RootCauseAppStack.LambdaRole - - sumoAlbMetricsAppStack.sumoApp - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - sumoNlbMetricsAppStack.NlbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - sumoLambdaMetricsAppStack.ExistingCloudTrailLogSourceName - - sumoElbMetricsAppStack.ExistingLogSourceName - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableNewAWSResourcesLambda - - CreateCommonResources.KinesisMetricsRoleARN - - CreateCommonResources.KinesisMetricsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRoleARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogGroupARN - - CreateCommonResources.KinesisFirehoseMetricsStack.FailedDataBucketArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev29to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateELBLogSource: 'No' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'No' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'Yes' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseMetricsStack: - Section2aCreateS3Bucket: 'Yes' - Section1bNamespaceFilter: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'Yes' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev29to211' - Section3aInstallApp: 'Yes' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5bELBLogsSourceName: '' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'v2_9ToV2_11ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'v2_9ToV2_11ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'v2_9ToV2_11ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoSNSAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'v2_9ToV2_11ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoSQSAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'v2_9ToV2_11ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - RootCauseAppStack: - Section2aInstallApp: 'Yes' - Section2bCollectorName: "" - Section3aCreateAwsInventorySource: 'Yes' - Section3bAwsInventorySourceName: "inventory-" - Section3dInventorySourceCategory: "aws/observability/inventory" - Section4aCreateAwsXRaySource: 'Yes' - Section4bAwsXRaySourceName: "xray-" - Section4cXraySourceCategory: "aws/observability/xray" - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev29to211' - Section3aInstallApp: 'Yes' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5bCloudTrailLogsSourceName: '' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'v2_9ToV2_11ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'v2_9ToV2_11ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_12/v2_10_create_source_existing_bucket_existing_sources.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_12/v2_10_create_source_existing_bucket_existing_sources.yaml deleted file mode 100644 index 499a958f..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_12/v2_10_create_source_existing_bucket_existing_sources.yaml +++ /dev/null @@ -1,296 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.10.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev210to211' -TestCase: - TestName: v2_10ToV2_12CreateSourceExistingBucketExistingSources - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.10.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.12.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "parameters.Section6cCloudTrailLogsBucketName" - - "parameters.Section9dELBS3LogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev210to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section5cALBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5dALBS3LogsBucketName: 'newapigateway' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section6cCloudTrailLogsBucketName: 'newapigateway' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" - Section7cAutoSubscribeLogGroupsOptions: "Both" - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-' - Section9eELBS3BucketPathExpression: '*abc*' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - RootCauseAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack.FirstCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSTopic - - CreateCommonResources.ELBSNSpolicy - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.KinesisFirehoseLogsStack - - CreateCommonResources.KinesisFirehoseLogsSource - - CreateCommonResources.KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseLogsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroup - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.SubscriptionFilter - - AutoEnableOptions - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.InvokeLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTrigger - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTriggerPermission - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.sumoIAMPassRolePolicy - - CreateCommonResources.CloudWatchEventFunction - - CreateCommonResources.CloudWatchHTTPSource - - CreateCommonResources.CloudWatchEventFunction.SumoCWDeadLetterQueue - - CreateCommonResources.CloudWatchEventFunction.SumoCWEmailSNSTopic - - CreateCommonResources.CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogGroup - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CreateCommonResources.CloudWatchEventFunction.SumoCWSpilloverAlarm - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucketArn - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - CreateCommonResources.CloudWatchLambdaARN - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambdaArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev210to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'Yes' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'Yes' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'No' - ELBAutoEnableS3Logs: 'No' - AutoSubscribeLogGroups: 'Yes' - AutoSubscribeLogGroupsOptions: 'Both' - AutoSubscribeDestinationARNType: 'Kinesis' - AutoSubscribeDestinationARNValue: 'arn:aws:firehose:' - AutoSubscribeLogGroupPattern: 'lambda' - AutoSubscribeRoleArn: "arn:aws:iam::" - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources: - UseExistingLogs: 'true' - DestinationArnType: 'Kinesis' - DestinationArnValue: 'arn:aws:firehose:' - LogGroupPattern: 'lambda' - RoleArn: "arn:aws:iam::" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '*cloudwatch-logs*' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_12/v2_11_create_source_existing_bucket_existing_sources.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_12/v2_11_create_source_existing_bucket_existing_sources.yaml deleted file mode 100644 index 2251c01e..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_12/v2_11_create_source_existing_bucket_existing_sources.yaml +++ /dev/null @@ -1,296 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev210to211' -TestCase: - TestName: v2_11ToV2_12CreateSourceExistingBucketExistingSources - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.12.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "parameters.Section6cCloudTrailLogsBucketName" - - "parameters.Section9dELBS3LogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev210to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section5cALBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5dALBS3LogsBucketName: 'newapigateway' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section6cCloudTrailLogsBucketName: 'newapigateway' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" - Section7cAutoSubscribeLogGroupsOptions: "Both" - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-' - Section9eELBS3BucketPathExpression: '*abc*' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - RootCauseAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack.FirstCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSTopic - - CreateCommonResources.ELBSNSpolicy - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.KinesisFirehoseLogsStack - - CreateCommonResources.KinesisFirehoseLogsSource - - CreateCommonResources.KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseLogsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroup - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.SubscriptionFilter - - AutoEnableOptions - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.InvokeLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTrigger - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTriggerPermission - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.sumoIAMPassRolePolicy - - CreateCommonResources.CloudWatchEventFunction - - CreateCommonResources.CloudWatchHTTPSource - - CreateCommonResources.CloudWatchEventFunction.SumoCWDeadLetterQueue - - CreateCommonResources.CloudWatchEventFunction.SumoCWEmailSNSTopic - - CreateCommonResources.CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogGroup - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CreateCommonResources.CloudWatchEventFunction.SumoCWSpilloverAlarm - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucketArn - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - CreateCommonResources.CloudWatchLambdaARN - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambdaArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev210to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'Yes' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'Yes' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'No' - ELBAutoEnableS3Logs: 'No' - AutoSubscribeLogGroups: 'Yes' - AutoSubscribeLogGroupsOptions: 'Both' - AutoSubscribeDestinationARNType: 'Kinesis' - AutoSubscribeDestinationARNValue: 'arn:aws:firehose:' - AutoSubscribeLogGroupPattern: 'lambda' - AutoSubscribeRoleArn: "arn:aws:iam::" - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources: - UseExistingLogs: 'true' - DestinationArnType: 'Kinesis' - DestinationArnValue: 'arn:aws:firehose:' - LogGroupPattern: 'lambda' - RoleArn: "arn:aws:iam::" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '*cloudwatch-logs*' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_12/v2_7_existing_source_with_alb_bucket.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_12/v2_7_existing_source_with_alb_bucket.yaml deleted file mode 100644 index c51d20a9..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_12/v2_7_existing_source_with_alb_bucket.yaml +++ /dev/null @@ -1,260 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.7.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' -TestCase: - TestName: v2_7ToV2_12ExistingSourceWithAlbBucket - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.7.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.12.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.AutoEnableOptions.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert['AutoEnableOptions#AutoEnableS3LogsAlbAWSResources'].BucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "upgradev27to211" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_log_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_role.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicOrganizationId: '${SUMO_ORG_ID}' - - CFNTemplateURL: "test/setup-infra/create_sumo_kinesis_firehose_metrics_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchMetricsAPIURL: - - "parameters.Section4cCloudWatchExistingSourceAPIUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoAlbMetricsAppStack.Section4aCloudWatchExistingSourceAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'lbt1' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'None' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' - Section5bALBCreateLogSource: 'Yes' - Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section9bELBCreateLogSource: 'No' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - RootCauseAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoAlbMetricsAppStack.SumoALBMetricsUpdateSource - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.SumoHTTPUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.SumoELBMetricsUpdateSource - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - sumoLambdaMetricsAppStack.ExistingCloudWatchLogSourceName - - sumoAlbMetricsAppStack.ExistingMetricSourceName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "lbt1" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "cf-templates-qpf3unpuo1hw-ap-southeast-4" - ALBS3BucketPathExpression: '/elasticloadbalancing//*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'Yes' - ALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoSubscribeLogGroups: 'No' - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources: - BucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoEnableResourceOptions: 'Existing' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'lbt1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'lbt1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_12/v2_9_existing_cloudtrail_elb_source.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_12/v2_9_existing_cloudtrail_elb_source.yaml deleted file mode 100644 index 227ce976..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_12/v2_9_existing_cloudtrail_elb_source.yaml +++ /dev/null @@ -1,316 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.9.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev29to211' -TestCase: - TestName: v2_9ToV2_12ExistingCloudTrailElbSource - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.9.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.12.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section9dELBS3LogsBucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "lbt1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_role.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicOrganizationId: '${SUMO_ORG_ID}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudtrail_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - CloudTrailLogsBucketName: '${BucketName}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudTrailAPIURL: - - "parameters.Section6bCloudTrailLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section5aCloudTrailLogsAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_kinesis_firehose_metrics_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchMetricsAPIURL: - - "parameters.Section4cCloudWatchExistingSourceAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_lb_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - LBLogsBucketName: '${BucketName}' - ImpactedParametersPath: - SumoLoadBalancerLogAPIURL: - - "parameters.Section9cELBLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoElbMetricsAppStack.Section5aELBLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev29to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'Yes' - Section4aCreateMetricsSourceOptions: 'Kinesis Firehose Metrics Source' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'No' - Section6aCreateCloudTrailLogSource: 'No' - Section6bCloudTrailLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section9aAutoEnableS3LogsELBResourcesOptions: 'Both' - Section9bELBCreateLogSource: 'No' - Section9cELBLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section9dELBS3LogsBucketName: 'anemaelblogs-' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - RootCauseAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.AddApiIdField - - CreateCommonResources.AddApiNameField - - CreateCommonResources.AddCacheClusterIdField - - CreateCommonResources.AddClusterNameField - - CreateCommonResources.AddDBIdentifierField - - CreateCommonResources.AddFunctionNameField - - CreateCommonResources.AddInstanceIdField - - CreateCommonResources.AddLoadBalancerField - - CreateCommonResources.AddLoadBalancerNameField - - CreateCommonResources.AddNETLoadBalancerField - - CreateCommonResources.AddQueueNameField - - CreateCommonResources.AddTableNameField - - CreateCommonResources.AddTopicNameField - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.SumoLogicSourceRole - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.AutoEnableElbLogEventsInvokePermission - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.AutoEnableElbLogEventsRuleTrigger - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableNewAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.SumoLambdaRole - - sumoEC2MetricsAppStack.sumoApp - - sumoEC2MetricsAppStack.sumoOverview - - sumoEC2MetricsAppStack.sumoMonitorAlerts - - sumoElbMetricsAppStack.sumoApp - - sumoElbMetricsAppStack.SumoELBLogsUpdateSource - - sumoDynamoDBMetricsAppStack.sumoApp - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.sumoApp - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoApiGatewayMetricsAppStack.sumoApp - - sumoSNSAppStack.sumoApp - - sumoSQSAppStack.sumoApp - - sumoLambdaMetricsAppStack.sumoApp - - sumoLambdaMetricsAppStack.SumoCloudTrailLogsUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.sumoApp - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.sumoApp - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - sumoNlbMetricsAppStack.sumoApp - - sumoEC2MetricsAppStack.sumoAppCW - - CreateCommonResources.KinesisFirehoseMetricsStack - - CreateCommonResources.KinesisFirehoseMetricsSource - - CreateCommonResources.KinesisFirehoseMetricsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseMetricsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogGroup - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogStreamS3 - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRolePolicy - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambda - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambdaRole - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.sumoApp - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - sumoNlbMetricsAppStack.NlbCloudTrailLogsFieldExtractionRule - - RootCauseAppStack.CloudTrailDevOps - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - sumoLambdaMetricsAppStack.ExistingCloudTrailLogSourceName - - sumoElbMetricsAppStack.ExistingLogSourceName - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableNewAWSResourcesLambda - - CreateCommonResources.KinesisMetricsRoleARN - - CreateCommonResources.KinesisMetricsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRoleARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogGroupARN - - CreateCommonResources.KinesisFirehoseMetricsStack.FailedDataBucketArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev29to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateELBLogSource: 'No' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'No' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'Yes' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseMetricsStack: - Section2aCreateS3Bucket: 'Yes' - Section1bNamespaceFilter: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'Yes' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev29to211' - Section3aInstallApp: 'Yes' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5bELBLogsSourceName: '' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_12ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_12ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_12ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoSNSAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_12ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoSQSAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_12ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev29to211' - Section3aInstallApp: 'Yes' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5bCloudTrailLogsSourceName: '' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_12ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_12ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_10_create_source_existing_bucket_existing_sources.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_10_create_source_existing_bucket_existing_sources.yaml deleted file mode 100644 index a687190e..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_10_create_source_existing_bucket_existing_sources.yaml +++ /dev/null @@ -1,295 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.10.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev210to211' -TestCase: - TestName: v2_10ToV2_13CreateSourceExistingBucketExistingSources - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.10.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "parameters.Section6cCloudTrailLogsBucketName" - - "parameters.Section9dELBS3LogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev210to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section5cALBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5dALBS3LogsBucketName: 'newapigateway' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section6cCloudTrailLogsBucketName: 'newapigateway' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" - Section7cAutoSubscribeLogGroupsOptions: "Both" - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-' - Section9eELBS3BucketPathExpression: '*abc*' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack.FirstCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSTopic - - CreateCommonResources.ELBSNSpolicy - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.KinesisFirehoseLogsStack - - CreateCommonResources.KinesisFirehoseLogsSource - - CreateCommonResources.KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseLogsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroup - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.SubscriptionFilter - - AutoEnableOptions - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.InvokeLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTrigger - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTriggerPermission - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.sumoIAMPassRolePolicy - - CreateCommonResources.CloudWatchEventFunction - - CreateCommonResources.CloudWatchHTTPSource - - CreateCommonResources.CloudWatchEventFunction.SumoCWDeadLetterQueue - - CreateCommonResources.CloudWatchEventFunction.SumoCWEmailSNSTopic - - CreateCommonResources.CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogGroup - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CreateCommonResources.CloudWatchEventFunction.SumoCWSpilloverAlarm - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucketArn - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - CreateCommonResources.CloudWatchLambdaARN - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambdaArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev210to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'Yes' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'Yes' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'No' - ELBAutoEnableS3Logs: 'No' - AutoSubscribeLogGroups: 'Yes' - AutoSubscribeLogGroupsOptions: 'Both' - AutoSubscribeDestinationARNType: 'Kinesis' - AutoSubscribeDestinationARNValue: 'arn:aws:firehose:' - AutoSubscribeLogGroupPattern: 'lambda' - AutoSubscribeRoleArn: "arn:aws:iam::" - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources: - UseExistingLogs: 'true' - DestinationArnType: 'Kinesis' - DestinationArnValue: 'arn:aws:firehose:' - LogGroupPattern: 'lambda' - RoleArn: "arn:aws:iam::" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '*cloudwatch-logs*' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_11_create_source_existing_bucket_existing_sources.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_11_create_source_existing_bucket_existing_sources.yaml deleted file mode 100644 index 9b8f887d..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_11_create_source_existing_bucket_existing_sources.yaml +++ /dev/null @@ -1,295 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev210to211' -TestCase: - TestName: v2_11ToV2_13CreateSourceExistingBucketExistingSources - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "parameters.Section6cCloudTrailLogsBucketName" - - "parameters.Section9dELBS3LogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev210to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section5cALBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5dALBS3LogsBucketName: 'newapigateway' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section6cCloudTrailLogsBucketName: 'newapigateway' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" - Section7cAutoSubscribeLogGroupsOptions: "Both" - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-' - Section9eELBS3BucketPathExpression: '*abc*' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack.FirstCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSTopic - - CreateCommonResources.ELBSNSpolicy - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.KinesisFirehoseLogsStack - - CreateCommonResources.KinesisFirehoseLogsSource - - CreateCommonResources.KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseLogsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroup - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.SubscriptionFilter - - AutoEnableOptions - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.InvokeLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTrigger - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTriggerPermission - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.sumoIAMPassRolePolicy - - CreateCommonResources.CloudWatchEventFunction - - CreateCommonResources.CloudWatchHTTPSource - - CreateCommonResources.CloudWatchEventFunction.SumoCWDeadLetterQueue - - CreateCommonResources.CloudWatchEventFunction.SumoCWEmailSNSTopic - - CreateCommonResources.CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogGroup - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CreateCommonResources.CloudWatchEventFunction.SumoCWSpilloverAlarm - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucketArn - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - CreateCommonResources.CloudWatchLambdaARN - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambdaArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev210to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'Yes' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'Yes' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'No' - ELBAutoEnableS3Logs: 'No' - AutoSubscribeLogGroups: 'Yes' - AutoSubscribeLogGroupsOptions: 'Both' - AutoSubscribeDestinationARNType: 'Kinesis' - AutoSubscribeDestinationARNValue: 'arn:aws:firehose:' - AutoSubscribeLogGroupPattern: 'lambda' - AutoSubscribeRoleArn: "arn:aws:iam::" - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources: - UseExistingLogs: 'true' - DestinationArnType: 'Kinesis' - DestinationArnValue: 'arn:aws:firehose:' - LogGroupPattern: 'lambda' - RoleArn: "arn:aws:iam::" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '*cloudwatch-logs*' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_12_create_source_existing_bucket_existing_sources.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_12_create_source_existing_bucket_existing_sources.yaml deleted file mode 100644 index c868c1e5..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_12_create_source_existing_bucket_existing_sources.yaml +++ /dev/null @@ -1,295 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev210to211' -TestCase: - TestName: v2_12ToV2_13CreateSourceExistingBucketExistingSources - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.12.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "parameters.Section6cCloudTrailLogsBucketName" - - "parameters.Section9dELBS3LogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev210to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section5cALBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5dALBS3LogsBucketName: 'newapigateway' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section6cCloudTrailLogsBucketName: 'newapigateway' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" - Section7cAutoSubscribeLogGroupsOptions: "Both" - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-' - Section9eELBS3BucketPathExpression: '*abc*' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack.FirstCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSTopic - - CreateCommonResources.ELBSNSpolicy - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.KinesisFirehoseLogsStack - - CreateCommonResources.KinesisFirehoseLogsSource - - CreateCommonResources.KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseLogsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroup - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.SubscriptionFilter - - AutoEnableOptions - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.InvokeLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTrigger - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTriggerPermission - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.sumoIAMPassRolePolicy - - CreateCommonResources.CloudWatchEventFunction - - CreateCommonResources.CloudWatchHTTPSource - - CreateCommonResources.CloudWatchEventFunction.SumoCWDeadLetterQueue - - CreateCommonResources.CloudWatchEventFunction.SumoCWEmailSNSTopic - - CreateCommonResources.CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogGroup - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CreateCommonResources.CloudWatchEventFunction.SumoCWSpilloverAlarm - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucketArn - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - CreateCommonResources.CloudWatchLambdaARN - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambdaArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev210to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'Yes' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'Yes' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'No' - ELBAutoEnableS3Logs: 'No' - AutoSubscribeLogGroups: 'Yes' - AutoSubscribeLogGroupsOptions: 'Both' - AutoSubscribeDestinationARNType: 'Kinesis' - AutoSubscribeDestinationARNValue: 'arn:aws:firehose:' - AutoSubscribeLogGroupPattern: 'lambda' - AutoSubscribeRoleArn: "arn:aws:iam::" - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources: - UseExistingLogs: 'true' - DestinationArnType: 'Kinesis' - DestinationArnValue: 'arn:aws:firehose:' - LogGroupPattern: 'lambda' - RoleArn: "arn:aws:iam::" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '*cloudwatch-logs*' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_7_existing_source_with_alb_bucket.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_7_existing_source_with_alb_bucket.yaml deleted file mode 100644 index b67ef4f2..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_7_existing_source_with_alb_bucket.yaml +++ /dev/null @@ -1,259 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.7.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' -TestCase: - TestName: v2_7ToV2_13ExistingSourceWithAlbBucket - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.7.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.AutoEnableOptions.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert['AutoEnableOptions#AutoEnableS3LogsAlbAWSResources'].BucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "upgradev27to211" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_log_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_role.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicOrganizationId: '${SUMO_ORG_ID}' - - CFNTemplateURL: "test/setup-infra/create_sumo_kinesis_firehose_metrics_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchMetricsAPIURL: - - "parameters.Section4cCloudWatchExistingSourceAPIUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoAlbMetricsAppStack.Section4aCloudWatchExistingSourceAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'lbt1' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'None' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' - Section5bALBCreateLogSource: 'Yes' - Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section9bELBCreateLogSource: 'No' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoAlbMetricsAppStack.SumoALBMetricsUpdateSource - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.SumoHTTPUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.SumoELBMetricsUpdateSource - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - sumoLambdaMetricsAppStack.ExistingCloudWatchLogSourceName - - sumoAlbMetricsAppStack.ExistingMetricSourceName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "lbt1" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "cf-templates-qpf3unpuo1hw-ap-southeast-4" - ALBS3BucketPathExpression: '/elasticloadbalancing//*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'Yes' - ALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoSubscribeLogGroups: 'No' - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources: - BucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoEnableResourceOptions: 'Existing' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'lbt1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'lbt1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_9_existing_cloudtrail_elb_source.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_9_existing_cloudtrail_elb_source.yaml deleted file mode 100644 index d2d1a774..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_13/v2_9_existing_cloudtrail_elb_source.yaml +++ /dev/null @@ -1,314 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.9.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev29to211' -TestCase: - TestName: v2_9ToV2_13ExistingCloudTrailElbSource - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.9.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section9dELBS3LogsBucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "lbt1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_role.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicOrganizationId: '${SUMO_ORG_ID}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudtrail_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - CloudTrailLogsBucketName: '${BucketName}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudTrailAPIURL: - - "parameters.Section6bCloudTrailLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section5aCloudTrailLogsAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_kinesis_firehose_metrics_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchMetricsAPIURL: - - "parameters.Section4cCloudWatchExistingSourceAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_lb_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - LBLogsBucketName: '${BucketName}' - ImpactedParametersPath: - SumoLoadBalancerLogAPIURL: - - "parameters.Section9cELBLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoElbMetricsAppStack.Section5aELBLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev29to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'Yes' - Section4aCreateMetricsSourceOptions: 'Kinesis Firehose Metrics Source' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'No' - Section6aCreateCloudTrailLogSource: 'No' - Section6bCloudTrailLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section9aAutoEnableS3LogsELBResourcesOptions: 'Both' - Section9bELBCreateLogSource: 'No' - Section9cELBLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section9dELBS3LogsBucketName: 'anemaelblogs-' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.AddApiIdField - - CreateCommonResources.AddApiNameField - - CreateCommonResources.AddCacheClusterIdField - - CreateCommonResources.AddClusterNameField - - CreateCommonResources.AddDBIdentifierField - - CreateCommonResources.AddFunctionNameField - - CreateCommonResources.AddInstanceIdField - - CreateCommonResources.AddLoadBalancerField - - CreateCommonResources.AddLoadBalancerNameField - - CreateCommonResources.AddNETLoadBalancerField - - CreateCommonResources.AddQueueNameField - - CreateCommonResources.AddTableNameField - - CreateCommonResources.AddTopicNameField - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.SumoLogicSourceRole - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.AutoEnableElbLogEventsInvokePermission - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.AutoEnableElbLogEventsRuleTrigger - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableNewAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.SumoLambdaRole - - sumoEC2MetricsAppStack.sumoApp - - sumoEC2MetricsAppStack.sumoOverview - - sumoEC2MetricsAppStack.sumoMonitorAlerts - - sumoElbMetricsAppStack.sumoApp - - sumoElbMetricsAppStack.SumoELBLogsUpdateSource - - sumoDynamoDBMetricsAppStack.sumoApp - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.sumoApp - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoApiGatewayMetricsAppStack.sumoApp - - sumoSNSAppStack.sumoApp - - sumoSQSAppStack.sumoApp - - sumoLambdaMetricsAppStack.sumoApp - - sumoLambdaMetricsAppStack.SumoCloudTrailLogsUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.sumoApp - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.sumoApp - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - sumoNlbMetricsAppStack.sumoApp - - sumoEC2MetricsAppStack.sumoAppCW - - CreateCommonResources.KinesisFirehoseMetricsStack - - CreateCommonResources.KinesisFirehoseMetricsSource - - CreateCommonResources.KinesisFirehoseMetricsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseMetricsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogGroup - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogStreamS3 - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRolePolicy - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambda - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambdaRole - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.sumoApp - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - sumoNlbMetricsAppStack.NlbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - sumoLambdaMetricsAppStack.ExistingCloudTrailLogSourceName - - sumoElbMetricsAppStack.ExistingLogSourceName - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableNewAWSResourcesLambda - - CreateCommonResources.KinesisMetricsRoleARN - - CreateCommonResources.KinesisMetricsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRoleARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogGroupARN - - CreateCommonResources.KinesisFirehoseMetricsStack.FailedDataBucketArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev29to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateELBLogSource: 'No' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'No' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'Yes' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseMetricsStack: - Section2aCreateS3Bucket: 'Yes' - Section1bNamespaceFilter: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'Yes' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev29to211' - Section3aInstallApp: 'Yes' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5bELBLogsSourceName: '' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_13ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_13ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_13ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoSNSAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_13ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoSQSAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_13ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev29to211' - Section3aInstallApp: 'Yes' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5bCloudTrailLogsSourceName: '' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_13ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_13ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_10_create_source_existing_bucket_existing_sources.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_10_create_source_existing_bucket_existing_sources.yaml deleted file mode 100644 index 23fb51ae..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_10_create_source_existing_bucket_existing_sources.yaml +++ /dev/null @@ -1,295 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.10.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev210to211' -TestCase: - TestName: v2_10ToV2_14CreateSourceExistingBucketExistingSources - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.10.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "parameters.Section6cCloudTrailLogsBucketName" - - "parameters.Section9dELBS3LogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev210to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section5cALBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5dALBS3LogsBucketName: 'newapigateway' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section6cCloudTrailLogsBucketName: 'newapigateway' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" - Section7cAutoSubscribeLogGroupsOptions: "Both" - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-' - Section9eELBS3BucketPathExpression: '*abc*' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack.FirstCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSTopic - - CreateCommonResources.ELBSNSpolicy - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.KinesisFirehoseLogsStack - - CreateCommonResources.KinesisFirehoseLogsSource - - CreateCommonResources.KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseLogsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroup - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.SubscriptionFilter - - AutoEnableOptions - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.InvokeLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTrigger - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTriggerPermission - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.sumoIAMPassRolePolicy - - CreateCommonResources.CloudWatchEventFunction - - CreateCommonResources.CloudWatchHTTPSource - - CreateCommonResources.CloudWatchEventFunction.SumoCWDeadLetterQueue - - CreateCommonResources.CloudWatchEventFunction.SumoCWEmailSNSTopic - - CreateCommonResources.CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogGroup - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CreateCommonResources.CloudWatchEventFunction.SumoCWSpilloverAlarm - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucketArn - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - CreateCommonResources.CloudWatchLambdaARN - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambdaArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev210to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'Yes' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'Yes' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'No' - ELBAutoEnableS3Logs: 'No' - AutoSubscribeLogGroups: 'Yes' - AutoSubscribeLogGroupsOptions: 'Both' - AutoSubscribeDestinationARNType: 'Kinesis' - AutoSubscribeDestinationARNValue: 'arn:aws:firehose:' - AutoSubscribeLogGroupPattern: 'lambda' - AutoSubscribeRoleArn: "arn:aws:iam::" - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources: - UseExistingLogs: 'true' - DestinationArnType: 'Kinesis' - DestinationArnValue: 'arn:aws:firehose:' - LogGroupPattern: 'lambda' - RoleArn: "arn:aws:iam::" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '*cloudwatch-logs*' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_11_create_source_existing_bucket_existing_sources.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_11_create_source_existing_bucket_existing_sources.yaml deleted file mode 100644 index 9ce2cbbb..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_11_create_source_existing_bucket_existing_sources.yaml +++ /dev/null @@ -1,295 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev210to211' -TestCase: - TestName: v2_11ToV2_14CreateSourceExistingBucketExistingSources - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "parameters.Section6cCloudTrailLogsBucketName" - - "parameters.Section9dELBS3LogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev210to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section5cALBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5dALBS3LogsBucketName: 'newapigateway' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section6cCloudTrailLogsBucketName: 'newapigateway' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" - Section7cAutoSubscribeLogGroupsOptions: "Both" - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-' - Section9eELBS3BucketPathExpression: '*abc*' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack.FirstCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSTopic - - CreateCommonResources.ELBSNSpolicy - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.KinesisFirehoseLogsStack - - CreateCommonResources.KinesisFirehoseLogsSource - - CreateCommonResources.KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseLogsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroup - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.SubscriptionFilter - - AutoEnableOptions - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.InvokeLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTrigger - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTriggerPermission - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.sumoIAMPassRolePolicy - - CreateCommonResources.CloudWatchEventFunction - - CreateCommonResources.CloudWatchHTTPSource - - CreateCommonResources.CloudWatchEventFunction.SumoCWDeadLetterQueue - - CreateCommonResources.CloudWatchEventFunction.SumoCWEmailSNSTopic - - CreateCommonResources.CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogGroup - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CreateCommonResources.CloudWatchEventFunction.SumoCWSpilloverAlarm - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucketArn - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - CreateCommonResources.CloudWatchLambdaARN - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambdaArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev210to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'Yes' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'Yes' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'No' - ELBAutoEnableS3Logs: 'No' - AutoSubscribeLogGroups: 'Yes' - AutoSubscribeLogGroupsOptions: 'Both' - AutoSubscribeDestinationARNType: 'Kinesis' - AutoSubscribeDestinationARNValue: 'arn:aws:firehose:' - AutoSubscribeLogGroupPattern: 'lambda' - AutoSubscribeRoleArn: "arn:aws:iam::" - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources: - UseExistingLogs: 'true' - DestinationArnType: 'Kinesis' - DestinationArnValue: 'arn:aws:firehose:' - LogGroupPattern: 'lambda' - RoleArn: "arn:aws:iam::" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '*cloudwatch-logs*' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_12_create_source_existing_bucket_existing_sources.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_12_create_source_existing_bucket_existing_sources.yaml deleted file mode 100644 index ecc2623c..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_12_create_source_existing_bucket_existing_sources.yaml +++ /dev/null @@ -1,295 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev210to211' -TestCase: - TestName: v2_12ToV2_14CreateSourceExistingBucketExistingSources - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.12.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "parameters.Section6cCloudTrailLogsBucketName" - - "parameters.Section9dELBS3LogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev210to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section5cALBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5dALBS3LogsBucketName: 'newapigateway' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section6cCloudTrailLogsBucketName: 'newapigateway' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" - Section7cAutoSubscribeLogGroupsOptions: "Both" - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-' - Section9eELBS3BucketPathExpression: '*abc*' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack.FirstCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSTopic - - CreateCommonResources.ELBSNSpolicy - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.KinesisFirehoseLogsStack - - CreateCommonResources.KinesisFirehoseLogsSource - - CreateCommonResources.KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseLogsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroup - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.SubscriptionFilter - - AutoEnableOptions - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.InvokeLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTrigger - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTriggerPermission - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.sumoIAMPassRolePolicy - - CreateCommonResources.CloudWatchEventFunction - - CreateCommonResources.CloudWatchHTTPSource - - CreateCommonResources.CloudWatchEventFunction.SumoCWDeadLetterQueue - - CreateCommonResources.CloudWatchEventFunction.SumoCWEmailSNSTopic - - CreateCommonResources.CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogGroup - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CreateCommonResources.CloudWatchEventFunction.SumoCWSpilloverAlarm - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucketArn - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - CreateCommonResources.CloudWatchLambdaARN - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambdaArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev210to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'Yes' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'Yes' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'No' - ELBAutoEnableS3Logs: 'No' - AutoSubscribeLogGroups: 'Yes' - AutoSubscribeLogGroupsOptions: 'Both' - AutoSubscribeDestinationARNType: 'Kinesis' - AutoSubscribeDestinationARNValue: 'arn:aws:firehose:' - AutoSubscribeLogGroupPattern: 'lambda' - AutoSubscribeRoleArn: "arn:aws:iam::" - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources: - UseExistingLogs: 'true' - DestinationArnType: 'Kinesis' - DestinationArnValue: 'arn:aws:firehose:' - LogGroupPattern: 'lambda' - RoleArn: "arn:aws:iam::" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '*cloudwatch-logs*' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_13_create_source_existing_bucket_existing_sources.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_13_create_source_existing_bucket_existing_sources.yaml deleted file mode 100644 index edf1a1d9..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_13_create_source_existing_bucket_existing_sources.yaml +++ /dev/null @@ -1,295 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev210to211' -TestCase: - TestName: v2_13ToV2_14CreateSourceExistingBucketExistingSources - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "parameters.Section6cCloudTrailLogsBucketName" - - "parameters.Section9dELBS3LogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev210to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section5cALBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5dALBS3LogsBucketName: 'newapigateway' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section6cCloudTrailLogsBucketName: 'newapigateway' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" - Section7cAutoSubscribeLogGroupsOptions: "Both" - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-' - Section9eELBS3BucketPathExpression: '*abc*' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack.FirstCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSTopic - - CreateCommonResources.ELBSNSpolicy - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.KinesisFirehoseLogsStack - - CreateCommonResources.KinesisFirehoseLogsSource - - CreateCommonResources.KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseLogsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroup - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.SubscriptionFilter - - AutoEnableOptions - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.InvokeLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTrigger - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTriggerPermission - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.sumoIAMPassRolePolicy - - CreateCommonResources.CloudWatchEventFunction - - CreateCommonResources.CloudWatchHTTPSource - - CreateCommonResources.CloudWatchEventFunction.SumoCWDeadLetterQueue - - CreateCommonResources.CloudWatchEventFunction.SumoCWEmailSNSTopic - - CreateCommonResources.CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogGroup - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CreateCommonResources.CloudWatchEventFunction.SumoCWSpilloverAlarm - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucketArn - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - CreateCommonResources.CloudWatchLambdaARN - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambdaArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev210to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'Yes' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'Yes' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'No' - ELBAutoEnableS3Logs: 'No' - AutoSubscribeLogGroups: 'Yes' - AutoSubscribeLogGroupsOptions: 'Both' - AutoSubscribeDestinationARNType: 'Kinesis' - AutoSubscribeDestinationARNValue: 'arn:aws:firehose:' - AutoSubscribeLogGroupPattern: 'lambda' - AutoSubscribeRoleArn: "arn:aws:iam::" - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources: - UseExistingLogs: 'true' - DestinationArnType: 'Kinesis' - DestinationArnValue: 'arn:aws:firehose:' - LogGroupPattern: 'lambda' - RoleArn: "arn:aws:iam::" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '*cloudwatch-logs*' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_9_existing_cloudtrail_elb_source.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_9_existing_cloudtrail_elb_source.yaml deleted file mode 100644 index 1628806a..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_14/v2_9_existing_cloudtrail_elb_source.yaml +++ /dev/null @@ -1,314 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.9.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev29to211' -TestCase: - TestName: v2_9ToV2_14ExistingCloudTrailElbSource - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.9.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section9dELBS3LogsBucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "lbt1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_role.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicOrganizationId: '${SUMO_ORG_ID}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudtrail_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - CloudTrailLogsBucketName: '${BucketName}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudTrailAPIURL: - - "parameters.Section6bCloudTrailLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section5aCloudTrailLogsAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_kinesis_firehose_metrics_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchMetricsAPIURL: - - "parameters.Section4cCloudWatchExistingSourceAPIUrl" - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_lb_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoLogicSourceRoleArn: '${SumoLogicSourceRoleArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - LBLogsBucketName: '${BucketName}' - ImpactedParametersPath: - SumoLoadBalancerLogAPIURL: - - "parameters.Section9cELBLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoElbMetricsAppStack.Section5aELBLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev29to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'Yes' - Section4aCreateMetricsSourceOptions: 'Kinesis Firehose Metrics Source' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'No' - Section6aCreateCloudTrailLogSource: 'No' - Section6bCloudTrailLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section9aAutoEnableS3LogsELBResourcesOptions: 'Both' - Section9bELBCreateLogSource: 'No' - Section9cELBLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section9dELBS3LogsBucketName: 'anemaelblogs-' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.AddApiIdField - - CreateCommonResources.AddApiNameField - - CreateCommonResources.AddCacheClusterIdField - - CreateCommonResources.AddClusterNameField - - CreateCommonResources.AddDBIdentifierField - - CreateCommonResources.AddFunctionNameField - - CreateCommonResources.AddInstanceIdField - - CreateCommonResources.AddLoadBalancerField - - CreateCommonResources.AddLoadBalancerNameField - - CreateCommonResources.AddNETLoadBalancerField - - CreateCommonResources.AddQueueNameField - - CreateCommonResources.AddTableNameField - - CreateCommonResources.AddTopicNameField - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.SumoLogicSourceRole - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.AutoEnableElbLogEventsInvokePermission - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.AutoEnableElbLogEventsRuleTrigger - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableNewAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.SumoLambdaRole - - sumoEC2MetricsAppStack.sumoApp - - sumoEC2MetricsAppStack.sumoOverview - - sumoEC2MetricsAppStack.sumoMonitorAlerts - - sumoElbMetricsAppStack.sumoApp - - sumoElbMetricsAppStack.SumoELBLogsUpdateSource - - sumoDynamoDBMetricsAppStack.sumoApp - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.sumoApp - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoApiGatewayMetricsAppStack.sumoApp - - sumoSNSAppStack.sumoApp - - sumoSQSAppStack.sumoApp - - sumoLambdaMetricsAppStack.sumoApp - - sumoLambdaMetricsAppStack.SumoCloudTrailLogsUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.sumoApp - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.sumoApp - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - sumoNlbMetricsAppStack.sumoApp - - sumoEC2MetricsAppStack.sumoAppCW - - CreateCommonResources.KinesisFirehoseMetricsStack - - CreateCommonResources.KinesisFirehoseMetricsSource - - CreateCommonResources.KinesisFirehoseMetricsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseMetricsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogGroup - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogStream - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogStreamS3 - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRole - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRolePolicy - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambda - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsCloudWatchMetricsStreamLambdaRole - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.sumoApp - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - sumoNlbMetricsAppStack.NlbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - sumoLambdaMetricsAppStack.ExistingCloudTrailLogSourceName - - sumoElbMetricsAppStack.ExistingLogSourceName - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsElbAWSResources.EnableNewAWSResourcesLambda - - CreateCommonResources.KinesisMetricsRoleARN - - CreateCommonResources.KinesisMetricsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsRoleARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseMetricsStack.KinesisMetricsLogGroupARN - - CreateCommonResources.KinesisFirehoseMetricsStack.FailedDataBucketArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev29to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateELBLogSource: 'No' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'No' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'Yes' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseMetricsStack: - Section2aCreateS3Bucket: 'Yes' - Section1bNamespaceFilter: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'Yes' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev29to211' - Section3aInstallApp: 'Yes' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5bELBLogsSourceName: '' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_14ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_14ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_14ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoSNSAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_14ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoSQSAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_14ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev29to211' - Section3aInstallApp: 'Yes' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5bCloudTrailLogsSourceName: '' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_14ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aCloudTrailLogsSourceName: 'test-automation-awso-v2_9ToV2_14ExistingCloudTrailElbSource' - Section3bCloudTrailSourceUpdated: 'Yes' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'Yes' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_15/v2_12_create_source_existing_bucket_existing_sources.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_15/v2_12_create_source_existing_bucket_existing_sources.yaml deleted file mode 100644 index 27e08071..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_15/v2_12_create_source_existing_bucket_existing_sources.yaml +++ /dev/null @@ -1,295 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev210to211' -TestCase: - TestName: v2_12ToV2_15CreateSourceExistingBucketExistingSources - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.12.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "parameters.Section6cCloudTrailLogsBucketName" - - "parameters.Section9dELBS3LogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev210to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section5cALBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5dALBS3LogsBucketName: 'newapigateway' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section6cCloudTrailLogsBucketName: 'newapigateway' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" - Section7cAutoSubscribeLogGroupsOptions: "Both" - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-' - Section9eELBS3BucketPathExpression: '*abc*' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack.FirstCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSTopic - - CreateCommonResources.ELBSNSpolicy - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.KinesisFirehoseLogsStack - - CreateCommonResources.KinesisFirehoseLogsSource - - CreateCommonResources.KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseLogsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroup - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.SubscriptionFilter - - AutoEnableOptions - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.InvokeLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTrigger - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTriggerPermission - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.sumoIAMPassRolePolicy - - CreateCommonResources.CloudWatchEventFunction - - CreateCommonResources.CloudWatchHTTPSource - - CreateCommonResources.CloudWatchEventFunction.SumoCWDeadLetterQueue - - CreateCommonResources.CloudWatchEventFunction.SumoCWEmailSNSTopic - - CreateCommonResources.CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogGroup - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CreateCommonResources.CloudWatchEventFunction.SumoCWSpilloverAlarm - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucketArn - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - CreateCommonResources.CloudWatchLambdaARN - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambdaArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev210to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'Yes' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'Yes' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'No' - ELBAutoEnableS3Logs: 'No' - AutoSubscribeLogGroups: 'Yes' - AutoSubscribeLogGroupsOptions: 'Both' - AutoSubscribeDestinationARNType: 'Kinesis' - AutoSubscribeDestinationARNValue: 'arn::firehose:' - AutoSubscribeLogGroupPattern: 'lambda' - AutoSubscribeRoleArn: "arn::iam::" - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources: - UseExistingLogs: 'true' - DestinationArnType: 'Kinesis' - DestinationArnValue: 'arn::firehose:' - LogGroupPattern: 'lambda' - RoleArn: "arn::iam::" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '*cloudwatch-logs*' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_15/v2_13_create_source_existing_bucket_existing_sources.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_15/v2_13_create_source_existing_bucket_existing_sources.yaml deleted file mode 100644 index 5de91c8c..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_15/v2_13_create_source_existing_bucket_existing_sources.yaml +++ /dev/null @@ -1,295 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev210to211' -TestCase: - TestName: v2_13ToV2_15CreateSourceExistingBucketExistingSources - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "parameters.Section6cCloudTrailLogsBucketName" - - "parameters.Section9dELBS3LogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev210to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section5cALBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5dALBS3LogsBucketName: 'newapigateway' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section6cCloudTrailLogsBucketName: 'newapigateway' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" - Section7cAutoSubscribeLogGroupsOptions: "Both" - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-' - Section9eELBS3BucketPathExpression: '*abc*' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack.FirstCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSTopic - - CreateCommonResources.ELBSNSpolicy - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.KinesisFirehoseLogsStack - - CreateCommonResources.KinesisFirehoseLogsSource - - CreateCommonResources.KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseLogsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroup - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.SubscriptionFilter - - AutoEnableOptions - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.InvokeLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTrigger - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTriggerPermission - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.sumoIAMPassRolePolicy - - CreateCommonResources.CloudWatchEventFunction - - CreateCommonResources.CloudWatchHTTPSource - - CreateCommonResources.CloudWatchEventFunction.SumoCWDeadLetterQueue - - CreateCommonResources.CloudWatchEventFunction.SumoCWEmailSNSTopic - - CreateCommonResources.CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogGroup - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CreateCommonResources.CloudWatchEventFunction.SumoCWSpilloverAlarm - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucketArn - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - CreateCommonResources.CloudWatchLambdaARN - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambdaArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev210to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'Yes' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'Yes' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'No' - ELBAutoEnableS3Logs: 'No' - AutoSubscribeLogGroups: 'Yes' - AutoSubscribeLogGroupsOptions: 'Both' - AutoSubscribeDestinationARNType: 'Kinesis' - AutoSubscribeDestinationARNValue: 'arn::firehose:' - AutoSubscribeLogGroupPattern: 'lambda' - AutoSubscribeRoleArn: "arn::iam::" - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources: - UseExistingLogs: 'true' - DestinationArnType: 'Kinesis' - DestinationArnValue: 'arn::firehose:' - LogGroupPattern: 'lambda' - RoleArn: "arn::iam::" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '*cloudwatch-logs*' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_15/v2_14_create_source_existing_bucket_existing_sources.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_15/v2_14_create_source_existing_bucket_existing_sources.yaml deleted file mode 100644 index 8b63f1fd..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_15/v2_14_create_source_existing_bucket_existing_sources.yaml +++ /dev/null @@ -1,295 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradev210to211' -TestCase: - TestName: v2_14ToV2_15CreateSourceExistingBucketExistingSources - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "parameters.Section6cCloudTrailLogsBucketName" - - "parameters.Section9dELBS3LogsBucketName" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradev210to211' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'CloudWatch Metrics Source' - Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5aAutoEnableS3LogsALBResourcesOptions: 'None' - Section5bALBCreateLogSource: 'Yes' - Section5cALBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section5dALBS3LogsBucketName: 'newapigateway' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section6cCloudTrailLogsBucketName: 'newapigateway' - Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" - Section7cAutoSubscribeLogGroupsOptions: "Both" - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-' - Section9eELBS3BucketPathExpression: '*abc*' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicELBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.CloudWatchMetricsFirstStack - - CreateCommonResources.CloudWatchMetricsSecondStack - - CreateCommonResources.CloudWatchMetricsThirdStack.FirstCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsFirstStack.ThirdCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsSecondStack.SecondCloudwatchMetricsSource - - CreateCommonResources.CloudWatchMetricsThirdStack - - CreateCommonResources.CloudWatchMetricsThirdStack.SecondCloudwatchMetricsSource - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.ELBSource - - CreateCommonResources.ELBSNSTopic - - CreateCommonResources.ELBSNSpolicy - - CreateCommonResources.ELBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSTopic - - CreateCommonResources.CloudTrailSNSpolicy - - CreateCommonResources.CloudTrailSNSSubscription - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoElbMetricsAppStack.ElbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.KinesisFirehoseLogsStack - - CreateCommonResources.KinesisFirehoseLogsSource - - CreateCommonResources.KinesisFirehoseLogsStack.AttachBucketPolicyToFirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucket - - CreateCommonResources.KinesisFirehoseLogsStack.FirehoseLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsFirehoseRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroup - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStream - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogStreamS3 - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRole - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRolePolicy - - CreateCommonResources.KinesisFirehoseLogsStack.SubscriptionFilter - - AutoEnableOptions - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.InvokeLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupExistingLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTrigger - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorLambdaTriggerPermission - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnectorRole - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.sumoIAMPassRolePolicy - - CreateCommonResources.CloudWatchEventFunction - - CreateCommonResources.CloudWatchHTTPSource - - CreateCommonResources.CloudWatchEventFunction.SumoCWDeadLetterQueue - - CreateCommonResources.CloudWatchEventFunction.SumoCWEmailSNSTopic - - CreateCommonResources.CloudWatchEventFunction.SumoCWEventsInvokeLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaExecutionRole - - CreateCommonResources.CloudWatchEventFunction.SumoCWLambdaPermission - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogGroup - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogSubsriptionFilter - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQLambda - - CreateCommonResources.CloudWatchEventFunction.SumoCWProcessDLQScheduleRule - - CreateCommonResources.CloudWatchEventFunction.SumoCWSpilloverAlarm - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - sumoAlbMetricsAppStack.AlbCloudTrailLogsFieldExtractionRule - - sumoElbMetricsAppStack.ClbCloudTrailLogsFieldExtractionRule - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsLogGroupARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsDeliveryStreamARN - - CreateCommonResources.KinesisFirehoseLogsStack.KinesisLogsRoleARN - - CreateCommonResources.KinesisFirehoseLogsStack.FailedDataBucketArn - - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources.SumoLogGroupLambdaConnector - - CreateCommonResources.CloudWatchLambdaARN - - CreateCommonResources.CloudWatchEventFunction.SumoCWLogsLambdaArn - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradev210to211" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'Yes' - CloudWatchMetricsSourceName: 'cloudwatch-metrics-' - CloudWatchMetricsNameSpaces: "AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "" - ALBS3BucketPathExpression: '' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateELBLogSource: 'Yes' - CreateELBS3Bucket: 'No' - ELBS3LogsBucketName: "" - ELBS3BucketPathExpression: '' - ELBLogsSourceName: "classic-lb-logs-" - ELBLogsSourceCategory: "aws/observability/clb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'No' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'Yes' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'Yes' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - CreateCommonResources.KinesisFirehoseLogsStack: - Section2aCreateS3Bucket: 'Yes' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'No' - ELBAutoEnableS3Logs: 'No' - AutoSubscribeLogGroups: 'Yes' - AutoSubscribeLogGroupsOptions: 'Both' - AutoSubscribeDestinationARNType: 'Kinesis' - AutoSubscribeDestinationARNValue: 'arn::firehose:' - AutoSubscribeLogGroupPattern: 'lambda' - AutoSubscribeRoleArn: "arn::iam::" - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources: - UseExistingLogs: 'true' - DestinationArnType: 'Kinesis' - DestinationArnValue: 'arn::firehose:' - LogGroupPattern: 'lambda' - RoleArn: "arn::iam::" - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoElbMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aELBLogsAPIUrl: '' - Section5bELBLogsSourceName: '*elb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradev210to211' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: '' - Section6bCloudWatchLogsSourceName: '*cloudwatch-logs*' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_9/v2_7_existing_source_with_alb_bucket.yaml b/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_9/v2_7_existing_source_with_alb_bucket.yaml deleted file mode 100644 index 021fa073..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/upgrade/v2_9/v2_7_existing_source_with_alb_bucket.yaml +++ /dev/null @@ -1,257 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.7.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' -TestCase: - TestName: v2_7ToV2_9UpgradeWithExistingSourceWithAlbBucket - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.9.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.AutoEnableOptions.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert['AutoEnableOptions#AutoEnableS3LogsAlbAWSResources'].BucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "upgradet1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_log_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradet1' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'None' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' - Section5bALBCreateLogSource: 'Yes' - Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section8aRootCauseExplorerOptions: 'Xray Source' - Section9bELBCreateLogSource: 'No' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - LambdaRole - - LambdaPermission - - PrimerInvoke - - TelemetryLambda - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - RootCauseAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoAlbMetricsAppStack.SumoALBMetricsUpdateSource - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.SumoHTTPUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - RootCauseAppStack.RootCauseRole - - RootCauseAppStack.SumoLogicHostedCollector - - RootCauseAppStack.XraySource - - RootCauseAppStack.AccountAliasValue - - RootCauseAppStack.LambdaHelper - - RootCauseAppStack.LambdaRole - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.SumoELBMetricsUpdateSource - - sumoLambdaMetricsAppStack.AccountAliasValue - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - sumoLambdaMetricsAppStack.ExistingCloudWatchLogSourceName - - sumoAlbMetricsAppStack.ExistingMetricSourceName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradet1" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "cf-templates-qpf3unpuo1hw-ap-southeast-4" - ALBS3BucketPathExpression: '/elasticloadbalancing//*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'Yes' - ALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoSubscribeLogGroups: 'No' - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources: - BucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoEnableResourceOptions: 'Existing' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - RootCauseAppStack: - Section2aInstallApp: 'No' - Section2bCollectorName: "" - Section3aCreateAwsInventorySource: 'No' - Section3bAwsInventorySourceName: "inventory-" - Section3dInventorySourceCategory: "aws/observability/inventory" - Section4aCreateAwsXRaySource: 'Yes' - Section4bAwsXRaySourceName: "xray-" - Section4cXraySourceCategory: "aws/observability/xray" - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/v2_10/v2_9_disabled_telemetry.yaml b/aws-observability/templates/test/testcases/upgrade_update/v2_10/v2_9_disabled_telemetry.yaml deleted file mode 100644 index 4c95c445..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/v2_10/v2_9_disabled_telemetry.yaml +++ /dev/null @@ -1,258 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.9.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Update: - Section1fSumoLogicSendTelemetry: 'true' -TestCase: - TestName: v2_9ToV2_10disabledTelemetry - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.10.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.AutoEnableOptions.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert['AutoEnableOptions#AutoEnableS3LogsAlbAWSResources'].BucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "upgradeupdatet1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_log_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradeupdatet1' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'None' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' - Section5bALBCreateLogSource: 'Yes' - Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section8aRootCauseExplorerOptions: 'Xray Source' - Section9bELBCreateLogSource: 'No' - UpdateParameters: - Values: - Section1fSumoLogicSendTelemetry: 'false' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - RootCauseAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoAlbMetricsAppStack.SumoALBMetricsUpdateSource - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.SumoHTTPUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - RootCauseAppStack.RootCauseRole - - RootCauseAppStack.SumoLogicHostedCollector - - RootCauseAppStack.XraySource - - RootCauseAppStack.AccountAliasValue - - RootCauseAppStack.LambdaHelper - - RootCauseAppStack.LambdaRole - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.SumoELBMetricsUpdateSource - - sumoLambdaMetricsAppStack.AccountAliasValue - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - sumoLambdaMetricsAppStack.ExistingCloudWatchLogSourceName - - sumoAlbMetricsAppStack.ExistingMetricSourceName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradeupdatet1" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "cf-templates-qpf3unpuo1hw-ap-southeast-4" - ALBS3BucketPathExpression: '/elasticloadbalancing//*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'Yes' - ALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoSubscribeLogGroups: 'No' - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources: - BucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoEnableResourceOptions: 'Existing' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradeupdatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - RootCauseAppStack: - Section2aInstallApp: 'No' - Section2bCollectorName: "" - Section3aCreateAwsInventorySource: 'No' - Section3bAwsInventorySourceName: "inventory-" - Section3dInventorySourceCategory: "aws/observability/inventory" - Section4aCreateAwsXRaySource: 'Yes' - Section4bAwsXRaySourceName: "xray-" - Section4cXraySourceCategory: "aws/observability/xray" - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradeupdatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/v2_11/v2_10_disabled_telemetry.yaml b/aws-observability/templates/test/testcases/upgrade_update/v2_11/v2_10_disabled_telemetry.yaml deleted file mode 100644 index e34fa3e2..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/v2_11/v2_10_disabled_telemetry.yaml +++ /dev/null @@ -1,258 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.10.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Update: - Section1fSumoLogicSendTelemetry: 'true' -TestCase: - TestName: v2_10ToV2_11disabledTelemetry - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.AutoEnableOptions.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert['AutoEnableOptions#AutoEnableS3LogsAlbAWSResources'].BucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "upgradeupdatet1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_log_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradeupdatet1' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'None' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' - Section5bALBCreateLogSource: 'Yes' - Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section8aRootCauseExplorerOptions: 'Xray Source' - Section9bELBCreateLogSource: 'No' - UpdateParameters: - Values: - Section1fSumoLogicSendTelemetry: 'false' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - RootCauseAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoAlbMetricsAppStack.SumoALBMetricsUpdateSource - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.SumoHTTPUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - RootCauseAppStack.RootCauseRole - - RootCauseAppStack.SumoLogicHostedCollector - - RootCauseAppStack.XraySource - - RootCauseAppStack.AccountAliasValue - - RootCauseAppStack.LambdaHelper - - RootCauseAppStack.LambdaRole - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.SumoELBMetricsUpdateSource - - sumoLambdaMetricsAppStack.AccountAliasValue - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - sumoLambdaMetricsAppStack.ExistingCloudWatchLogSourceName - - sumoAlbMetricsAppStack.ExistingMetricSourceName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradeupdatet1" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "cf-templates-qpf3unpuo1hw-ap-southeast-4" - ALBS3BucketPathExpression: '/elasticloadbalancing//*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'Yes' - ALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoSubscribeLogGroups: 'No' - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources: - BucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoEnableResourceOptions: 'Existing' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradeupdatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - RootCauseAppStack: - Section2aInstallApp: 'No' - Section2bCollectorName: "" - Section3aCreateAwsInventorySource: 'No' - Section3bAwsInventorySourceName: "inventory-" - Section3dInventorySourceCategory: "aws/observability/inventory" - Section4aCreateAwsXRaySource: 'Yes' - Section4bAwsXRaySourceName: "xray-" - Section4cXraySourceCategory: "aws/observability/xray" - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradeupdatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/v2_12/v2_11_disabled_telemetry.yaml b/aws-observability/templates/test/testcases/upgrade_update/v2_12/v2_11_disabled_telemetry.yaml deleted file mode 100644 index 54f4dc83..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/v2_12/v2_11_disabled_telemetry.yaml +++ /dev/null @@ -1,242 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Update: - Section1fSumoLogicSendTelemetry: 'true' -TestCase: - TestName: v2_11ToV2_12disabledTelemetry - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.12.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.AutoEnableOptions.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert['AutoEnableOptions#AutoEnableS3LogsAlbAWSResources'].BucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "upgradeupdatet1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_log_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradeupdatet1' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'None' - Section4cCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' - Section5bALBCreateLogSource: 'Yes' - Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section9bELBCreateLogSource: 'No' - UpdateParameters: - Values: - Section1fSumoLogicSendTelemetry: 'false' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - RootCauseAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoAlbMetricsAppStack.SumoALBMetricsUpdateSource - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.SumoHTTPUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.SumoELBMetricsUpdateSource - - sumoLambdaMetricsAppStack.AccountAliasValue - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - sumoLambdaMetricsAppStack.ExistingCloudWatchLogSourceName - - sumoAlbMetricsAppStack.ExistingMetricSourceName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradeupdatet1" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "cf-templates-qpf3unpuo1hw-ap-southeast-4" - ALBS3BucketPathExpression: '/elasticloadbalancing//*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'Yes' - ALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoSubscribeLogGroups: 'No' - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources: - BucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoEnableResourceOptions: 'Existing' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradeupdatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradeupdatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/v2_13/v2_12_disabled_telemetry.yaml b/aws-observability/templates/test/testcases/upgrade_update/v2_13/v2_12_disabled_telemetry.yaml deleted file mode 100644 index e064cab1..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/v2_13/v2_12_disabled_telemetry.yaml +++ /dev/null @@ -1,238 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.12.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Update: - Section1fSumoLogicSendTelemetry: 'true' -TestCase: - TestName: v2_11ToV2_13disabledTelemetry - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.AutoEnableOptions.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert['AutoEnableOptions#AutoEnableS3LogsAlbAWSResources'].BucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "upgradeupdatet1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_log_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradeupdatet1' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'None' - Section4cCloudWatchExistingSourceAPIUrl: '' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' - Section5bALBCreateLogSource: 'Yes' - Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section9bELBCreateLogSource: 'No' - UpdateParameters: - Values: - Section1fSumoLogicSendTelemetry: 'false' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.SumoHTTPUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - sumoLambdaMetricsAppStack.ExistingCloudWatchLogSourceName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradeupdatet1" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "cf-templates-qpf3unpuo1hw-ap-southeast-4" - ALBS3BucketPathExpression: '/elasticloadbalancing//*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'Yes' - ALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoSubscribeLogGroups: 'No' - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources: - BucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoEnableResourceOptions: 'Existing' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradeupdatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradeupdatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/v2_14/v2_13_disabled_telemetry.yaml b/aws-observability/templates/test/testcases/upgrade_update/v2_14/v2_13_disabled_telemetry.yaml deleted file mode 100644 index bd3233dc..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/v2_14/v2_13_disabled_telemetry.yaml +++ /dev/null @@ -1,238 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Update: - Section1fSumoLogicSendTelemetry: 'true' -TestCase: - TestName: v2_13ToV2_14disabledTelemetry - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.AutoEnableOptions.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert['AutoEnableOptions#AutoEnableS3LogsAlbAWSResources'].BucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "upgradeupdatet1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_log_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradeupdatet1' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'None' - Section4cCloudWatchExistingSourceAPIUrl: '' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' - Section5bALBCreateLogSource: 'Yes' - Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section9bELBCreateLogSource: 'No' - UpdateParameters: - Values: - Section1fSumoLogicSendTelemetry: 'false' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.SumoHTTPUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - sumoLambdaMetricsAppStack.ExistingCloudWatchLogSourceName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradeupdatet1" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "cf-templates-qpf3unpuo1hw-ap-southeast-4" - ALBS3BucketPathExpression: '/elasticloadbalancing//*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'Yes' - ALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoSubscribeLogGroups: 'No' - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources: - BucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoEnableResourceOptions: 'Existing' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradeupdatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradeupdatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/upgrade_update/v2_15/v2_14_disabled_telemetry.yaml b/aws-observability/templates/test/testcases/upgrade_update/v2_15/v2_14_disabled_telemetry.yaml deleted file mode 100644 index 8a296ffd..00000000 --- a/aws-observability/templates/test/testcases/upgrade_update/v2_15/v2_14_disabled_telemetry.yaml +++ /dev/null @@ -1,238 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Update: - Section1fSumoLogicSendTelemetry: 'true' -TestCase: - TestName: v2_14ToV2_15disabledTelemetry - UpgradeTemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" - Regions: '${SUMO_REGIONS}' - Skip: false - PreRequisitesInfra: - - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" - ImpactedParametersPath: - BucketName: - - "parameters.Section5dALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.CreateCommonResources.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert.AutoEnableOptions.ALBS3LogsBucketName" - - "assertions[AssertType==ParameterCheck].Assert['AutoEnableOptions#AutoEnableS3LogsAlbAWSResources'].BucketName" - - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - AccountAlias: "upgradeupdatet1" - - CFNTemplateURL: "test/setup-infra/create_sumo_collector.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - - CFNTemplateURL: "test/setup-infra/create_sumo_cloudwatch_log_source.yaml" - CFNParameters: - SumoLogicDeployment: '${SUMO_DEPLOYMENT}' - SumoLogicAccessID: '${SUMO_ACCESS_ID}' - SumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - SumoLambdaHelperArn: '${SumoLambdaHelperArn}' - SumoCollectorID: '${SumoCollectorID}' - AccountAlias: '${AccountAlias}' - ImpactedParametersPath: - SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" - - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - Parameters: - Values: - Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' - Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' - Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' - Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' - Section2aAccountAlias: 'upgradeupdatet1' - Section2bAccountAliasMappingS3URL: '' - Section3aInstallObservabilityApps: 'No' - Section4aCreateMetricsSourceOptions: 'None' - Section4cCloudWatchExistingSourceAPIUrl: '' - Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' - Section5bALBCreateLogSource: 'Yes' - Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - Section5eALBS3BucketPathExpression: '*abc*' - Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section9bELBCreateLogSource: 'No' - UpdateParameters: - Values: - Section1fSumoLogicSendTelemetry: 'false' - Assertions: - - AssertType: ResourceExistence - Assert: - Resources: - - CreateCommonResources - - AutoEnableOptions - - sumoEC2MetricsAppStack - - sumoAlbMetricsAppStack - - sumoElbMetricsAppStack - - sumoDynamoDBMetricsAppStack - - sumoRdsMetricsAppStack - - sumoApiGatewayMetricsAppStack - - sumoSNSAppStack - - sumoSQSAppStack - - sumoLambdaMetricsAppStack - - sumoECSMetricsAppStack - - sumoElasticCacheMetricsAppStack - - CreateCommonResources.AddAccountField - - CreateCommonResources.AddRegionField - - CreateCommonResources.AddNamespaceField - - CreateCommonResources.AddAccountIdField - - CreateCommonResources.SumoLogicALBS3Policy - - CreateCommonResources.SumoLogicCloudTrailS3Policy - - CreateCommonResources.LambdaRole - - CreateCommonResources.LambdaHelper - - CreateCommonResources.AccountCheck - - CreateCommonResources.CommonBucketSNSTopic - - CreateCommonResources.CommonS3Bucket - - CreateCommonResources.CommonBucketPolicy - - CreateCommonResources.CommonSNSpolicy - - CreateCommonResources.CommonCloudTrail - - CreateCommonResources.CreateSumoLogicAWSExplorerView - - CreateCommonResources.SumoLogicSourceRole - - CreateCommonResources.SumoLogicHostedCollector - - CreateCommonResources.LambdaToDecideCWMetricsSources - - CreateCommonResources.Primerinvoke - - CreateCommonResources.ALBSource - - CreateCommonResources.ALBSNSTopic - - CreateCommonResources.ALBSNSpolicy - - CreateCommonResources.ALBSNSSubscription - - CreateCommonResources.CloudTrailSource - - CreateCommonResources.CloudTrailSNSSubscription - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.ExistingAWSResources - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.SumoLambdaRole - - sumoRdsMetricsAppStack.ClusterMetricRule - - sumoRdsMetricsAppStack.InstanceMetricRule - - sumoLambdaMetricsAppStack.SumoHTTPUpdateSource - - sumoLambdaMetricsAppStack.LambdaFieldExtractionRule - - sumoAlbMetricsAppStack.AlbLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.CloudTrailLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.AccessLogsFieldExtractionRule - - sumoApiGatewayMetricsAppStack.MetricRule - - sumoSNSAppStack.FieldExtractionRule - - sumoSQSAppStack.FieldExtractionRule - - sumoDynamoDBMetricsAppStack.FieldExtractionRule - - sumoEC2MetricsAppStack.FieldExtractionRule - - sumoLambdaMetricsAppStack.LambdaCloudWatchLogsFieldExtractionRule - - sumoRdsMetricsAppStack.FieldExtractionRule - - sumoECSMetricsAppStack.FieldExtractionRule - - sumoElasticCacheMetricsAppStack.FieldExtractionRule - - sumoNlbMetricsAppStack - - sumoNlbMetricsAppStack.MetricRule - - CreateCommonResources.AccountAliasValue - - sumoAlbMetricsAppStack.AccountAliasValue - - sumoAlbMetricsAppStack.LambdaHelper - - sumoAlbMetricsAppStack.LambdaRole - - sumoElbMetricsAppStack.AccountAliasValue - - sumoElbMetricsAppStack.LambdaHelper - - sumoElbMetricsAppStack.LambdaRole - - sumoLambdaMetricsAppStack.AccountAliasValue - - sumoLambdaMetricsAppStack.GenericCloudWatchLogsFieldExtractionRule - - CreateCommonResources.LambdaHelperAlias - - CreateCommonResources.LambdaRoleAlias - - AssertType: OutputsCheck - Assert: - Outputs: - - CreateCommonResources.LambdaHelperARN - - CreateCommonResources.EnterpriseCheck - - CreateCommonResources.PaidAccountCheck - - CreateCommonResources.Namespaces - - CreateCommonResources.LambdaRoleARN - - CreateCommonResources.BucketName - - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources.EnableExisitngAWSResourcesLambda - - sumoLambdaMetricsAppStack.ExistingCloudWatchLogSourceName - - CreateCommonResources.CollectorName - - CreateCommonResources.AccountAlias - - AssertType: ParameterCheck - Assert: - CreateCommonResources: - AccountAlias: "upgradeupdatet1" - AccountAliasMappingS3URL: "" - CreateMetaDataSource: 'No' - MetaDataSourceName: "" - MetaDataSourceCategory: "" - CreateCloudWatchMetricsSource: 'No' - CloudWatchMetricsSourceName: '' - CloudWatchMetricsNameSpaces: "AWS/ApplicationELB, AWS/ApiGateway, AWS/DynamoDB, AWS/Lambda, AWS/RDS, AWS/ECS, AWS/ElastiCache, AWS/ELB, AWS/NetworkELB" - ScanInterval: "30000" - CloudWatchMetricSourceCategory: "" - CreateALBLogSource: 'Yes' - CreateALBS3Bucket: 'No' - ALBS3LogsBucketName: "cf-templates-qpf3unpuo1hw-ap-southeast-4" - ALBS3BucketPathExpression: '/elasticloadbalancing//*' - ALBLogsSourceName: "alb-logs-" - ALBLogsSourceCategory: "aws/observability/alb/logs" - CreateCloudTrailLogSource: 'Yes' - CreateCloudTrailBucket: 'Yes' - CloudTrailLogsBucketName: "" - CloudTrailBucketPathExpression: '/CloudTrail//*' - CloudTrailLogsSourceName: "cloudtrail-logs-" - CloudTrailLogsSourceCategory: "aws/observability/cloudtrail/logs" - CreateCloudWatchLogSource: 'No' - CloudWatchLogsSourceName: "cloudwatch-logs-" - CloudWatchLogsSourceCategory: "aws/observability/cloudwatch/logs" - CreateKinesisFirehoseLogSource: 'No' - KinesisFirehoseLogsSourceName: 'kinesis-firehose-cloudwatch-logs-' - KinesisFirehoseLogsSourceCategory: 'aws/observability/cloudwatch/logs' - CreateKinesisFirehoseMetricsSource: 'No' - KinesisFirehoseMetricsSourceName: 'cloudwatch-metrics-' - KinesisFirehoseMetricSourceCategory: 'aws/observability/cloudwatch/metrics' - AutoEnableOptions: - ALBAutoEnableS3Logs: 'Yes' - ALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoSubscribeLogGroups: 'No' - AutoEnableOptions.AutoEnableS3LogsAlbAWSResources: - BucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' - AutoEnableResourceOptions: 'Existing' - sumoEC2MetricsAppStack: - Section2aInstallApp: 'No' - sumoAlbMetricsAppStack: - Section2aAccountAlias: 'upgradeupdatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aALBLogsAPIUrl: '' - Section5bALBLogsSourceName: '*alb-logs*' - sumoDynamoDBMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoRdsMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoApiGatewayMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoLambdaMetricsAppStack: - Section2aAccountAlias: 'upgradeupdatet1' - Section3aInstallApp: 'No' - Section4aCloudWatchExistingSourceAPIUrl: '' - Section5aCloudTrailLogsAPIUrl: '' - Section5bCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section6aCloudWatchLogsAPIUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section6bCloudWatchLogsSourceName: '' - sumoECSMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoElasticCacheMetricsAppStack: - Section2aInstallApp: 'No' - Section3aCloudTrailLogsSourceName: '*cloudtrail-logs*' - Section3bCloudTrailSourceUpdated: 'No' - sumoNlbMetricsAppStack: - Section2aInstallApp: 'No' - Section3aNLBLogsSourceName: '' - Section3bNLBSourceUpdated: 'No' \ No newline at end of file diff --git a/aws-observability/templates/test/testsuites/update_v2_11_testsuite.yaml b/aws-observability/templates/test/testsuites/update_v2_11_testsuite.yaml deleted file mode 100644 index f8277eca..00000000 --- a/aws-observability/templates/test/testsuites/update_v2_11_testsuite.yaml +++ /dev/null @@ -1,14 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'updatet1' - Update: - Section1fSumoLogicSendTelemetry: 'true' -TestSuiteName: updateTestsuiteV2_11 -TestCases: - - 'test/testcases/upgrade_update/update/v2_11/disabled_telemetry.yaml' \ No newline at end of file diff --git a/aws-observability/templates/test/testsuites/update_v2_12_testsuite.yaml b/aws-observability/templates/test/testsuites/update_v2_12_testsuite.yaml deleted file mode 100644 index 644e121b..00000000 --- a/aws-observability/templates/test/testsuites/update_v2_12_testsuite.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.12.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'updatet1' - Update: - Section1fSumoLogicSendTelemetry: 'true' -TestSuiteName: updateTestsuiteV2_12 -TestCases: - - 'test/testcases/upgrade_update/update/v2_12/only_cloudtrail_with_loggroup_tags.yaml' - - 'test/testcases/upgrade_update/update/v2_12/disabled_telemetry.yaml' \ No newline at end of file diff --git a/aws-observability/templates/test/testsuites/update_v2_13_testsuite.yaml b/aws-observability/templates/test/testsuites/update_v2_13_testsuite.yaml deleted file mode 100644 index d60a5ca0..00000000 --- a/aws-observability/templates/test/testsuites/update_v2_13_testsuite.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'updatet1' - Update: - Section1fSumoLogicSendTelemetry: 'true' -TestSuiteName: updateTestsuiteV2_13 -TestCases: - - 'test/testcases/upgrade_update/update/v2_13/disabled_telemetry.yaml' - - 'test/testcases/upgrade_update/update/v2_13/existing_cloudtrail_alb_source.yaml' - - 'test/testcases/upgrade_update/update/v2_13/existing_cloudtrail_elb_source.yaml' - - 'test/testcases/upgrade_update/update/v2_13/existing_cloudtrail_bucket.yaml' diff --git a/aws-observability/templates/test/testsuites/update_v2_14_testsuite.yaml b/aws-observability/templates/test/testsuites/update_v2_14_testsuite.yaml deleted file mode 100644 index faabff3b..00000000 --- a/aws-observability/templates/test/testsuites/update_v2_14_testsuite.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'updatet1' - Update: - Section1fSumoLogicSendTelemetry: 'true' -TestSuiteName: updateTestsuiteV2_14 -TestCases: - - 'test/testcases/upgrade_update/update/v2_14/disabled_telemetry.yaml' - - 'test/testcases/upgrade_update/update/v2_14/existing_cloudtrail_bucket.yaml' \ No newline at end of file diff --git a/aws-observability/templates/test/testsuites/upgrade_update_v2_10_testsuite.yaml b/aws-observability/templates/test/testsuites/upgrade_update_v2_10_testsuite.yaml deleted file mode 100644 index 1aea7d45..00000000 --- a/aws-observability/templates/test/testsuites/upgrade_update_v2_10_testsuite.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.9.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'testenv' -TestSuiteName: upgradeAndUpdateTestsuiteV2_10 -TestCases: - - 'test/testcases/upgrade_update/v2_10/v2_9_disabled_telemetry.yaml' \ No newline at end of file diff --git a/aws-observability/templates/test/testsuites/upgrade_update_v2_11_testsuite.yaml b/aws-observability/templates/test/testsuites/upgrade_update_v2_11_testsuite.yaml deleted file mode 100644 index 9be21e2a..00000000 --- a/aws-observability/templates/test/testsuites/upgrade_update_v2_11_testsuite.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.10.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradeupdatet1' -TestSuiteName: upgradeAndUpdateTestsuiteV2_11 -TestCases: - - 'test/testcases/upgrade_update/upgrade/v2_11/v2_7_existing_source_with_alb_bucket.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_11/v2_9_existing_cloudtrail_elb_source.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_11/v2_10_create_source_existing_bucket_existing_sources.yaml' - - 'test/testcases/upgrade_update/v2_11/v2_10_disabled_telemetry.yaml' diff --git a/aws-observability/templates/test/testsuites/upgrade_update_v2_12_testsuite.yaml b/aws-observability/templates/test/testsuites/upgrade_update_v2_12_testsuite.yaml deleted file mode 100644 index fb851522..00000000 --- a/aws-observability/templates/test/testsuites/upgrade_update_v2_12_testsuite.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.11.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradeupdatet1' -TestSuiteName: upgradeAndUpdateTestsuiteV2_12 -TestCases: - - 'test/testcases/upgrade_update/upgrade/v2_12/v2_7_existing_source_with_alb_bucket.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_12/v2_9_existing_cloudtrail_elb_source.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_12/v2_10_create_source_existing_bucket_existing_sources.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_12/v2_11_create_source_existing_bucket_existing_sources.yaml' - - 'test/testcases/upgrade_update/v2_12/v2_11_disabled_telemetry.yaml' diff --git a/aws-observability/templates/test/testsuites/upgrade_update_v2_13_testsuite.yaml b/aws-observability/templates/test/testsuites/upgrade_update_v2_13_testsuite.yaml deleted file mode 100644 index af021c15..00000000 --- a/aws-observability/templates/test/testsuites/upgrade_update_v2_13_testsuite.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.12.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradeupdatet1' -TestSuiteName: upgradeAndUpdateTestsuiteV2_13 -TestCases: - - 'test/testcases/upgrade_update/upgrade/v2_13/v2_7_existing_source_with_alb_bucket.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_13/v2_9_existing_cloudtrail_elb_source.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_13/v2_10_create_source_existing_bucket_existing_sources.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_13/v2_11_create_source_existing_bucket_existing_sources.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_13/v2_12_create_source_existing_bucket_existing_sources.yaml' - - 'test/testcases/upgrade_update/v2_13/v2_12_disabled_telemetry.yaml' diff --git a/aws-observability/templates/test/testsuites/upgrade_update_v2_14_testsuite.yaml b/aws-observability/templates/test/testsuites/upgrade_update_v2_14_testsuite.yaml deleted file mode 100644 index db11c3f3..00000000 --- a/aws-observability/templates/test/testsuites/upgrade_update_v2_14_testsuite.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradeupdatet1' -TestSuiteName: upgradeAndUpdateTestsuiteV2_14 -TestCases: - - 'test/testcases/upgrade_update/upgrade/v2_14/v2_9_existing_cloudtrail_elb_source.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_14/v2_10_create_source_existing_bucket_existing_sources.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_14/v2_11_create_source_existing_bucket_existing_sources.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_14/v2_12_create_source_existing_bucket_existing_sources.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_14/v2_13_create_source_existing_bucket_existing_sources.yaml' - - 'test/testcases/upgrade_update/v2_14/v2_13_disabled_telemetry.yaml' diff --git a/aws-observability/templates/test/testsuites/upgrade_update_v2_15_testsuite.yaml b/aws-observability/templates/test/testsuites/upgrade_update_v2_15_testsuite.yaml deleted file mode 100644 index 2980f2c9..00000000 --- a/aws-observability/templates/test/testsuites/upgrade_update_v2_15_testsuite.yaml +++ /dev/null @@ -1,15 +0,0 @@ ---- -Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" - StackName: AWSO - ParallelTestsRun: 1 - GlobalParameters: - Default: - Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' - Section2aAccountAlias: 'upgradeupdatet1' -TestSuiteName: upgradeAndUpdateTestsuiteV2_15 -TestCases: - - 'test/testcases/upgrade_update/upgrade/v2_15/v2_12_create_source_existing_bucket_existing_sources.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_15/v2_13_create_source_existing_bucket_existing_sources.yaml' - - 'test/testcases/upgrade_update/upgrade/v2_15/v2_14_create_source_existing_bucket_existing_sources.yaml' - - 'test/testcases/upgrade_update/v2_15/v2_14_disabled_telemetry.yaml' diff --git a/aws-observability/CHANGELOG.md b/cloudformation-sumologic-aws-observability/CHANGELOG.md similarity index 100% rename from aws-observability/CHANGELOG.md rename to cloudformation-sumologic-aws-observability/CHANGELOG.md diff --git a/aws-observability/INTERNAL_README.md b/cloudformation-sumologic-aws-observability/INTERNAL_README.md similarity index 100% rename from aws-observability/INTERNAL_README.md rename to cloudformation-sumologic-aws-observability/INTERNAL_README.md diff --git a/aws-observability/LICENSE b/cloudformation-sumologic-aws-observability/LICENSE similarity index 100% rename from aws-observability/LICENSE rename to cloudformation-sumologic-aws-observability/LICENSE diff --git a/aws-observability/README.md b/cloudformation-sumologic-aws-observability/README.md similarity index 100% rename from aws-observability/README.md rename to cloudformation-sumologic-aws-observability/README.md diff --git a/cloudformation-sumologic-aws-observability/helper/LambdaFuncs/cloudwatch-logs-dlq/v1.4.0/cloudwatchlogs-with-dlq.zip b/cloudformation-sumologic-aws-observability/helper/LambdaFuncs/cloudwatch-logs-dlq/v1.4.0/cloudwatchlogs-with-dlq.zip new file mode 100644 index 00000000..058f1b97 Binary files /dev/null and b/cloudformation-sumologic-aws-observability/helper/LambdaFuncs/cloudwatch-logs-dlq/v1.4.0/cloudwatchlogs-with-dlq.zip differ diff --git a/cloudformation-sumologic-aws-observability/helper/LambdaFuncs/loggroup-lambda-connector/v1.0.16/loggroup-lambda-connector.zip b/cloudformation-sumologic-aws-observability/helper/LambdaFuncs/loggroup-lambda-connector/v1.0.16/loggroup-lambda-connector.zip new file mode 100644 index 00000000..a67d043c Binary files /dev/null and b/cloudformation-sumologic-aws-observability/helper/LambdaFuncs/loggroup-lambda-connector/v1.0.16/loggroup-lambda-connector.zip differ diff --git a/cloudformation-sumologic-aws-observability/helper/LambdaFuncs/sumo-app-utils/v3.0.0/sumo-app-utils.zip b/cloudformation-sumologic-aws-observability/helper/LambdaFuncs/sumo-app-utils/v3.0.0/sumo-app-utils.zip new file mode 100644 index 00000000..9928fbb1 Binary files /dev/null and b/cloudformation-sumologic-aws-observability/helper/LambdaFuncs/sumo-app-utils/v3.0.0/sumo-app-utils.zip differ diff --git a/aws-observability/apps/SumoLogicAWSObservabilityHelper/telemetryv1.1.0.zip b/cloudformation-sumologic-aws-observability/helper/LambdaFuncs/telemetry/v1.1.0/telemetry.zip similarity index 100% rename from aws-observability/apps/SumoLogicAWSObservabilityHelper/telemetryv1.1.0.zip rename to cloudformation-sumologic-aws-observability/helper/LambdaFuncs/telemetry/v1.1.0/telemetry.zip diff --git a/aws-observability/mapping.csv b/cloudformation-sumologic-aws-observability/mapping.csv similarity index 100% rename from aws-observability/mapping.csv rename to cloudformation-sumologic-aws-observability/mapping.csv diff --git a/aws-observability/mapping_invalid.csv b/cloudformation-sumologic-aws-observability/mapping_invalid.csv similarity index 100% rename from aws-observability/mapping_invalid.csv rename to cloudformation-sumologic-aws-observability/mapping_invalid.csv diff --git a/aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOPosix.sh b/cloudformation-sumologic-aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOPosix.sh similarity index 97% rename from aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOPosix.sh rename to cloudformation-sumologic-aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOPosix.sh index a65d29d6..6f4dc7cc 100644 --- a/aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOPosix.sh +++ b/cloudformation-sumologic-aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOPosix.sh @@ -51,7 +51,7 @@ then AWS_REGION=us-east-1; fi -masterTemplateURL="https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" +masterTemplateURL="https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/sumologic_observability.master.template.yaml" #identify sumo deployment associated with sumo accessId and accessKey export apiUrl="https://api.sumologic.com" diff --git a/aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOPosixTest.sh b/cloudformation-sumologic-aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOPosixTest.sh similarity index 98% rename from aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOPosixTest.sh rename to cloudformation-sumologic-aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOPosixTest.sh index 541f7051..62b9c4a1 100644 --- a/aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOPosixTest.sh +++ b/cloudformation-sumologic-aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOPosixTest.sh @@ -51,7 +51,7 @@ then AWS_REGION=us-east-1; fi -masterTemplateURL="https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" +masterTemplateURL="https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/sumologic_observability.master.template.yaml" #identify sumo deployment associated with sumo accessId and accessKey export apiUrl="https://api.sumologic.com" diff --git a/aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOWin.ps1 b/cloudformation-sumologic-aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOWin.ps1 similarity index 97% rename from aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOWin.ps1 rename to cloudformation-sumologic-aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOWin.ps1 index 2544ac2a..6f755172 100644 --- a/aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOWin.ps1 +++ b/cloudformation-sumologic-aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOWin.ps1 @@ -41,7 +41,7 @@ $now=Get-Date echo "AWS Observability Script initiated at : $now" #identify sumo deployment associated with sumo accessId and accessKey -$masterTemplateURL="https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" +$masterTemplateURL="https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/sumologic_observability.master.template.yaml" $apiUrl="https://api.sumologic.com" $deployment="us1" [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 diff --git a/aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOWinTest.ps1 b/cloudformation-sumologic-aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOWinTest.ps1 similarity index 97% rename from aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOWinTest.ps1 rename to cloudformation-sumologic-aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOWinTest.ps1 index fe26c76f..29c540be 100644 --- a/aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOWinTest.ps1 +++ b/cloudformation-sumologic-aws-observability/scripts/AWSOAutoSetupScript/DeployAWSOWinTest.ps1 @@ -41,7 +41,7 @@ $now=Get-Date echo "AWS Observability Script initiated at : $now" #identify sumo deployment associated with sumo accessId and accessKey -$masterTemplateURL="https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" +$masterTemplateURL="https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/sumologic_observability.master.template.yaml" $apiUrl="https://api.sumologic.com" $deployment="us1" [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 diff --git a/aws-observability/scripts/AWSOAutoSetupScript/README.md b/cloudformation-sumologic-aws-observability/scripts/AWSOAutoSetupScript/README.md similarity index 100% rename from aws-observability/scripts/AWSOAutoSetupScript/README.md rename to cloudformation-sumologic-aws-observability/scripts/AWSOAutoSetupScript/README.md diff --git a/aws-observability/scripts/DeleteBuckets.py b/cloudformation-sumologic-aws-observability/scripts/DeleteBuckets.py similarity index 100% rename from aws-observability/scripts/DeleteBuckets.py rename to cloudformation-sumologic-aws-observability/scripts/DeleteBuckets.py diff --git a/aws-observability/scripts/DeployTemplate/DeployTemplate.sh b/cloudformation-sumologic-aws-observability/scripts/DeployTemplate/DeployTemplate.sh similarity index 100% rename from aws-observability/scripts/DeployTemplate/DeployTemplate.sh rename to cloudformation-sumologic-aws-observability/scripts/DeployTemplate/DeployTemplate.sh diff --git a/aws-observability/scripts/DeployTemplate/README.md b/cloudformation-sumologic-aws-observability/scripts/DeployTemplate/README.md similarity index 100% rename from aws-observability/scripts/DeployTemplate/README.md rename to cloudformation-sumologic-aws-observability/scripts/DeployTemplate/README.md diff --git a/aws-observability/scripts/DeployTemplate/parameters-default.json b/cloudformation-sumologic-aws-observability/scripts/DeployTemplate/parameters-default.json similarity index 100% rename from aws-observability/scripts/DeployTemplate/parameters-default.json rename to cloudformation-sumologic-aws-observability/scripts/DeployTemplate/parameters-default.json diff --git a/cloudformation-sumologic-aws-observability/scripts/FuncsZipToS3.py b/cloudformation-sumologic-aws-observability/scripts/FuncsZipToS3.py new file mode 100644 index 00000000..49cfccb1 --- /dev/null +++ b/cloudformation-sumologic-aws-observability/scripts/FuncsZipToS3.py @@ -0,0 +1,170 @@ +import logging +import boto3 +import os +import re +from botocore.exceptions import BotoCoreError, ClientError + +# ───────────────────────────────────────────── +# LOGGING CONFIGURATION +# ───────────────────────────────────────────── +logging.basicConfig( + level=logging.INFO, + format="%(asctime)s [%(levelname)s] %(message)s", +) +logger = logging.getLogger(__name__) + +os.environ['AWS_PROFILE'] = 'sumocontent' + +# Mapping regions to bucket names +region_to_bucket = { + "af-south-1": "appdevzipfiles-af-south-1s", + "ap-east-1": "appdevzipfiles-ap-east-1s", + "ap-northeast-1": "appdevzipfiles-ap-northeast-1", + "ap-northeast-2": "appdevzipfiles-ap-northeast-2", + "ap-northeast-3": "appdevzipfiles-ap-northeast-3s", + "ap-south-1": "appdevzipfiles-ap-south-1", + "ap-southeast-1": "appdevzipfiles-ap-southeast-1", + "ap-southeast-2": "appdevzipfiles-ap-southeast-2", + "ap-southeast-3": "appdevzipfiles-ap-southeast-3", + "ap-southeast-4": "appdevzipfiles-ap-southeast-4s", + "ap-southeast-6": "appdevzipfiles-ap-southeast-6ss", + "ca-central-1": "appdevzipfiles-ca-central-1", + "eu-central-1": "appdevzipfiles-eu-central-1", + "eu-central-2": "appdevzipfiles-eu-central-2ss", + "eu-north-1": "appdevzipfiles-eu-north-1s", + "eu-south-1": "appdevzipfiles-eu-south-1", + "eu-west-1": "appdevzipfiles-eu-west-1", + "eu-west-2": "appdevzipfiles-eu-west-2", + "eu-west-3": "appdevzipfiles-eu-west-3", + "me-central-1": "appdevzipfiles-me-central-1", + # "me-south-1": "appdevzipfiles-me-south-1s", + "sa-east-1": "appdevzipfiles-sa-east-1", + "us-east-1": "appdevzipfiles-us-east-1", + "us-east-2": "appdevzipfiles-us-east-2", + "us-west-1": "appdevzipfiles-us-west-1", + "us-west-2": "appdevzipfiles-us-west-2" +} + +base_path = "../helper/LambdaFuncs" +modules = ["loggroup-lambda-connector", "cloudwatch-logs-dlq", "sumo-app-utils", "telemetry"] +s3_path_prefix = "sumologic-aws-observability/functions/" + + +def parse_version(vstring): + """Convert v1.2.3 into (1,2,3) for comparison.""" + return tuple(map(int, vstring.lstrip("v").split("."))) + + +def get_latest_version_dir(parent_dir): + """Find the latest versioned directory inside parent_dir (vX.Y.Z style).""" + candidates = [] + + try: + for entry in os.listdir(parent_dir): + full_path = os.path.join(parent_dir, entry) + + if os.path.isdir(full_path) and re.match(r"^v\d+(\.\d+)*$", entry): + try: + candidates.append((parse_version(entry), entry)) + except ValueError: + logger.warning( + "Skipping invalid version folder '%s' in %s", + entry, + parent_dir + ) + + except FileNotFoundError: + logger.error("Directory not found: %s", parent_dir) + return None + + if not candidates: + logger.warning("No versioned directories found in %s", parent_dir) + return None + + latest = max(candidates, key=lambda x: x[0])[1] + latest_path = os.path.join(parent_dir, latest) + + logger.info("Latest version selected: %s", latest_path) + return latest_path + + +def upload_module_to_region(region, bucket, module): + """Upload all ZIP files from latest module version to a regional bucket.""" + logger.info( + "Processing module '%s' for region '%s' using bucket '%s'", + module, + region, + bucket + ) + + module_dir = os.path.join(base_path, module) + latest_dir = get_latest_version_dir(module_dir) + + if not latest_dir: + logger.warning("No versioned folder found for module %s", module) + return + + s3_client = boto3.client("s3", region_name=region) + + for filename in os.listdir(latest_dir): + if not filename.endswith(".zip"): + continue + + file_path = os.path.join(latest_dir, filename) + + try: + functions_index = file_path.find("LambdaFuncs") + folder = file_path[functions_index:].replace(os.sep, "/") + folder = folder.split("/") + folder = "/".join(folder[1:]) + + s3_key = f"{s3_path_prefix}{folder}" + + logger.info( + "Uploading %s to s3://%s/%s", + file_path, + bucket, + s3_key + ) + + s3_client.upload_file( + file_path, + bucket, + s3_key, + ExtraArgs={"ACL": "public-read"} + ) + + logger.info( + "Successfully uploaded %s to s3://%s/%s", + file_path, + bucket, + s3_key + ) + + except (BotoCoreError, ClientError): + logger.exception( + "Failed to upload %s to s3://%s/%s", + file_path, + bucket, + s3_key + ) + + except Exception: + logger.exception( + "Unexpected error while processing %s", + file_path + ) + + +def main(): + logger.info("Starting Lambda ZIP upload process") + + for region, bucket in region_to_bucket.items(): + for module in modules: + upload_module_to_region(region, bucket, module) + + logger.info("Upload process completed") + + +if __name__ == "__main__": + main() \ No newline at end of file diff --git a/aws-observability/scripts/ValidateTemplates.sh b/cloudformation-sumologic-aws-observability/scripts/ValidateTemplates.sh similarity index 100% rename from aws-observability/scripts/ValidateTemplates.sh rename to cloudformation-sumologic-aws-observability/scripts/ValidateTemplates.sh diff --git a/cloudformation-sumologic-aws-observability/scripts/VerifyFuncsZIP.py b/cloudformation-sumologic-aws-observability/scripts/VerifyFuncsZIP.py new file mode 100755 index 00000000..1b1dec10 --- /dev/null +++ b/cloudformation-sumologic-aws-observability/scripts/VerifyFuncsZIP.py @@ -0,0 +1,239 @@ +# ───────────────────────────────────────────── +# LOGGING CONSTANTS +# ───────────────────────────────────────────── +import logging +import boto3 +import os +from pathlib import Path +from botocore.exceptions import ClientError + +# Setup proper logging +logging.basicConfig( + level=logging.INFO, + format='%(asctime)s - %(levelname)s - %(message)s' +) +logger = logging.getLogger(__name__) + +os.environ['AWS_PROFILE'] = 'sumocontent' + +S3_PREFIX = "sumologic-aws-observability/functions" +LAMBDA_FUNCS_DIR = Path(__file__).parent.parent / "helper" / "LambdaFuncs" + +REGION_TO_BUCKET = { + "af-south-1": "appdevzipfiles-af-south-1s", + "ap-east-1": "appdevzipfiles-ap-east-1s", + "ap-northeast-1": "appdevzipfiles-ap-northeast-1", + "ap-northeast-2": "appdevzipfiles-ap-northeast-2", + "ap-northeast-3": "appdevzipfiles-ap-northeast-3s", + "ap-south-1": "appdevzipfiles-ap-south-1", + "ap-southeast-1": "appdevzipfiles-ap-southeast-1", + "ap-southeast-2": "appdevzipfiles-ap-southeast-2", + "ap-southeast-3": "appdevzipfiles-ap-southeast-3", + "ap-southeast-4": "appdevzipfiles-ap-southeast-4s", + "ap-southeast-6": "appdevzipfiles-ap-southeast-6ss", + "ca-central-1": "appdevzipfiles-ca-central-1", + "eu-central-1": "appdevzipfiles-eu-central-1", + "eu-central-2": "appdevzipfiles-eu-central-2ss", + "eu-north-1": "appdevzipfiles-eu-north-1s", + "eu-south-1": "appdevzipfiles-eu-south-1", + "eu-west-1": "appdevzipfiles-eu-west-1", + "eu-west-2": "appdevzipfiles-eu-west-2", + "eu-west-3": "appdevzipfiles-eu-west-3", + "me-central-1": "appdevzipfiles-me-central-1", + # "me-south-1": "appdevzipfiles-me-south-1s", + "sa-east-1": "appdevzipfiles-sa-east-1", + "us-east-1": "appdevzipfiles-us-east-1", + "us-east-2": "appdevzipfiles-us-east-2", + "us-west-1": "appdevzipfiles-us-west-1", + "us-west-2": "appdevzipfiles-us-west-2" +} + + +# ───────────────────────────────────────────── +# DISCOVER ZIP FILES +# ───────────────────────────────────────────── +def discover_zip_files(base_dir): + """ + Dynamically discover all ZIP files from LambdaFuncs directory. + + Structure: + LambdaFuncs/ + └── / + └── / + └── .zip + + Args: + base_dir: Path to LambdaFuncs directory + + Returns: + list: List of dicts with function info + """ + zip_files = [] + base_path = Path(base_dir) + + if not base_path.exists(): + logger.error("LambdaFuncs directory not found: %s", base_path) + return zip_files + + for function_dir in sorted(base_path.iterdir()): + if not function_dir.is_dir(): + continue + + function_name = function_dir.name + + for version_dir in sorted(function_dir.iterdir()): + if not version_dir.is_dir(): + continue + + version = version_dir.name + + for zip_file in sorted(version_dir.glob("*.zip")): + s3_key = f"{S3_PREFIX}/{function_name}/{version}/{zip_file.name}" + + zip_files.append({ + "function_name": function_name, + "version": version, + "zip_file": zip_file.name, + "s3_key": s3_key + }) + + return zip_files + + +# ───────────────────────────────────────────── +# VERIFY FILE IN S3 +# ───────────────────────────────────────────── +def verify_file_in_bucket(s3_client, bucket_name, s3_key): + """ + Check if a file exists in an S3 bucket. + + Args: + s3_client: Boto3 S3 client + bucket_name: S3 bucket name + s3_key: S3 object key + + Returns: + tuple: (exists: bool, message: str) + """ + try: + response = s3_client.head_object(Bucket=bucket_name, Key=s3_key) + size = response.get('ContentLength', 0) + last_modified = response.get('LastModified', 'Unknown') + return True, f"EXISTS | Size: {size:,} bytes | Modified: {last_modified}" + except ClientError as e: + error_code = e.response['Error']['Code'] + if error_code == "404": + return False, "NOT FOUND" + elif error_code == "403": + return False, "ACCESS DENIED" + else: + return False, f"ERROR: {error_code} - {e}" + + +# ───────────────────────────────────────────── +# PRINT SUMMARY +# ───────────────────────────────────────────── +def print_summary(results): + """ + Print a summary table of verification results. + + Args: + results: Dict of results + """ + total_checks = 0 + total_found = 0 + total_missing = 0 + missing_details = [] + + for s3_key, region_results in results.items(): + for region, (exists, _) in region_results.items(): + total_checks += 1 + if exists: + total_found += 1 + else: + total_missing += 1 + missing_details.append({ + "file": s3_key, + "region": region, + "bucket": REGION_TO_BUCKET[region] + }) + + logger.info("=" * 70) + logger.info("VERIFICATION SUMMARY") + logger.info("=" * 70) + logger.info("Total Checks : %d", total_checks) + logger.info("Found : %d", total_found) + logger.info("Missing : %d", total_missing) + + if missing_details: + logger.warning("Missing Files:") + logger.warning("-" * 70) + for item in missing_details: + logger.warning("File : %s", item['file']) + logger.warning("Region : %s", item['region']) + logger.warning("Bucket : %s", item['bucket']) + logger.warning("-" * 70) + else: + logger.info("All files verified successfully across all regions") + + logger.info("=" * 70) + + return total_missing == 0 + + +# ───────────────────────────────────────────── +# MAIN +# ───────────────────────────────────────────── +def main(): + logger.info("=" * 70) + logger.info("Lambda ZIP File Verification Script") + logger.info("=" * 70) + logger.info("LambdaFuncs Dir : %s", LAMBDA_FUNCS_DIR) + logger.info("S3 Prefix : %s", S3_PREFIX) + logger.info("Regions : %d", len(REGION_TO_BUCKET)) + logger.info("=" * 70) + + # Step 1: Discover ZIP files + logger.info("Discovering ZIP files...") + zip_files = discover_zip_files(LAMBDA_FUNCS_DIR) + + if not zip_files: + logger.error("No ZIP files found in %s", LAMBDA_FUNCS_DIR) + return 1 + + logger.info("Found %d ZIP file(s):", len(zip_files)) + for zf in zip_files: + logger.info(" [FILE] %s/%s/%s", zf['function_name'], zf['version'], zf['zip_file']) + logger.info(" S3 Key: %s", zf['s3_key']) + + logger.info("=" * 70) + + # Step 2: Verify each ZIP across all regions + results = {} + + for zip_info in zip_files: + s3_key = zip_info['s3_key'] + results[s3_key] = {} + + logger.info("Verifying: %s/%s/%s", zip_info['function_name'], zip_info['version'], zip_info['zip_file']) + logger.info("S3 Key: %s", s3_key) + logger.info("-" * 70) + + for region, bucket_name in REGION_TO_BUCKET.items(): + s3_client = boto3.client('s3', region_name=region) + exists, message = verify_file_in_bucket(s3_client, bucket_name, s3_key) + results[s3_key][region] = (exists, message) + + if exists: + logger.info(" [PASS] [%-20s] %-45s %s", region, bucket_name, message) + else: + logger.warning(" [FAIL] [%-20s] %-45s %s", region, bucket_name, message) + + # Step 3: Print summary + all_passed = print_summary(results) + + return 0 if all_passed else 1 + + +if __name__ == "__main__": + exit(main()) \ No newline at end of file diff --git a/cloudformation-sumologic-aws-observability/scripts/YamlToS3.sh b/cloudformation-sumologic-aws-observability/scripts/YamlToS3.sh new file mode 100755 index 00000000..ece2933f --- /dev/null +++ b/cloudformation-sumologic-aws-observability/scripts/YamlToS3.sh @@ -0,0 +1,176 @@ +#!/bin/bash + +# ───────────────────────────────────────────── +# CONFIGURATION +# ───────────────────────────────────────────── +VERSION="v3.0.0" +BUCKET_NAME="sumologic-appdev-aws-sam-apps" +S3_BASE_PATH="s3://${BUCKET_NAME}/aws-observability-versions/${VERSION}" +AWS_PROFILE="sumocontent" + +# Common S3 options for nested dirs +COMMON_ARGS=( + --recursive + --include "*.yaml" + --include "*.json" + --exclude '.*' + --exclude '*/.*' + --exclude '*.zip' + --exclude '*.sh' + --exclude '*.DS_Store' + --exclude '*/.DS_Store' + --exclude 'test/*' + --exclude '*/test/*' + --acl public-read + --profile "${AWS_PROFILE}" +) + +# Format: "path:depth" +UPLOAD_DIRS=( + "../templates:nested" +) + +# ───────────────────────────────────────────── +# FUNCTIONS +# ───────────────────────────────────────────── + +count_templates_in_dir() { + local dir=$1 + + find "${dir}" \ + -type f \ + \( -name "*.yaml" -o -name "*.template.yaml" -o -name "*.json" \) \ + ! -name ".*" \ + ! -path "*/.*" \ + ! -path "*/test/*" \ + 2>/dev/null | wc -l | tr -d ' ' +} + +upload_directory() { + local src_dir=$1 + local depth=$2 + local dest_path="${S3_BASE_PATH}/$(basename "${src_dir}")/" + + echo "INFO - Uploading [${depth}]: ${src_dir} -> ${dest_path}" + + aws s3 cp "${src_dir}/" "${dest_path}" "${COMMON_ARGS[@]}" + + if [[ $? -eq 0 ]]; then + echo "INFO - [PASS] Uploaded: ${src_dir}" + return 0 + else + echo "ERROR - [FAIL] Failed: ${src_dir}" + return 1 + fi +} + +# ───────────────────────────────────────────── +# MAIN +# ───────────────────────────────────────────── +echo "INFO - Starting S3 upload script" +echo "INFO - Version : ${VERSION}" +echo "INFO - Bucket : ${BUCKET_NAME}" +echo "INFO - Profile : ${AWS_PROFILE}" +echo "INFO - Destination : ${S3_BASE_PATH}" +echo "-----------------------------------------" + +if [[ "${AWS_PROFILE}" == 'sumocontent' ]]; then + + failed_dirs=0 + success_dirs=0 + total_templates=0 + failed_templates=0 + success_templates=0 + + # ───────────────────────────────────────── + # 1. Pre-count templates in all directories + # ───────────────────────────────────────── + echo "INFO - Pre-counting templates..." + echo "-----------------------------------------" + + for entry in "${UPLOAD_DIRS[@]}"; do + dir="${entry%%:*}" # Extract path (before ":") + depth="${entry##*:}" # Extract depth (after ":") + + if [[ -d "${dir}" ]]; then + count=$(count_templates_in_dir "${dir}") + total_templates=$((total_templates + count)) + printf "INFO - [%-15s] [%-6s] Templates found: %s\n" "$(basename ${dir})" "${depth}" "${count}" + else + echo "WARN - Directory not found: ${dir}" + fi + done + + echo "-----------------------------------------" + echo "INFO - Total templates to upload: ${total_templates}" + echo "-----------------------------------------" + + # ───────────────────────────────────────── + # 2. Upload all directories + # ───────────────────────────────────────── + echo "INFO - Uploading directories..." + echo "-----------------------------------------" + + for entry in "${UPLOAD_DIRS[@]}"; do + dir="${entry%%:*}" + depth="${entry##*:}" + + if [[ -d "${dir}" ]]; then + dir_template_count=$(count_templates_in_dir "${dir}") + + upload_directory "${dir}" "${depth}" + + if [[ $? -eq 0 ]]; then + ((success_dirs++)) + success_templates=$((success_templates + dir_template_count)) + else + ((failed_dirs++)) + failed_templates=$((failed_templates + dir_template_count)) + fi + else + echo "WARN - Directory not found, skipping: ${dir}" + fi + done + + # ───────────────────────────────────────── + # 3. Summary + # ───────────────────────────────────────── + echo "=========================================" + echo "UPLOAD SUMMARY" + echo "=========================================" + printf "%-30s %s\n" " Total Directories :" "${#UPLOAD_DIRS[@]}" + printf "%-30s %s\n" " Successful Dirs :" "${success_dirs}" + printf "%-30s %s\n" " Failed Dirs :" "${failed_dirs}" + echo "-----------------------------------------" + printf "%-30s %s\n" " Total Templates :" "${total_templates}" + printf "%-30s %s\n" " Successful :" "${success_templates}" + printf "%-30s %s\n" " Failed :" "${failed_templates}" + echo "-----------------------------------------" + echo " Directory Breakdown:" + for entry in "${UPLOAD_DIRS[@]}"; do + dir="${entry%%:*}" + depth="${entry##*:}" + if [[ -d "${dir}" ]]; then + count=$(count_templates_in_dir "${dir}") + printf " %-15s [%-6s] : %s templates\n" "$(basename ${dir})" "${depth}" "${count}" + fi + done + echo "=========================================" + + if [[ ${failed_dirs} -eq 0 ]]; then + echo "INFO - [PASS] All uploads completed successfully" + echo "INFO - Bucket : ${BUCKET_NAME}" + echo "INFO - Version : ${VERSION}" + echo "INFO - Path : ${S3_BASE_PATH}" + else + echo "ERROR - [FAIL] ${failed_dirs} dir(s) failed, ${failed_templates} template(s) not uploaded" + exit 1 + fi + +else + echo "WARN - Skipping - AWS_PROFILE is '${AWS_PROFILE}', expected 'sumocontent'" + exit 1 +fi + +echo "-----------------------------------------" +echo "INFO - End S3 upload Script" \ No newline at end of file diff --git a/aws-observability/sync.sh b/cloudformation-sumologic-aws-observability/sync.sh similarity index 100% rename from aws-observability/sync.sh rename to cloudformation-sumologic-aws-observability/sync.sh diff --git a/cloudformation-sumologic-aws-observability/templates/apps.template.yaml b/cloudformation-sumologic-aws-observability/templates/apps.template.yaml new file mode 100644 index 00000000..eeb7658f --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/apps.template.yaml @@ -0,0 +1,140 @@ +AWSTemplateFormatVersion: '2010-09-09' +Transform: AWS::LanguageExtensions +Description: "Version - v3.0.0: Template to setup the API Gateway app with AWS and Sumo Logic resources for AWS Observability Solution." +Parameters: + Section1aSumoDeployment: + Type: String + Default: "" + Description: "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2" + Section1bSumoAccessID: + Type: String + Description: "Sumo Logic Access ID. Used for Sumo Logic API calls." + AllowedPattern: ".+" + ConstraintDescription: "Sumo Logic Access ID can not be empty." + Section1cSumoAccessKey: + Type: String + Description: "Sumo Logic Access Key. Used for Sumo Logic API calls." + AllowedPattern: ".+" + ConstraintDescription: "Sumo Logic Access Key can not be empty." + NoEcho: true + Section1dRemoveSumoResourcesOnDeleteStack: + AllowedValues: + - true + - false + Default: true + Description: "To delete collectors, sources and apps when the stack is deleted, set this parameter to True. Default is True. + Deletes the resources created by the stack. Deletion of updated resources will be skipped." + Type: String + Section2aInstallApp: + Type: String + Description: "Yes - Installs the API Gateway App for the Sumo Logic AWS Observability Solution. + No - Skips the installation of this app." + Default: 'Yes' + AllowedValues: + - 'Yes' + - 'No' + + Section3aParentStackLambdaARN: + Type: String + Default: "ParentStackLambdaARN" + Description: Parent Stack Lambda ARN. Do Not Edit the value. + + Section4aToUpdate: + Type: String + Default: "" + Description: "Force stack update when parent configuration changes" + + +Mappings: + Apps: + AmazonECS: + Name: "Amazon ECS(Without Container Insights and Traces)" + AppId: "b3210735-0917-459e-8d1e-722fee4c22fe" + + AmazonElastiCache: + Name: "Amazon ElastiCache" + AppId: "82ab79f5-3e85-4974-852f-5cb8f8028230" + + AmazonOverview: + Name: "Amazon Overview" + AppId: "32c8b96c-161c-46d4-b81d-235cc0b56b87" + + AmazonRDS: + Name: "Amazon RDS" + AppId: "c32ad59b-ee10-4cd1-8369-3639e8457b1f" + + AmazonSNS: + Name: "Amazon SNS" + AppId: "9c203dfb-6088-4a76-b12e-cc3a78ce0df5" + + AmazonSQS: + Name: "Amazon SQS" + AppId: "8b57f601-c163-4481-8ae7-d6e212516506" + + AWSAPIGateway: + Name: "AWS API Gateway" + AppId: "f1dfe2ea-ee27-4a74-972c-560424b9cb5c" + + AWSApplicationLoadBalancer: + Name: "AWS Application Load Balancer" + AppId: "27a17946-e475-4d56-8a8f-bc3fbc0400ca" + + AWSClassicLoadBalancer: + Name: "AWS Classic Load Balancer" + AppId: "fb7a2e22-006c-40ea-945c-e73b6b369e7c" + + AWSDynamoDB: + Name: "AWS DynamoDB" + AppId: "092203f6-9443-47ca-b2b5-6a4c25e8c14c" + + AWSEC2: + Name: "AWS EC2" + AppId: "f14714b5-6e86-40e7-aa6c-970e9182c0be" + + AWSLambda: + Name: "AWS Lambda" + AppId: "d71cb5f7-bf92-4fac-984f-33fdaea856f7" + + AWSNetworkLoadBalancer: + Name: "AWS Network Load Balancer" + AppId: "5a6e7695-94a9-4548-a44a-054d4e793432" + + HostMetricsEC2: + Name: "Host Metrics (EC2)" + AppId: "149c19d7-de3a-483b-a1a7-bbd825916548" + +Conditions: + is_install_app: !Equals [!Ref Section2aInstallApp, "Yes"] + +Resources: + + CreateSumoLogicAWSExplorerView: + Type: Custom::SumoLogicAWSExplorer + Properties: + ServiceToken: !Ref Section3aParentStackLambdaARN + RemoveOnDeleteStack: false + HierarchyName: "AWS Observability" + HierarchyLevel: { "entityType": "account","nextLevelsWithConditions": [ ],"nextLevel": { "entityType": "region","nextLevelsWithConditions": [ ],"nextLevel": { "entityType": "namespace","nextLevelsWithConditions": [ { "condition": "AWS/ApplicationElb","level": { "entityType": "loadbalancer","nextLevelsWithConditions": [ ] } },{ "condition": "AWS/ApiGateway","level": { "entityType": "apiname","nextLevelsWithConditions": [ ] } },{ "condition": "AWS/DynamoDB","level": { "entityType": "tablename","nextLevelsWithConditions": [ ] } },{ "condition": "AWS/EC2","level": { "entityType": "instanceid","nextLevelsWithConditions": [ ] } },{ "condition": "AWS/RDS","level": { "entityType": "dbidentifier","nextLevelsWithConditions": [ ] } },{ "condition": "AWS/Lambda","level": { "entityType": "functionname","nextLevelsWithConditions": [ ] } },{ "condition": "AWS/ECS","level": { "entityType": "clustername","nextLevelsWithConditions": [ ] } },{ "condition": "AWS/ElastiCache","level": { "entityType": "cacheclusterid","nextLevelsWithConditions": [ ] } },{ "condition": "AWS/NetworkELB","level": { "entityType": "networkloadbalancer","nextLevelsWithConditions": [ ] } },{ "condition": "AWS/ELB","level": { "entityType": "loadbalancername","nextLevelsWithConditions": [ ] } },{ "condition": "AWS/SNS","level": { "entityType": "topicname","nextLevelsWithConditions": [ ] } },{ "condition": "AWS/SQS","level": { "entityType": "queuename","nextLevelsWithConditions": [ ] } } ] } } } + SumoAccessID: !Ref Section1bSumoAccessID + SumoAccessKey: !Ref Section1cSumoAccessKey + SumoDeployment: !Ref Section1aSumoDeployment + + Fn::ForEach::AppsLoop: + - AppKey +# - [Bedrock, BedrockAgentCore] + - [AmazonECS, AmazonElastiCache, AmazonOverview, AmazonRDS, AmazonSNS, AmazonSQS, AWSAPIGateway, AWSApplicationLoadBalancer, AWSClassicLoadBalancer, AWSDynamoDB, AWSEC2, AWSLambda, AWSNetworkLoadBalancer, HostMetricsEC2] + + - SumoApp${AppKey}: + Type: Custom::AppV2 + Condition: is_install_app + Properties: + ServiceToken: !Ref Section3aParentStackLambdaARN + Region: !Ref AWS::Region + AppName: !FindInMap [Apps, !Ref AppKey, Name] + AppId: !FindInMap [Apps, !Ref AppKey, AppId] + RemoveOnDeleteStack: !Ref Section1dRemoveSumoResourcesOnDeleteStack + SumoAccessID: !Ref Section1bSumoAccessID + SumoAccessKey: !Ref Section1cSumoAccessKey + SumoDeployment: !Ref Section1aSumoDeployment + Section4aToUpdate: !Ref Section4aToUpdate + diff --git a/aws-observability/apps/autoenable/auto_enable.template.yaml b/cloudformation-sumologic-aws-observability/templates/auto_enable.template.yaml similarity index 82% rename from aws-observability/apps/autoenable/auto_enable.template.yaml rename to cloudformation-sumologic-aws-observability/templates/auto_enable.template.yaml index f155ec8a..50ed7fe8 100644 --- a/aws-observability/apps/autoenable/auto_enable.template.yaml +++ b/cloudformation-sumologic-aws-observability/templates/auto_enable.template.yaml @@ -1,6 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to setup Auto Enable ALB Access Logging and Lambda Auto Subscribe Log Groups for AWS Observability Solution." +Description: "Version - v3.0.0: Template to setup Auto Enable ALB Access Logging and Lambda Auto Subscribe Log Groups for AWS Observability Solution." Parameters: SumoLogicResourceRemoveOnDeleteStack: @@ -110,6 +109,21 @@ Parameters: Description : "Path inside bucket for dumping of Access Logs for classic load balancer" Default: "" + MPS3BucketName: + Type: String + AllowedPattern: ".+" + Description: Name of the S3 bucket for your copy of the nested templates. + Default: "sumologic-appdev-aws-sam-apps" + MPS3BucketRegion: + Type: String + Description: "AWS Region where the S3 bucket for your copy of the nested templates is hosted." + Default: "us-east-1" + MPS3KeyPrefix: + Type: String + Description: "S3 key prefix that is used to simulate a folder for your copy of the nested templates." + AllowedPattern: ".+" + Default: "aws-observability-versions/v3.0.0/templates/" + Conditions: auto_enable_s3_logs: !Equals [ !Ref ALBAutoEnableS3Logs, 'Yes' ] auto_enable_s3_logs_elb: !Equals [ !Ref ELBAutoEnableS3Logs, 'Yes' ] @@ -122,13 +136,11 @@ Conditions: Resources: - AutoEnableS3LogsAlbAWSResources: - Type: AWS::Serverless::Application + AutoEnableS3LogsAlbStack: + Type: AWS::CloudFormation::Stack Condition: auto_enable_s3_logs Properties: - Location: - ApplicationId: arn:aws:serverlessrepo:us-east-1:956882708938:applications/sumologic-s3-logging-auto-enable - SemanticVersion: 1.0.19 + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}s3_logging_auto_enable.template.yaml" Parameters: BucketName: !Ref ALBS3LogsBucketName BucketPrefix: "elasticloadbalancing" @@ -136,14 +148,12 @@ Resources: AutoEnableResourceOptions: !Ref ALBAutoEnableS3LogsOptions FilterExpression: "'Type': 'application'|'type': 'application'" RemoveOnDeleteStack: !Ref SumoLogicResourceRemoveOnDeleteStack - - AutoEnableS3LogsElbAWSResources: - Type: AWS::Serverless::Application + + AutoEnableS3LogsElbStack: + Type: AWS::CloudFormation::Stack Condition: auto_enable_s3_logs_elb Properties: - Location: - ApplicationId: arn:aws:serverlessrepo:us-east-1:956882708938:applications/sumologic-s3-logging-auto-enable - SemanticVersion: 1.0.19 + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}s3_logging_auto_enable.template.yaml" Parameters: BucketName: !Ref ELBS3LogsBucketName BucketPrefix: !Ref ELBS3LogsBucketPrefix @@ -153,12 +163,10 @@ Resources: RemoveOnDeleteStack: !Ref SumoLogicResourceRemoveOnDeleteStack AutoSubscribeLambdaLogGroupsAWSResources: - Type: AWS::Serverless::Application + Type: AWS::CloudFormation::Stack Condition: auto_subscribe_new_log_groups Properties: - Location: - ApplicationId: arn:aws:serverlessrepo:us-east-1:956882708938:applications/sumologic-loggroup-connector - SemanticVersion: 1.0.15 + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}loggroup_connector.template.yaml" Parameters: DestinationArnType: !Ref AutoSubscribeDestinationARNType DestinationArnValue: !Ref AutoSubscribeDestinationARN diff --git a/cloudformation-sumologic-aws-observability/templates/bucket_policy_new_region.template.yaml b/cloudformation-sumologic-aws-observability/templates/bucket_policy_new_region.template.yaml new file mode 100644 index 00000000..88592964 --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/bucket_policy_new_region.template.yaml @@ -0,0 +1,83 @@ +AWSTemplateFormatVersion: '2010-09-09' +Description: "Version - v3.0.0: Template to setup S3 Bucket policy based on old Region after Aug 2022 for AWS Observability Solution." + +Metadata: + cfn-lint: + config: + ignore_checks: + - W1032 + +Parameters: + CommonS3Bucket: + Type: String + Description: "Provide the name of an existing Common S3 bucket." + AllowedPattern: "^[a-z0-9][a-z0-9.\\-]{1,61}[a-z0-9]$" + + AccountAlias: + Type: String + Description: "Provide an Alias for AWS account for identification in Sumo Logic Explorer View, metrics and logs." + Default: "" + +Resources: + CommonBucketPolicy: + Type: AWS::S3::BucketPolicy + Properties: + Bucket: !Ref CommonS3Bucket + PolicyDocument: + Version: "2012-10-17" + Statement: + - Sid: AWSCloudTrailAclCheck + Effect: Allow + Principal: + Service: cloudtrail.amazonaws.com + Action: + - s3:GetBucketAcl + Resource: + - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}" + - Sid: AWSCloudTrailWrite + Effect: Allow + Principal: + Service: cloudtrail.amazonaws.com + Action: + - s3:PutObject + Resource: + - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}/*" + Condition: + StringEquals: + s3:x-amz-acl: bucket-owner-full-control + - Sid: AWSBucketExistenceCheck + Effect: Allow + Principal: + Service: cloudtrail.amazonaws.com + Action: + - s3:ListBucket + Resource: + - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}" + - Sid: AWSAlbLogDeliveryAclCheck + Effect: Allow + Principal: + Service: delivery.logs.amazonaws.com + Action: + - s3:GetBucketAcl + Resource: + - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}" + - Sid: AddNewAlbLogsStatement + Effect: Allow + Principal: + Service: logdelivery.elasticloadbalancing.amazonaws.com + Action: + - s3:PutObject + Resource: + - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}/*" + + CommonCloudTrail: + Type: AWS::CloudTrail::Trail + DependsOn: CommonBucketPolicy + Properties: + IsLogging: true + IsMultiRegionTrail: false + S3BucketName: !Ref CommonS3Bucket + TrailName: !Join + - "" + - - "Aws-Observability-" + - !Ref AccountAlias \ No newline at end of file diff --git a/cloudformation-sumologic-aws-observability/templates/bucket_policy_old_region.template.yaml b/cloudformation-sumologic-aws-observability/templates/bucket_policy_old_region.template.yaml new file mode 100644 index 00000000..fab21c7f --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/bucket_policy_old_region.template.yaml @@ -0,0 +1,102 @@ +AWSTemplateFormatVersion: '2010-09-09' +Description: "Version - v3.0.0: Template to setup S3 Bucket policy based on old Region before Aug 2022 for AWS Observability Solution." + +Metadata: + cfn-lint: + config: + ignore_checks: + - W1031 + - W1032 + +Parameters: + CommonS3Bucket: + Type: String + Description: "Provide the name of an existing Common S3 bucket." + AllowedPattern: "^[a-z0-9][a-z0-9.\\-]{1,61}[a-z0-9]$" + + AccountAlias: + Type: String + Description: "Provide an Alias for AWS account for identification in Sumo Logic Explorer View, metrics and logs." + Default: "" + + RegionAccountId: + Type: String + Description: "Provide the AWS account id associated with the Load Balancer." + Default: "" + +Resources: + CommonBucketPolicy: + Type: AWS::S3::BucketPolicy + Properties: + Bucket: !Ref CommonS3Bucket + PolicyDocument: + Version: "2012-10-17" + Statement: + - Sid: AWSCloudTrailAclCheck + Effect: Allow + Principal: + Service: cloudtrail.amazonaws.com + Action: + - s3:GetBucketAcl + Resource: + - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}" + - Sid: AWSCloudTrailWrite + Effect: Allow + Principal: + Service: cloudtrail.amazonaws.com + Action: + - s3:PutObject + Resource: + - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}/*" + Condition: + StringEquals: + s3:x-amz-acl: bucket-owner-full-control + - Sid: AWSBucketExistenceCheck + Effect: Allow + Principal: + Service: cloudtrail.amazonaws.com + Action: + - s3:ListBucket + Resource: + - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}" + - Sid: AWSAlbLogDeliveryAclCheck + Effect: Allow + Principal: + Service: delivery.logs.amazonaws.com + Action: + - s3:GetBucketAcl + Resource: + - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}" + # Enable access logs for your Application Load Balancer + - Sid: AWSAlbLogDeliveryWrite + Effect: Allow + Principal: + Service: delivery.logs.amazonaws.com + Action: + - s3:PutObject + Resource: + - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}/*" + Condition: + StringEquals: + s3:x-amz-acl: bucket-owner-full-control + # Enable access logs for your Classic Load Balancer + - Sid: AWSAlbLogsPutObjects + Effect: Allow + Principal: + AWS: !Sub "arn:${AWS::Partition}:iam::${RegionAccountId}:root" + Action: + - s3:PutObject + Resource: + - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}/*" + + CommonCloudTrail: + Type: AWS::CloudTrail::Trail + DependsOn: CommonBucketPolicy + Properties: + IsLogging: true + IsMultiRegionTrail: false + S3BucketName: !Ref CommonS3Bucket + TrailName: !Join + - "" + - - "Aws-Observability-" + - !Ref AccountAlias \ No newline at end of file diff --git a/aws-observability/apps/cloudwatchmetrics/cloudwatchmetrics.template.yaml b/cloudformation-sumologic-aws-observability/templates/cloudwatchmetrics.template.yaml similarity index 97% rename from aws-observability/apps/cloudwatchmetrics/cloudwatchmetrics.template.yaml rename to cloudformation-sumologic-aws-observability/templates/cloudwatchmetrics.template.yaml index 50eb915a..162deb34 100644 --- a/aws-observability/apps/cloudwatchmetrics/cloudwatchmetrics.template.yaml +++ b/cloudformation-sumologic-aws-observability/templates/cloudwatchmetrics.template.yaml @@ -1,6 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to Setup Sumo Logic CloudWatch Metric Source. The template setup CW Metrics Sources for Namespaces." +Description: "Version - v3.0.0: Template to Setup Sumo Logic CloudWatch Metric Source. The template setup CW Metrics Sources for Namespaces." Parameters: SumoLogicDeployment: @@ -70,7 +69,7 @@ Parameters: FirstMetricsSourceNamespace: Type: String Description: "Provide the Namespace with which Source need to be created." - Default: '' + Default: 'ApplicationELB' CreateSecondMetricsSource: Type: String @@ -79,10 +78,11 @@ Parameters: AllowedValues: - 'Yes' - 'No' + SecondMetricsSourceNamespace: Type: String Description: "Provide the Namespace with which Source need to be created." - Default: '' + Default: 'ApiGateway' CreateThirdMetricsSource: Type: String @@ -91,10 +91,11 @@ Parameters: AllowedValues: - 'Yes' - 'No' + ThirdMetricsSourceNamespace: Type: String Description: "Provide the Namespace with which Source need to be created." - Default: '' + Default: 'DynamoDB' CreateFourthMetricsSource: Type: String @@ -103,10 +104,11 @@ Parameters: AllowedValues: - 'Yes' - 'No' + FourthMetricsSourceNamespace: Type: String Description: "Provide the Namespace with which Source need to be created." - Default: '' + Default: 'Lambda' CreateFifthMetricsSource: Type: String @@ -115,10 +117,12 @@ Parameters: AllowedValues: - 'Yes' - 'No' + FifthMetricsSourceNamespace: Type: String Description: "Provide the Namespace with which Source need to be created." - Default: '' + Default: 'RDS' + CreateCustomMetricsSource: Type: String Description: "Select Yes if you would like to create the Metric Source." @@ -126,6 +130,7 @@ Parameters: AllowedValues: - 'Yes' - 'No' + CustomMetricsSourceNamespace: Type: String Description: "Provide the Namespace with which Source need to be created." diff --git a/cloudformation-sumologic-aws-observability/templates/dlq_lambda_cloudformation.template.yaml b/cloudformation-sumologic-aws-observability/templates/dlq_lambda_cloudformation.template.yaml new file mode 100644 index 00000000..f547b80b --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/dlq_lambda_cloudformation.template.yaml @@ -0,0 +1,346 @@ +AWSTemplateFormatVersion: '2010-09-09' +Description: Sumo Logic CloudWatch log collector +Parameters: + SumoEndPointURL: + Type: String + Default: + Description: Enter SUMO_ENDPOINT created while configuring HTTP Source + EmailID: + Type: String + Default: test@gmail.com + Description: Enter your email for receiving alerts.You will receive confirmation email after the deployment is complete, confirm it to subscribe for alerts. + NumOfWorkers: + Type: Number + Default: 4 + Description: Enter the number of lambda function invocations for faster Dead Letter Queue processing. + LogFormat: + Type: String + Default: Others + AllowedValues: + - VPC-RAW + - VPC-JSON + - Others + Description: Choose the Service + IncludeLogGroupInfo: + Type: String + Default: 'false' + AllowedValues: + - 'true' + - 'false' + Description: Select true to get loggroup/logstream values in logs + LogStreamPrefix: + Type: String + Description: (Optional) Enter comma separated list of logStream name prefixes to filter by logStream. Please note this is seperate from a logGroup. This is used to only send certain logStreams within a cloudwatch logGroup(s). LogGroups still need to be subscribed to the created Lambda funciton, regardless of what is input for this value. + Default: '' +Mappings: + RegionMap: + us-east-1: + bucketname: appdevzipfiles-us-east-1 + us-east-2: + bucketname: appdevzipfiles-us-east-2 + us-west-1: + bucketname: appdevzipfiles-us-west-1 + us-west-2: + bucketname: appdevzipfiles-us-west-2 + ap-south-1: + bucketname: appdevzipfiles-ap-south-1 + ap-northeast-2: + bucketname: appdevzipfiles-ap-northeast-2 + ap-southeast-1: + bucketname: appdevzipfiles-ap-southeast-1 + ap-southeast-2: + bucketname: appdevzipfiles-ap-southeast-2 + ap-southeast-4: + bucketname: appdevzipfiles-ap-southeast-4s + ap-southeast-6: + bucketname: appdevzipfiles-ap-southeast-6ss + ap-northeast-1: + bucketname: appdevzipfiles-ap-northeast-1 + ca-central-1: + bucketname: appdevzipfiles-ca-central-1 + eu-central-1: + bucketname: appdevzipfiles-eu-central-1 + eu-west-1: + bucketname: appdevzipfiles-eu-west-1 + eu-west-2: + bucketname: appdevzipfiles-eu-west-2 + eu-west-3: + bucketname: appdevzipfiles-eu-west-3 + eu-north-1: + bucketname: appdevzipfiles-eu-north-1s + sa-east-1: + bucketname: appdevzipfiles-sa-east-1 + ap-east-1: + bucketname: appdevzipfiles-ap-east-1s + af-south-1: + bucketname: appdevzipfiles-af-south-1s + eu-south-1: + bucketname: appdevzipfiles-eu-south-1 + me-south-1: + bucketname: appdevzipfiles-me-south-1s + me-central-1: + bucketname: appdevzipfiles-me-central-1 + eu-central-2: + bucketname: appdevzipfiles-eu-central-2ss + ap-northeast-3: + bucketname: appdevzipfiles-ap-northeast-3s + ap-southeast-3: + bucketname: appdevzipfiles-ap-southeast-3 + il-central-1: + bucketname: appdevzipfiles-il-central-1 +Resources: + SumoCWLogGroup: + Type: AWS::Logs::LogGroup + Properties: + LogGroupName: !Join + - '-' + - - SumoCWLogGroup + - !Select + - '2' + - !Split + - / + - !Ref AWS::StackId + RetentionInDays: 7 + SumoCWLogSubsriptionFilter: + Type: AWS::Logs::SubscriptionFilter + Properties: + LogGroupName: !Ref SumoCWLogGroup + DestinationArn: !GetAtt SumoCWLogsLambda.Arn + FilterPattern: '' + DependsOn: + - SumoCWLambdaPermission + SumoCWLambdaPermission: + Type: AWS::Lambda::Permission + Properties: + FunctionName: !GetAtt SumoCWLogsLambda.Arn + Action: lambda:InvokeFunction + Principal: !Join + - . + - - logs + - !Ref AWS::Region + - amazonaws.com + SourceAccount: !Ref AWS::AccountId + SumoCWDeadLetterQueue: + Type: AWS::SQS::Queue + Properties: + QueueName: !Join + - '-' + - - SumoCWDeadLetterQueue + - !Select + - '2' + - !Split + - / + - !Ref AWS::StackId + SumoCWLambdaExecutionRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Principal: + Service: + - lambda.amazonaws.com + Action: + - sts:AssumeRole + Path: / + Policies: + - PolicyName: !Join + - '-' + - - SQSCreateLogsRolePolicy + - !Select + - '2' + - !Split + - / + - !Ref AWS::StackId + PolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Action: + - sqs:DeleteMessage + - sqs:GetQueueUrl + - sqs:ListQueues + - sqs:ChangeMessageVisibility + - sqs:ReceiveMessage + - sqs:SendMessage + - sqs:GetQueueAttributes + - sqs:ListQueueTags + - sqs:ListDeadLetterSourceQueues + - sqs:PurgeQueue + - sqs:DeleteQueue + - sqs:CreateQueue + - sqs:SetQueueAttributes + Resource: + - !GetAtt SumoCWDeadLetterQueue.Arn + - PolicyName: !Join + - '-' + - - CloudWatchCreateLogsRolePolicy + - !Select + - '2' + - !Split + - / + - !Ref AWS::StackId + PolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Action: + - logs:CreateLogGroup + - logs:CreateLogStream + - logs:PutLogEvents + - logs:DescribeLogStreams + Resource: + - !Join + - ':' + - - arn + - !Ref AWS::Partition + - logs + - !Ref AWS::Region + - !Ref AWS::AccountId + - log-group + - '*' + - PolicyName: InvokeLambdaRolePolicy + PolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Action: + - lambda:InvokeFunction + Resource: + - !Join + - ':' + - - arn + - !Ref AWS::Partition + - lambda + - !Ref AWS::Region + - !Ref AWS::AccountId + - function + - !Join + - '-' + - - SumoCWProcessDLQLambda + - !Select + - '2' + - !Split + - / + - !Ref AWS::StackId + SumoCWLogsLambda: + Type: AWS::Lambda::Function + Properties: + FunctionName: !Join + - '-' + - - SumoCWLogsLambda + - !Select + - '2' + - !Split + - / + - !Ref AWS::StackId + Code: + S3Bucket: !FindInMap + - RegionMap + - !Ref AWS::Region + - bucketname + S3Key: sumologic-aws-observability/functions/cloudwatch-logs-dlq/v1.4.0/cloudwatchlogs-with-dlq.zip + Role: !GetAtt SumoCWLambdaExecutionRole.Arn + Timeout: 300 + DeadLetterConfig: + TargetArn: !GetAtt SumoCWDeadLetterQueue.Arn + Handler: cloudwatchlogs_lambda.handler + Runtime: nodejs22.x + MemorySize: 128 + Environment: + Variables: + SUMO_ENDPOINT: !Ref SumoEndPointURL + LOG_FORMAT: !Ref LogFormat + INCLUDE_LOG_INFO: !Ref IncludeLogGroupInfo + LOG_STREAM_PREFIX: !Ref LogStreamPrefix + SumoCWEventsInvokeLambdaPermission: + Type: AWS::Lambda::Permission + Properties: + FunctionName: !Ref SumoCWProcessDLQLambda + Action: lambda:InvokeFunction + Principal: events.amazonaws.com + SourceArn: !GetAtt SumoCWProcessDLQScheduleRule.Arn + SumoCWProcessDLQScheduleRule: + Type: AWS::Events::Rule + Properties: + Description: Events rule for Cron + ScheduleExpression: rate(5 minutes) + State: ENABLED + Targets: + - Arn: !GetAtt SumoCWProcessDLQLambda.Arn + Id: TargetFunctionV1 + SumoCWProcessDLQLambda: + Type: AWS::Lambda::Function + Properties: + FunctionName: !Join + - '-' + - - SumoCWProcessDLQLambda + - !Select + - '2' + - !Split + - / + - !Ref AWS::StackId + Code: + S3Bucket: !FindInMap + - RegionMap + - !Ref AWS::Region + - bucketname + S3Key: sumologic-aws-observability/functions/cloudwatch-logs-dlq/v1.4.0/cloudwatchlogs-with-dlq.zip + Role: !GetAtt SumoCWLambdaExecutionRole.Arn + Timeout: 300 + Handler: DLQProcessor.handler + DeadLetterConfig: + TargetArn: !GetAtt SumoCWDeadLetterQueue.Arn + Runtime: nodejs22.x + MemorySize: 128 + Environment: + Variables: + SUMO_ENDPOINT: !Ref SumoEndPointURL + TASK_QUEUE_URL: !Join + - '' + - - https://sqs. + - !Ref AWS::Region + - .amazonaws.com/ + - !Ref AWS::AccountId + - / + - !GetAtt SumoCWDeadLetterQueue.QueueName + NUM_OF_WORKERS: !Ref NumOfWorkers + LOG_FORMAT: !Ref LogFormat + INCLUDE_LOG_INFO: !Ref IncludeLogGroupInfo + LOG_STREAM_PREFIX: !Ref LogStreamPrefix + SumoCWEmailSNSTopic: + Type: AWS::SNS::Topic + Properties: + Subscription: + - Endpoint: !Ref EmailID + Protocol: email + SumoCWSpilloverAlarm: + Type: AWS::CloudWatch::Alarm + Properties: + AlarmActions: + - !Ref SumoCWEmailSNSTopic + AlarmDescription: Notify via email if number of messages in DeadLetterQueue exceeds threshold + ComparisonOperator: GreaterThanThreshold + Dimensions: + - Name: QueueName + Value: !GetAtt SumoCWDeadLetterQueue.QueueName + EvaluationPeriods: '1' + MetricName: ApproximateNumberOfMessagesVisible + Namespace: AWS/SQS + Period: '3600' + Statistic: Sum + Threshold: '100000' +Outputs: + SumoCWLogsLambdaArn: + Description: The ARN of the sumologic cloudwatch logs lambda + Value: !GetAtt SumoCWLogsLambda.Arn + Export: + Name: !Join + - '-' + - - SumoCWLogsLambdaArn + - !Select + - '2' + - !Split + - / + - !Ref AWS::StackId \ No newline at end of file diff --git a/aws-observability/apps/controltower/controltower.template.yaml b/cloudformation-sumologic-aws-observability/templates/extensions/controltower/controltower.template.yaml similarity index 96% rename from aws-observability/apps/controltower/controltower.template.yaml rename to cloudformation-sumologic-aws-observability/templates/extensions/controltower/controltower.template.yaml index 8e2a5c5d..5137df39 100644 --- a/aws-observability/apps/controltower/controltower.template.yaml +++ b/cloudformation-sumologic-aws-observability/templates/extensions/controltower/controltower.template.yaml @@ -1,11 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' -Transform: AWS::Serverless-2016-10-31 -Description: "Version - v2.15.0: The Template should be deployed in Master account. This template setup the Lambda trigger for new account created using AWS Control Tower Account Factory process. The Lambda install the AWS Observability CF template on the regions of new AWS account using stack Sets." - -Globals: - Function: - Timeout: 300 - MemorySize: 128 +Description: "Version - v3.0.0: The Template should be deployed in Master account. This template setup the Lambda trigger for new account created using AWS Control Tower Account Factory process. The Lambda install the AWS Observability CF template on the regions of new AWS account using stack Sets." Metadata: 'AWS::CloudFormation::Interface': @@ -201,6 +195,7 @@ Resources: ManagedPolicyArns: - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + TriggerCustomizationsOnLifeCycleEvent: Type: AWS::Lambda::Function Properties: @@ -214,7 +209,7 @@ Resources: from botocore.exceptions import ClientError name = 'SUMO-LOGIC-AWS-OBSERVABILITY' - templateURL = "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + templateURL = "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/sumologic_observability.master.template.yaml" ALL = ["CAPABILITY_IAM", "CAPABILITY_NAMED_IAM", "CAPABILITY_AUTO_EXPAND"] diff --git a/cloudformation-sumologic-aws-observability/templates/kinesis_firehose_cw_logs.template.yaml b/cloudformation-sumologic-aws-observability/templates/kinesis_firehose_cw_logs.template.yaml new file mode 100644 index 00000000..a05bbb13 --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/kinesis_firehose_cw_logs.template.yaml @@ -0,0 +1,296 @@ +AWSTemplateFormatVersion: '2010-09-09' +Description: "Template to setup the AWS CloudWatch Logs collection using Amazon Kinesis Firehose and send the data to provided Sumo Logic URL." + +Metadata: + cfn-lint: + config: + ignore_checks: + - W3045 + AWS::ServerlessRepo::Application: + Author: Sumo Logic + Description: This solution helps to setup the AWS CloudWatch Logs collection using Amazon Kinesis Firehose and send the data to provided Sumo Logic URL. + HomePageUrl: https://github.com/SumoLogic/sumologic-aws-lambda + Labels: + - lambda + - sumologic + - serverless + - kinesis + - firehose + - cloudwatch + - logs + Name: sumologic-kinesis-cloudwatch-logs + SemanticVersion: 1.0.0 + SourceCodeUrl: https://github.com/SumoLogic/sumologic-aws-lambda/tree/master/kinesis-firehose-cloudwatch-collection/logs + LicenseUrl: ./LICENSE + ReadmeUrl: ./README.md + SpdxLicenseId: Apache-2.0 + + 'AWS::CloudFormation::Interface': + ParameterGroups: + - Label: + default: "1. Sumo Logic Kinesis Firehose Logs Configuration" + Parameters: + - Section1aSumoLogicKinesisLogsURL + + - Label: + default: "2. Failed Data AWS S3 Bucket Configuration" + Parameters: + - Section2aCreateS3Bucket + - Section2bFailedDataS3Bucket + + ParameterLabels: + Section1aSumoLogicKinesisLogsURL: + default: "Sumo Logic AWS Kinesis Firehose for Logs Source URL" + + Section2aCreateS3Bucket: + default: "Create AWS S3 Bucket" + Section2bFailedDataS3Bucket: + default: "AWS S3 Bucket Name for Failed Data" + +Parameters: + Section1aSumoLogicKinesisLogsURL: + Type: String + Description: "Provide HTTP Source Address from AWS Kinesis Firehose for Logs source created on your Sumo Logic account." + AllowedPattern: ".+" + ConstraintDescription: "Sumo Logic AWS Kinesis Firehose for Logs Source URL can not be empty." + + Section2aCreateS3Bucket: + Type: String + Default: 'Yes' + Description: "Yes - Create a new AWS S3 Bucket to store failed data.'. + No - Use an existing AWS S3 Bucket to store failed data." + AllowedValues: + - 'Yes' + - 'No' + Section2bFailedDataS3Bucket: + Type: String + Description: "Provide a unique name of AWS S3 bucket where you would like to store Failed data. In case of existing AWS S3 bucket, provide the bucket from the current AWS Account. For Logs, failed data will be stored in folder prefix as SumoLogic-Kinesis-Failed-Logs." + AllowedPattern: "[a-z0-9-.]{3,63}$" + ConstraintDescription: "3-63 characters; must contain only lowercase letters, numbers, hyphen or period. For more details - https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html" + +Conditions: + create_bucket: !Equals [ !Ref Section2aCreateS3Bucket, 'Yes' ] + +Resources: + # Common Resources including creating bucket, create logs role and attach bucket policy. + FailedDataBucket: + Type: AWS::S3::Bucket + Condition: create_bucket + Metadata: + cfn_nag: + rules_to_suppress: + - id: W51 + reason: "Role has been assigned permission to put logs in AWS S3 bucket." + - id: W35 + reason: "Access logging not required for AWS S3 Bucket." + - id: W41 + reason: "Encryption not required for AWS S3 Bucket." + Properties: + BucketName: !Ref Section2bFailedDataS3Bucket + AccessControl: Private + PublicAccessBlockConfiguration: + BlockPublicAcls: true + BlockPublicPolicy: true + IgnorePublicAcls: true + RestrictPublicBuckets: true + + FirehoseLogsRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Sid: 'FirehoseAssumeRole' + Effect: Allow + Principal: + Service: firehose.amazonaws.com + Action: sts:AssumeRole + Condition: + StringEquals: + sts:ExternalId: !Ref "AWS::AccountId" + + AttachBucketPolicyToFirehoseLogsRole: + Type: AWS::IAM::Policy + Properties: + PolicyName: "S3BucketPermissionPolicy" + PolicyDocument: + Version: '2012-10-17' + Statement: + # Bucket-level permissions + - Effect: Allow + Action: + - s3:GetBucketLocation + - s3:ListBucket + - s3:ListBucketMultipartUploads + Resource: + - !Sub + - "arn:${AWS::Partition}:s3:::${S3Bucket}" + - S3Bucket: !Ref Section2bFailedDataS3Bucket + # Object-level permissions + - Effect: Allow + Action: + - s3:GetObject + - s3:PutObject + - s3:AbortMultipartUpload + Resource: + - !Sub + - "arn:${AWS::Partition}:s3:::${S3Bucket}/*" + - S3Bucket: !Ref Section2bFailedDataS3Bucket + Condition: + StringEquals: + s3:x-amz-acl: bucket-owner-full-control + Roles: + - Ref: FirehoseLogsRole + + # Resources for AWS Kinesis Logs including log group, stream, delivery stream, subscription filter, policy and role. + KinesisLogsLogGroup: + Type: AWS::Logs::LogGroup + Properties: + LogGroupName: !Sub + - "/aws/kinesisfirehose/Kinesis-Logs-${StackID}" + - StackID: !Select + - 0 + - !Split + - "-" + - !Select + - 2 + - !Split ["/", !Ref "AWS::StackId"] + RetentionInDays: 7 + + KinesisLogsLogStream: + Type: AWS::Logs::LogStream + Properties: + LogGroupName: !Ref KinesisLogsLogGroup + LogStreamName: "HttpEndpointDelivery" + + KinesisLogsLogStreamS3: + Type: AWS::Logs::LogStream + Properties: + LogGroupName: !Ref KinesisLogsLogGroup + LogStreamName: "S3Delivery" + + KinesisLogsRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Sid: 'LogsAssumeRole' + Effect: Allow + Principal: + Service: !Sub "logs.${AWS::Region}.amazonaws.com" + Action: sts:AssumeRole + + KinesisLogsRolePolicy: + Type: AWS::IAM::Policy + Properties: + PolicyName: "KinesisFirehoseLogsPolicy" + PolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Action: + - firehose:PutRecord + - firehose:PutRecordBatch + - kinesis:PutRecord + - kinesis:PutRecords + Resource: !Sub "arn:${AWS::Partition}:firehose:${AWS::Region}:${AWS::AccountId}:*" + - Effect: Allow + Action: + - iam:PassRole + Resource: !Sub "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/${KinesisLogsRole}" + Roles: + - Ref: KinesisLogsRole + + KinesisLogsDeliveryStream: + Type: AWS::KinesisFirehose::DeliveryStream + Properties: + DeliveryStreamName: !Sub + - "Kinesis-Logs-${StackID}" + - StackID: !Select + - 0 + - !Split + - "-" + - !Select + - 2 + - !Split ["/", !Ref "AWS::StackId"] + DeliveryStreamType: DirectPut + HttpEndpointDestinationConfiguration: + RoleARN: !GetAtt FirehoseLogsRole.Arn + EndpointConfiguration: + Url: !Ref Section1aSumoLogicKinesisLogsURL + Name: !Sub "${AWS::StackName}-sumologic-logs-endpoint" + RequestConfiguration: + ContentEncoding: GZIP + CloudWatchLoggingOptions: + Enabled: true + LogGroupName: !Ref KinesisLogsLogGroup + LogStreamName: !Ref KinesisLogsLogStream + BufferingHints: + IntervalInSeconds: 60 + SizeInMBs: 4 + RetryOptions: + DurationInSeconds: 60 + S3BackupMode: FailedDataOnly + S3Configuration: + BucketARN: !If + - create_bucket + - !GetAtt FailedDataBucket.Arn + - !Sub + - "arn:${AWS::Partition}:s3:::${S3Bucket}" + - S3Bucket: !Ref Section2bFailedDataS3Bucket + CompressionFormat: UNCOMPRESSED + ErrorOutputPrefix: "SumoLogic-Kinesis-Failed-Logs/" + RoleARN: !GetAtt FirehoseLogsRole.Arn + CloudWatchLoggingOptions: + Enabled: true + LogGroupName: !Ref KinesisLogsLogGroup + LogStreamName: !Ref KinesisLogsLogStreamS3 + + KinesisLogsFirehoseRolePolicy: + Type: AWS::IAM::Policy + Properties: + PolicyName: "KinesisLogsLogStreamPermissionPolicy" + PolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Action: + - logs:PutLogEvents + Resource: + - !GetAtt KinesisLogsLogGroup.Arn + - !Sub "${KinesisLogsLogGroup.Arn}:log-stream:*" + - Effect: Allow + Action: + - kinesis:DescribeStream + - kinesis:GetShardIterator + - kinesis:GetRecords + - kinesis:ListShards + Resource: + - !GetAtt KinesisLogsDeliveryStream.Arn + Roles: + - Ref: FirehoseLogsRole + + SubscriptionFilter: + Type: AWS::Logs::SubscriptionFilter + Properties: + RoleArn: !GetAtt KinesisLogsRole.Arn + LogGroupName: !Ref KinesisLogsLogGroup + FilterPattern: '' + DestinationArn: !GetAtt KinesisLogsDeliveryStream.Arn + +Outputs: + FailedDataBucketArn: + Description: "S3 Bucket Arn where failed deliveries will be saved" + Condition: create_bucket + Value: !GetAtt FailedDataBucket.Arn + + KinesisLogsDeliveryStreamARN: + Description: "The ARN for your Kinesis Firehose Delivery Stream, use this as the destination when adding CloudWatch Logs subscription filters." + Value: !GetAtt KinesisLogsDeliveryStream.Arn + KinesisLogsRoleARN: + Description: "The ARN for your CloudWatch Logs role to write to your delivery stream, use this as the role-arn when adding CloudWatch Logs subscription filters." + Value: !GetAtt KinesisLogsRole.Arn + KinesisLogsLogGroupARN: + Description: "The CloudWatch log group name where kinesis stream logs will be sent." + Value: !Ref KinesisLogsLogGroup \ No newline at end of file diff --git a/cloudformation-sumologic-aws-observability/templates/kinesis_firehose_cw_metrics.template.yaml b/cloudformation-sumologic-aws-observability/templates/kinesis_firehose_cw_metrics.template.yaml new file mode 100644 index 00000000..529ca241 --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/kinesis_firehose_cw_metrics.template.yaml @@ -0,0 +1,378 @@ +AWSTemplateFormatVersion: '2010-09-09' +Description: "Template to setup the AWS CloudWatch Metrics collection using Amazon Kinesis Firehose and send the data to provided Sumo Logic URL." + +Metadata: + cfn-lint: + config: + ignore_checks: + - W3045 + AWS::ServerlessRepo::Application: + Author: Sumo Logic + Description: This solution helps to setup the AWS CloudWatch Metrics collection using Amazon Kinesis Firehose and send the data to provided Sumo Logic URL. + HomePageUrl: https://github.com/SumoLogic/sumologic-aws-lambda + Labels: + - lambda + - sumologic + - serverless + - kinesis + - firehose + - cloudwatch + - metrics + Name: sumologic-kinesis-cloudwatch-metrics + SemanticVersion: 1.0.1 + SourceCodeUrl: https://github.com/SumoLogic/sumologic-aws-lambda/tree/master/kinesis-firehose-cloudwatch-collection/metrics + LicenseUrl: ./LICENSE + ReadmeUrl: ./README.md + SpdxLicenseId: Apache-2.0 + + 'AWS::CloudFormation::Interface': + ParameterGroups: + - Label: + default: "1. Sumo Logic Kinesis Firehose Metrics Configuration" + Parameters: + - Section1aSumoLogicKinesisMetricsURL + - Section1bNamespaceFilter + + - Label: + default: "2. Failed Data AWS S3 Bucket Configuration" + Parameters: + - Section2aCreateS3Bucket + - Section2bFailedDataS3Bucket + + ParameterLabels: + Section1aSumoLogicKinesisMetricsURL: + default: "Sumo Logic AWS Kinesis Firehose for Metrics Source URL" + Section1bNamespaceFilter: + default: "Select Namespaces to collect AWS CloudWatch Metrics from" + + Section2aCreateS3Bucket: + default: "Create AWS S3 Bucket" + Section2bFailedDataS3Bucket: + default: "AWS S3 Bucket Name for Failed Data" + +Parameters: + Section1aSumoLogicKinesisMetricsURL: + Type: String + Description: "Provide HTTP Source Address from AWS Kinesis Firehose for Metrics source created on your Sumo Logic account." + AllowedPattern: ".+" + ConstraintDescription: "Sumo Logic AWS Kinesis Firehose for Metrics Source URL can not be empty." + Section1bNamespaceFilter: + Default: "" + Description: "Enter in a comma-delimited list of namespaces which you want to collect AWS CloudWatch metrics from. Example: AWS/ELB, AWS/DynamoDB .... (give a list of all the ones we support). To collect all namespaces simply leave this field blank; this is the default value." + Type: String + + Section2aCreateS3Bucket: + Type: String + Default: 'Yes' + Description: "Yes - Create a new AWS S3 Bucket to store failed data.'. + No - Use an existing AWS S3 Bucket to store failed data." + AllowedValues: + - 'Yes' + - 'No' + Section2bFailedDataS3Bucket: + Type: String + Description: "Provide a unique name of AWS S3 bucket where you would like to store Failed data. In case of existing AWS S3 bucket, provide the bucket from the current AWS Account. For Metrics, failed data will be stored in folder prefix as SumoLogic-Kinesis-Failed-Metrics." + AllowedPattern: "[a-z0-9-.]{3,63}$" + ConstraintDescription: "3-63 characters; must contain only lowercase letters, numbers, hyphen or period. For more details - https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html" + +Conditions: + create_bucket: !Equals [ !Ref Section2aCreateS3Bucket, 'Yes' ] + +Resources: + # Common Resources including creating bucket, create logs role and attach bucket policy. + FailedDataBucket: + Type: AWS::S3::Bucket + Condition: create_bucket + Metadata: + cfn_nag: + rules_to_suppress: + - id: W51 + reason: "Role has been assigned permission to put logs in AWS S3 bucket." + - id: W35 + reason: "Access logging not required for AWS S3 Bucket." + - id: W41 + reason: "Encryption not required for AWS S3 Bucket." + Properties: + BucketName: !Ref Section2bFailedDataS3Bucket + AccessControl: Private + PublicAccessBlockConfiguration: + BlockPublicAcls: true + BlockPublicPolicy: true + IgnorePublicAcls: true + RestrictPublicBuckets: true + + FirehoseLogsRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Sid: 'FirehoseAssumeRole' + Effect: Allow + Principal: + Service: firehose.amazonaws.com + Action: sts:AssumeRole + Condition: + StringEquals: + sts:ExternalId: !Ref "AWS::AccountId" + + AttachBucketPolicyToFirehoseLogsRole: + Type: AWS::IAM::Policy + Properties: + PolicyName: "S3BucketPermissionPolicy" + PolicyDocument: + Version: '2012-10-17' + Statement: + # Bucket-level permissions + - Effect: Allow + Action: + - s3:GetBucketLocation + - s3:ListBucket + - s3:ListBucketMultipartUploads + Resource: + - !Sub + - "arn:${AWS::Partition}:s3:::${S3Bucket}" + - S3Bucket: !Ref Section2bFailedDataS3Bucket + # Object-level permissions + - Effect: Allow + Action: + - s3:GetObject + - s3:PutObject + - s3:AbortMultipartUpload + Resource: + - !Sub + - "arn:${AWS::Partition}:s3:::${S3Bucket}/*" + - S3Bucket: !Ref Section2bFailedDataS3Bucket + Condition: + StringEquals: + s3:x-amz-acl: bucket-owner-full-control + Roles: + - Ref: FirehoseLogsRole + + # Resources for AWS Kinesis Metrics including log group, stream, delivery stream, subscription filter, policy and role. + KinesisMetricsLogGroup: + Type: AWS::Logs::LogGroup + Properties: + LogGroupName: !Sub + - "/aws/kinesisfirehose/Kinesis-Metrics-${StackID}" + - StackID: !Select + - 0 + - !Split + - "-" + - !Select + - 2 + - !Split [ "/", !Ref "AWS::StackId" ] + RetentionInDays: 7 + + KinesisMetricsLogStream: + Type: AWS::Logs::LogStream + Properties: + LogGroupName: !Ref KinesisMetricsLogGroup + LogStreamName: "HttpEndpointDelivery" + + KinesisMetricsLogStreamS3: + Type: AWS::Logs::LogStream + Properties: + LogGroupName: !Ref KinesisMetricsLogGroup + LogStreamName: "S3Delivery" + + KinesisMetricsRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Sid: 'MetricsAssumeRole' + Effect: Allow + Principal: + Service: "streams.metrics.cloudwatch.amazonaws.com" + Action: sts:AssumeRole + + KinesisMetricsRolePolicy: + Type: AWS::IAM::Policy + Properties: + PolicyName: "KinesisFirehoseMetricsPolicy" + PolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Action: + - firehose:PutRecord + - firehose:PutRecordBatch + Resource: !Sub "arn:${AWS::Partition}:firehose:${AWS::Region}:${AWS::AccountId}:*" + - Effect: Allow + Action: + - iam:PassRole + Resource: !Sub "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/${KinesisMetricsRole}" + Roles: + - Ref: KinesisMetricsRole + + KinesisMetricsDeliveryStream: + Type: AWS::KinesisFirehose::DeliveryStream + Properties: + DeliveryStreamName: !Sub + - "Kinesis-Metrics-${StackID}" + - StackID: !Select + - 0 + - !Split + - "-" + - !Select + - 2 + - !Split [ "/", !Ref "AWS::StackId" ] + DeliveryStreamType: DirectPut + HttpEndpointDestinationConfiguration: + RoleARN: !GetAtt FirehoseLogsRole.Arn + EndpointConfiguration: + Url: !Ref Section1aSumoLogicKinesisMetricsURL + Name: !Sub "${AWS::StackName}-sumologic-metrics-endpoint" + RequestConfiguration: + ContentEncoding: GZIP + CloudWatchLoggingOptions: + Enabled: true + LogGroupName: !Ref KinesisMetricsLogGroup + LogStreamName: !Ref KinesisMetricsLogStream + BufferingHints: + IntervalInSeconds: 60 + SizeInMBs: 1 + RetryOptions: + DurationInSeconds: 60 + S3BackupMode: FailedDataOnly + S3Configuration: + BucketARN: !If + - create_bucket + - !GetAtt FailedDataBucket.Arn + - !Sub + - "arn:${AWS::Partition}:s3:::${S3Bucket}" + - S3Bucket: !Ref Section2bFailedDataS3Bucket + CompressionFormat: UNCOMPRESSED + ErrorOutputPrefix: "SumoLogic-Kinesis-Failed-Metrics/" + RoleARN: !GetAtt FirehoseLogsRole.Arn + CloudWatchLoggingOptions: + Enabled: true + LogGroupName: !Ref KinesisMetricsLogGroup + LogStreamName: !Ref KinesisMetricsLogStreamS3 + + KinesisMetricsFirehoseRolePolicy: + Type: AWS::IAM::Policy + Properties: + PolicyName: "KinesisMetricsLogStreamPermissionPolicy" + PolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Action: + - logs:PutLogEvents + Resource: + - !GetAtt KinesisMetricsLogGroup.Arn + - !Sub "${KinesisMetricsLogGroup.Arn}:log-stream:*" + - Effect: Allow + Action: + - kinesis:DescribeStream + - kinesis:GetShardIterator + - kinesis:GetRecords + - kinesis:ListShards + Resource: + - !GetAtt KinesisMetricsDeliveryStream.Arn + Roles: + - Ref: FirehoseLogsRole + + KinesisMetricsCloudWatchMetricsStreamLambdaRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Principal: + Service: lambda.amazonaws.com + Action: sts:AssumeRole + Condition: { } + Path: / + Policies: + - PolicyName: inline-policy + PolicyDocument: + Version: 2012-10-17 + Statement: + - Effect: Allow + Action: + - cloudwatch:PutMetricStream + - cloudwatch:DeleteMetricStream + Resource: !Sub "arn:${AWS::Partition}:cloudwatch:${AWS::Region}:${AWS::AccountId}:metric-stream/*" + - Effect: Allow + Action: + - iam:PassRole + Resource: !Sub "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/${KinesisMetricsRole}" + ManagedPolicyArns: + - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + + KinesisMetricsCloudWatchMetricsStreamLambda: + Type: AWS::Lambda::Function + Properties: + Description: "The lambda function is used to create CloudWatch Metric Stream." + Handler: index.handler + Code: + ZipFile: | + import sys + import subprocess + + subprocess.check_call([sys.executable, "-m", "pip", "install", '--upgrade', 'boto3', '--target', '/tmp/']) + sys.path.insert(0, '/tmp/') + + import boto3 + import cfnresponse + + + def handler(event, context): + response_data = {} + physical_id = "" + namespaces_list = [] + try: + client = boto3.client('cloudwatch') + properties = event['ResourceProperties'] + physical_id = properties['Name'] + print("Received %s Event Type." % event['RequestType']) + if event['RequestType'] == "Delete": + response_data = client.delete_metric_stream(Name=physical_id) + else: + namespaces = properties["Namespaces"] + if namespaces: + namespaces = namespaces.split(",") + for namespace in namespaces: + namespaces_list.append({'Namespace': namespace.strip()}) + response_data = client.put_metric_stream(Name=physical_id, FirehoseArn=properties['FirehoseArn'], + RoleArn=properties['RoleArn'], + OutputFormat=properties['OutputFormat'], + IncludeFilters=namespaces_list) + except Exception as e: + print(e) + cfnresponse.send(event, context, cfnresponse.FAILED, {"Error": str(e)}, physical_id) + cfnresponse.send(event, context, cfnresponse.SUCCESS, response_data, physical_id) + Runtime: python3.14 + Timeout: 300 + Role: !GetAtt KinesisMetricsCloudWatchMetricsStreamLambdaRole.Arn + + KinesisMetricsCloudWatchMetricsStream: + Type: AWS::CloudFormation::CustomResource + Properties: + ServiceToken: !GetAtt KinesisMetricsCloudWatchMetricsStreamLambda.Arn + Name: !Ref "AWS::StackName" + OutputFormat: 'opentelemetry0.7' + FirehoseArn: !GetAtt KinesisMetricsDeliveryStream.Arn + RoleArn: !GetAtt KinesisMetricsRole.Arn + Namespaces: !Ref Section1bNamespaceFilter + +Outputs: + FailedDataBucketArn: + Description: "S3 Bucket Arn where failed deliveries will be saved" + Condition: create_bucket + Value: !GetAtt FailedDataBucket.Arn + + KinesisMetricsDeliveryStreamARN: + Description: "The ARN for your Kinesis Firehose Delivery Stream, use this as the destination when adding CloudWatch Metrics subscription filters." + Value: !GetAtt KinesisMetricsDeliveryStream.Arn + KinesisMetricsRoleARN: + Description: "The ARN for your CloudWatch Logs role to write to your delivery stream, use this as the role-arn when adding CloudWatch Logs subscription filters." + Value: !GetAtt KinesisMetricsRole.Arn + KinesisMetricsLogGroupARN: + Description: "The CloudWatch log group name where kinesis stream logs will be sent." + Value: !Ref KinesisMetricsLogGroup diff --git a/cloudformation-sumologic-aws-observability/templates/loggroup_connector.template.yaml b/cloudformation-sumologic-aws-observability/templates/loggroup_connector.template.yaml new file mode 100644 index 00000000..acd267e7 --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/loggroup_connector.template.yaml @@ -0,0 +1,307 @@ +AWSTemplateFormatVersion: '2010-09-09' +Description: "Version - v3.0.0: Template to Lambda Function for automatic subscription of any Sumo Logic lambda function with loggroups matching an input pattern." + +Metadata: + cfn-lint: + config: + ignore_checks: + - W1030 + +Parameters: + + DestinationArnType: + Type: String + Description: "Lambda - When the destination ARN for subscription filter is an AWS Lambda Function. + Kinesis - When the destination ARN for subscription filter is an Kinesis or Amazon Kinesis data firehose stream." + Default: 'Lambda' + AllowedValues: + - 'Lambda' + - 'Kinesis' + + DestinationArnValue: + Type: String + Default: "arn:aws:lambda:us-east-1:123456789000:function:TestLambda" + Description: "Enter Destination ARN like Lambda function, Kinesis stream. For more information, visit - https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/SubscriptionFilters.html" + + LogGroupPattern: + Type: String + Default: "Test" + Description: "Enter regex for matching logGroups" + + UseExistingLogs: + Type: String + Default: "false" + AllowedValues: [ "true", "false" ] + Description: "Select true for subscribing existing logs" + + LogGroupTags: + Type: CommaDelimitedList + Default: "" + Description: "Enter comma separated keyvalue pairs for filtering logGroups using tags. Ex KeyName1=string,KeyName2=string. This is optional leave it blank if tag based filtering is not needed." + + RoleArn: + Type: String + Default: "" + Description: "Enter AWS IAM Role arn in case the destination is Kinesis Firehose stream." + +Mappings: + + RegionMap: + us-east-1: + bucketname: appdevzipfiles-us-east-1 + us-east-2: + bucketname: appdevzipfiles-us-east-2 + us-west-1: + bucketname: appdevzipfiles-us-west-1 + us-west-2: + bucketname: appdevzipfiles-us-west-2 + ap-south-1: + bucketname: appdevzipfiles-ap-south-1 + ap-northeast-2: + bucketname: appdevzipfiles-ap-northeast-2 + ap-southeast-1: + bucketname: appdevzipfiles-ap-southeast-1 + ap-southeast-2: + bucketname: appdevzipfiles-ap-southeast-2 + ap-southeast-4: + bucketname: appdevzipfiles-ap-southeast-4s + ap-southeast-6: + bucketname: appdevzipfiles-ap-southeast-6ss + ap-northeast-1: + bucketname: appdevzipfiles-ap-northeast-1 + ca-central-1: + bucketname: appdevzipfiles-ca-central-1 + eu-central-1: + bucketname: appdevzipfiles-eu-central-1 + eu-west-1: + bucketname: appdevzipfiles-eu-west-1 + eu-west-2: + bucketname: appdevzipfiles-eu-west-2 + eu-west-3: + bucketname: appdevzipfiles-eu-west-3 + eu-north-1: + bucketname: appdevzipfiles-eu-north-1s + sa-east-1: + bucketname: appdevzipfiles-sa-east-1 + ap-east-1: + bucketname: appdevzipfiles-ap-east-1s + af-south-1: + bucketname: appdevzipfiles-af-south-1s + eu-south-1: + bucketname: appdevzipfiles-eu-south-1 + me-south-1: + bucketname: appdevzipfiles-me-south-1s + me-central-1: + bucketname: appdevzipfiles-me-central-1 + eu-central-2: + bucketname: appdevzipfiles-eu-central-2ss + ap-northeast-3: + bucketname: appdevzipfiles-ap-northeast-3s + ap-southeast-3: + bucketname: appdevzipfiles-ap-southeast-3 + il-central-1: + bucketname: appdevzipfiles-il-central-1 + +Conditions: + create_invoke_permission: + Fn::Equals: + - Ref: DestinationArnType + - Lambda + create_pass_role: + Fn::Equals: + - Ref: DestinationArnType + - Kinesis + invoke_existing: + Fn::Equals: + - Ref: UseExistingLogs + - 'true' + +Resources: + + SumoLogGroupLambdaConnectorRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Principal: + Service: + - lambda.amazonaws.com + Action: + - sts:AssumeRole + Policies: + - PolicyName: LambdaExecutionPolicy + PolicyDocument: + Version: '2012-10-17' + Statement: + - Sid: ReadWriteFilterPolicy + Effect: Allow + Action: + - logs:DescribeLogGroups + - logs:DescribeLogStreams + - logs:PutSubscriptionFilter + - logs:ListTagsLogGroup + Resource: + - !Sub arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:* + - Sid: InvokePolicy + Effect: Allow + Action: + - lambda:InvokeFunction + Resource: + - !Sub arn:${AWS::Partition}:lambda:${AWS::Region}:${AWS::AccountId}:function:*SumoLogGroupLambda* + + SumoLogGroupLambdaConnector: + Type: AWS::Lambda::Function + Properties: + Code: + S3Bucket: !FindInMap [ RegionMap, !Ref 'AWS::Region', bucketname ] + S3Key: "sumologic-aws-observability/functions/loggroup-lambda-connector/v1.0.16/loggroup-lambda-connector.zip" + Handler: loggroup-lambda-connector.handler + Runtime: nodejs24.x + MemorySize: 128 + Timeout: 900 + Role: !GetAtt SumoLogGroupLambdaConnectorRole.Arn + Environment: + Variables: + DESTINATION_ARN: !Ref DestinationArnValue + LOG_GROUP_PATTERN: !Ref LogGroupPattern + LOG_GROUP_TAGS: !Join + - ',' + - !Ref LogGroupTags + ROLE_ARN: !Ref RoleArn + + SumoLogGroupLambdaEventRule: + Type: AWS::Events::Rule + Properties: + Description: Auto subscribe new CloudWatch log groups + Name: !Join + - "" + - - "sumo-log-group-" + - !Select + - 0 + - !Split + - "-" + - !Select + - 2 + - !Split [ "/", !Ref "AWS::StackId" ] + EventPattern: + source: + - aws.logs + detail: + eventSource: + - logs.amazonaws.com + eventName: + - CreateLogGroup + Targets: + - Arn: !GetAtt SumoLogGroupLambdaConnector.Arn + Id: Main + + AutoSubscribeCWLogGroupInvokePermission: + Type: AWS::Lambda::Permission + Properties: + FunctionName: !Ref SumoLogGroupLambdaConnector + Action: lambda:InvokeFunction + Principal: events.amazonaws.com + SourceArn: !GetAtt SumoLogGroupLambdaEventRule.Arn + + SumoCWLambdaInvokePermission: + Type: AWS::Lambda::Permission + Condition: create_invoke_permission + Properties: + FunctionName: + Ref: DestinationArnValue + Action: lambda:InvokeFunction + Principal: !Sub logs.${AWS::Region}.amazonaws.com + SourceAccount: !Ref AWS::AccountId + SourceArn: !Sub arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:*:* + + sumoIAMPassRolePolicy: + Type: AWS::IAM::Policy + Condition: create_pass_role + Properties: + PolicyName: KinesisFirehoseLogsPolicy + PolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Action: + - iam:PassRole + Resource: !Ref RoleArn + Roles: + - !Ref SumoLogGroupLambdaConnectorRole + + SumoLogGroupExistingLambdaConnectorRole: + Type: AWS::IAM::Role + Condition: invoke_existing + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Principal: + Service: + - lambda.amazonaws.com + Action: + - sts:AssumeRole + Policies: + - PolicyName: InvokePolicy + PolicyDocument: + Version: '2012-10-17' + Statement: + - Sid: InvokePolicy + Effect: Allow + Action: + - lambda:InvokeFunction + Resource: + - !Sub arn:${AWS::Partition}:lambda:${AWS::Region}:${AWS::AccountId}:function:${SumoLogGroupLambdaConnector} + + SumoLogGroupExistingLambdaConnector: + Type: AWS::Lambda::Function + Condition: invoke_existing + Properties: + Code: + ZipFile: | + const { LambdaClient, InvokeCommand } = require("@aws-sdk/client-lambda"); + var response = require('cfn-response'); + const lambda = new LambdaClient({ apiVersion: '2015-03-31' }); + exports.handler = async function (event, context) { + const payload = { "existingLogs": "true", "token": "" }; + const responseData = {}; + let responseStatus = "FAILED"; + try { + const invokeInput = new InvokeCommand({ + InvocationType: 'Event', + FunctionName: process.env.FUNCTION_NAME, + Payload: JSON.stringify(payload), + }); + await lambda.send(invokeInput); + responseStatus = "SUCCESS"; + } catch (err) { + responseData.Error = "Invoke call failed"; + console.log(responseData.Error + ":\n", err); + } + await response.send(event, context, responseStatus, responseData); + }; + Handler: index.handler + Runtime: nodejs24.x + Environment: + Variables: + FUNCTION_NAME: !Ref SumoLogGroupLambdaConnector + Role: !GetAtt SumoLogGroupExistingLambdaConnectorRole.Arn + + InvokeLambdaConnector: + Type: AWS::CloudFormation::CustomResource + Condition: invoke_existing + DeletionPolicy: Retain + UpdateReplacePolicy: Retain + Properties: + ServiceToken: !GetAtt SumoLogGroupExistingLambdaConnector.Arn + DESTINATION_ARN: !Ref DestinationArnValue + LOG_GROUP_PATTERN: !Ref LogGroupPattern + ROLE_ARN: !Ref RoleArn + +Outputs: + SumoLogGroupLambdaConnector: + Description: The ARN of the SumoLogGroupLambdaConnector function + Value: !GetAtt SumoLogGroupLambdaConnector.Arn diff --git a/aws-observability/apps/common/resources.template.yaml b/cloudformation-sumologic-aws-observability/templates/resources.template.yaml old mode 100755 new mode 100644 similarity index 78% rename from aws-observability/apps/common/resources.template.yaml rename to cloudformation-sumologic-aws-observability/templates/resources.template.yaml index 580b2e41..8817bfc7 --- a/aws-observability/apps/common/resources.template.yaml +++ b/cloudformation-sumologic-aws-observability/templates/resources.template.yaml @@ -1,6 +1,11 @@ AWSTemplateFormatVersion: '2010-09-09' -Transform: 'AWS::Serverless-2016-10-31' -Description: "Version - v2.15.0: Template to Setup Sumo Logic Sources and supporting AWS Resources for CloudTrail, ALB, Lambda CloudWatch Logs and CloudWatch Metrics." +Description: "Version - v3.0.0: Template to Setup Sumo Logic Sources and supporting AWS Resources for CloudTrail, ALB, Lambda CloudWatch Logs and CloudWatch Metrics." + +Metadata: + cfn-lint: + config: + ignore_checks: + - W1031 Parameters: SumoLogicDeployment: @@ -49,15 +54,6 @@ Parameters: Description: "Provide the Sumo Logic Account ID for trust relationship." Default: "" - InstallObservabilityApps: - Type: String - Default: 'Yes' - Description: "Yes - Installs Apps (EC2, Application Load Balancer, RDS, API Gateway, Lambda, Dynamo DB, ECS, ElastiCache and NLB) and Alerts for the Sumo Logic AWS Observability Solution. All the Apps are installed in the folder 'AWS Observability'. - No - Skips the installation of Apps and Alerts." - AllowedValues: - - 'Yes' - - 'No' - CreateMetaDataSource: Type: String Description: "Yes - Creates Sumo Logic MetaData Source. A common metadata source will be created with the region selected. @@ -217,14 +213,20 @@ Parameters: Description: "Provide a source Category for the Kinesis Firehose source for Logs Source." Default: "" - TemplatesBucketName: + MPS3BucketName: Type: String AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - NestedTemplateVersion: + Description: Name of the S3 bucket for your copy of the nested templates. + Default: "sumologic-appdev-aws-sam-apps" + MPS3BucketRegion: Type: String - Description: "Provide the version for the nested templates. Default is the latest version." + Description: "AWS Region where the S3 bucket for your copy of the nested templates is hosted." + Default: "us-east-1" + MPS3KeyPrefix: + Type: String + Description: "S3 key prefix that is used to simulate a folder for your copy of the nested templates." AllowedPattern: ".+" + Default: "aws-observability-versions/v3.0.0/templates/" CreateELBLogSource: Type: String @@ -260,7 +262,6 @@ Parameters: Conditions: # Sources Conditions - install_observability_apps: !Equals [ !Ref InstallObservabilityApps, 'Yes' ] install_metadata_source: !Equals [ !Ref CreateMetaDataSource, 'Yes' ] install_cloud_watch_metric_source: !Equals [ !Ref CreateCloudWatchMetricsSource, 'Yes' ] install_alb_logs_source: !Equals [ !Ref CreateALBLogSource, 'Yes' ] @@ -309,6 +310,48 @@ Conditions: - !Condition install_cloudtrail_logs_source - !Condition install_kf_metric_source + # https://docs.aws.amazon.com/elasticloadbalancing/latest/application/enable-access-logging.html + # Elastic Load Balancing required region-specific account IDs in IAM policies, but this has been replaced by a newer, + # simplified policy. The legacy policy is still supported for older regions, with a reference list of account IDs provided. + region_exists_in_mapping: !Or + - !Or + - !Equals [ !Ref 'AWS::Region', "us-east-1" ] + - !Equals [ !Ref 'AWS::Region', "us-east-2" ] + - !Equals [ !Ref 'AWS::Region', "us-west-1" ] + - !Equals [ !Ref 'AWS::Region', "us-west-2" ] + - !Equals [ !Ref 'AWS::Region', "af-south-1" ] + - !Equals [ !Ref 'AWS::Region', "ca-central-1" ] + - !Equals [ !Ref 'AWS::Region', "eu-central-1" ] + - !Equals [ !Ref 'AWS::Region', "eu-west-1" ] + - !Equals [ !Ref 'AWS::Region', "eu-west-2" ] + - !Equals [ !Ref 'AWS::Region', "eu-south-1" ] + - !Or + - !Equals [ !Ref 'AWS::Region', "eu-west-3" ] + - !Equals [ !Ref 'AWS::Region', "eu-north-1" ] + - !Equals [ !Ref 'AWS::Region', "ap-east-1" ] + - !Equals [ !Ref 'AWS::Region', "ap-northeast-1" ] + - !Equals [ !Ref 'AWS::Region', "ap-northeast-2" ] + - !Equals [ !Ref 'AWS::Region', "ap-northeast-3" ] + - !Equals [ !Ref 'AWS::Region', "ap-southeast-1" ] + - !Equals [ !Ref 'AWS::Region', "ap-southeast-2" ] + - !Equals [ !Ref 'AWS::Region', "ap-southeast-3" ] + - !Equals [ !Ref 'AWS::Region', "ap-south-1" ] + - !Or + - !Equals [ !Ref 'AWS::Region', "me-south-1" ] + - !Equals [ !Ref 'AWS::Region', "sa-east-1" ] + - !Equals [ !Ref 'AWS::Region', "us-gov-west-1" ] + - !Equals [ !Ref 'AWS::Region', "us-gov-east-1" ] + - !Equals [ !Ref 'AWS::Region', "cn-north-1" ] + - !Equals [ !Ref 'AWS::Region', "cn-northwest-1" ] + + create_bucket_if_old_aws_region: !And + - !Condition region_exists_in_mapping + - !Condition create_target_s3_bucket + + create_bucket_if_new_aws_region: !And + - !Not [!Condition region_exists_in_mapping] + - !Condition create_target_s3_bucket + # Collector Name Check # collector_name_available: !Not [!Equals [ !Ref CollectorName, '']] @@ -337,6 +380,10 @@ Mappings: bucketname: appdevzipfiles-ap-southeast-1 ap-southeast-2: bucketname: appdevzipfiles-ap-southeast-2 + ap-southeast-4: + bucketname: appdevzipfiles-ap-southeast-4s + ap-southeast-6: + bucketname: appdevzipfiles-ap-southeast-6ss ap-northeast-1: bucketname: appdevzipfiles-ap-northeast-1 ca-central-1: @@ -369,6 +416,9 @@ Mappings: bucketname: appdevzipfiles-ap-northeast-3s ap-southeast-3: bucketname: appdevzipfiles-ap-southeast-3 + il-central-1: + bucketname: appdevzipfiles-il-central-1 + Region2ELBAccountId: us-east-1: AccountId: "127311923021" @@ -466,7 +516,7 @@ Resources: Resource: - !Sub - "arn:${AWS::Partition}:s3:::${S3Bucket}" - - S3Bucket: !If [install_alb_logs_source, !If [ create_alb_bucket, !Ref CommonS3Bucket, !Ref ALBS3LogsBucketName ], ""] + - S3Bucket: !If [install_alb_logs_source, !If [ create_alb_bucket, !Ref CommonS3Bucket, !Ref ALBS3LogsBucketName ], ""] - !Sub - "arn:${AWS::Partition}:s3:::${S3Bucket}/*" - S3Bucket: !If [install_alb_logs_source, !If [ create_alb_bucket, !Ref CommonS3Bucket, !Ref ALBS3LogsBucketName ], ""] @@ -478,20 +528,20 @@ Resources: - S3Bucket: !If [install_cloudtrail_logs_source, !If [ create_cloudtrail_bucket, !Ref CommonS3Bucket, !Ref CloudTrailLogsBucketName ], ""] - !Sub - "arn:${AWS::Partition}:s3:::${S3Bucket}" - - S3Bucket: !If [install_elb_logs_source, !If [ create_elb_bucket, !Ref CommonS3Bucket, !Ref ELBS3LogsBucketName ], ""] + - S3Bucket: !If [install_elb_logs_source, !If [ create_elb_bucket, !Ref CommonS3Bucket, !Ref ELBS3LogsBucketName ], ""] - !Sub - "arn:${AWS::Partition}:s3:::${S3Bucket}/*" - - S3Bucket: !If [install_elb_logs_source, !If [ create_elb_bucket, !Ref CommonS3Bucket, !Ref ELBS3LogsBucketName ], ""] + - S3Bucket: !If [install_elb_logs_source, !If [ create_elb_bucket, !Ref CommonS3Bucket, !Ref ELBS3LogsBucketName ], ""] LambdaHelper: - Type: 'AWS::Serverless::Function' + Type: 'AWS::Lambda::Function' Properties: Handler: main.handler Runtime: python3.14 Description: "Lambda Function for deploying SumoLogic AWS Observability Solution." - CodeUri: - Bucket: !FindInMap [ RegionMap, !Ref 'AWS::Region', bucketname ] - Key: "sumologic-aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelperv2.0.23.zip" + Code: + S3Bucket: !FindInMap [ RegionMap, !Ref 'AWS::Region', bucketname ] + S3Key: "sumologic-aws-observability/functions/sumo-app-utils/v3.0.0/sumo-app-utils.zip" MemorySize: 128 Timeout: 900 Role: @@ -528,14 +578,14 @@ Resources: Resource: '*' LambdaHelperAlias: - Type: 'AWS::Serverless::Function' + Type: 'AWS::Lambda::Function' Properties: Handler: main.handler Runtime: python3.14 Description: "Lambda Function for deploying SumoLogic AWS Observability Solution." - CodeUri: - Bucket: !FindInMap [ RegionMap, !Ref 'AWS::Region', bucketname ] - Key: "sumologic-aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelperv2.0.23.zip" + Code: + S3Bucket: !FindInMap [ RegionMap, !Ref 'AWS::Region', bucketname ] + S3Key: "sumologic-aws-observability/functions/sumo-app-utils/v3.0.0/sumo-app-utils.zip" MemorySize: 128 Timeout: 900 Role: @@ -615,63 +665,24 @@ Resources: - Event: s3:ObjectCreated:Put Topic: !Ref CommonBucketSNSTopic - CommonBucketPolicy: - Condition: create_target_s3_bucket - Type: AWS::S3::BucketPolicy + CommonBucketPolicyForOldRegion: + Type: AWS::CloudFormation::Stack + Condition: create_bucket_if_old_aws_region Properties: - Bucket: !Ref CommonS3Bucket - PolicyDocument: - Statement: - - Sid: AWSCloudTrailAclCheck - Effect: Allow - Principal: - Service: cloudtrail.amazonaws.com - Action: s3:GetBucketAcl - Resource: - - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}" - - Sid: AWSCloudTrailWrite - Effect: Allow - Principal: - Service: cloudtrail.amazonaws.com - Action: s3:PutObject - Resource: - - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}/*" - Condition: - StringEquals: - s3:x-amz-acl: bucket-owner-full-control - - Sid: AWSBucketExistenceCheck - Effect: Allow - Principal: - Service: cloudtrail.amazonaws.com - Action: s3:ListBucket - Resource: - - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}" - - Sid: AWSAlbLogsPutObjects - Effect: Allow - Principal: - AWS: !Sub - - "arn:${AWS::Partition}:iam::${ELBAccount}:root" - - ELBAccount: !FindInMap [ Region2ELBAccountId, !Ref "AWS::Region", AccountId ] - Action: s3:PutObject - Resource: - - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}/*" - - Sid: AWSAlbLogDeliveryAclCheck - Effect: Allow - Principal: - Service: delivery.logs.amazonaws.com - Action: s3:GetBucketAcl - Resource: - - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}" - - Sid: AWSAlbLogDeliveryWrite - Effect: Allow - Principal: - Service: delivery.logs.amazonaws.com - Action: s3:PutObject - Resource: - - !Sub "arn:${AWS::Partition}:s3:::${CommonS3Bucket}/*" - Condition: - StringEquals: - s3:x-amz-acl: bucket-owner-full-control + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}bucket_policy_old_region.template.yaml" + Parameters: + CommonS3Bucket: !Ref CommonS3Bucket + AccountAlias: !GetAtt AccountAliasValue.ACCOUNT_ALIAS + RegionAccountId: !FindInMap [Region2ELBAccountId, !Ref 'AWS::Region', AccountId] + + CommonBucketPolicyForNewRegion: + Type: AWS::CloudFormation::Stack + Condition: create_bucket_if_new_aws_region + Properties: + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}bucket_policy_new_region.template.yaml" + Parameters: + CommonS3Bucket: !Ref CommonS3Bucket + AccountAlias: !GetAtt AccountAliasValue.ACCOUNT_ALIAS CommonSNSpolicy: Condition: create_target_s3_bucket @@ -703,31 +714,7 @@ Resources: Topics: - Ref: CommonBucketSNSTopic - CommonCloudTrail: - Type: AWS::CloudTrail::Trail - Condition: create_cloudtrail_bucket - DependsOn: CommonBucketPolicy - Properties: - IsLogging: true - IsMultiRegionTrail: false - S3BucketName: !Ref CommonS3Bucket - TrailName: !Join - - "" - - - "Aws-Observability-" - - !GetAtt AccountAliasValue.ACCOUNT_ALIAS - ############# START - RESOURCES FOR COLLECTOR ################# - CreateSumoLogicAWSExplorerView: - Type: Custom::SumoLogicAWSExplorer - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - RemoveOnDeleteStack: false - HierarchyName: "AWS Observability" - HierarchyLevel: {"entityType":"account","nextLevelsWithConditions":[],"nextLevel":{"entityType":"region","nextLevelsWithConditions":[],"nextLevel":{"entityType":"namespace","nextLevelsWithConditions":[{"condition":"AWS/ApplicationElb","level":{"entityType":"loadbalancer","nextLevelsWithConditions":[]}},{"condition":"AWS/ApiGateway","level":{"entityType":"apiname","nextLevelsWithConditions":[]}},{"condition":"AWS/DynamoDB","level":{"entityType":"tablename","nextLevelsWithConditions":[]}},{"condition":"AWS/EC2","level":{"entityType":"instanceid","nextLevelsWithConditions":[]}},{"condition":"AWS/RDS","level":{"entityType":"dbidentifier","nextLevelsWithConditions":[]}},{"condition":"AWS/Lambda","level":{"entityType":"functionname","nextLevelsWithConditions":[]}},{"condition":"AWS/ECS","level":{"entityType":"clustername","nextLevelsWithConditions":[]}},{"condition":"AWS/ElastiCache","level":{"entityType":"cacheclusterid","nextLevelsWithConditions":[]}},{"condition":"AWS/NetworkELB","level":{"entityType":"networkloadbalancer","nextLevelsWithConditions":[]}},{"condition":"AWS/ELB","level":{"entityType":"loadbalancername","nextLevelsWithConditions":[]}},{"condition":"AWS/SNS","level":{"entityType":"topicname","nextLevelsWithConditions":[]}},{"condition":"AWS/SQS","level":{"entityType":"queuename","nextLevelsWithConditions":[]}}]}}} - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - SumoLogicALBS3Policy: Type: AWS::IAM::Policy Condition: install_alb_logs_source @@ -747,7 +734,7 @@ Resources: Resource: - !Sub - "arn:${AWS::Partition}:s3:::${S3Bucket}" - - S3Bucket: !If [ create_alb_bucket, !Ref CommonS3Bucket, !Ref ALBS3LogsBucketName ] + - S3Bucket: !If [ create_alb_bucket, !Ref CommonS3Bucket, !Ref ALBS3LogsBucketName ] - !Sub - "arn:${AWS::Partition}:s3:::${S3Bucket}/*" - S3Bucket: !If [ create_alb_bucket, !Ref CommonS3Bucket, !Ref ALBS3LogsBucketName ] @@ -771,15 +758,16 @@ Resources: Resource: - !Sub - "arn:${AWS::Partition}:s3:::${S3Bucket}" - - S3Bucket: !If [ create_elb_bucket, !Ref CommonS3Bucket, !Ref ELBS3LogsBucketName ] + - S3Bucket: !If [ create_elb_bucket, !Ref CommonS3Bucket, !Ref ELBS3LogsBucketName ] - !Sub - "arn:${AWS::Partition}:s3:::${S3Bucket}/*" - S3Bucket: !If [ create_elb_bucket, !Ref CommonS3Bucket, !Ref ELBS3LogsBucketName ] + SumoLogicCloudTrailS3Policy: Type: AWS::IAM::Policy Condition: install_cloudtrail_logs_source - Properties: + Properties: PolicyName: SumoLogicAwsSourcesPoliciesS3CloudTrail Roles: - !Ref SumoLogicSourceRole @@ -799,7 +787,7 @@ Resources: - !Sub - "arn:${AWS::Partition}:s3:::${S3Bucket}/*" - S3Bucket: !If [ create_cloudtrail_bucket, !Ref CommonS3Bucket, !Ref CloudTrailLogsBucketName ] - + SumoLogicSourceRole: Type: AWS::IAM::Role Condition: install_sumo_logic_role @@ -832,7 +820,7 @@ Resources: - cloudwatch:GetMetricStatistics Resource: "*" - + SumoLogicHostedCollector: Type: Custom::Collector Condition: install_collector @@ -851,203 +839,6 @@ Resources: ############# START - FIELDS ################# - AddAccountField: - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "account" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - AddRegionField: - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "region" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - AddNamespaceField: - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "namespace" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - AddAccountIdField: - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "accountid" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - # ALB App - AddLoadBalancerField: - Condition: install_observability_apps - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "loadbalancer" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - # Dynamodb App - AddTableNameField: - Condition: install_observability_apps - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "tablename" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - # ELb App - AddLoadBalancerNameField: - Condition: install_observability_apps - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "loadbalancername" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - # Lambda App - AddFunctionNameField: - Condition: install_observability_apps - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "functionname" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - # EC2 App - AddInstanceIdField: - Condition: install_observability_apps - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "instanceid" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - # RDS App - AddDBIdentifierField: - Condition: install_observability_apps - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "dbidentifier" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - # Elastic App - AddCacheClusterIdField: - Condition: install_observability_apps - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "cacheclusterid" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - # API gateway App - AddApiNameField: - Condition: install_observability_apps - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "apiname" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - # API gateway App - AddApiIdField: - Condition: install_observability_apps - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "apiid" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - # SNS App - AddTopicNameField: - Condition: install_observability_apps - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "topicname" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - # SQS App - AddQueueNameField: - Condition: install_observability_apps - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "queuename" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - # ECS App - AddClusterNameField: - Condition: install_observability_apps - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "clustername" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - - # NLB App - AddNETLoadBalancerField: - Condition: install_observability_apps - Type: Custom::SumoLogicFieldsSchema - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - FieldName: "networkloadbalancer" - RemoveOnDeleteStack: false - SumoAccessID: !Ref SumoLogicAccessID - SumoAccessKey: !Ref SumoLogicAccessKey - SumoDeployment: !Ref SumoLogicDeployment - ############# START - RESOURCES FOR METADATA SOURCE ################# - SumoLogicMetaDataSource: Condition: install_metadata_source Type: Custom::AWSSource @@ -1125,7 +916,7 @@ Resources: ServiceToken: !GetAtt LambdaToDecideCWMetricsSources.Arn CloudWatchMetricsNameSpaces: !Ref CloudWatchMetricsNameSpaces ScanInterval: !Ref ScanInterval - Version: !Ref NestedTemplateVersion + Version: !Ref MPS3KeyPrefix # Each Stack can create up to 5 Metrics sources. To support more namespaces keep on adding more nested stacks. # This is done in order to limit number of API calls and handle API limit exceeded exception from Sumo Logic. @@ -1133,7 +924,7 @@ Resources: Type: AWS::CloudFormation::Stack Condition: install_cloud_watch_metric_source Properties: - TemplateURL: !Sub "https://${TemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${NestedTemplateVersion}/cloudwatchmetrics/cloudwatchmetrics.template.yaml" + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}cloudwatchmetrics.template.yaml" Parameters: SumoLogicDeployment: !Ref SumoLogicDeployment SumoLogicAccessID: !Ref SumoLogicAccessID @@ -1163,7 +954,7 @@ Resources: Type: AWS::CloudFormation::Stack Condition: install_cloud_watch_metric_source Properties: - TemplateURL: !Sub "https://${TemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${NestedTemplateVersion}/cloudwatchmetrics/cloudwatchmetrics.template.yaml" + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}cloudwatchmetrics.template.yaml" Parameters: SumoLogicDeployment: !Ref SumoLogicDeployment SumoLogicAccessID: !Ref SumoLogicAccessID @@ -1192,7 +983,7 @@ Resources: Condition: install_cloud_watch_metric_source DependsOn: CloudWatchMetricsFirstStack Properties: - TemplateURL: !Sub "https://${TemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${NestedTemplateVersion}/cloudwatchmetrics/cloudwatchmetrics.template.yaml" + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}cloudwatchmetrics.template.yaml" Parameters: SumoLogicDeployment: !Ref SumoLogicDeployment SumoLogicAccessID: !Ref SumoLogicAccessID @@ -1217,7 +1008,7 @@ Resources: Type: AWS::CloudFormation::Stack Condition: install_kf_metric_source Properties: - TemplateURL: !Sub "https://${TemplatesBucketName}.s3.amazonaws.com/KinesisFirehoseCWMetrics.template.yaml" + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}kinesis_firehose_cw_metrics.template.yaml" Parameters: Section1aSumoLogicKinesisMetricsURL: !GetAtt KinesisFirehoseMetricsSource.SUMO_ENDPOINT Section1bNamespaceFilter: !Ref CloudWatchMetricsNameSpaces @@ -1357,7 +1148,7 @@ Resources: TargetBucketName: !If [ create_elb_bucket, !Ref CommonS3Bucket, !Ref ELBS3LogsBucketName ] PathExpression: !Ref ELBS3BucketPathExpression Fields: - account: !GetAtt AccountAliasValue.ACCOUNT_ALIAS + account: !GetAtt AccountAliasValue.ACCOUNT_ALIAS region: !Ref "AWS::Region" accountid: !Ref "AWS::AccountId" RoleArn: !GetAtt SumoLogicSourceRole.Arn @@ -1511,7 +1302,7 @@ Resources: Type: AWS::CloudFormation::Stack Condition: install_cloudwatch_logs_source Properties: - TemplateURL: "https://appdev-cloudformation-templates.s3.amazonaws.com/DLQLambdaCloudFormation.json" + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}dlq_lambda_cloudformation.template.yaml" Parameters: SumoEndPointURL: !GetAtt CloudWatchHTTPSource.SUMO_ENDPOINT IncludeLogGroupInfo: true @@ -1538,7 +1329,7 @@ Resources: Type: AWS::CloudFormation::Stack Condition: install_kf_logs_source Properties: - TemplateURL: !Sub "https://${TemplatesBucketName}.s3.amazonaws.com/KinesisFirehoseCWLogs.template.yaml" + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}kinesis_firehose_cw_logs.template.yaml" Parameters: Section1aSumoLogicKinesisLogsURL: !GetAtt KinesisFirehoseLogsSource.SUMO_ENDPOINT Section2aCreateS3Bucket: !If [ create_target_s3_bucket, "No", !If [ install_kf_metric_source, "No", "Yes" ] ] diff --git a/cloudformation-sumologic-aws-observability/templates/s3_logging_auto_enable.template.yaml b/cloudformation-sumologic-aws-observability/templates/s3_logging_auto_enable.template.yaml new file mode 100644 index 00000000..9871750f --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/s3_logging_auto_enable.template.yaml @@ -0,0 +1,398 @@ +AWSTemplateFormatVersion: '2010-09-09' +Description: "Version - v3.0.0: Template to Lambda Function for auto enable s3 logs for S3 Buckets, VPCs, Subnets, Network Interfaces, Application load balancer and Classic load balancer" + +Mappings: + + RegionMap: + us-east-1: + bucketname: appdevzipfiles-us-east-1 + us-east-2: + bucketname: appdevzipfiles-us-east-2 + us-west-1: + bucketname: appdevzipfiles-us-west-1 + us-west-2: + bucketname: appdevzipfiles-us-west-2 + ap-south-1: + bucketname: appdevzipfiles-ap-south-1 + ap-northeast-2: + bucketname: appdevzipfiles-ap-northeast-2 + ap-southeast-1: + bucketname: appdevzipfiles-ap-southeast-1 + ap-southeast-2: + bucketname: appdevzipfiles-ap-southeast-2 + ap-southeast-4: + bucketname: appdevzipfiles-ap-southeast-4s + ap-southeast-6: + bucketname: appdevzipfiles-ap-southeast-6ss + ap-northeast-1: + bucketname: appdevzipfiles-ap-northeast-1 + ca-central-1: + bucketname: appdevzipfiles-ca-central-1 + eu-central-1: + bucketname: appdevzipfiles-eu-central-1 + eu-west-1: + bucketname: appdevzipfiles-eu-west-1 + eu-west-2: + bucketname: appdevzipfiles-eu-west-2 + eu-west-3: + bucketname: appdevzipfiles-eu-west-3 + eu-north-1: + bucketname: appdevzipfiles-eu-north-1s + sa-east-1: + bucketname: appdevzipfiles-sa-east-1 + ap-east-1: + bucketname: appdevzipfiles-ap-east-1s + af-south-1: + bucketname: appdevzipfiles-af-south-1s + eu-south-1: + bucketname: appdevzipfiles-eu-south-1 + me-south-1: + bucketname: appdevzipfiles-me-south-1s + me-central-1: + bucketname: appdevzipfiles-me-central-1 + eu-central-2: + bucketname: appdevzipfiles-eu-central-2ss + ap-northeast-3: + bucketname: appdevzipfiles-ap-northeast-3s + ap-southeast-3: + bucketname: appdevzipfiles-ap-southeast-3 + il-central-1: + bucketname: appdevzipfiles-il-central-1 + +Parameters: + AutoEnableLogging: + Type: String + Description: "S3 - To Enable S3 Audit Logging for new S3 buckets. + VPC - To Enable VPC flow logs for new VPC, Subnets and Network Interfaces. + ALB - To Enable S3 Logging for new Application Load Balancer. + ELB - To Enable S3 logging for new Classic Load Balancer" + AllowedPattern: ".+" + AllowedValues: + - 'S3' + - 'VPC' + - 'ALB' + - 'ELB' + + AutoEnableResourceOptions: + Type: String + Description: "New - Automatically enables S3 logging for newly created AWS resources to send logs to S3 Buckets. This does not affect AWS resources already collecting logs. + Existing - Automatically enables S3 logging for existing AWS resources to send logs to S3 Buckets. + Both - Automatically enables S3 logging for new and existing AWS resources. + None - Skips Automatic S3 Logging enable for AWS resources." + Default: 'Both' + AllowedValues: + - 'New' + - 'Existing' + - 'Both' + - 'None' + + BucketName: + Type: String + Description: "Provide an Existing bucket Name." + AllowedPattern: ".+" + + BucketPrefix: + Type: String + Description: "Provide an bucket prefix." + AllowedPattern: ".*" + + FilterExpression: + Type: String + Default: "" + Description: "Provide regular expression for matching aws resources. For eg;- 'InstanceType': 't1.micro.*?'|'name': 'Test.*?']|'stageName': 'prod.*?'|'FunctionName': 'Test.*?'|TableName.*?|'LoadBalancerName': 'Test.*?'|'DBClusterIdentifier': 'Test.*?'|'DBInstanceIdentifier': 'Test.*?'" + + RemoveOnDeleteStack: + AllowedValues: + - true + - false + Default: true + Description: "True - To remove S3 logging or Vpc flow logs. + False - To keep the S3 logging." + Type: String + +Conditions: + enable_alb_logging: !Equals [!Ref AutoEnableLogging, 'ALB'] + enable_elb_logging: !Equals [!Ref AutoEnableLogging, 'ELB'] + enable_s3_buckets_logging: !Equals [!Ref AutoEnableLogging, 'S3'] + enable_vpc_flow_logs_logging: !Equals [!Ref AutoEnableLogging, 'VPC'] + + auto_enable_existing: !Or + - !Equals [ !Ref AutoEnableResourceOptions, 'Existing' ] + - !Equals [ !Ref AutoEnableResourceOptions, 'Both' ] + auto_enable_new: !Or + - !Equals [ !Ref AutoEnableResourceOptions, 'New' ] + - !Equals [ !Ref AutoEnableResourceOptions, 'Both' ] + enable_alb_log_events: !And + - !Condition auto_enable_new + - !Condition enable_alb_logging + enable_elb_log_events: !And + - !Condition auto_enable_new + - !Condition enable_elb_logging + enable_s3_log_events: !And + - !Condition auto_enable_new + - !Condition enable_s3_buckets_logging + enable_vpc_log_events: !And + - !Condition auto_enable_new + - !Condition enable_vpc_flow_logs_logging + +Resources: + + SumoLambdaRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Principal: + Service: lambda.amazonaws.com + Action: sts:AssumeRole + Path: / + Policies: + - PolicyName: AwsObservabilityLambdaExecutePolicies + PolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Action: + - elasticloadbalancing:DescribeLoadBalancerAttributes + - elasticloadbalancing:DescribeLoadBalancers + - elasticloadbalancing:ModifyLoadBalancerAttributes + - logs:CreateLogGroup + - logs:CreateLogStream + - logs:PutLogEvents + - s3:GetBucketPolicy + - s3:PutBucketPolicy + - ec2:DescribeInstances + - ec2:DescribeVpcs + - ec2:DeleteFlowLogs + - ec2:CreateFlowLogs + - ec2:DescribeFlowLogs + - logs:CreateLogDelivery + - logs:DeleteLogDelivery + - s3:GetBucketPolicy + - s3:PutBucketPolicy + - s3:ListAllMyBuckets + - s3:GetBucketLocation + - s3:PutBucketAcl + - s3:GetBucketAcl + Resource: '*' + - Effect: Allow + Action: + - s3:GetBucketLogging + - s3:PutBucketLogging + Resource: + - !Sub "arn:${AWS::Partition}:s3:::${BucketName}" + + EnableNewAWSResourcesLambda: + Type: 'AWS::Lambda::Function' + Condition: auto_enable_new + Properties: + Code: + S3Bucket: !FindInMap [ RegionMap, !Ref 'AWS::Region', bucketname ] + S3Key: "sumologic-aws-observability/functions/sumo-app-utils/v3.0.0/sumo-app-utils.zip" + Handler: "awsresource.enable_s3_logs" + Runtime: python3.14 + Role: !GetAtt SumoLambdaRole.Arn + Description: "Lambda Function for auto enable s3 logs for AWS Resources." + MemorySize: 128 + Timeout: 600 + Environment: + Variables: + BucketName: !Ref BucketName + AccountID: !Ref "AWS::AccountId" + Filter: !Ref FilterExpression + BucketPrefix: !Ref BucketPrefix + + AutoEnableS3LogEventsInvokePermission: + Type: AWS::Lambda::Permission + Condition: enable_s3_log_events + Properties: + Action: lambda:InvokeFunction + FunctionName: !Ref EnableNewAWSResourcesLambda + Principal: "events.amazonaws.com" + SourceArn: !GetAtt AutoEnableS3LogEventsRuleTrigger.Arn + + AutoEnableS3LogEventsRuleTrigger: + Type: 'AWS::Events::Rule' + Condition: enable_s3_log_events + Properties: + Description: Auto-Enable S3 loggging for S3 Buckets with Lambda from events + EventPattern: + source: + - aws.s3 + detail-type: + - AWS API Call via CloudTrail + detail: + eventSource: + - s3.amazonaws.com + eventName: + - CreateBucket + Name: !Join + - "" + - - "sumo-logic-s3-buckets-" + - !Select + - 0 + - !Split + - "-" + - !Select + - 2 + - !Split ["/", !Ref "AWS::StackId"] + State: ENABLED + Targets: + - Arn: !GetAtt EnableNewAWSResourcesLambda.Arn + Id: Main + + AutoEnableVPCEventsInvokePermission: + Type: AWS::Lambda::Permission + Condition: enable_vpc_log_events + Properties: + Action: lambda:InvokeFunction + FunctionName: !Ref EnableNewAWSResourcesLambda + Principal: "events.amazonaws.com" + SourceArn: !GetAtt AutoEnableVPCEventsRuleTrigger.Arn + + AutoEnableVPCEventsRuleTrigger: + Type: 'AWS::Events::Rule' + Condition: enable_vpc_log_events + Properties: + Description: Auto-Enable VPC Flow logs for VPCs with Lambda from events + EventPattern: + source: + - aws.ec2 + detail-type: + - AWS API Call via CloudTrail + detail: + eventSource: + - ec2.amazonaws.com + eventName: + - CreateVpc + Name: !Join + - "" + - - "sumo-logic-vpc-" + - !Select + - 0 + - !Split + - "-" + - !Select + - 2 + - !Split ["/", !Ref "AWS::StackId"] + State: ENABLED + Targets: + - Arn: !GetAtt EnableNewAWSResourcesLambda.Arn + Id: Main + + AutoEnableAlbLogEventsInvokePermission: + Type: AWS::Lambda::Permission + Condition: enable_alb_log_events + Properties: + Action: lambda:InvokeFunction + FunctionName: !Ref EnableNewAWSResourcesLambda + Principal: "events.amazonaws.com" + SourceArn: !GetAtt AutoEnableAlbLogEventsRuleTrigger.Arn + + AutoEnableAlbLogEventsRuleTrigger: + Type: 'AWS::Events::Rule' + Condition: enable_alb_log_events + Properties: + Description: Auto-Enable S3 logging for ALB resources with Lambda from events + EventPattern: + source: + - aws.elasticloadbalancing + detail-type: + - AWS API Call via CloudTrail + detail: + eventSource: + - elasticloadbalancing.amazonaws.com + eventName: + - CreateLoadBalancer + Name: !Join + - "" + - - "sumo-logic-alb-s3-" + - !Select + - 0 + - !Split + - "-" + - !Select + - 2 + - !Split ["/", !Ref "AWS::StackId"] + State: ENABLED + Targets: + - Arn: !GetAtt EnableNewAWSResourcesLambda.Arn + Id: Main + + AutoEnableElbLogEventsInvokePermission: + Type: AWS::Lambda::Permission + Condition: enable_elb_log_events + Properties: + Action: lambda:InvokeFunction + FunctionName: !Ref EnableNewAWSResourcesLambda + Principal: "events.amazonaws.com" + SourceArn: !GetAtt AutoEnableElbLogEventsRuleTrigger.Arn + + AutoEnableElbLogEventsRuleTrigger: + Type: 'AWS::Events::Rule' + Condition: enable_elb_log_events + Properties: + Description: Auto-Enable S3 logging for ELB classic resources with Lambda from events + EventPattern: + source: + - aws.elasticloadbalancing + detail-type: + - AWS API Call via CloudTrail + detail: + eventSource: + - elasticloadbalancing.amazonaws.com + eventName: + - CreateLoadBalancer + Name: !Join + - "" + - - "sumo-logic-elb-s3-" + - !Select + - 0 + - !Split + - "-" + - !Select + - 2 + - !Split ["/", !Ref "AWS::StackId"] + State: ENABLED + Targets: + - Arn: !GetAtt EnableNewAWSResourcesLambda.Arn + Id: Main + + EnableExisitngAWSResourcesLambda: + Type: 'AWS::Lambda::Function' + Condition: auto_enable_existing + Properties: + Handler: main.handler + Runtime: python3.14 + Code: + S3Bucket: !FindInMap [ RegionMap, !Ref 'AWS::Region', bucketname ] + S3Key: "sumologic-aws-observability/functions/sumo-app-utils/v3.0.0/sumo-app-utils.zip" + MemorySize: 128 + Timeout: 900 + Role: !GetAtt SumoLambdaRole.Arn + + ExistingAWSResources: + Type: Custom::EnableS3LogsResources + Condition: auto_enable_existing + Properties: + ServiceToken: !GetAtt EnableExisitngAWSResourcesLambda.Arn + AWSResource: !If [enable_s3_buckets_logging, "s3", !If [enable_vpc_flow_logs_logging, "vpc", !If [enable_alb_logging, "elbv2", "elb"]] ] + BucketName: !Ref BucketName + Filter: !Ref FilterExpression + BucketPrefix: !Ref BucketPrefix + AccountID: !Ref "AWS::AccountId" + RemoveOnDeleteStack: !Ref RemoveOnDeleteStack + +Outputs: + + EnableNewAWSResourcesLambda: + Description: "Lambda Function ARN for New AWS Resources" + Value: !GetAtt EnableNewAWSResourcesLambda.Arn + Condition: auto_enable_new + + EnableExisitngAWSResourcesLambda: + Description: "Lambda Function ARN for Existing AWS Resources" + Value: !GetAtt EnableExisitngAWSResourcesLambda.Arn + Condition: auto_enable_existing \ No newline at end of file diff --git a/aws-observability/templates/sumologic_observability.master.template.yaml b/cloudformation-sumologic-aws-observability/templates/sumologic_observability.master.template.yaml similarity index 54% rename from aws-observability/templates/sumologic_observability.master.template.yaml rename to cloudformation-sumologic-aws-observability/templates/sumologic_observability.master.template.yaml index d0928b55..5bcb4776 100644 --- a/aws-observability/templates/sumologic_observability.master.template.yaml +++ b/cloudformation-sumologic-aws-observability/templates/sumologic_observability.master.template.yaml @@ -1,7 +1,11 @@ AWSTemplateFormatVersion: '2010-09-09' -Description: "Version - v2.15.0. Note: Before deploying this template, please select the appropriate region. This CloudFormation template will automate the setup of the AWS Observability Solution. For more information on each parameter, please see the AWS Observability Setup Guide: https://help.sumologic.com/Observability_Solution/AWS_Observability_Solution/01_Deploy_and_Use_AWS_Observability/05_Deploy_AWS_Observability" +Description: "Version - v3.0.0. Note: Before deploying this template, please select the appropriate region. This CloudFormation template will automate the setup of the AWS Observability Solution. For more information on each parameter, please see the AWS Observability Setup Guide: https://help.sumologic.com/Observability_Solution/AWS_Observability_Solution/01_Deploy_and_Use_AWS_Observability/05_Deploy_AWS_Observability" Metadata: + cfn-lint: + config: + ignore_checks: + - W3011 'AWS::CloudFormation::Interface': ParameterGroups: - Label: @@ -53,8 +57,8 @@ Metadata: - Label: default: "7. Sumo Logic CloudWatch Logs Source" Parameters: - - Section7aLambdaCreateCloudWatchLogsSourceOptions - - Section7bLambdaCloudWatchLogsSourceUrl + - Section7aCreateCloudWatchLogsSourceOptions + - Section7bCloudWatchLogsSourceUrl - Section7cAutoSubscribeLogGroupsOptions - Section7dAutoSubscribeLogGroupPattern - Section7eAutoSubscribeLogGroupByTags @@ -62,17 +66,11 @@ Metadata: - Label: default: "8. Sumo Logic AWS ELB classic Log Source" Parameters: - - Section9aAutoEnableS3LogsELBResourcesOptions - - Section9bELBCreateLogSource - - Section9cELBLogsSourceUrl - - Section9dELBS3LogsBucketName - - Section9eELBS3BucketPathExpression - - - Label: - default: "9. App Installation and Sharing" - Parameters: - - Section10aAppInstallLocation - - Section10bShare + - Section8aAutoEnableS3LogsELBResourcesOptions + - Section8bELBCreateLogSource + - Section8cELBLogsSourceUrl + - Section8dELBS3LogsBucketName + - Section8eELBS3BucketPathExpression ParameterLabels: Section1aSumoLogicDeployment: @@ -94,10 +92,10 @@ Metadata: default: "S3 Object URL of a CSV file that maps AWS Account IDs to an Account Alias" Section3aInstallObservabilityApps: - default: "Install AWS Observability Apps and Alerts" + default: "Install AWS Observability Apps and Monitors" Section4aCreateMetricsSourceOptions: - default: "Select the kind of CloudWatch Metrics Source to create" + default: "Select the kind of Metrics Source to create" Section4bMetricsNameSpaces: default: "Sumo Logic AWS Metrics Namespaces" Section4cCloudWatchExistingSourceAPIUrl: @@ -125,10 +123,10 @@ Metadata: Section6dCloudTrailBucketPathExpression: default: "Path Expression for existing CloudTrail logs" - Section7aLambdaCreateCloudWatchLogsSourceOptions: - default: "Select the Sumo Logic CloudWatch Logs Sources" - Section7bLambdaCloudWatchLogsSourceUrl: - default: "Existing Sumo Logic Lambda CloudWatch Logs Source API URL" + Section7aCreateCloudWatchLogsSourceOptions: + default: "Select the Sumo Logic CloudWatch Logs Source Type" + Section7bCloudWatchLogsSourceUrl: + default: "Existing Sumo Logic CloudWatch Logs Source API URL" Section7cAutoSubscribeLogGroupsOptions: default: "Subscribe log groups to Destination (Lambda or kinesis firehose delivery stream)" Section7dAutoSubscribeLogGroupPattern: @@ -136,22 +134,17 @@ Metadata: Section7eAutoSubscribeLogGroupByTags: default: "Tags for filtering CloudWatch Log Groups." - Section9aAutoEnableS3LogsELBResourcesOptions: + Section8aAutoEnableS3LogsELBResourcesOptions: default: "Enable ELB Access logging" - Section9bELBCreateLogSource: + Section8bELBCreateLogSource: default: "Create Sumo Logic ELB Logs Source" - Section9cELBLogsSourceUrl: + Section8cELBLogsSourceUrl: default: "Existing Sumo Logic ELB Logs Source API URL" - Section9dELBS3LogsBucketName: + Section8dELBS3LogsBucketName: default: "Amazon S3 Bucket Name" - Section9eELBS3BucketPathExpression: + Section8eELBS3BucketPathExpression: default: "Path Expression for existing ELB logs" - Section10aAppInstallLocation: - default: "Location where you want the App to be Installed" - Section10bShare: - default: "Do you want to share App with whole organisation" - Parameters: Section1aSumoLogicDeployment: Type: String @@ -215,8 +208,8 @@ Parameters: Section3aInstallObservabilityApps: Type: String Default: 'Yes' - Description: "Yes - Installs Apps (EC2, Application Load Balancer, RDS, API Gateway, Lambda, Dynamo DB, ECS, ElastiCache and NLB) and Alerts for the Sumo Logic AWS Observability Solution. All the Apps are installed in the folder 'AWS Observability'. - No - Skips the installation of Apps and Alerts." + Description: "Yes - Installs Apps (AWS Compute, AWS EC2, AWS ECS, AWS Lambda, AWS Application Load Balancer, AWS Network Load Balancer, AWS API Gateway, AWS SQS, AWS SNS, AWS DynamoDB, AWS RDS, AWS ElastiCache) and Monitors for the Sumo Logic AWS Observability Solution. All Apps are installed in the folder 'Installed Apps'. + No - Skips the installation of Apps and Monitors." AllowedValues: - 'Yes' - 'No' @@ -298,7 +291,7 @@ Parameters: Description: "This is required in case the above existing bucket is already configured to receive CloudTrail logs. If this is blank, Sumo Logic will store logs in the path expression: AWSLogs/*/CloudTrail/*" Default: "AWSLogs/*/CloudTrail/*" - Section7aLambdaCreateCloudWatchLogsSourceOptions: + Section7aCreateCloudWatchLogsSourceOptions: Type: String Description: "Lambda Log Forwarder - Creates a Sumo Logic CloudWatch Log Source that collects CloudWatch logs via a Lambda function. Kinesis Firehose Log Source - Creates a Sumo Logic Kinesis Firehose Source to collect CloudWatch logs." @@ -308,7 +301,7 @@ Parameters: - 'Kinesis Firehose Log Source' - 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - 'None' - Section7bLambdaCloudWatchLogsSourceUrl: + Section7bCloudWatchLogsSourceUrl: Type: String Description: "Required when already collecting Lambda CloudWatch logs in Sumo Logic. Provide the existing Sumo Logic Lambda CloudWatch Source API URL. Account, region and namespace Fields will be added to the Source. For Source API URL, visit https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration" Default: "" @@ -333,7 +326,7 @@ Parameters: Default: "" Description: "Enter comma separated key value pairs for filtering logGroups using tags. Ex KeyName1=string,KeyName2=string. This is optional leave it blank if tag based filtering is not needed. Visit https://help.sumologic.com/docs/send-data/collect-from-other-data-sources/autosubscribe-arn-destination/#configuringparameters" - Section9aAutoEnableS3LogsELBResourcesOptions: + Section8aAutoEnableS3LogsELBResourcesOptions: Type: String Description: "New - Automatically enables S3 logging for newly created ELB resources to collect logs for ELB resources. This does not affect ELB resources already collecting logs. Existing - Automatically enables S3 logging for existing ELB resources to collect logs for ELB resources. @@ -345,7 +338,7 @@ Parameters: - 'Existing' - 'Both' - 'None' - Section9bELBCreateLogSource: + Section8bELBCreateLogSource: Type: String Description: "Yes - Creates a Sumo Logic ELB Log Source that collects ELB logs from an existing bucket or a new bucket. No - If you already have an ELB source collecting ELB logs into Sumo Logic." @@ -353,36 +346,19 @@ Parameters: AllowedValues: - 'Yes' - 'No' - Section9cELBLogsSourceUrl: + Section8cELBLogsSourceUrl: Type: String Description: "Required when already collecting ELB logs in Sumo Logic. Provide the existing Sumo Logic ELB Source API URL. Account, region and namespace Fields will be added to the Source. For Source API URL, visit https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration" Default: "" - Section9dELBS3LogsBucketName: + Section8dELBS3LogsBucketName: Type: String Description: "If you selected 'No' to creating a new source above, skip this step. Provide a name of existing S3 bucket name where you would like to store ELB logs. If this is empty, a new bucket will be created in the region." Default: "" - Section9eELBS3BucketPathExpression: + Section8eELBS3BucketPathExpression: Type: String Description: "This is required in case the above existing bucket is already configured to receive ELB access logs. If this is blank, Sumo Logic will store logs in the path expression: *AWSLogs/*/elasticloadbalancing/*" Default: "classicloadbalancing/AWSLogs/*/elasticloadbalancing/*" - Section10aAppInstallLocation: - Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section10bShare: - Type: String - Description: "True - Installed App will have view permission to all members of the organisation. - False - Installed App will be visible to user installing the solution." - Default: 'True' - AllowedValues: - - 'True' - - 'False' - Conditions: # Conditions for Bucket create_alb_bucket: !And @@ -395,32 +371,23 @@ Conditions: #condition for ELB classic bucket create_elb_bucket: !And - - !Equals [ !Ref Section9bELBCreateLogSource, 'Yes' ] - - !Equals [ !Ref Section9dELBS3LogsBucketName, '' ] + - !Equals [ !Ref Section8bELBCreateLogSource, 'Yes' ] + - !Equals [ !Ref Section8dELBS3LogsBucketName, '' ] # Sources Create Condition - create_cloudtrail_source: !Equals [ !Ref Section6aCreateCloudTrailLogSource, 'Yes' ] - create_alb_source: !Equals [ !Ref Section5bALBCreateLogSource, 'Yes' ] create_kf_metrics_source: !Equals [ !Ref Section4aCreateMetricsSourceOptions, 'Kinesis Firehose Metrics Source' ] create_cw_metrics_source: !Equals [ !Ref Section4aCreateMetricsSourceOptions, 'CloudWatch Metrics Source' ] create_kf_logs_source: !Or - - !Equals [ !Ref Section7aLambdaCreateCloudWatchLogsSourceOptions, 'Kinesis Firehose Log Source' ] - - !Equals [ !Ref Section7aLambdaCreateCloudWatchLogsSourceOptions, 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' ] + - !Equals [ !Ref Section7aCreateCloudWatchLogsSourceOptions, 'Kinesis Firehose Log Source' ] + - !Equals [ !Ref Section7aCreateCloudWatchLogsSourceOptions, 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' ] create_cw_logs_source: !Or - - !Equals [ !Ref Section7aLambdaCreateCloudWatchLogsSourceOptions, 'Lambda Log Forwarder' ] - - !Equals [ !Ref Section7aLambdaCreateCloudWatchLogsSourceOptions, 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' ] - create_elb_source: !Equals [ !Ref Section9bELBCreateLogSource, 'Yes' ] + - !Equals [ !Ref Section7aCreateCloudWatchLogsSourceOptions, 'Lambda Log Forwarder' ] + - !Equals [ !Ref Section7aCreateCloudWatchLogsSourceOptions, 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' ] # Sources Update Condition - install_cloudwatch_metrics_source: !Or - - !Condition create_kf_metrics_source - - !Condition create_cw_metrics_source create_cloudwatch_logs_source: !Or - !Condition create_kf_logs_source - !Condition create_cw_logs_source - update_cloudtrail_logs_source: !And - - !Not [!Equals [!Ref Section6bCloudTrailLogsSourceUrl, '']] - - !Not [!Equals [!Ref Section6aCreateCloudTrailLogSource, 'Yes']] # Condition for S3 Logging enable is_bucket_available: !Or @@ -429,14 +396,14 @@ Conditions: is_elb_bucket_available: !Or - !Condition create_elb_bucket - - !Not [!Equals [ !Ref Section9dELBS3LogsBucketName, '' ]] + - !Not [!Equals [ !Ref Section8dELBS3LogsBucketName, '' ]] auto_enable_s3_logs: !And - !Not [!Equals [ !Ref Section5aAutoEnableS3LogsALBResourcesOptions, 'None' ]] - !Condition is_bucket_available auto_enable_s3_logs_elb: !And - - !Not [!Equals [ !Ref Section9aAutoEnableS3LogsELBResourcesOptions, 'None' ]] + - !Not [!Equals [ !Ref Section8aAutoEnableS3LogsELBResourcesOptions, 'None' ]] - !Condition is_elb_bucket_available # Condition for Auto Subscribe Lambda @@ -452,21 +419,30 @@ Conditions: - !Condition auto_subscribe_log_groups - !Condition auto_enable_s3_logs_elb - elb_bucket_path_expression_provided: !Not [!Equals [ !Ref Section9eELBS3BucketPathExpression, 'classicloadbalancing/AWSLogs/*/elasticloadbalancing/*' ]] + elb_bucket_path_expression_provided: !Not [!Equals [ !Ref Section8eELBS3BucketPathExpression, 'classicloadbalancing/AWSLogs/*/elasticloadbalancing/*' ]] # Condition for Stacks creation. Calling Nested Stack EveryTime to create FER and Metric Rule. If already present, marked as duplicate in Resource. - install_overview_dashboards: !Equals [ !Ref Section3aInstallObservabilityApps, 'Yes' ] + install_observability_apps: !Equals [ !Ref Section3aInstallObservabilityApps, 'Yes' ] # Condition for sending solution telemetry to sumo logic. send_telemetry_to_sumo: !Equals [ !Ref Section1fSumoLogicSendTelemetry, 'true' ] Mappings: + SumoAWSAccountIDs: + aws: + SumoAWSAccountID: "926226587429" + aws-us-gov: + SumoAWSAccountID: "926226587429" + aws-cn: + SumoAWSAccountID: "926226587429" + aws-eusc: + SumoAWSAccountID: "052162193518" CommonData: NestedTemplate: - BucketName: "sumologic-appdev-aws-sam-apps" - Version: "v2.14.0" + MPS3BucketName: "sumologic-appdev-aws-sam-apps" + MPS3BucketRegion: "us-east-1" + MPS3KeyPrefix: "aws-observability-versions/v3.0.0/templates/" CollectorDetails: - SumoLogicAccountID: 926226587429 CollectorNamePrefix: "aws-observability" CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" ALBLogsSourceCategory: "aws/observability/alb/logs" @@ -490,6 +466,10 @@ Mappings: bucketname: appdevzipfiles-ap-southeast-1 ap-southeast-2: bucketname: appdevzipfiles-ap-southeast-2 + ap-southeast-4: + bucketname: appdevzipfiles-ap-southeast-4s + ap-southeast-6: + bucketname: appdevzipfiles-ap-southeast-6ss ap-northeast-1: bucketname: appdevzipfiles-ap-northeast-1 ca-central-1: @@ -522,6 +502,8 @@ Mappings: bucketname: appdevzipfiles-ap-northeast-3s ap-southeast-3: bucketname: appdevzipfiles-ap-southeast-3 + il-central-1: + bucketname: appdevzipfiles-il-central-1 Resources: LambdaRole: @@ -580,7 +562,7 @@ Resources: Runtime: python3.14 Code: S3Bucket: !FindInMap [ RegionMap, !Ref 'AWS::Region', bucketname ] - S3Key: "sumologic-aws-observability/apps/SumoLogicAWSObservabilityHelper/telemetryv1.1.0.zip" + S3Key: "sumologic-aws-observability/functions/telemetry/v1.1.0/telemetry.zip" MemorySize: 128 Timeout: 900 Role: !GetAtt LambdaRole.Arn @@ -608,13 +590,13 @@ Resources: sumoOrgId: !Ref Section1dSumoLogicOrganizationId solutionName: 'AWSO' - solutionVersion: 'v2.14.0' + solutionVersion: 'v3.0.0' deploymentSource: 'cloudFormation' TelemetryEndpoint: "https://endpoint1.collection.us2.sumologic.com/receiver/v1/http/ZaVnC4dhaV1S68eao6UYB3LFtqQ7ur1xYlT1EHCfXdhvi6uPNc0aUXIpvq5i_aHewOp5xxxwnGZ5MmSWDR6qV5td4exMM4pZE4Tk6rqKvgextLx7I6IRpg==" scanInterval: 60 ToUpdate: Fn::Base64: !Sub - - "${a}-${b}-${c}-${d}-${e}-${f}-${g}-${h}-${i}-${j}-${k}-${l}-${m}-${n}-${o}-${p}-${q}-${r}-${s}-${t}-${u}-${v}-${w}-${x}" + - "${a}-${b}-${c}-${d}-${e}-${f}-${g}-${h}-${i}-${j}-${k}-${l}-${m}-${n}-${o}-${p}-${q}-${r}-${s}-${t}-${u}-${v}-${w}" - a: !Ref Section2aAccountAlias b: !Ref Section3aInstallObservabilityApps c: !Ref Section4aCreateMetricsSourceOptions @@ -628,25 +610,25 @@ Resources: k: !Ref Section6aCreateCloudTrailLogSource l: !Ref Section6bCloudTrailLogsSourceUrl m: !Ref Section6cCloudTrailLogsBucketName - n: !Ref Section7aLambdaCreateCloudWatchLogsSourceOptions - o: !Ref Section7bLambdaCloudWatchLogsSourceUrl + n: !Ref Section7aCreateCloudWatchLogsSourceOptions + o: !Ref Section7bCloudWatchLogsSourceUrl p: !Ref Section7cAutoSubscribeLogGroupsOptions q: !Ref Section7dAutoSubscribeLogGroupPattern r: !Ref Section7eAutoSubscribeLogGroupByTags - s: !Ref Section9aAutoEnableS3LogsELBResourcesOptions - t: !Ref Section9bELBCreateLogSource - u: !Ref Section9cELBLogsSourceUrl - v: !Ref Section9dELBS3LogsBucketName - w: !Ref Section10aAppInstallLocation - x: !FindInMap [CommonData, NestedTemplate, Version] + s: !Ref Section8aAutoEnableS3LogsELBResourcesOptions + t: !Ref Section8bELBCreateLogSource + u: !Ref Section8cELBLogsSourceUrl + v: !Ref Section8dELBS3LogsBucketName + w: !FindInMap [CommonData, NestedTemplate, MPS3KeyPrefix] CreateCommonResources: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/common/resources.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] + - "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}resources.template.yaml" + - MPS3BucketName: !FindInMap [CommonData, NestedTemplate, MPS3BucketName] + MPS3BucketRegion: !FindInMap [CommonData, NestedTemplate, MPS3BucketRegion] + MPS3KeyPrefix: !FindInMap [CommonData, NestedTemplate, MPS3KeyPrefix] Parameters: SumoLogicDeployment: !Ref Section1aSumoLogicDeployment SumoLogicAccessID: !Ref Section1bSumoLogicAccessID @@ -655,8 +637,7 @@ Resources: RemoveSumoLogicResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack AccountAlias: !Ref Section2aAccountAlias AccountAliasMappingS3URL: !Ref Section2bAccountAliasMappingS3URL - SumoLogicAccountID: !FindInMap [CommonData, CollectorDetails, SumoLogicAccountID] - InstallObservabilityApps: !Ref Section3aInstallObservabilityApps + SumoLogicAccountID: !FindInMap [SumoAWSAccountIDs, !Ref "AWS::Partition", SumoAWSAccountID] CreateMetaDataSource: "No" CreateCloudWatchMetricsSource: !If [ create_cw_metrics_source, "Yes", "No" ] CloudWatchMetricsSourceName: !Sub "cloudwatch-metrics-${AWS::Region}" @@ -685,14 +666,15 @@ Resources: CreateKinesisFirehoseLogSource: !If [ create_kf_logs_source, "Yes", "No" ] KinesisFirehoseLogsSourceName: !Sub "kinesis-firehose-cloudwatch-logs-${AWS::Region}" KinesisFirehoseLogsSourceCategory: !FindInMap [ CommonData, CollectorDetails, CloudWatchLogsSourceCategory ] - TemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - NestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - CreateELBLogSource: !Ref Section9bELBCreateLogSource + MPS3BucketName: !FindInMap [CommonData, NestedTemplate, MPS3BucketName] + MPS3BucketRegion: !FindInMap [CommonData, NestedTemplate, MPS3BucketRegion] + MPS3KeyPrefix: !FindInMap [CommonData, NestedTemplate, MPS3KeyPrefix] + CreateELBLogSource: !Ref Section8bELBCreateLogSource CreateELBS3Bucket: !If [create_elb_bucket, "Yes", "No"] - ELBS3LogsBucketName: !Ref Section9dELBS3LogsBucketName + ELBS3LogsBucketName: !Ref Section8dELBS3LogsBucketName ELBS3BucketPathExpression: !Join - "" - - - !If [elb_bucket_path_expression_provided,!Ref Section9eELBS3BucketPathExpression, "classicloadbalancing"] + - - !If [elb_bucket_path_expression_provided,!Ref Section8eELBS3BucketPathExpression, "classicloadbalancing"] - "/AWSLogs/" - !Ref AWS::AccountId - "/elasticloadbalancing/" @@ -706,9 +688,10 @@ Resources: Condition: call_auto_enable Properties: TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/autoenable/auto_enable.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] + - "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}auto_enable.template.yaml" + - MPS3BucketName: !FindInMap [CommonData, NestedTemplate, MPS3BucketName] + MPS3BucketRegion: !FindInMap [CommonData, NestedTemplate, MPS3BucketRegion] + MPS3KeyPrefix: !FindInMap [CommonData, NestedTemplate, MPS3KeyPrefix] Parameters: SumoLogicResourceRemoveOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack ALBAutoEnableS3Logs: !If [auto_enable_s3_logs, "Yes", "No"] @@ -722,291 +705,65 @@ Resources: AutoSubscribeLogGroupByTags: !Ref Section7eAutoSubscribeLogGroupByTags AutoSubscribeRoleArn: !If [create_kf_logs_source, !GetAtt CreateCommonResources.Outputs.KinesisLogsRoleARN, "" ] ELBAutoEnableS3Logs: !If [auto_enable_s3_logs_elb, "Yes", "No"] - ELBAutoEnableS3LogsOptions: !Ref Section9aAutoEnableS3LogsELBResourcesOptions - ELBS3LogsBucketName: !If [create_elb_bucket, !GetAtt CreateCommonResources.Outputs.BucketName, !Ref Section9dELBS3LogsBucketName] - ELBS3LogsBucketPrefix: !If [elb_bucket_path_expression_provided, !Ref Section9eELBS3BucketPathExpression, "classicloadbalancing"] - - sumoEC2MetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoAlbMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/ec2metrics/ec2_metrics_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment - Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID - Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section3bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section3cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section4aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section4bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - Section1eOrgId: !Ref Section1dSumoLogicOrganizationId - - sumoAlbMetricsAppStack: - Type: AWS::CloudFormation::Stack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/alb/alb_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment - Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID - Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section2aAccountAlias: !Ref Section2aAccountAlias - Section2bAccountAliasMappingS3URL: !Ref Section2bAccountAliasMappingS3URL - Section3aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section4aCloudWatchExistingSourceAPIUrl: !If [install_cloudwatch_metrics_source, "", !Ref Section4cCloudWatchExistingSourceAPIUrl] - Section5aALBLogsAPIUrl: !If [create_alb_source, "", !Ref Section5cALBLogsSourceUrl] - Section5bALBLogsSourceName: !If [create_alb_source, "*alb-logs*", ""] - Section6aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section6bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section6cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section7aAppInstallLocation: !Ref Section10aAppInstallLocation - Section7bShare: !Ref Section10bShare - Section1eOrgId: !Ref Section1dSumoLogicOrganizationId - - sumoElbMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoAlbMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/elb/elb_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment - Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID - Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section2aAccountAlias: !Ref Section2aAccountAlias - Section2bAccountAliasMappingS3URL: !Ref Section2bAccountAliasMappingS3URL - Section3aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section4aCloudWatchExistingSourceAPIUrl: !If [install_cloudwatch_metrics_source, "", !Ref Section4cCloudWatchExistingSourceAPIUrl] - Section5aELBLogsAPIUrl: !If [create_elb_source, "", !Ref Section9cELBLogsSourceUrl] - Section5bELBLogsSourceName: !If [create_elb_source, "*elb-logs*", ""] - Section6aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section6bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section6cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section7aAppInstallLocation: !Ref Section10aAppInstallLocation - Section7bShare: !Ref Section10bShare - Section1eOrgId: !Ref Section1dSumoLogicOrganizationId - - sumoDynamoDBMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoAlbMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/dynamodb/dynamodb_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment - Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID - Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - Section1eOrgId: !Ref Section1dSumoLogicOrganizationId - - sumoRdsMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoAlbMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/rds/rds_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment - Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID - Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - Section1eOrgId: !Ref Section1dSumoLogicOrganizationId - - sumoApiGatewayMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoDynamoDBMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/apigateway/api_gateway_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment - Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID - Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - Section1eOrgId: !Ref Section1dSumoLogicOrganizationId - - sumoSNSAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoDynamoDBMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/sns/sns_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment - Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID - Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - Section1eOrgId: !Ref Section1dSumoLogicOrganizationId - - sumoSQSAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoDynamoDBMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/sqs/sqs_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment - Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID - Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - Section1eOrgId: !Ref Section1dSumoLogicOrganizationId - - sumoLambdaMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoAlbMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/lambda/lambda_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment - Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID - Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section2aAccountAlias: !Ref Section2aAccountAlias - Section2bAccountAliasMappingS3URL: !Ref Section2bAccountAliasMappingS3URL - Section3aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section5bCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", ""] - Section5aCloudTrailLogsAPIUrl: !If [create_cloudtrail_source, "", !Ref Section6bCloudTrailLogsSourceUrl] - Section6bCloudWatchLogsSourceName: !If [create_cloudwatch_logs_source, "*cloudwatch-logs*", ""] - Section6aCloudWatchLogsAPIUrl: !If [create_cloudwatch_logs_source, "", !Ref Section7bLambdaCloudWatchLogsSourceUrl] - Section7aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section7bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section7cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section8aAppInstallLocation: !Ref Section10aAppInstallLocation - Section8bShare: !Ref Section10bShare - Section1eOrgId: !Ref Section1dSumoLogicOrganizationId - - sumoECSMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoElbMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/ecs/ecs_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment - Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID - Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - Section1eOrgId: !Ref Section1dSumoLogicOrganizationId - - sumoElasticCacheMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoDynamoDBMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/elasticache/elasticache_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment - Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID - Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - Section1eOrgId: !Ref Section1dSumoLogicOrganizationId - - sumoNlbMetricsAppStack: + ELBAutoEnableS3LogsOptions: !Ref Section8aAutoEnableS3LogsELBResourcesOptions + ELBS3LogsBucketName: !If [create_elb_bucket, !GetAtt CreateCommonResources.Outputs.BucketName, !Ref Section8dELBS3LogsBucketName] + ELBS3LogsBucketPrefix: !If [elb_bucket_path_expression_provided, !Ref Section8eELBS3BucketPathExpression, "classicloadbalancing"] + MPS3BucketName: !FindInMap [CommonData, NestedTemplate, MPS3BucketName] + MPS3BucketRegion: !FindInMap [CommonData, NestedTemplate, MPS3BucketRegion] + MPS3KeyPrefix: !FindInMap [CommonData, NestedTemplate, MPS3KeyPrefix] + + sumoAppStacks: Type: AWS::CloudFormation::Stack - DependsOn: sumoElbMetricsAppStack + Condition: install_observability_apps Properties: TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/nlb/nlb_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] + - "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}apps.template.yaml" + - MPS3BucketName: !FindInMap [CommonData, NestedTemplate, MPS3BucketName] + MPS3BucketRegion: !FindInMap [CommonData, NestedTemplate, MPS3BucketRegion] + MPS3KeyPrefix: !FindInMap [CommonData, NestedTemplate, MPS3KeyPrefix] Parameters: + # ------------------------- + # Sumo Deployment + # ------------------------- Section1aSumoDeployment: !Ref Section1aSumoLogicDeployment Section1bSumoAccessID: !Ref Section1bSumoLogicAccessID Section1cSumoAccessKey: !Ref Section1cSumoLogicAccessKey Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aNLBLogsSourceName: "" - Section3bNLBSourceUpdated: "No" - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - Section1eOrgId: !Ref Section1dSumoLogicOrganizationId + # ------------------------- + # App Installation + # ------------------------- + Section2aInstallApp: !GetAtt CreateCommonResources.Outputs.PaidAccountCheck + # ------------------------- + # Parent Stack Details + # ------------------------- + Section3aParentStackLambdaARN: + !GetAtt CreateCommonResources.Outputs.LambdaHelperARN + # ------------------------- + # UPDATE TRIGGER HASH (Recommended) + # ------------------------- + Section4aToUpdate: + Fn::Base64: !Sub + - "${a}-${b}-${c}-${d}-${e}-${f}-${g}-${h}-${i}-${j}-${k}-${l}-${m}-${n}-${o}-${p}-${q}-${r}-${s}-${t}-${u}-${v}-${w}" + - a: !Ref Section2aAccountAlias + b: !Ref Section3aInstallObservabilityApps + c: !Ref Section4aCreateMetricsSourceOptions + d: !Ref Section4bMetricsNameSpaces + e: !Ref Section4cCloudWatchExistingSourceAPIUrl + f: !Ref Section4dAWSMetricsTagFilters + g: !Ref Section5aAutoEnableS3LogsALBResourcesOptions + h: !Ref Section5bALBCreateLogSource + i: !Ref Section5cALBLogsSourceUrl + j: !Ref Section5dALBS3LogsBucketName + k: !Ref Section6aCreateCloudTrailLogSource + l: !Ref Section6bCloudTrailLogsSourceUrl + m: !Ref Section6cCloudTrailLogsBucketName + n: !Ref Section7aCreateCloudWatchLogsSourceOptions + o: !Ref Section7bCloudWatchLogsSourceUrl + p: !Ref Section7cAutoSubscribeLogGroupsOptions + q: !Ref Section7dAutoSubscribeLogGroupPattern + r: !Ref Section7eAutoSubscribeLogGroupByTags + s: !Ref Section8aAutoEnableS3LogsELBResourcesOptions + t: !Ref Section8bELBCreateLogSource + u: !Ref Section8cELBLogsSourceUrl + v: !Ref Section8dELBS3LogsBucketName + w: !FindInMap [CommonData, NestedTemplate, MPS3KeyPrefix] diff --git a/aws-observability/templates/sumologic_observability.mp.test.yaml b/cloudformation-sumologic-aws-observability/templates/sumologic_observability.mp.test.yaml old mode 100755 new mode 100644 similarity index 54% rename from aws-observability/templates/sumologic_observability.mp.test.yaml rename to cloudformation-sumologic-aws-observability/templates/sumologic_observability.mp.test.yaml index a0dd3e6f..330b7043 --- a/aws-observability/templates/sumologic_observability.mp.test.yaml +++ b/cloudformation-sumologic-aws-observability/templates/sumologic_observability.mp.test.yaml @@ -1,5 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' -Description: "Version - v2.15.0. Note: Before deploying this template, please select the appropriate region. This CloudFormation template will automate the setup of the AWS Observability Solution. For more information on each parameter, please see the AWS Observability Setup Guide: https://help.sumologic.com/Observability_Solution/AWS_Observability_Solution/01_Deploy_and_Use_AWS_Observability/05_Deploy_AWS_Observability" +Description: "Version - v3.0.0. Note: Before deploying this template, please select the appropriate region. This CloudFormation template will automate the setup of the AWS Observability Solution. For more information on each parameter, please see the AWS Observability Setup Guide: https://help.sumologic.com/Observability_Solution/AWS_Observability_Solution/01_Deploy_and_Use_AWS_Observability/05_Deploy_AWS_Observability" Metadata: 'AWS::CloudFormation::Interface': @@ -53,8 +53,8 @@ Metadata: - Label: default: "7. Sumo Logic CloudWatch Logs Source" Parameters: - - Section7aLambdaCreateCloudWatchLogsSourceOptions - - Section7bLambdaCloudWatchLogsSourceUrl + - Section7aCreateCloudWatchLogsSourceOptions + - Section7bCloudWatchLogsSourceUrl - Section7cAutoSubscribeLogGroupsOptions - Section7dAutoSubscribeLogGroupPattern - Section7eAutoSubscribeLogGroupByTags @@ -62,17 +62,18 @@ Metadata: - Label: default: "8. Sumo Logic AWS ELB classic Log Source" Parameters: - - Section9aAutoEnableS3LogsELBResourcesOptions - - Section9bELBCreateLogSource - - Section9cELBLogsSourceUrl - - Section9dELBS3LogsBucketName - - Section9eELBS3BucketPathExpression + - Section8aAutoEnableS3LogsELBResourcesOptions + - Section8bELBCreateLogSource + - Section8cELBLogsSourceUrl + - Section8dELBS3LogsBucketName + - Section8eELBS3BucketPathExpression - Label: - default: "9. App Installation and Sharing" + default: "AWS Marketplace Parameters" Parameters: - - Section10aAppInstallLocation - - Section10bShare + - MPS3BucketName + - MPS3BucketRegion + - MPS3KeyPrefix ParameterLabels: SecretName: @@ -94,10 +95,10 @@ Metadata: default: "S3 Object URL of a CSV file that maps AWS Account IDs to an Account Alias" Section3aInstallObservabilityApps: - default: "Install AWS Observability Apps and Alerts" + default: "Install AWS Observability Apps and Monitors" Section4aCreateMetricsSourceOptions: - default: "Select the kind of CloudWatch Metrics Source to create" + default: "Select the kind of Metrics Source to create" Section4bMetricsNameSpaces: default: "Sumo Logic AWS Metrics Namespaces" Section4cCloudWatchExistingSourceAPIUrl: @@ -125,10 +126,10 @@ Metadata: Section6dCloudTrailBucketPathExpression: default: "Path Expression for existing CloudTrail logs" - Section7aLambdaCreateCloudWatchLogsSourceOptions: - default: "Select the Sumo Logic CloudWatch Logs Sources" - Section7bLambdaCloudWatchLogsSourceUrl: - default: "Existing Sumo Logic Lambda CloudWatch Logs Source API URL" + Section7aCreateCloudWatchLogsSourceOptions: + default: "Select the Sumo Logic CloudWatch Logs Source Type" + Section7bCloudWatchLogsSourceUrl: + default: "Existing Sumo Logic CloudWatch Logs Source API URL" Section7cAutoSubscribeLogGroupsOptions: default: "Subscribe log groups to Destination (Lambda or kinesis firehose delivery stream)" Section7dAutoSubscribeLogGroupPattern: @@ -136,21 +137,23 @@ Metadata: Section7eAutoSubscribeLogGroupByTags: default: "Tags for filtering CloudWatch Log Groups." - Section9aAutoEnableS3LogsELBResourcesOptions: + Section8aAutoEnableS3LogsELBResourcesOptions: default: "Enable ELB Access logging" - Section9bELBCreateLogSource: + Section8bELBCreateLogSource: default: "Create Sumo Logic ELB Logs Source" - Section9cELBLogsSourceUrl: + Section8cELBLogsSourceUrl: default: "Existing Sumo Logic ELB Logs Source API URL" - Section9dELBS3LogsBucketName: + Section8dELBS3LogsBucketName: default: "Amazon S3 Bucket Name" - Section9eELBS3BucketPathExpression: + Section8eELBS3BucketPathExpression: default: "Path Expression for existing ELB logs" - Section10aAppInstallLocation: - default: "Location where you want the App to be Installed" - Section10bShare: - default: "Do you want to share App with whole organisation" + MPS3BucketName: + default: "S3 Bucket Name for nested templates" + MPS3BucketRegion: + default: "S3 Bucket Region for nested templates" + MPS3KeyPrefix: + default: "S3 Key Prefix for nested templates" Parameters: SecretName: @@ -216,8 +219,8 @@ Parameters: Section3aInstallObservabilityApps: Type: String Default: 'Yes' - Description: "Yes - Installs Apps (EC2, Application Load Balancer, RDS, API Gateway, Lambda, Dynamo DB, ECS, ElastiCache and NLB) and Alerts for the Sumo Logic AWS Observability Solution. All the Apps are installed in the folder 'AWS Observability'. - No - Skips the installation of Apps and Alerts." + Description: "Yes - Installs Apps (AWS Compute, AWS EC2, AWS ECS, AWS Lambda, AWS Application Load Balancer, AWS Network Load Balancer, AWS API Gateway, AWS SQS, AWS SNS, AWS DynamoDB, AWS RDS, AWS ElastiCache) and Monitors for the Sumo Logic AWS Observability Solution. All Apps are installed in the folder 'Installed Apps'. + No - Skips the installation of Apps and Monitors." AllowedValues: - 'Yes' - 'No' @@ -242,7 +245,7 @@ Parameters: Section4dAWSMetricsTagFilters: Type: String AllowedPattern: '^\{.*\}$' - Description: "Provide JSON format of the namespaces with it's tags values to add filters to your metrics. Use semicolons to separate multiple values for the same tag key. AWS Tag Filters will be added to the Source. For JSON format sample, visit <#TODO>" + Description: "Provide JSON format of the namespaces with it's tags values to add filters to your metrics. Use semicolons to separate multiple values for the same tag key. AWS Tag Filters will be added to the Source. For JSON format sample, visit https://help.sumologic.com/docs/observability/aws/deploy-use-aws-observability/deploy-with-aws-cloudformation/#step-5-sumo-logic-aws-cloudwatch-metrics-sources" Default: "{}" Section5aAutoEnableS3LogsALBResourcesOptions: @@ -299,7 +302,7 @@ Parameters: Description: "This is required in case the above existing bucket is already configured to receive CloudTrail logs. If this is blank, Sumo Logic will store logs in the path expression: AWSLogs/*/CloudTrail/*" Default: "AWSLogs/*/CloudTrail/*" - Section7aLambdaCreateCloudWatchLogsSourceOptions: + Section7aCreateCloudWatchLogsSourceOptions: Type: String Description: "Lambda Log Forwarder - Creates a Sumo Logic CloudWatch Log Source that collects CloudWatch logs via a Lambda function. Kinesis Firehose Log Source - Creates a Sumo Logic Kinesis Firehose Source to collect CloudWatch logs." @@ -309,7 +312,7 @@ Parameters: - 'Kinesis Firehose Log Source' - 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - 'None' - Section7bLambdaCloudWatchLogsSourceUrl: + Section7bCloudWatchLogsSourceUrl: Type: String Description: "Required when already collecting Lambda CloudWatch logs in Sumo Logic. Provide the existing Sumo Logic Lambda CloudWatch Source API URL. Account, region and namespace Fields will be added to the Source. For Source API URL, visit https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration" Default: "" @@ -327,14 +330,14 @@ Parameters: - 'None' Section7dAutoSubscribeLogGroupPattern: Type: String - Default: "/aws/(lambda|apigateway|rds)" + Default: '\/aws\/(lambda|apigateway|rds)' Description: "Enter regex for matching CloudWatch Log groups name. Regex will check for the Log group name. Visit https://help.sumologic.com/03Send-Data/Collect-from-Other-Data-Sources/Auto-Subscribe_AWS_Log_Groups_to_a_Lambda_Function#Configuring_parameters" Section7eAutoSubscribeLogGroupByTags: Type: String Default: "" Description: "Enter comma separated key value pairs for filtering logGroups using tags. Ex KeyName1=string,KeyName2=string. This is optional leave it blank if tag based filtering is not needed. Visit https://help.sumologic.com/docs/send-data/collect-from-other-data-sources/autosubscribe-arn-destination/#configuringparameters" - Section9aAutoEnableS3LogsELBResourcesOptions: + Section8aAutoEnableS3LogsELBResourcesOptions: Type: String Description: "New - Automatically enables S3 logging for newly created ELB resources to collect logs for ELB resources. This does not affect ELB resources already collecting logs. Existing - Automatically enables S3 logging for existing ELB resources to collect logs for ELB resources. @@ -346,7 +349,7 @@ Parameters: - 'Existing' - 'Both' - 'None' - Section9bELBCreateLogSource: + Section8bELBCreateLogSource: Type: String Description: "Yes - Creates a Sumo Logic ELB Log Source that collects ELB logs from an existing bucket or a new bucket. No - If you already have an ELB source collecting ELB logs into Sumo Logic." @@ -354,35 +357,31 @@ Parameters: AllowedValues: - 'Yes' - 'No' - Section9cELBLogsSourceUrl: + Section8cELBLogsSourceUrl: Type: String Description: "Required when already collecting ELB logs in Sumo Logic. Provide the existing Sumo Logic ELB Source API URL. Account, region and namespace Fields will be added to the Source. For Source API URL, visit https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration" Default: "" - Section9dELBS3LogsBucketName: + Section8dELBS3LogsBucketName: Type: String Description: "If you selected 'No' to creating a new source above, skip this step. Provide a name of existing S3 bucket name where you would like to store ELB logs. If this is empty, a new bucket will be created in the region." Default: "" - Section9eELBS3BucketPathExpression: + Section8eELBS3BucketPathExpression: Type: String Description: "This is required in case the above existing bucket is already configured to receive ELB access logs. If this is blank, Sumo Logic will store logs in the path expression: *AWSLogs/*/elasticloadbalancing/*" Default: "classicloadbalancing/AWSLogs/*/elasticloadbalancing/*" - Section10aAppInstallLocation: + MPS3BucketName: Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section10bShare: + Default: "sumologic-appdev-aws-sam-apps" + Description: "Name of the S3 bucket for your copy of the nested templates." + MPS3BucketRegion: Type: String - Description: "True - Installed App will have view permission to all members of the organisation. - False - Installed App will be visible to user installing the solution." - Default: 'True' - AllowedValues: - - 'True' - - 'False' + Default: "us-east-1" + Description: "AWS Region where the S3 bucket for your copy of the nested templates is hosted." + MPS3KeyPrefix: + Type: String + Default: "aws-observability-versions/v3.0.0/templates/" + Description: "S3 key prefix that is used to simulate a folder for your copy of the nested templates." Conditions: # Conditions for Bucket @@ -396,32 +395,23 @@ Conditions: #condition for ELB classic bucket create_elb_bucket: !And - - !Equals [ !Ref Section9bELBCreateLogSource, 'Yes' ] - - !Equals [ !Ref Section9dELBS3LogsBucketName, '' ] + - !Equals [ !Ref Section8bELBCreateLogSource, 'Yes' ] + - !Equals [ !Ref Section8dELBS3LogsBucketName, '' ] # Sources Create Condition - create_cloudtrail_source: !Equals [ !Ref Section6aCreateCloudTrailLogSource, 'Yes' ] - create_alb_source: !Equals [ !Ref Section5bALBCreateLogSource, 'Yes' ] create_kf_metrics_source: !Equals [ !Ref Section4aCreateMetricsSourceOptions, 'Kinesis Firehose Metrics Source' ] create_cw_metrics_source: !Equals [ !Ref Section4aCreateMetricsSourceOptions, 'CloudWatch Metrics Source' ] create_kf_logs_source: !Or - - !Equals [ !Ref Section7aLambdaCreateCloudWatchLogsSourceOptions, 'Kinesis Firehose Log Source' ] - - !Equals [ !Ref Section7aLambdaCreateCloudWatchLogsSourceOptions, 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' ] + - !Equals [ !Ref Section7aCreateCloudWatchLogsSourceOptions, 'Kinesis Firehose Log Source' ] + - !Equals [ !Ref Section7aCreateCloudWatchLogsSourceOptions, 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' ] create_cw_logs_source: !Or - - !Equals [ !Ref Section7aLambdaCreateCloudWatchLogsSourceOptions, 'Lambda Log Forwarder' ] - - !Equals [ !Ref Section7aLambdaCreateCloudWatchLogsSourceOptions, 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' ] - create_elb_source: !Equals [ !Ref Section9bELBCreateLogSource, 'Yes' ] + - !Equals [ !Ref Section7aCreateCloudWatchLogsSourceOptions, 'Lambda Log Forwarder' ] + - !Equals [ !Ref Section7aCreateCloudWatchLogsSourceOptions, 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' ] # Sources Update Condition - install_cloudwatch_metrics_source: !Or - - !Condition create_kf_metrics_source - - !Condition create_cw_metrics_source create_cloudwatch_logs_source: !Or - !Condition create_kf_logs_source - !Condition create_cw_logs_source - update_cloudtrail_logs_source: !And - - !Not [!Equals [!Ref Section6bCloudTrailLogsSourceUrl, '']] - - !Not [!Equals [!Ref Section6aCreateCloudTrailLogSource, 'Yes']] # Condition for S3 Logging enable is_bucket_available: !Or @@ -430,14 +420,14 @@ Conditions: is_elb_bucket_available: !Or - !Condition create_elb_bucket - - !Not [!Equals [ !Ref Section9dELBS3LogsBucketName, '' ]] + - !Not [!Equals [ !Ref Section8dELBS3LogsBucketName, '' ]] auto_enable_s3_logs: !And - !Not [!Equals [ !Ref Section5aAutoEnableS3LogsALBResourcesOptions, 'None' ]] - !Condition is_bucket_available auto_enable_s3_logs_elb: !And - - !Not [!Equals [ !Ref Section9aAutoEnableS3LogsELBResourcesOptions, 'None' ]] + - !Not [!Equals [ !Ref Section8aAutoEnableS3LogsELBResourcesOptions, 'None' ]] - !Condition is_elb_bucket_available # Condition for Auto Subscribe Lambda @@ -453,10 +443,10 @@ Conditions: - !Condition auto_subscribe_log_groups - !Condition auto_enable_s3_logs_elb - elb_bucket_path_expression_provided: !Not [!Equals [ !Ref Section9eELBS3BucketPathExpression, 'classicloadbalancing/AWSLogs/*/elasticloadbalancing/*' ]] + elb_bucket_path_expression_provided: !Not [!Equals [ !Ref Section8eELBS3BucketPathExpression, 'classicloadbalancing/AWSLogs/*/elasticloadbalancing/*' ]] # Condition for Stacks creation. Calling Nested Stack EveryTime to create FER and Metric Rule. If already present, marked as duplicate in Resource. - install_overview_dashboards: !Equals [ !Ref Section3aInstallObservabilityApps, 'Yes' ] + install_observability_apps: !Equals [ !Ref Section3aInstallObservabilityApps, 'Yes' ] # Condition to determine if Secret ARN is provided or Access Keys SecretNameProvided: @@ -486,12 +476,21 @@ Rules: AssertDescription: Either of "Secret Arn" or "Sumo Logic Deployment Name", "Access ID", "Access Key" and "Organisation Id" must be set. Mappings: + SumoAWSAccountIDs: + aws: + SumoAWSAccountID: "246946804217" + aws-us-gov: + SumoAWSAccountID: "246946804217" + aws-cn: + SumoAWSAccountID: "246946804217" + aws-eusc: + SumoAWSAccountID: "052162193518" CommonData: NestedTemplate: - BucketName: "sumologic-appdev-aws-sam-apps" - Version: "v2.14.0" + MPS3BucketName: "sumologic-appdev-aws-sam-apps" + MPS3BucketRegion: "us-east-1" + MPS3KeyPrefix: "aws-observability-versions/v3.0.0/templates/" CollectorDetails: - SumoLogicAccountID: 246946804217 CollectorNamePrefix: "aws-observability" CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" ALBLogsSourceCategory: "aws/observability/alb/logs" @@ -656,10 +655,7 @@ Resources: CreateCommonResources: Type: AWS::CloudFormation::Stack Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/common/resources.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}resources.template.yaml" Parameters: SumoLogicDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] SumoLogicAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] @@ -668,7 +664,7 @@ Resources: RemoveSumoLogicResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack AccountAlias: !Ref Section2aAccountAlias AccountAliasMappingS3URL: !Ref Section2bAccountAliasMappingS3URL - SumoLogicAccountID: !FindInMap [CommonData, CollectorDetails, SumoLogicAccountID] + SumoLogicAccountID: !FindInMap [SumoAWSAccountIDs, !Ref "AWS::Partition", SumoAWSAccountID] CreateMetaDataSource: "No" CreateCloudWatchMetricsSource: !If [ create_cw_metrics_source, "Yes", "No" ] CloudWatchMetricsSourceName: !Sub "cloudwatch-metrics-${AWS::Region}" @@ -697,14 +693,15 @@ Resources: CreateKinesisFirehoseLogSource: !If [ create_kf_logs_source, "Yes", "No" ] KinesisFirehoseLogsSourceName: !Sub "kinesis-firehose-cloudwatch-logs-${AWS::Region}" KinesisFirehoseLogsSourceCategory: !FindInMap [ CommonData, CollectorDetails, CloudWatchLogsSourceCategory ] - TemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - NestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - CreateELBLogSource: !Ref Section9bELBCreateLogSource + MPS3BucketName: !Ref MPS3BucketName + MPS3BucketRegion: !Ref MPS3BucketRegion + MPS3KeyPrefix: !Ref MPS3KeyPrefix + CreateELBLogSource: !Ref Section8bELBCreateLogSource CreateELBS3Bucket: !If [create_elb_bucket, "Yes", "No"] - ELBS3LogsBucketName: !Ref Section9dELBS3LogsBucketName + ELBS3LogsBucketName: !Ref Section8dELBS3LogsBucketName ELBS3BucketPathExpression: !Join - "" - - - !If [elb_bucket_path_expression_provided,!Ref Section9eELBS3BucketPathExpression, "classicloadbalancing"] + - - !If [elb_bucket_path_expression_provided,!Ref Section8eELBS3BucketPathExpression, "classicloadbalancing"] - "/AWSLogs/" - !Ref AWS::AccountId - "/elasticloadbalancing/" @@ -717,10 +714,7 @@ Resources: Type: AWS::CloudFormation::Stack Condition: call_auto_enable Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/autoenable/auto_enable.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}auto_enable.template.yaml" Parameters: SumoLogicResourceRemoveOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack ALBAutoEnableS3Logs: !If [auto_enable_s3_logs, "Yes", "No"] @@ -734,291 +728,61 @@ Resources: AutoSubscribeLogGroupByTags: !Ref Section7eAutoSubscribeLogGroupByTags AutoSubscribeRoleArn: !If [create_kf_logs_source, !GetAtt CreateCommonResources.Outputs.KinesisLogsRoleARN, "" ] ELBAutoEnableS3Logs: !If [auto_enable_s3_logs_elb, "Yes", "No"] - ELBAutoEnableS3LogsOptions: !Ref Section9aAutoEnableS3LogsELBResourcesOptions - ELBS3LogsBucketName: !If [create_elb_bucket, !GetAtt CreateCommonResources.Outputs.BucketName, !Ref Section9dELBS3LogsBucketName] - ELBS3LogsBucketPrefix: !If [elb_bucket_path_expression_provided, !Ref Section9eELBS3BucketPathExpression, "classicloadbalancing"] - - sumoEC2MetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoElasticCacheMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/ec2metrics/ec2_metrics_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section3bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section3cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section4aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section4bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoAlbMetricsAppStack: - Type: AWS::CloudFormation::Stack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/alb/alb_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aAccountAlias: !Ref Section2aAccountAlias - Section2bAccountAliasMappingS3URL: !Ref Section2bAccountAliasMappingS3URL - Section3aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section4aCloudWatchExistingSourceAPIUrl: !If [install_cloudwatch_metrics_source, "", !Ref Section4cCloudWatchExistingSourceAPIUrl] - Section5aALBLogsAPIUrl: !If [create_alb_source, "", !Ref Section5cALBLogsSourceUrl] - Section5bALBLogsSourceName: !If [create_alb_source, "*alb-logs*", ""] - Section6aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section6bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section6cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section7aAppInstallLocation: !Ref Section10aAppInstallLocation - Section7bShare: !Ref Section10bShare - - sumoElbMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoAlbMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/elb/elb_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aAccountAlias: !Ref Section2aAccountAlias - Section2bAccountAliasMappingS3URL: !Ref Section2bAccountAliasMappingS3URL - Section3aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section4aCloudWatchExistingSourceAPIUrl: !If [install_cloudwatch_metrics_source, "", !Ref Section4cCloudWatchExistingSourceAPIUrl] - Section5aELBLogsAPIUrl: !If [create_elb_source, "", !Ref Section9cELBLogsSourceUrl] - Section5bELBLogsSourceName: !If [create_elb_source, "*elb-logs*", ""] - Section6aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section6bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section6cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section7aAppInstallLocation: !Ref Section10aAppInstallLocation - Section7bShare: !Ref Section10bShare - - sumoDynamoDBMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoAlbMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/dynamodb/dynamodb_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoRdsMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoAlbMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/rds/rds_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoApiGatewayMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoDynamoDBMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/apigateway/api_gateway_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoSNSAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoEC2MetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/sns/sns_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoSQSAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoEC2MetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/sqs/sqs_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoLambdaMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoAlbMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/lambda/lambda_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aAccountAlias: !Ref Section2aAccountAlias - Section2bAccountAliasMappingS3URL: !Ref Section2bAccountAliasMappingS3URL - Section3aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section5bCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", ""] - Section5aCloudTrailLogsAPIUrl: !If [create_cloudtrail_source, "", !Ref Section6bCloudTrailLogsSourceUrl] - Section6bCloudWatchLogsSourceName: !If [create_cloudwatch_logs_source, "*cloudwatch-logs*", ""] - Section6aCloudWatchLogsAPIUrl: !If [create_cloudwatch_logs_source, "", !Ref Section7bLambdaCloudWatchLogsSourceUrl] - Section7aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section7bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section7cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section8aAppInstallLocation: !Ref Section10aAppInstallLocation - Section8bShare: !Ref Section10bShare - - sumoECSMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoRdsMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/ecs/ecs_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoElasticCacheMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoApiGatewayMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/elasticache/elasticache_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoNlbMetricsAppStack: + ELBAutoEnableS3LogsOptions: !Ref Section8aAutoEnableS3LogsELBResourcesOptions + ELBS3LogsBucketName: !If [create_elb_bucket, !GetAtt CreateCommonResources.Outputs.BucketName, !Ref Section8dELBS3LogsBucketName] + ELBS3LogsBucketPrefix: !If [elb_bucket_path_expression_provided, !Ref Section8eELBS3BucketPathExpression, "classicloadbalancing"] + MPS3BucketName: !Ref MPS3BucketName + MPS3BucketRegion: !Ref MPS3BucketRegion + MPS3KeyPrefix: !Ref MPS3KeyPrefix + + sumoAppStacks: Type: AWS::CloudFormation::Stack - DependsOn: sumoECSMetricsAppStack + Condition: install_observability_apps Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/nlb/nlb_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}apps.template.yaml" Parameters: + # ------------------------- + # Sumo Deployment + # ------------------------- Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aNLBLogsSourceName: "" - Section3bNLBSourceUpdated: "No" - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare + # ------------------------- + # App Installation + # ------------------------- + Section2aInstallApp: !GetAtt CreateCommonResources.Outputs.PaidAccountCheck + # ------------------------- + # Parent Stack Details + # ------------------------- + Section3aParentStackLambdaARN: + !GetAtt CreateCommonResources.Outputs.LambdaHelperARN + # ------------------------- + # UPDATE TRIGGER HASH (Recommended) + # ------------------------- + Section4aToUpdate: + Fn::Base64: !Sub + - "${a}-${b}-${c}-${d}-${e}-${f}-${g}-${h}-${i}-${j}-${k}-${l}-${m}-${n}-${o}-${p}-${q}-${r}-${s}-${t}-${u}-${v}-${w}" + - a: !Ref Section2aAccountAlias + b: !Ref Section3aInstallObservabilityApps + c: !Ref Section4aCreateMetricsSourceOptions + d: !Ref Section4bMetricsNameSpaces + e: !Ref Section4cCloudWatchExistingSourceAPIUrl + f: !Ref Section4dAWSMetricsTagFilters + g: !Ref Section5aAutoEnableS3LogsALBResourcesOptions + h: !Ref Section5bALBCreateLogSource + i: !Ref Section5cALBLogsSourceUrl + j: !Ref Section5dALBS3LogsBucketName + k: !Ref Section6aCreateCloudTrailLogSource + l: !Ref Section6bCloudTrailLogsSourceUrl + m: !Ref Section6cCloudTrailLogsBucketName + n: !Ref Section7aCreateCloudWatchLogsSourceOptions + o: !Ref Section7bCloudWatchLogsSourceUrl + p: !Ref Section7cAutoSubscribeLogGroupsOptions + q: !Ref Section7dAutoSubscribeLogGroupPattern + r: !Ref Section7eAutoSubscribeLogGroupByTags + s: !Ref Section8aAutoEnableS3LogsELBResourcesOptions + t: !Ref Section8bELBCreateLogSource + u: !Ref Section8cELBLogsSourceUrl + v: !Ref Section8dELBS3LogsBucketName + w: !FindInMap [CommonData, NestedTemplate, MPS3KeyPrefix] \ No newline at end of file diff --git a/aws-observability/templates/sumologic_observability.mp.yaml b/cloudformation-sumologic-aws-observability/templates/sumologic_observability.mp.yaml old mode 100755 new mode 100644 similarity index 54% rename from aws-observability/templates/sumologic_observability.mp.yaml rename to cloudformation-sumologic-aws-observability/templates/sumologic_observability.mp.yaml index 7a4d9c37..4d36368c --- a/aws-observability/templates/sumologic_observability.mp.yaml +++ b/cloudformation-sumologic-aws-observability/templates/sumologic_observability.mp.yaml @@ -1,5 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' -Description: "Version - v2.15.0. Note: Before deploying this template, please select the appropriate region. This CloudFormation template will automate the setup of the AWS Observability Solution. For more information on each parameter, please see the AWS Observability Setup Guide: https://help.sumologic.com/Observability_Solution/AWS_Observability_Solution/01_Deploy_and_Use_AWS_Observability/05_Deploy_AWS_Observability" +Description: "Version - v3.0.0. Note: Before deploying this template, please select the appropriate region. This CloudFormation template will automate the setup of the AWS Observability Solution. For more information on each parameter, please see the AWS Observability Setup Guide: https://help.sumologic.com/Observability_Solution/AWS_Observability_Solution/01_Deploy_and_Use_AWS_Observability/05_Deploy_AWS_Observability" Metadata: 'AWS::CloudFormation::Interface': @@ -53,8 +53,8 @@ Metadata: - Label: default: "7. Sumo Logic CloudWatch Logs Source" Parameters: - - Section7aLambdaCreateCloudWatchLogsSourceOptions - - Section7bLambdaCloudWatchLogsSourceUrl + - Section7aCreateCloudWatchLogsSourceOptions + - Section7bCloudWatchLogsSourceUrl - Section7cAutoSubscribeLogGroupsOptions - Section7dAutoSubscribeLogGroupPattern - Section7eAutoSubscribeLogGroupByTags @@ -62,17 +62,18 @@ Metadata: - Label: default: "8. Sumo Logic AWS ELB classic Log Source" Parameters: - - Section9aAutoEnableS3LogsELBResourcesOptions - - Section9bELBCreateLogSource - - Section9cELBLogsSourceUrl - - Section9dELBS3LogsBucketName - - Section9eELBS3BucketPathExpression + - Section8aAutoEnableS3LogsELBResourcesOptions + - Section8bELBCreateLogSource + - Section8cELBLogsSourceUrl + - Section8dELBS3LogsBucketName + - Section8eELBS3BucketPathExpression - Label: - default: "9. App Installation and Sharing" + default: "AWS Marketplace Parameters" Parameters: - - Section10aAppInstallLocation - - Section10bShare + - MPS3BucketName + - MPS3BucketRegion + - MPS3KeyPrefix ParameterLabels: SecretName: @@ -94,10 +95,10 @@ Metadata: default: "S3 Object URL of a CSV file that maps AWS Account IDs to an Account Alias" Section3aInstallObservabilityApps: - default: "Install AWS Observability Apps and Alerts" + default: "Install AWS Observability Apps and Monitors" Section4aCreateMetricsSourceOptions: - default: "Select the kind of CloudWatch Metrics Source to create" + default: "Select the kind of Metrics Source to create" Section4bMetricsNameSpaces: default: "Sumo Logic AWS Metrics Namespaces" Section4cCloudWatchExistingSourceAPIUrl: @@ -125,10 +126,10 @@ Metadata: Section6dCloudTrailBucketPathExpression: default: "Path Expression for existing CloudTrail logs" - Section7aLambdaCreateCloudWatchLogsSourceOptions: - default: "Select the Sumo Logic CloudWatch Logs Sources" - Section7bLambdaCloudWatchLogsSourceUrl: - default: "Existing Sumo Logic Lambda CloudWatch Logs Source API URL" + Section7aCreateCloudWatchLogsSourceOptions: + default: "Select the Sumo Logic CloudWatch Logs Source Type" + Section7bCloudWatchLogsSourceUrl: + default: "Existing Sumo Logic CloudWatch Logs Source API URL" Section7cAutoSubscribeLogGroupsOptions: default: "Subscribe log groups to Destination (Lambda or kinesis firehose delivery stream)" Section7dAutoSubscribeLogGroupPattern: @@ -136,21 +137,23 @@ Metadata: Section7eAutoSubscribeLogGroupByTags: default: "Tags for filtering CloudWatch Log Groups." - Section9aAutoEnableS3LogsELBResourcesOptions: + Section8aAutoEnableS3LogsELBResourcesOptions: default: "Enable ELB Access logging" - Section9bELBCreateLogSource: + Section8bELBCreateLogSource: default: "Create Sumo Logic ELB Logs Source" - Section9cELBLogsSourceUrl: + Section8cELBLogsSourceUrl: default: "Existing Sumo Logic ELB Logs Source API URL" - Section9dELBS3LogsBucketName: + Section8dELBS3LogsBucketName: default: "Amazon S3 Bucket Name" - Section9eELBS3BucketPathExpression: + Section8eELBS3BucketPathExpression: default: "Path Expression for existing ELB logs" - Section10aAppInstallLocation: - default: "Location where you want the App to be Installed" - Section10bShare: - default: "Do you want to share App with whole organisation" + MPS3BucketName: + default: "S3 Bucket Name for nested templates" + MPS3BucketRegion: + default: "S3 Bucket Region for nested templates" + MPS3KeyPrefix: + default: "S3 Key Prefix for nested templates" Parameters: SecretName: @@ -214,8 +217,8 @@ Parameters: Section3aInstallObservabilityApps: Type: String Default: 'Yes' - Description: "Yes - Installs Apps (EC2, Application Load Balancer, RDS, API Gateway, Lambda, Dynamo DB, ECS, ElastiCache and NLB) and Alerts for the Sumo Logic AWS Observability Solution. All the Apps are installed in the folder 'AWS Observability'. - No - Skips the installation of Apps and Alerts." + Description: "Yes - Installs Apps (AWS Compute, AWS EC2, AWS ECS, AWS Lambda, AWS Application Load Balancer, AWS Network Load Balancer, AWS API Gateway, AWS SQS, AWS SNS, AWS DynamoDB, AWS RDS, AWS ElastiCache) and Monitors for the Sumo Logic AWS Observability Solution. All Apps are installed in the folder 'Installed Apps'. + No - Skips the installation of Apps and Monitors." AllowedValues: - 'Yes' - 'No' @@ -297,7 +300,7 @@ Parameters: Description: "This is required in case the above existing bucket is already configured to receive CloudTrail logs. If this is blank, Sumo Logic will store logs in the path expression: AWSLogs/*/CloudTrail/*" Default: "AWSLogs/*/CloudTrail/*" - Section7aLambdaCreateCloudWatchLogsSourceOptions: + Section7aCreateCloudWatchLogsSourceOptions: Type: String Description: "Lambda Log Forwarder - Creates a Sumo Logic CloudWatch Log Source that collects CloudWatch logs via a Lambda function. Kinesis Firehose Log Source - Creates a Sumo Logic Kinesis Firehose Source to collect CloudWatch logs." @@ -307,7 +310,7 @@ Parameters: - 'Kinesis Firehose Log Source' - 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - 'None' - Section7bLambdaCloudWatchLogsSourceUrl: + Section7bCloudWatchLogsSourceUrl: Type: String Description: "Required when already collecting Lambda CloudWatch logs in Sumo Logic. Provide the existing Sumo Logic Lambda CloudWatch Source API URL. Account, region and namespace Fields will be added to the Source. For Source API URL, visit https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration" Default: "" @@ -325,14 +328,14 @@ Parameters: - 'None' Section7dAutoSubscribeLogGroupPattern: Type: String - Default: "/aws/(lambda|apigateway|rds)" + Default: '\/aws\/(lambda|apigateway|rds)' Description: "Enter regex for matching CloudWatch Log groups name. Regex will check for the Log group name. Visit https://help.sumologic.com/03Send-Data/Collect-from-Other-Data-Sources/Auto-Subscribe_AWS_Log_Groups_to_a_Lambda_Function#Configuring_parameters" Section7eAutoSubscribeLogGroupByTags: Type: String Default: "" Description: "Enter comma separated key value pairs for filtering logGroups using tags. Ex KeyName1=string,KeyName2=string. This is optional leave it blank if tag based filtering is not needed. Visit https://help.sumologic.com/docs/send-data/collect-from-other-data-sources/autosubscribe-arn-destination/#configuringparameters" - Section9aAutoEnableS3LogsELBResourcesOptions: + Section8aAutoEnableS3LogsELBResourcesOptions: Type: String Description: "New - Automatically enables S3 logging for newly created ELB resources to collect logs for ELB resources. This does not affect ELB resources already collecting logs. Existing - Automatically enables S3 logging for existing ELB resources to collect logs for ELB resources. @@ -344,7 +347,7 @@ Parameters: - 'Existing' - 'Both' - 'None' - Section9bELBCreateLogSource: + Section8bELBCreateLogSource: Type: String Description: "Yes - Creates a Sumo Logic ELB Log Source that collects ELB logs from an existing bucket or a new bucket. No - If you already have an ELB source collecting ELB logs into Sumo Logic." @@ -352,35 +355,31 @@ Parameters: AllowedValues: - 'Yes' - 'No' - Section9cELBLogsSourceUrl: + Section8cELBLogsSourceUrl: Type: String Description: "Required when already collecting ELB logs in Sumo Logic. Provide the existing Sumo Logic ELB Source API URL. Account, region and namespace Fields will be added to the Source. For Source API URL, visit https://help.sumologic.com/03Send-Data/Sources/03Use-JSON-to-Configure-Sources/Local-Configuration-File-Management/View-or-Download-Source-JSON-Configuration" Default: "" - Section9dELBS3LogsBucketName: + Section8dELBS3LogsBucketName: Type: String Description: "If you selected 'No' to creating a new source above, skip this step. Provide a name of existing S3 bucket name where you would like to store ELB logs. If this is empty, a new bucket will be created in the region." Default: "" - Section9eELBS3BucketPathExpression: + Section8eELBS3BucketPathExpression: Type: String Description: "This is required in case the above existing bucket is already configured to receive ELB access logs. If this is blank, Sumo Logic will store logs in the path expression: *AWSLogs/*/elasticloadbalancing/*" Default: "classicloadbalancing/AWSLogs/*/elasticloadbalancing/*" - Section10aAppInstallLocation: + MPS3BucketName: Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' - Section10bShare: + Default: "sumologic-appdev-aws-sam-apps" + Description: "Name of the S3 bucket for your copy of the nested templates." + MPS3BucketRegion: Type: String - Description: "True - Installed App will have view permission to all members of the organisation. - False - Installed App will be visible to user installing the solution." - Default: 'True' - AllowedValues: - - 'True' - - 'False' + Default: "us-east-1" + Description: "AWS Region where the S3 bucket for your copy of the nested templates is hosted." + MPS3KeyPrefix: + Type: String + Default: "aws-observability-versions/v3.0.0/templates/" + Description: "S3 key prefix that is used to simulate a folder for your copy of the nested templates." Conditions: # Conditions for Bucket @@ -394,32 +393,23 @@ Conditions: #condition for ELB classic bucket create_elb_bucket: !And - - !Equals [ !Ref Section9bELBCreateLogSource, 'Yes' ] - - !Equals [ !Ref Section9dELBS3LogsBucketName, '' ] + - !Equals [ !Ref Section8bELBCreateLogSource, 'Yes' ] + - !Equals [ !Ref Section8dELBS3LogsBucketName, '' ] # Sources Create Condition - create_cloudtrail_source: !Equals [ !Ref Section6aCreateCloudTrailLogSource, 'Yes' ] - create_alb_source: !Equals [ !Ref Section5bALBCreateLogSource, 'Yes' ] create_kf_metrics_source: !Equals [ !Ref Section4aCreateMetricsSourceOptions, 'Kinesis Firehose Metrics Source' ] create_cw_metrics_source: !Equals [ !Ref Section4aCreateMetricsSourceOptions, 'CloudWatch Metrics Source' ] create_kf_logs_source: !Or - - !Equals [ !Ref Section7aLambdaCreateCloudWatchLogsSourceOptions, 'Kinesis Firehose Log Source' ] - - !Equals [ !Ref Section7aLambdaCreateCloudWatchLogsSourceOptions, 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' ] + - !Equals [ !Ref Section7aCreateCloudWatchLogsSourceOptions, 'Kinesis Firehose Log Source' ] + - !Equals [ !Ref Section7aCreateCloudWatchLogsSourceOptions, 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' ] create_cw_logs_source: !Or - - !Equals [ !Ref Section7aLambdaCreateCloudWatchLogsSourceOptions, 'Lambda Log Forwarder' ] - - !Equals [ !Ref Section7aLambdaCreateCloudWatchLogsSourceOptions, 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' ] - create_elb_source: !Equals [ !Ref Section9bELBCreateLogSource, 'Yes' ] + - !Equals [ !Ref Section7aCreateCloudWatchLogsSourceOptions, 'Lambda Log Forwarder' ] + - !Equals [ !Ref Section7aCreateCloudWatchLogsSourceOptions, 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' ] # Sources Update Condition - install_cloudwatch_metrics_source: !Or - - !Condition create_kf_metrics_source - - !Condition create_cw_metrics_source create_cloudwatch_logs_source: !Or - !Condition create_kf_logs_source - !Condition create_cw_logs_source - update_cloudtrail_logs_source: !And - - !Not [!Equals [!Ref Section6bCloudTrailLogsSourceUrl, '']] - - !Not [!Equals [!Ref Section6aCreateCloudTrailLogSource, 'Yes']] # Condition for S3 Logging enable is_bucket_available: !Or @@ -428,33 +418,33 @@ Conditions: is_elb_bucket_available: !Or - !Condition create_elb_bucket - - !Not [!Equals [ !Ref Section9dELBS3LogsBucketName, '' ]] + - !Not [!Equals [ !Ref Section8dELBS3LogsBucketName, '' ]] auto_enable_s3_logs: !And - !Not [!Equals [ !Ref Section5aAutoEnableS3LogsALBResourcesOptions, 'None' ]] - !Condition is_bucket_available auto_enable_s3_logs_elb: !And - - !Not [!Equals [ !Ref Section9aAutoEnableS3LogsELBResourcesOptions, 'None' ]] + - !Not [!Equals [ !Ref Section8aAutoEnableS3LogsELBResourcesOptions, 'None' ]] - !Condition is_elb_bucket_available # Condition for Auto Subscribe Lambda - auto_subscribe_exisitng_log_groups: !Or + auto_subscribe_new_log_groups: !Or - !Equals [ !Ref Section7cAutoSubscribeLogGroupsOptions, 'New' ] - !Equals [ !Ref Section7cAutoSubscribeLogGroupsOptions, 'Both' ] auto_subscribe_log_groups: !And - !Condition create_cloudwatch_logs_source - - !Condition auto_subscribe_exisitng_log_groups + - !Condition auto_subscribe_new_log_groups call_auto_enable: !Or - !Condition auto_enable_s3_logs - !Condition auto_subscribe_log_groups - !Condition auto_enable_s3_logs_elb - elb_bucket_path_expression_provided: !Not [!Equals [ !Ref Section9eELBS3BucketPathExpression, 'classicloadbalancing/AWSLogs/*/elasticloadbalancing/*' ]] + elb_bucket_path_expression_provided: !Not [!Equals [ !Ref Section8eELBS3BucketPathExpression, 'classicloadbalancing/AWSLogs/*/elasticloadbalancing/*' ]] # Condition for Stacks creation. Calling Nested Stack EveryTime to create FER and Metric Rule. If already present, marked as duplicate in Resource. - install_overview_dashboards: !Equals [ !Ref Section3aInstallObservabilityApps, 'Yes' ] + install_observability_apps: !Equals [ !Ref Section3aInstallObservabilityApps, 'Yes' ] # Condition to determine if Secret ARN is provided or Access Keys SecretNameProvided: @@ -484,12 +474,21 @@ Rules: AssertDescription: Either of "Secret Arn" or "Sumo Logic Deployment Name", "Access ID", "Access Key" and "Organisation Id" must be set. Mappings: + SumoAWSAccountIDs: + aws: + SumoAWSAccountID: "246946804217" + aws-us-gov: + SumoAWSAccountID: "246946804217" + aws-cn: + SumoAWSAccountID: "246946804217" + aws-eusc: + SumoAWSAccountID: "052162193518" CommonData: NestedTemplate: - BucketName: "sumologic-appdev-aws-sam-apps" - Version: "v2.14.0" + MPS3BucketName: "sumologic-appdev-aws-sam-apps" + MPS3BucketRegion: "us-east-1" + MPS3KeyPrefix: "aws-observability-versions/v3.0.0/templates/" CollectorDetails: - SumoLogicAccountID: 926226587429 CollectorNamePrefix: "aws-observability" CloudWatchMetricSourceCategory: "aws/observability/cloudwatch/metrics" ALBLogsSourceCategory: "aws/observability/alb/logs" @@ -654,10 +653,7 @@ Resources: CreateCommonResources: Type: AWS::CloudFormation::Stack Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/common/resources.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}resources.template.yaml" Parameters: SumoLogicDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] SumoLogicAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] @@ -666,7 +662,7 @@ Resources: RemoveSumoLogicResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack AccountAlias: !Ref Section2aAccountAlias AccountAliasMappingS3URL: !Ref Section2bAccountAliasMappingS3URL - SumoLogicAccountID: !FindInMap [CommonData, CollectorDetails, SumoLogicAccountID] + SumoLogicAccountID: !FindInMap [SumoAWSAccountIDs, !Ref "AWS::Partition", SumoAWSAccountID] CreateMetaDataSource: "No" CreateCloudWatchMetricsSource: !If [ create_cw_metrics_source, "Yes", "No" ] CloudWatchMetricsSourceName: !Sub "cloudwatch-metrics-${AWS::Region}" @@ -695,14 +691,15 @@ Resources: CreateKinesisFirehoseLogSource: !If [ create_kf_logs_source, "Yes", "No" ] KinesisFirehoseLogsSourceName: !Sub "kinesis-firehose-cloudwatch-logs-${AWS::Region}" KinesisFirehoseLogsSourceCategory: !FindInMap [ CommonData, CollectorDetails, CloudWatchLogsSourceCategory ] - TemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - NestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - CreateELBLogSource: !Ref Section9bELBCreateLogSource + MPS3BucketName: !Ref MPS3BucketName + MPS3BucketRegion: !Ref MPS3BucketRegion + MPS3KeyPrefix: !Ref MPS3KeyPrefix + CreateELBLogSource: !Ref Section8bELBCreateLogSource CreateELBS3Bucket: !If [create_elb_bucket, "Yes", "No"] - ELBS3LogsBucketName: !Ref Section9dELBS3LogsBucketName + ELBS3LogsBucketName: !Ref Section8dELBS3LogsBucketName ELBS3BucketPathExpression: !Join - "" - - - !If [elb_bucket_path_expression_provided,!Ref Section9eELBS3BucketPathExpression, "classicloadbalancing"] + - - !If [elb_bucket_path_expression_provided,!Ref Section8eELBS3BucketPathExpression, "classicloadbalancing"] - "/AWSLogs/" - !Ref AWS::AccountId - "/elasticloadbalancing/" @@ -715,10 +712,7 @@ Resources: Type: AWS::CloudFormation::Stack Condition: call_auto_enable Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/autoenable/auto_enable.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}auto_enable.template.yaml" Parameters: SumoLogicResourceRemoveOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack ALBAutoEnableS3Logs: !If [auto_enable_s3_logs, "Yes", "No"] @@ -732,291 +726,61 @@ Resources: AutoSubscribeLogGroupByTags: !Ref Section7eAutoSubscribeLogGroupByTags AutoSubscribeRoleArn: !If [create_kf_logs_source, !GetAtt CreateCommonResources.Outputs.KinesisLogsRoleARN, "" ] ELBAutoEnableS3Logs: !If [auto_enable_s3_logs_elb, "Yes", "No"] - ELBAutoEnableS3LogsOptions: !Ref Section9aAutoEnableS3LogsELBResourcesOptions - ELBS3LogsBucketName: !If [create_elb_bucket, !GetAtt CreateCommonResources.Outputs.BucketName, !Ref Section9dELBS3LogsBucketName] - ELBS3LogsBucketPrefix: !If [elb_bucket_path_expression_provided, !Ref Section9eELBS3BucketPathExpression, "classicloadbalancing"] - - sumoEC2MetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoElasticCacheMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/ec2metrics/ec2_metrics_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section3bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section3cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section4aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section4bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoAlbMetricsAppStack: - Type: AWS::CloudFormation::Stack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/alb/alb_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aAccountAlias: !Ref Section2aAccountAlias - Section2bAccountAliasMappingS3URL: !Ref Section2bAccountAliasMappingS3URL - Section3aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section4aCloudWatchExistingSourceAPIUrl: !If [install_cloudwatch_metrics_source, "", !Ref Section4cCloudWatchExistingSourceAPIUrl] - Section5aALBLogsAPIUrl: !If [create_alb_source, "", !Ref Section5cALBLogsSourceUrl] - Section5bALBLogsSourceName: !If [create_alb_source, "*alb-logs*", ""] - Section6aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section6bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section6cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section7aAppInstallLocation: !Ref Section10aAppInstallLocation - Section7bShare: !Ref Section10bShare - - sumoElbMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoAlbMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/elb/elb_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aAccountAlias: !Ref Section2aAccountAlias - Section2bAccountAliasMappingS3URL: !Ref Section2bAccountAliasMappingS3URL - Section3aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section4aCloudWatchExistingSourceAPIUrl: !If [install_cloudwatch_metrics_source, "", !Ref Section4cCloudWatchExistingSourceAPIUrl] - Section5aELBLogsAPIUrl: !If [create_elb_source, "", !Ref Section9cELBLogsSourceUrl] - Section5bELBLogsSourceName: !If [create_elb_source, "*elb-logs*", ""] - Section6aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section6bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section6cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section7aAppInstallLocation: !Ref Section10aAppInstallLocation - Section7bShare: !Ref Section10bShare - - sumoDynamoDBMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoAlbMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/dynamodb/dynamodb_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoRdsMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoAlbMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/rds/rds_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoApiGatewayMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoDynamoDBMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/apigateway/api_gateway_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoSNSAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoEC2MetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/sns/sns_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoSQSAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoEC2MetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/sqs/sqs_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoLambdaMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoAlbMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/lambda/lambda_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aAccountAlias: !Ref Section2aAccountAlias - Section2bAccountAliasMappingS3URL: !Ref Section2bAccountAliasMappingS3URL - Section3aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section5bCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", ""] - Section5aCloudTrailLogsAPIUrl: !If [create_cloudtrail_source, "", !Ref Section6bCloudTrailLogsSourceUrl] - Section6bCloudWatchLogsSourceName: !If [create_cloudwatch_logs_source, "*cloudwatch-logs*", ""] - Section6aCloudWatchLogsAPIUrl: !If [create_cloudwatch_logs_source, "", !Ref Section7bLambdaCloudWatchLogsSourceUrl] - Section7aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section7bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section7cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section8aAppInstallLocation: !Ref Section10aAppInstallLocation - Section8bShare: !Ref Section10bShare - - sumoECSMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoRdsMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/ecs/ecs_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoElasticCacheMetricsAppStack: - Type: AWS::CloudFormation::Stack - DependsOn: sumoApiGatewayMetricsAppStack - Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/elasticache/elasticache_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] - Parameters: - Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] - Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] - Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] - Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aCloudTrailLogsSourceName: !If [create_cloudtrail_source, "*cloudtrail-logs*", !If [update_cloudtrail_logs_source, !GetAtt sumoLambdaMetricsAppStack.Outputs.ExistingCloudTrailLogSourceName, "" ] ] - Section3bCloudTrailSourceUpdated: !If [update_cloudtrail_logs_source, "Yes", "No"] - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare - - sumoNlbMetricsAppStack: + ELBAutoEnableS3LogsOptions: !Ref Section8aAutoEnableS3LogsELBResourcesOptions + ELBS3LogsBucketName: !If [create_elb_bucket, !GetAtt CreateCommonResources.Outputs.BucketName, !Ref Section8dELBS3LogsBucketName] + ELBS3LogsBucketPrefix: !If [elb_bucket_path_expression_provided, !Ref Section8eELBS3BucketPathExpression, "classicloadbalancing"] + MPS3BucketName: !Ref MPS3BucketName + MPS3BucketRegion: !Ref MPS3BucketRegion + MPS3KeyPrefix: !Ref MPS3KeyPrefix + + sumoAppStacks: Type: AWS::CloudFormation::Stack - DependsOn: sumoECSMetricsAppStack + Condition: install_observability_apps Properties: - TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/nlb/nlb_app.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}apps.template.yaml" Parameters: + # ------------------------- + # Sumo Deployment + # ------------------------- Section1aSumoDeployment: !If [SecretNameProvided, !GetAtt SecretsRetrieval.deployment, !Ref Section1aSumoLogicDeployment] Section1bSumoAccessID: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessID, !Ref Section1bSumoLogicAccessID] Section1cSumoAccessKey: !If [SecretNameProvided, !GetAtt SecretsRetrieval.accessKey, !Ref Section1cSumoLogicAccessKey] Section1dRemoveSumoResourcesOnDeleteStack: !Ref Section1eSumoLogicResourceRemoveOnDeleteStack - Section1eOrgId: !If [SecretNameProvided, !GetAtt SecretsRetrieval.orgID, !Ref Section1dSumoLogicOrganizationId] - Section2aInstallApp: !If [install_overview_dashboards, !GetAtt CreateCommonResources.Outputs.PaidAccountCheck, "No"] - Section3aNLBLogsSourceName: "" - Section3bNLBSourceUpdated: "No" - Section4aParentStackLambdaARN: !GetAtt CreateCommonResources.Outputs.LambdaHelperARN - Section4bTemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Section4cNestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] - Section5aAppInstallLocation: !Ref Section10aAppInstallLocation - Section5bShare: !Ref Section10bShare + # ------------------------- + # App Installation + # ------------------------- + Section2aInstallApp: !GetAtt CreateCommonResources.Outputs.PaidAccountCheck + # ------------------------- + # Parent Stack Details + # ------------------------- + Section3aParentStackLambdaARN: + !GetAtt CreateCommonResources.Outputs.LambdaHelperARN + # ------------------------- + # UPDATE TRIGGER HASH (Recommended) + # ------------------------- + Section4aToUpdate: + Fn::Base64: !Sub + - "${a}-${b}-${c}-${d}-${e}-${f}-${g}-${h}-${i}-${j}-${k}-${l}-${m}-${n}-${o}-${p}-${q}-${r}-${s}-${t}-${u}-${v}-${w}" + - a: !Ref Section2aAccountAlias + b: !Ref Section3aInstallObservabilityApps + c: !Ref Section4aCreateMetricsSourceOptions + d: !Ref Section4bMetricsNameSpaces + e: !Ref Section4cCloudWatchExistingSourceAPIUrl + f: !Ref Section4dAWSMetricsTagFilters + g: !Ref Section5aAutoEnableS3LogsALBResourcesOptions + h: !Ref Section5bALBCreateLogSource + i: !Ref Section5cALBLogsSourceUrl + j: !Ref Section5dALBS3LogsBucketName + k: !Ref Section6aCreateCloudTrailLogSource + l: !Ref Section6bCloudTrailLogsSourceUrl + m: !Ref Section6cCloudTrailLogsBucketName + n: !Ref Section7aCreateCloudWatchLogsSourceOptions + o: !Ref Section7bCloudWatchLogsSourceUrl + p: !Ref Section7cAutoSubscribeLogGroupsOptions + q: !Ref Section7dAutoSubscribeLogGroupPattern + r: !Ref Section7eAutoSubscribeLogGroupByTags + s: !Ref Section8aAutoEnableS3LogsELBResourcesOptions + t: !Ref Section8bELBCreateLogSource + u: !Ref Section8cELBLogsSourceUrl + v: !Ref Section8dELBS3LogsBucketName + w: !FindInMap [CommonData, NestedTemplate, MPS3KeyPrefix] \ No newline at end of file diff --git a/aws-observability/templates/test/Dockerfile b/cloudformation-sumologic-aws-observability/templates/test/Dockerfile similarity index 100% rename from aws-observability/templates/test/Dockerfile rename to cloudformation-sumologic-aws-observability/templates/test/Dockerfile diff --git a/aws-observability/templates/test/TestTemplate.yaml b/cloudformation-sumologic-aws-observability/templates/test/TestTemplate.yaml similarity index 98% rename from aws-observability/templates/test/TestTemplate.yaml rename to cloudformation-sumologic-aws-observability/templates/test/TestTemplate.yaml index 08caa977..30e95653 100644 --- a/aws-observability/templates/test/TestTemplate.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/TestTemplate.yaml @@ -1015,10 +1015,9 @@ Tests: Section5aAutoEnableS3LogsALBResourcesOptions: 'None' Section5bALBCreateLogSource: 'No' Section6aCreateCloudTrailLogSource: 'No' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section8aRootCauseExplorerOptions: 'None' - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'No' + Section7aCreateCloudWatchLogsSourceOptions: 'None' + Section8aAutoEnableS3LogsELBResourcesOptions: 'None' + Section8bELBCreateLogSource: 'No' Assertions: - AssertType: ResourceExistence Assert: @@ -1191,12 +1190,11 @@ Tests: Section5aAutoEnableS3LogsALBResourcesOptions: 'New' Section5bALBCreateLogSource: 'Yes' Section6aCreateCloudTrailLogSource: 'No' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Lambda Log Forwarder' + Section7aCreateCloudWatchLogsSourceOptions: 'Lambda Log Forwarder' Section7cAutoSubscribeLogGroupsOptions: 'New' - Section8aRootCauseExplorerOptions: 'Xray Source' Section4bMetricsNameSpaces: 'AWS/ElastiCache, AWS/ELB, AWS/NetworkELB, AWS/ApplicationELB, AWS/RDS, AWS/SQS, AWS/EC2, AWS/SNS' - Section9aAutoEnableS3LogsELBResourcesOptions: 'New' - Section9bELBCreateLogSource: 'Yes' + Section8aAutoEnableS3LogsELBResourcesOptions: 'New' + Section8bELBCreateLogSource: 'Yes' Assertions: - AssertType: ResourceExistence Assert: @@ -1466,11 +1464,10 @@ Tests: Section5aAutoEnableS3LogsALBResourcesOptions: 'New' Section5bALBCreateLogSource: 'No' Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Lambda Log Forwarder' + Section7aCreateCloudWatchLogsSourceOptions: 'Lambda Log Forwarder' Section7cAutoSubscribeLogGroupsOptions: 'Existing' - Section8aRootCauseExplorerOptions: 'Inventory Source' - Section9aAutoEnableS3LogsELBResourcesOptions: 'New' - Section9bELBCreateLogSource: 'No' + Section8aAutoEnableS3LogsELBResourcesOptions: 'New' + Section8bELBCreateLogSource: 'No' Assertions: - AssertType: ResourceExistence Assert: @@ -1709,11 +1706,10 @@ Tests: Section5dALBS3LogsBucketName: 'cf-templates-1qpf3unpuo1hw-ap-southeast-1' Section5eALBS3BucketPathExpression: '*abc*' Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213' + Section7aCreateCloudWatchLogsSourceOptions: 'None' + Section7bCloudWatchLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213' Section7cAutoSubscribeLogGroupsOptions: 'New' - Section8aRootCauseExplorerOptions: 'Xray Source' - Section9bELBCreateLogSource: 'No' + Section8bELBCreateLogSource: 'No' Assertions: - AssertType: ResourceExistence Assert: @@ -1924,14 +1920,13 @@ Tests: Section5aAutoEnableS3LogsALBResourcesOptions: 'None' Section5bALBCreateLogSource: 'No' Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213' + Section7aCreateCloudWatchLogsSourceOptions: 'None' + Section7bCloudWatchLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213' Section7cAutoSubscribeLogGroupsOptions: 'New' - Section8aRootCauseExplorerOptions: 'Xray Source' - Section9aAutoEnableS3LogsELBResourcesOptions: 'Existing' - Section9bELBCreateLogSource: 'Yes' - Section9dELBS3LogsBucketName: 'cf-templates-1qpf3unpuo1hw-ap-southeast-1' - Section9eELBS3BucketPathExpression: 'elblogs' + Section8aAutoEnableS3LogsELBResourcesOptions: 'Existing' + Section8bELBCreateLogSource: 'Yes' + Section8dELBS3LogsBucketName: 'cf-templates-1qpf3unpuo1hw-ap-southeast-1' + Section8eELBS3BucketPathExpression: 'elblogs' Assertions: - AssertType: ResourceExistence Assert: @@ -2144,11 +2139,10 @@ Tests: Section6aCreateCloudTrailLogSource: 'Yes' Section6cCloudTrailLogsBucketName: 'cf-templates-1qpf3unpuo1hw-ap-southeast-1' Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section8aRootCauseExplorerOptions: 'Inventory Source' + Section7aCreateCloudWatchLogsSourceOptions: 'None' Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/EC2' - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' + Section8aAutoEnableS3LogsELBResourcesOptions: 'None' + Section8bELBCreateLogSource: 'Yes' Assertions: - AssertType: ResourceExistence Assert: @@ -2365,10 +2359,9 @@ Tests: Section5dALBS3LogsBucketName: 'newapigateway' Section6aCreateCloudTrailLogSource: 'No' Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section8aRootCauseExplorerOptions: 'Both' - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'No' + Section7aCreateCloudWatchLogsSourceOptions: 'None' + Section8aAutoEnableS3LogsELBResourcesOptions: 'None' + Section8bELBCreateLogSource: 'No' Assertions: - AssertType: ResourceExistence Assert: @@ -2623,12 +2616,11 @@ Tests: Section5bALBCreateLogSource: 'No' Section6aCreateCloudTrailLogSource: 'No' Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section8aRootCauseExplorerOptions: 'Both' - Section9aAutoEnableS3LogsELBResourcesOptions: 'Both' - Section9bELBCreateLogSource: 'No' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'anemaelblogs-ap-southeast-1' + Section7aCreateCloudWatchLogsSourceOptions: 'None' + Section8aAutoEnableS3LogsELBResourcesOptions: 'Both' + Section8bELBCreateLogSource: 'No' + Section8cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' + Section8dELBS3LogsBucketName: 'anemaelblogs-ap-southeast-1' Assertions: - AssertType: ResourceExistence Assert: @@ -2889,15 +2881,14 @@ Tests: Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' Section6cCloudTrailLogsBucketName: 'newapigateway' Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" + Section7aCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' + Section7bCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" Section7cAutoSubscribeLogGroupsOptions: "Both" - Section8aRootCauseExplorerOptions: 'Inventory Source' - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-ap-southeast-1' - Section9eELBS3BucketPathExpression: '*abc*' + Section8aAutoEnableS3LogsELBResourcesOptions: 'None' + Section8bELBCreateLogSource: 'Yes' + Section8cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' + Section8dELBS3LogsBucketName: 'akhilblogs-ap-southeast-1' + Section8eELBS3BucketPathExpression: '*abc*' Assertions: - AssertType: ResourceExistence Assert: @@ -3172,8 +3163,8 @@ Tests: Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS, AWS/EC2' Section5aAutoEnableS3LogsALBResourcesOptions: 'Both' Section5bALBCreateLogSource: 'Yes' - Section9aAutoEnableS3LogsELBResourcesOptions: 'Both' - Section9bELBCreateLogSource: 'Yes' + Section8aAutoEnableS3LogsELBResourcesOptions: 'Both' + Section8bELBCreateLogSource: 'Yes' Assertions: - AssertType: ResourceExistence Assert: diff --git a/aws-observability/templates/test/requirements.txt b/cloudformation-sumologic-aws-observability/templates/test/requirements.txt similarity index 100% rename from aws-observability/templates/test/requirements.txt rename to cloudformation-sumologic-aws-observability/templates/test/requirements.txt diff --git a/aws-observability/templates/test/setup-infra/create_s3_bucket.yaml b/cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_s3_bucket.yaml similarity index 100% rename from aws-observability/templates/test/setup-infra/create_s3_bucket.yaml rename to cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_s3_bucket.yaml diff --git a/aws-observability/templates/test/setup-infra/create_sumo_cloudtrail_source.yaml b/cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_cloudtrail_source.yaml similarity index 100% rename from aws-observability/templates/test/setup-infra/create_sumo_cloudtrail_source.yaml rename to cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_cloudtrail_source.yaml diff --git a/aws-observability/templates/test/setup-infra/create_sumo_cloudwatch_lb_source.yaml b/cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_cloudwatch_lb_source.yaml similarity index 100% rename from aws-observability/templates/test/setup-infra/create_sumo_cloudwatch_lb_source.yaml rename to cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_cloudwatch_lb_source.yaml diff --git a/aws-observability/templates/test/setup-infra/create_sumo_cloudwatch_log_source.yaml b/cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_cloudwatch_log_source.yaml similarity index 100% rename from aws-observability/templates/test/setup-infra/create_sumo_cloudwatch_log_source.yaml rename to cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_cloudwatch_log_source.yaml diff --git a/aws-observability/templates/test/setup-infra/create_sumo_collector.yaml b/cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_collector.yaml similarity index 100% rename from aws-observability/templates/test/setup-infra/create_sumo_collector.yaml rename to cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_collector.yaml diff --git a/aws-observability/templates/test/setup-infra/create_sumo_kinesis_firehose_metrics_source.yaml b/cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_kinesis_firehose_metrics_source.yaml similarity index 100% rename from aws-observability/templates/test/setup-infra/create_sumo_kinesis_firehose_metrics_source.yaml rename to cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_kinesis_firehose_metrics_source.yaml diff --git a/aws-observability/templates/test/setup-infra/create_sumo_lambda_hepler.yaml b/cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_lambda_hepler.yaml similarity index 96% rename from aws-observability/templates/test/setup-infra/create_sumo_lambda_hepler.yaml rename to cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_lambda_hepler.yaml index de7a5793..65d8ff9b 100644 --- a/aws-observability/templates/test/setup-infra/create_sumo_lambda_hepler.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_lambda_hepler.yaml @@ -50,6 +50,10 @@ Mappings: bucketname: appdevzipfiles-ap-southeast-1 ap-southeast-2: bucketname: appdevzipfiles-ap-southeast-2 + ap-southeast-4: + bucketname: appdevzipfiles-ap-southeast-4s + ap-southeast-6: + bucketname: appdevzipfiles-ap-southeast-6ss ap-northeast-1: bucketname: appdevzipfiles-ap-northeast-1 ca-central-1: @@ -82,6 +86,8 @@ Mappings: bucketname: appdevzipfiles-ap-northeast-3s ap-southeast-3: bucketname: appdevzipfiles-ap-southeast-3 + il-central-1: + bucketname: appdevzipfiles-il-central-1 Resources: diff --git a/aws-observability/templates/test/setup-infra/create_sumo_role.yaml b/cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_role.yaml similarity index 100% rename from aws-observability/templates/test/setup-infra/create_sumo_role.yaml rename to cloudformation-sumologic-aws-observability/templates/test/setup-infra/create_sumo_role.yaml diff --git a/aws-observability/templates/test/testbundles/all_testsuites_bundle.yaml b/cloudformation-sumologic-aws-observability/templates/test/testbundles/all_testsuites_bundle.yaml similarity index 77% rename from aws-observability/templates/test/testbundles/all_testsuites_bundle.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testbundles/all_testsuites_bundle.yaml index 43e6d058..a5f4c3b2 100644 --- a/aws-observability/templates/test/testbundles/all_testsuites_bundle.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testbundles/all_testsuites_bundle.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: diff --git a/aws-observability/templates/test/testbundles/lb_bundle.yaml b/cloudformation-sumologic-aws-observability/templates/test/testbundles/lb_bundle.yaml similarity index 74% rename from aws-observability/templates/test/testbundles/lb_bundle.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testbundles/lb_bundle.yaml index e04c4c28..23098f9a 100644 --- a/aws-observability/templates/test/testbundles/lb_bundle.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testbundles/lb_bundle.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: diff --git a/aws-observability/templates/test/testbundles/regression_bundle.yaml b/cloudformation-sumologic-aws-observability/templates/test/testbundles/regression_bundle.yaml similarity index 77% rename from aws-observability/templates/test/testbundles/regression_bundle.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testbundles/regression_bundle.yaml index abc88f1a..4f1e806c 100644 --- a/aws-observability/templates/test/testbundles/regression_bundle.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testbundles/regression_bundle.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: diff --git a/aws-observability/templates/test/testbundles/update_bundle.yaml b/cloudformation-sumologic-aws-observability/templates/test/testbundles/update_bundle.yaml similarity index 83% rename from aws-observability/templates/test/testbundles/update_bundle.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testbundles/update_bundle.yaml index ccaeafe6..80514ace 100644 --- a/aws-observability/templates/test/testbundles/update_bundle.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testbundles/update_bundle.yaml @@ -9,4 +9,4 @@ Global: Section1fSumoLogicSendTelemetry: 'true' TestBundleName: updateBundle TestSuites: - - 'test/testsuites/update_v2_11_testsuite.yaml' \ No newline at end of file + - 'test/testsuites/update_v3_0_testsuite.yaml' \ No newline at end of file diff --git a/aws-observability/templates/test/testcases/infra/create_source_existing_bucket_existing_sources.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/create_source_existing_bucket_existing_sources.yaml similarity index 95% rename from aws-observability/templates/test/testcases/infra/create_source_existing_bucket_existing_sources.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/infra/create_source_existing_bucket_existing_sources.yaml index 536e920e..562620df 100644 --- a/aws-observability/templates/test/testcases/infra/create_source_existing_bucket_existing_sources.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/create_source_existing_bucket_existing_sources.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: @@ -17,7 +17,7 @@ TestCase: BucketName: - "parameters.Section5dALBS3LogsBucketName" - "parameters.Section6cCloudTrailLogsBucketName" - - "parameters.Section9dELBS3LogsBucketName" + - "parameters.Section8dELBS3LogsBucketName" Parameters: Values: Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' @@ -39,14 +39,14 @@ TestCase: Section6bCloudTrailLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' Section6cCloudTrailLogsBucketName: 'newapigateway' Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' - Section7bLambdaCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" + Section7aCreateCloudWatchLogsSourceOptions: 'Both (Switch from Lambda Log Forwarder to Kinesis Firehose Log Source)' + Section7bCloudWatchLogsSourceUrl: "https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763257213" Section7cAutoSubscribeLogGroupsOptions: "Both" - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' - Section9cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' - Section9dELBS3LogsBucketName: 'akhilblogs-' - Section9eELBS3BucketPathExpression: '*abc*' + Section8aAutoEnableS3LogsELBResourcesOptions: 'None' + Section8bELBCreateLogSource: 'Yes' + Section8cELBLogsSourceUrl: 'https://api.us2.sumologic.com/api/v1/collectors/350831942/sources/2763251087' + Section8dELBS3LogsBucketName: 'akhilblogs-' + Section8eELBS3BucketPathExpression: '*abc*' Assertions: - AssertType: ResourceExistence Assert: diff --git a/aws-observability/templates/test/testcases/infra/default_param_no_alias_and_csv.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/default_param_no_alias_and_csv.yaml similarity index 99% rename from aws-observability/templates/test/testcases/infra/default_param_no_alias_and_csv.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/infra/default_param_no_alias_and_csv.yaml index ea706c0d..3b5b3481 100644 --- a/aws-observability/templates/test/testcases/infra/default_param_no_alias_and_csv.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/default_param_no_alias_and_csv.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: diff --git a/aws-observability/templates/test/testcases/infra/default_param_no_cloudtrail_invalid_mapping_csv.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/default_param_no_cloudtrail_invalid_mapping_csv.yaml similarity index 99% rename from aws-observability/templates/test/testcases/infra/default_param_no_cloudtrail_invalid_mapping_csv.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/infra/default_param_no_cloudtrail_invalid_mapping_csv.yaml index 40eda67e..51130979 100644 --- a/aws-observability/templates/test/testcases/infra/default_param_no_cloudtrail_invalid_mapping_csv.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/default_param_no_cloudtrail_invalid_mapping_csv.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: diff --git a/aws-observability/templates/test/testcases/infra/default_param_no_cloudtrail_valid_mapping_csv.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/default_param_no_cloudtrail_valid_mapping_csv.yaml similarity index 99% rename from aws-observability/templates/test/testcases/infra/default_param_no_cloudtrail_valid_mapping_csv.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/infra/default_param_no_cloudtrail_valid_mapping_csv.yaml index 9c6908d7..b7e82fe7 100644 --- a/aws-observability/templates/test/testcases/infra/default_param_no_cloudtrail_valid_mapping_csv.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/default_param_no_cloudtrail_valid_mapping_csv.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: diff --git a/aws-observability/templates/test/testcases/infra/existing_cloudtrail_alb_source.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/existing_cloudtrail_alb_source.yaml similarity index 98% rename from aws-observability/templates/test/testcases/infra/existing_cloudtrail_alb_source.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/infra/existing_cloudtrail_alb_source.yaml index dd519100..caba2a56 100644 --- a/aws-observability/templates/test/testcases/infra/existing_cloudtrail_alb_source.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/existing_cloudtrail_alb_source.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: @@ -90,9 +90,9 @@ TestCase: Section5dALBS3LogsBucketName: 'newapigateway' Section6aCreateCloudTrailLogSource: 'No' Section6bCloudTrailLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'No' + Section7aCreateCloudWatchLogsSourceOptions: 'None' + Section8aAutoEnableS3LogsELBResourcesOptions: 'None' + Section8bELBCreateLogSource: 'No' Assertions: - AssertType: ResourceExistence Assert: diff --git a/aws-observability/templates/test/testcases/infra/existing_cloudtrail_bucket.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/existing_cloudtrail_bucket.yaml similarity index 97% rename from aws-observability/templates/test/testcases/infra/existing_cloudtrail_bucket.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/infra/existing_cloudtrail_bucket.yaml index d0a028ff..33bf12a7 100644 --- a/aws-observability/templates/test/testcases/infra/existing_cloudtrail_bucket.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/existing_cloudtrail_bucket.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: @@ -32,10 +32,10 @@ TestCase: Section6aCreateCloudTrailLogSource: 'Yes' Section6cCloudTrailLogsBucketName: 'cf-templates-1qpf3unpuo1hw-' Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' + Section7aCreateCloudWatchLogsSourceOptions: 'None' Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/EC2' - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' + Section8aAutoEnableS3LogsELBResourcesOptions: 'None' + Section8bELBCreateLogSource: 'Yes' Section10aAppInstallLocation: "Admin Recommended Folder" Section10bShare: 'False' Assertions: diff --git a/aws-observability/templates/test/testcases/infra/existing_cloudtrail_elb_source.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/existing_cloudtrail_elb_source.yaml similarity index 97% rename from aws-observability/templates/test/testcases/infra/existing_cloudtrail_elb_source.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/infra/existing_cloudtrail_elb_source.yaml index 58a3eb96..640b473a 100644 --- a/aws-observability/templates/test/testcases/infra/existing_cloudtrail_elb_source.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/existing_cloudtrail_elb_source.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: @@ -15,7 +15,7 @@ TestCase: - CFNTemplateURL: "test/setup-infra/create_s3_bucket.yaml" ImpactedParametersPath: BucketName: - - "parameters.Section9dELBS3LogsBucketName" + - "parameters.Section8dELBS3LogsBucketName" - CFNTemplateURL: "test/setup-infra/create_sumo_lambda_hepler.yaml" CFNParameters: SumoLogicDeployment: '${SUMO_DEPLOYMENT}' @@ -70,7 +70,7 @@ TestCase: LBLogsBucketName: '${BucketName}' ImpactedParametersPath: SumoLoadBalancerLogAPIURL: - - "parameters.Section9cELBLogsSourceUrl" + - "parameters.Section8cELBLogsSourceUrl" - "assertions[AssertType==ParameterCheck].Assert.sumoElbMetricsAppStack.Section5aELBLogsAPIUrl" Parameters: Values: @@ -87,11 +87,11 @@ TestCase: Section5bALBCreateLogSource: 'No' Section6aCreateCloudTrailLogSource: 'No' Section6bCloudTrailLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section9aAutoEnableS3LogsELBResourcesOptions: 'Both' - Section9bELBCreateLogSource: 'No' - Section9cELBLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' - Section9dELBS3LogsBucketName: 'anemaelblogs-' + Section7aCreateCloudWatchLogsSourceOptions: 'None' + Section8aAutoEnableS3LogsELBResourcesOptions: 'Both' + Section8bELBCreateLogSource: 'No' + Section8cELBLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511494842' + Section8dELBS3LogsBucketName: 'anemaelblogs-' Assertions: - AssertType: ResourceExistence Assert: diff --git a/aws-observability/templates/test/testcases/infra/no_cloudtrail.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/no_cloudtrail.yaml similarity index 98% rename from aws-observability/templates/test/testcases/infra/no_cloudtrail.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/infra/no_cloudtrail.yaml index 7bfd5e39..faa777b7 100644 --- a/aws-observability/templates/test/testcases/infra/no_cloudtrail.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/no_cloudtrail.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: @@ -24,12 +24,12 @@ TestCase: Section5aAutoEnableS3LogsALBResourcesOptions: 'New' Section5bALBCreateLogSource: 'Yes' Section6aCreateCloudTrailLogSource: 'No' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Lambda Log Forwarder' + Section7aCreateCloudWatchLogsSourceOptions: 'Lambda Log Forwarder' Section7cAutoSubscribeLogGroupsOptions: 'New' Section7eAutoSubscribeLogGroupByTags: 'env=prod,creator=himan,team=app' Section4bMetricsNameSpaces: 'AWS/ElastiCache, AWS/ELB, AWS/NetworkELB, AWS/ApplicationELB, AWS/RDS, AWS/SQS, AWS/EC2, AWS/SNS' - Section9aAutoEnableS3LogsELBResourcesOptions: 'New' - Section9bELBCreateLogSource: 'Yes' + Section8aAutoEnableS3LogsELBResourcesOptions: 'New' + Section8bELBCreateLogSource: 'Yes' Assertions: - AssertType: ResourceExistence Assert: diff --git a/aws-observability/templates/test/testcases/infra/nothing_to_install.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/nothing_to_install.yaml similarity index 96% rename from aws-observability/templates/test/testcases/infra/nothing_to_install.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/infra/nothing_to_install.yaml index f12a2f57..3854ef42 100644 --- a/aws-observability/templates/test/testcases/infra/nothing_to_install.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/nothing_to_install.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: @@ -24,9 +24,9 @@ TestCase: Section5aAutoEnableS3LogsALBResourcesOptions: 'None' Section5bALBCreateLogSource: 'No' Section6aCreateCloudTrailLogSource: 'No' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'No' + Section7aCreateCloudWatchLogsSourceOptions: 'None' + Section8aAutoEnableS3LogsELBResourcesOptions: 'None' + Section8bELBCreateLogSource: 'No' Assertions: - AssertType: ResourceExistence Assert: diff --git a/aws-observability/templates/test/testcases/infra/only_cloudtrail_with_loggroup_tags.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/only_cloudtrail_with_loggroup_tags.yaml similarity index 97% rename from aws-observability/templates/test/testcases/infra/only_cloudtrail_with_loggroup_tags.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/infra/only_cloudtrail_with_loggroup_tags.yaml index 9c86c651..2fb04b3c 100644 --- a/aws-observability/templates/test/testcases/infra/only_cloudtrail_with_loggroup_tags.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/only_cloudtrail_with_loggroup_tags.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: @@ -26,11 +26,11 @@ TestCase: Section5aAutoEnableS3LogsALBResourcesOptions: 'New' Section5bALBCreateLogSource: 'No' Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Kinesis Firehose Log Source' + Section7aCreateCloudWatchLogsSourceOptions: 'Kinesis Firehose Log Source' Section7cAutoSubscribeLogGroupsOptions: 'Existing' Section7eAutoSubscribeLogGroupByTags: 'env=prod,creator=himan,team=app' - Section9aAutoEnableS3LogsELBResourcesOptions: 'New' - Section9bELBCreateLogSource: 'No' + Section8aAutoEnableS3LogsELBResourcesOptions: 'New' + Section8bELBCreateLogSource: 'No' Assertions: - AssertType: ResourceExistence Assert: diff --git a/aws-observability/templates/test/testcases/infra/tag_filters_for_cw_metric_source_with_custom_namespaces.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/tag_filters_for_cw_metric_source_with_custom_namespaces.yaml similarity index 98% rename from aws-observability/templates/test/testcases/infra/tag_filters_for_cw_metric_source_with_custom_namespaces.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/infra/tag_filters_for_cw_metric_source_with_custom_namespaces.yaml index 31179773..df0b157e 100644 --- a/aws-observability/templates/test/testcases/infra/tag_filters_for_cw_metric_source_with_custom_namespaces.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/infra/tag_filters_for_cw_metric_source_with_custom_namespaces.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: @@ -34,11 +34,11 @@ TestCase: Section6aCreateCloudTrailLogSource: 'Yes' Section6cCloudTrailLogsBucketName: 'cf-templates-1qpf3unpuo1hw-' Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'Lambda Log Forwarder' + Section7aCreateCloudWatchLogsSourceOptions: 'Lambda Log Forwarder' Section7cAutoSubscribeLogGroupsOptions: 'Both' Section7eAutoSubscribeLogGroupByTags: 'env=prod,creator=himan,team=app' - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' + Section8aAutoEnableS3LogsELBResourcesOptions: 'None' + Section8bELBCreateLogSource: 'Yes' Section10aAppInstallLocation: "Admin Recommended Folder" Section10bShare: 'True' Assertions: diff --git a/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/alb_auto_enable_both.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/alb_auto_enable_both.yaml new file mode 100644 index 00000000..046dbd13 --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/alb_auto_enable_both.yaml @@ -0,0 +1,99 @@ +--- +Global: + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" + StackName: AWSO + ParallelTestsRun: 1 + GlobalParameters: + Default: + Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' + Section2aAccountAlias: 'albboth' +TestCase: + TestName: albAutoEnableBoth + Regions: '${SUMO_REGIONS}' + Skip: false + Parameters: + Values: + Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' + Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' + Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' + Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' + Section2aAccountAlias: 'albboth' + Section2bAccountAliasMappingS3URL: '' + Section3aInstallObservabilityApps: 'No' + Section5aAutoEnableS3LogsALBResourcesOptions: 'Both' + Section5bALBCreateLogSource: 'Yes' + Section8bELBCreateLogSource: 'No' + Assertions: + - AssertType: ResourceExistence + Assert: + Resources: + - LambdaRole + - LambdaPermission + - PrimerInvoke + - TelemetryLambda + - CreateCommonResources + - AutoEnableOptions + - CreateCommonResources.LambdaRole + - CreateCommonResources.LambdaHelper + - CreateCommonResources.AccountCheck + - CreateCommonResources.CommonBucketSNSTopic + - CreateCommonResources.CommonS3Bucket + - CreateCommonResources.CommonBucketPolicyForOldRegion + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonBucketPolicy + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonCloudTrail + - CreateCommonResources.CommonSNSpolicy + - CreateCommonResources.SumoLogicSourceRole + - CreateCommonResources.SumoLogicHostedCollector + - CreateCommonResources.LambdaToDecideCWMetricsSources + - CreateCommonResources.Primerinvoke + - CreateCommonResources.ALBSource + - CreateCommonResources.ALBSNSSubscription + - CreateCommonResources.CloudTrailSource + - CreateCommonResources.CloudTrailSNSSubscription + - CreateCommonResources.SumoLogicALBS3Policy + - CreateCommonResources.SumoLogicCloudTrailS3Policy + - CreateCommonResources.AccountAliasValue + - CreateCommonResources.LambdaHelperAlias + - CreateCommonResources.LambdaRoleAlias + - CreateCommonResources.KinesisFirehoseLogsSource + - CreateCommonResources.KinesisFirehoseLogsStack + - CreateCommonResources.KinesisFirehoseMetricsSource + - CreateCommonResources.KinesisFirehoseMetricsStack + - AutoEnableOptions.AutoEnableS3LogsAlbStack + - AutoEnableOptions.AutoEnableS3LogsAlbStack.AutoEnableAlbLogEventsInvokePermission + - AutoEnableOptions.AutoEnableS3LogsAlbStack.AutoEnableAlbLogEventsRuleTrigger + - AutoEnableOptions.AutoEnableS3LogsAlbStack.EnableExisitngAWSResourcesLambda + - AutoEnableOptions.AutoEnableS3LogsAlbStack.EnableNewAWSResourcesLambda + - AutoEnableOptions.AutoEnableS3LogsAlbStack.ExistingAWSResources + - AutoEnableOptions.AutoEnableS3LogsAlbStack.SumoLambdaRole + - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources + - AssertType: OutputsCheck + Assert: + Outputs: + - CreateCommonResources.LambdaHelperARN + - CreateCommonResources.EnterpriseCheck + - CreateCommonResources.PaidAccountCheck + - CreateCommonResources.LambdaRoleARN + - CreateCommonResources.BucketName + - CreateCommonResources.AccountAlias + - CreateCommonResources.CollectorName + - AutoEnableOptions.AutoEnableS3LogsAlbStack.EnableExisitngAWSResourcesLambda + - AutoEnableOptions.AutoEnableS3LogsAlbStack.EnableNewAWSResourcesLambda + - AssertType: ParameterCheck + Assert: + CreateCommonResources: + CreateALBLogSource: 'Yes' + CreateALBS3Bucket: 'Yes' + ALBS3LogsBucketName: "" + ALBS3BucketPathExpression: '/elasticloadbalancing//*' + ALBLogsSourceName: "alb-logs-" + ALBLogsSourceCategory: "aws/observability/alb/logs" + CreateELBLogSource: 'No' + AutoEnableOptions: + ALBAutoEnableS3Logs: 'Yes' + ALBAutoEnableS3LogsOptions: "Both" + ALBS3LogsBucketName: 'aws-observability-logs' + ELBAutoEnableS3Logs: 'No' + AutoEnableOptions.AutoEnableS3LogsAlbStack: + BucketName: 'aws-observability-logs' + AutoEnableResourceOptions: 'Both' diff --git a/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/alb_auto_enable_existing.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/alb_auto_enable_existing.yaml new file mode 100644 index 00000000..037af232 --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/alb_auto_enable_existing.yaml @@ -0,0 +1,95 @@ +--- +Global: + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" + StackName: AWSO + ParallelTestsRun: 1 + GlobalParameters: + Default: + Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' + Section2aAccountAlias: 'albexist' +TestCase: + TestName: albAutoEnableExisting + Regions: '${SUMO_REGIONS}' + Skip: false + Parameters: + Values: + Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' + Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' + Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' + Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' + Section2aAccountAlias: 'albexist' + Section2bAccountAliasMappingS3URL: '' + Section3aInstallObservabilityApps: 'No' + Section5aAutoEnableS3LogsALBResourcesOptions: 'Existing' + Section5bALBCreateLogSource: 'Yes' + Section8bELBCreateLogSource: 'No' + Assertions: + - AssertType: ResourceExistence + Assert: + Resources: + - LambdaRole + - LambdaPermission + - PrimerInvoke + - TelemetryLambda + - CreateCommonResources + - AutoEnableOptions + - CreateCommonResources.LambdaRole + - CreateCommonResources.LambdaHelper + - CreateCommonResources.AccountCheck + - CreateCommonResources.CommonBucketSNSTopic + - CreateCommonResources.CommonS3Bucket + - CreateCommonResources.CommonBucketPolicyForOldRegion + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonBucketPolicy + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonCloudTrail + - CreateCommonResources.CommonSNSpolicy + - CreateCommonResources.SumoLogicSourceRole + - CreateCommonResources.SumoLogicHostedCollector + - CreateCommonResources.LambdaToDecideCWMetricsSources + - CreateCommonResources.Primerinvoke + - CreateCommonResources.ALBSource + - CreateCommonResources.ALBSNSSubscription + - CreateCommonResources.CloudTrailSource + - CreateCommonResources.CloudTrailSNSSubscription + - CreateCommonResources.SumoLogicALBS3Policy + - CreateCommonResources.SumoLogicCloudTrailS3Policy + - CreateCommonResources.AccountAliasValue + - CreateCommonResources.LambdaHelperAlias + - CreateCommonResources.LambdaRoleAlias + - CreateCommonResources.KinesisFirehoseLogsSource + - CreateCommonResources.KinesisFirehoseLogsStack + - CreateCommonResources.KinesisFirehoseMetricsSource + - CreateCommonResources.KinesisFirehoseMetricsStack + - AutoEnableOptions.AutoEnableS3LogsAlbStack + - AutoEnableOptions.AutoEnableS3LogsAlbStack.EnableExisitngAWSResourcesLambda + - AutoEnableOptions.AutoEnableS3LogsAlbStack.ExistingAWSResources + - AutoEnableOptions.AutoEnableS3LogsAlbStack.SumoLambdaRole + - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources + - AssertType: OutputsCheck + Assert: + Outputs: + - CreateCommonResources.LambdaHelperARN + - CreateCommonResources.EnterpriseCheck + - CreateCommonResources.PaidAccountCheck + - CreateCommonResources.LambdaRoleARN + - CreateCommonResources.BucketName + - CreateCommonResources.AccountAlias + - CreateCommonResources.CollectorName + - AutoEnableOptions.AutoEnableS3LogsAlbStack.EnableExisitngAWSResourcesLambda + - AssertType: ParameterCheck + Assert: + CreateCommonResources: + CreateALBLogSource: 'Yes' + CreateALBS3Bucket: 'Yes' + ALBS3LogsBucketName: "" + ALBS3BucketPathExpression: '/elasticloadbalancing//*' + ALBLogsSourceName: "alb-logs-" + ALBLogsSourceCategory: "aws/observability/alb/logs" + CreateELBLogSource: 'No' + AutoEnableOptions: + ALBAutoEnableS3Logs: 'Yes' + ALBAutoEnableS3LogsOptions: "Existing" + ALBS3LogsBucketName: 'aws-observability-logs' + ELBAutoEnableS3Logs: 'No' + AutoEnableOptions.AutoEnableS3LogsAlbStack: + BucketName: 'aws-observability-logs' + AutoEnableResourceOptions: 'Existing' diff --git a/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/alb_auto_enable_new.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/alb_auto_enable_new.yaml new file mode 100644 index 00000000..c4598a19 --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/alb_auto_enable_new.yaml @@ -0,0 +1,96 @@ +--- +Global: + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" + StackName: AWSO + ParallelTestsRun: 1 + GlobalParameters: + Default: + Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' + Section2aAccountAlias: 'albnew' +TestCase: + TestName: albAutoEnableNew + Regions: '${SUMO_REGIONS}' + Skip: false + Parameters: + Values: + Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' + Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' + Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' + Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' + Section2aAccountAlias: 'albnew' + Section2bAccountAliasMappingS3URL: '' + Section3aInstallObservabilityApps: 'No' + Section5aAutoEnableS3LogsALBResourcesOptions: 'New' + Section5bALBCreateLogSource: 'Yes' + Section8bELBCreateLogSource: 'No' + Assertions: + - AssertType: ResourceExistence + Assert: + Resources: + - LambdaRole + - LambdaPermission + - PrimerInvoke + - TelemetryLambda + - CreateCommonResources + - AutoEnableOptions + - CreateCommonResources.LambdaRole + - CreateCommonResources.LambdaHelper + - CreateCommonResources.AccountCheck + - CreateCommonResources.CommonBucketSNSTopic + - CreateCommonResources.CommonS3Bucket + - CreateCommonResources.CommonBucketPolicyForOldRegion + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonBucketPolicy + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonCloudTrail + - CreateCommonResources.CommonSNSpolicy + - CreateCommonResources.SumoLogicSourceRole + - CreateCommonResources.SumoLogicHostedCollector + - CreateCommonResources.LambdaToDecideCWMetricsSources + - CreateCommonResources.Primerinvoke + - CreateCommonResources.ALBSource + - CreateCommonResources.ALBSNSSubscription + - CreateCommonResources.CloudTrailSource + - CreateCommonResources.CloudTrailSNSSubscription + - CreateCommonResources.SumoLogicALBS3Policy + - CreateCommonResources.SumoLogicCloudTrailS3Policy + - CreateCommonResources.AccountAliasValue + - CreateCommonResources.LambdaHelperAlias + - CreateCommonResources.LambdaRoleAlias + - CreateCommonResources.KinesisFirehoseLogsSource + - CreateCommonResources.KinesisFirehoseLogsStack + - CreateCommonResources.KinesisFirehoseMetricsSource + - CreateCommonResources.KinesisFirehoseMetricsStack + - AutoEnableOptions.AutoEnableS3LogsAlbStack + - AutoEnableOptions.AutoEnableS3LogsAlbStack.AutoEnableAlbLogEventsInvokePermission + - AutoEnableOptions.AutoEnableS3LogsAlbStack.AutoEnableAlbLogEventsRuleTrigger + - AutoEnableOptions.AutoEnableS3LogsAlbStack.EnableNewAWSResourcesLambda + - AutoEnableOptions.AutoEnableS3LogsAlbStack.SumoLambdaRole + - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources + - AssertType: OutputsCheck + Assert: + Outputs: + - CreateCommonResources.LambdaHelperARN + - CreateCommonResources.EnterpriseCheck + - CreateCommonResources.PaidAccountCheck + - CreateCommonResources.LambdaRoleARN + - CreateCommonResources.BucketName + - CreateCommonResources.AccountAlias + - CreateCommonResources.CollectorName + - AutoEnableOptions.AutoEnableS3LogsAlbStack.EnableNewAWSResourcesLambda + - AssertType: ParameterCheck + Assert: + CreateCommonResources: + CreateALBLogSource: 'Yes' + CreateALBS3Bucket: 'Yes' + ALBS3LogsBucketName: "" + ALBS3BucketPathExpression: '/elasticloadbalancing//*' + ALBLogsSourceName: "alb-logs-" + ALBLogsSourceCategory: "aws/observability/alb/logs" + CreateELBLogSource: 'No' + AutoEnableOptions: + ALBAutoEnableS3Logs: 'Yes' + ALBAutoEnableS3LogsOptions: "New" + ALBS3LogsBucketName: 'aws-observability-logs' + ELBAutoEnableS3Logs: 'No' + AutoEnableOptions.AutoEnableS3LogsAlbStack: + BucketName: 'aws-observability-logs' + AutoEnableResourceOptions: 'New' diff --git a/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/alb_auto_enable_none.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/alb_auto_enable_none.yaml new file mode 100644 index 00000000..1c07a0d3 --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/alb_auto_enable_none.yaml @@ -0,0 +1,85 @@ +--- +Global: + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" + StackName: AWSO + ParallelTestsRun: 1 + GlobalParameters: + Default: + Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' + Section2aAccountAlias: 'albnone' +TestCase: + TestName: albAutoEnableNone + Regions: '${SUMO_REGIONS}' + Skip: false + Parameters: + Values: + Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' + Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' + Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' + Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' + Section2aAccountAlias: 'albnone' + Section2bAccountAliasMappingS3URL: '' + Section3aInstallObservabilityApps: 'No' + Section5aAutoEnableS3LogsALBResourcesOptions: 'None' + Section5bALBCreateLogSource: 'Yes' + Section8bELBCreateLogSource: 'No' + Assertions: + - AssertType: ResourceExistence + Assert: + Resources: + - LambdaRole + - LambdaPermission + - PrimerInvoke + - TelemetryLambda + - CreateCommonResources + - AutoEnableOptions + - CreateCommonResources.LambdaRole + - CreateCommonResources.LambdaHelper + - CreateCommonResources.AccountCheck + - CreateCommonResources.CommonBucketSNSTopic + - CreateCommonResources.CommonS3Bucket + - CreateCommonResources.CommonBucketPolicyForOldRegion + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonBucketPolicy + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonCloudTrail + - CreateCommonResources.CommonSNSpolicy + - CreateCommonResources.SumoLogicSourceRole + - CreateCommonResources.SumoLogicHostedCollector + - CreateCommonResources.LambdaToDecideCWMetricsSources + - CreateCommonResources.Primerinvoke + - CreateCommonResources.ALBSource + - CreateCommonResources.ALBSNSSubscription + - CreateCommonResources.CloudTrailSource + - CreateCommonResources.CloudTrailSNSSubscription + - CreateCommonResources.SumoLogicALBS3Policy + - CreateCommonResources.SumoLogicCloudTrailS3Policy + - CreateCommonResources.AccountAliasValue + - CreateCommonResources.LambdaHelperAlias + - CreateCommonResources.LambdaRoleAlias + - CreateCommonResources.KinesisFirehoseLogsSource + - CreateCommonResources.KinesisFirehoseLogsStack + - CreateCommonResources.KinesisFirehoseMetricsSource + - CreateCommonResources.KinesisFirehoseMetricsStack + - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources + - AssertType: OutputsCheck + Assert: + Outputs: + - CreateCommonResources.LambdaHelperARN + - CreateCommonResources.EnterpriseCheck + - CreateCommonResources.PaidAccountCheck + - CreateCommonResources.LambdaRoleARN + - CreateCommonResources.BucketName + - CreateCommonResources.AccountAlias + - CreateCommonResources.CollectorName + - AssertType: ParameterCheck + Assert: + CreateCommonResources: + CreateALBLogSource: 'Yes' + CreateALBS3Bucket: 'Yes' + ALBS3LogsBucketName: "" + ALBS3BucketPathExpression: '/elasticloadbalancing//*' + ALBLogsSourceName: "alb-logs-" + ALBLogsSourceCategory: "aws/observability/alb/logs" + CreateELBLogSource: 'No' + AutoEnableOptions: + ALBAutoEnableS3Logs: 'No' + ELBAutoEnableS3Logs: 'No' diff --git a/aws-observability/templates/test/testcases/lb/auto_enable_check_elb.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/auto_enable_check_elb.yaml similarity index 98% rename from aws-observability/templates/test/testcases/lb/auto_enable_check_elb.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/lb/auto_enable_check_elb.yaml index 7b751b14..e637efef 100644 --- a/aws-observability/templates/test/testcases/lb/auto_enable_check_elb.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/auto_enable_check_elb.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: @@ -22,8 +22,8 @@ TestCase: Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/SNS, AWS/SQS, AWS/EC2' Section5aAutoEnableS3LogsALBResourcesOptions: 'Both' Section5bALBCreateLogSource: 'Yes' - Section9aAutoEnableS3LogsELBResourcesOptions: 'Both' - Section9bELBCreateLogSource: 'Yes' + Section8aAutoEnableS3LogsELBResourcesOptions: 'Both' + Section8bELBCreateLogSource: 'Yes' Assertions: - AssertType: ResourceExistence Assert: diff --git a/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/elb_auto_enable_both.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/elb_auto_enable_both.yaml new file mode 100644 index 00000000..a5ff2c66 --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/elb_auto_enable_both.yaml @@ -0,0 +1,99 @@ +--- +Global: + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" + StackName: AWSO + ParallelTestsRun: 1 + GlobalParameters: + Default: + Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' + Section2aAccountAlias: 'elbboth' +TestCase: + TestName: elbAutoEnableBoth + Regions: '${SUMO_REGIONS}' + Skip: false + Parameters: + Values: + Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' + Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' + Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' + Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' + Section2aAccountAlias: 'elbboth' + Section2bAccountAliasMappingS3URL: '' + Section3aInstallObservabilityApps: 'No' + Section5bALBCreateLogSource: 'No' + Section8aAutoEnableS3LogsELBResourcesOptions: 'Both' + Section8bELBCreateLogSource: 'Yes' + Assertions: + - AssertType: ResourceExistence + Assert: + Resources: + - LambdaRole + - LambdaPermission + - PrimerInvoke + - TelemetryLambda + - CreateCommonResources + - AutoEnableOptions + - CreateCommonResources.LambdaRole + - CreateCommonResources.LambdaHelper + - CreateCommonResources.AccountCheck + - CreateCommonResources.CommonBucketSNSTopic + - CreateCommonResources.CommonS3Bucket + - CreateCommonResources.CommonBucketPolicyForOldRegion + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonBucketPolicy + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonCloudTrail + - CreateCommonResources.CommonSNSpolicy + - CreateCommonResources.SumoLogicSourceRole + - CreateCommonResources.SumoLogicHostedCollector + - CreateCommonResources.LambdaToDecideCWMetricsSources + - CreateCommonResources.Primerinvoke + - CreateCommonResources.ELBSource + - CreateCommonResources.ELBSNSSubscription + - CreateCommonResources.CloudTrailSource + - CreateCommonResources.CloudTrailSNSSubscription + - CreateCommonResources.SumoLogicELBS3Policy + - CreateCommonResources.SumoLogicCloudTrailS3Policy + - CreateCommonResources.AccountAliasValue + - CreateCommonResources.LambdaHelperAlias + - CreateCommonResources.LambdaRoleAlias + - CreateCommonResources.KinesisFirehoseLogsSource + - CreateCommonResources.KinesisFirehoseLogsStack + - CreateCommonResources.KinesisFirehoseMetricsSource + - CreateCommonResources.KinesisFirehoseMetricsStack + - AutoEnableOptions.AutoEnableS3LogsElbStack + - AutoEnableOptions.AutoEnableS3LogsElbStack.AutoEnableElbLogEventsInvokePermission + - AutoEnableOptions.AutoEnableS3LogsElbStack.AutoEnableElbLogEventsRuleTrigger + - AutoEnableOptions.AutoEnableS3LogsElbStack.EnableExisitngAWSResourcesLambda + - AutoEnableOptions.AutoEnableS3LogsElbStack.EnableNewAWSResourcesLambda + - AutoEnableOptions.AutoEnableS3LogsElbStack.ExistingAWSResources + - AutoEnableOptions.AutoEnableS3LogsElbStack.SumoLambdaRole + - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources + - AssertType: OutputsCheck + Assert: + Outputs: + - CreateCommonResources.LambdaHelperARN + - CreateCommonResources.EnterpriseCheck + - CreateCommonResources.PaidAccountCheck + - CreateCommonResources.LambdaRoleARN + - CreateCommonResources.BucketName + - CreateCommonResources.AccountAlias + - CreateCommonResources.CollectorName + - AutoEnableOptions.AutoEnableS3LogsElbStack.EnableExisitngAWSResourcesLambda + - AutoEnableOptions.AutoEnableS3LogsElbStack.EnableNewAWSResourcesLambda + - AssertType: ParameterCheck + Assert: + CreateCommonResources: + CreateELBLogSource: 'Yes' + CreateELBS3Bucket: 'Yes' + ELBS3LogsBucketName: "" + ELBS3BucketPathExpression: 'classicloadbalancing/*' + ELBLogsSourceName: "elb-logs-" + ELBLogsSourceCategory: "aws/observability/elb/logs" + CreateALBLogSource: 'No' + AutoEnableOptions: + ELBAutoEnableS3Logs: 'Yes' + ELBAutoEnableS3LogsOptions: "Both" + ELBS3LogsBucketName: 'aws-observability-logs' + ALBAutoEnableS3Logs: 'No' + AutoEnableOptions.AutoEnableS3LogsElbStack: + BucketName: 'aws-observability-logs' + AutoEnableResourceOptions: 'Both' diff --git a/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/elb_auto_enable_existing.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/elb_auto_enable_existing.yaml new file mode 100644 index 00000000..c3cd2ffb --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/elb_auto_enable_existing.yaml @@ -0,0 +1,95 @@ +--- +Global: + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" + StackName: AWSO + ParallelTestsRun: 1 + GlobalParameters: + Default: + Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' + Section2aAccountAlias: 'elbexist' +TestCase: + TestName: elbAutoEnableExisting + Regions: '${SUMO_REGIONS}' + Skip: false + Parameters: + Values: + Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' + Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' + Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' + Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' + Section2aAccountAlias: 'elbexist' + Section2bAccountAliasMappingS3URL: '' + Section3aInstallObservabilityApps: 'No' + Section5bALBCreateLogSource: 'No' + Section8aAutoEnableS3LogsELBResourcesOptions: 'Existing' + Section8bELBCreateLogSource: 'Yes' + Assertions: + - AssertType: ResourceExistence + Assert: + Resources: + - LambdaRole + - LambdaPermission + - PrimerInvoke + - TelemetryLambda + - CreateCommonResources + - AutoEnableOptions + - CreateCommonResources.LambdaRole + - CreateCommonResources.LambdaHelper + - CreateCommonResources.AccountCheck + - CreateCommonResources.CommonBucketSNSTopic + - CreateCommonResources.CommonS3Bucket + - CreateCommonResources.CommonBucketPolicyForOldRegion + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonBucketPolicy + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonCloudTrail + - CreateCommonResources.CommonSNSpolicy + - CreateCommonResources.SumoLogicSourceRole + - CreateCommonResources.SumoLogicHostedCollector + - CreateCommonResources.LambdaToDecideCWMetricsSources + - CreateCommonResources.Primerinvoke + - CreateCommonResources.ELBSource + - CreateCommonResources.ELBSNSSubscription + - CreateCommonResources.CloudTrailSource + - CreateCommonResources.CloudTrailSNSSubscription + - CreateCommonResources.SumoLogicELBS3Policy + - CreateCommonResources.SumoLogicCloudTrailS3Policy + - CreateCommonResources.AccountAliasValue + - CreateCommonResources.LambdaHelperAlias + - CreateCommonResources.LambdaRoleAlias + - CreateCommonResources.KinesisFirehoseLogsSource + - CreateCommonResources.KinesisFirehoseLogsStack + - CreateCommonResources.KinesisFirehoseMetricsSource + - CreateCommonResources.KinesisFirehoseMetricsStack + - AutoEnableOptions.AutoEnableS3LogsElbStack + - AutoEnableOptions.AutoEnableS3LogsElbStack.EnableExisitngAWSResourcesLambda + - AutoEnableOptions.AutoEnableS3LogsElbStack.ExistingAWSResources + - AutoEnableOptions.AutoEnableS3LogsElbStack.SumoLambdaRole + - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources + - AssertType: OutputsCheck + Assert: + Outputs: + - CreateCommonResources.LambdaHelperARN + - CreateCommonResources.EnterpriseCheck + - CreateCommonResources.PaidAccountCheck + - CreateCommonResources.LambdaRoleARN + - CreateCommonResources.BucketName + - CreateCommonResources.AccountAlias + - CreateCommonResources.CollectorName + - AutoEnableOptions.AutoEnableS3LogsElbStack.EnableExisitngAWSResourcesLambda + - AssertType: ParameterCheck + Assert: + CreateCommonResources: + CreateELBLogSource: 'Yes' + CreateELBS3Bucket: 'Yes' + ELBS3LogsBucketName: "" + ELBS3BucketPathExpression: 'classicloadbalancing/*' + ELBLogsSourceName: "elb-logs-" + ELBLogsSourceCategory: "aws/observability/elb/logs" + CreateALBLogSource: 'No' + AutoEnableOptions: + ELBAutoEnableS3Logs: 'Yes' + ELBAutoEnableS3LogsOptions: "Existing" + ELBS3LogsBucketName: 'aws-observability-logs' + ALBAutoEnableS3Logs: 'No' + AutoEnableOptions.AutoEnableS3LogsElbStack: + BucketName: 'aws-observability-logs' + AutoEnableResourceOptions: 'Existing' diff --git a/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/elb_auto_enable_new.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/elb_auto_enable_new.yaml new file mode 100644 index 00000000..6422bb39 --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/elb_auto_enable_new.yaml @@ -0,0 +1,96 @@ +--- +Global: + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" + StackName: AWSO + ParallelTestsRun: 1 + GlobalParameters: + Default: + Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' + Section2aAccountAlias: 'elbnew' +TestCase: + TestName: elbAutoEnableNew + Regions: '${SUMO_REGIONS}' + Skip: false + Parameters: + Values: + Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' + Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' + Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' + Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' + Section2aAccountAlias: 'elbnew' + Section2bAccountAliasMappingS3URL: '' + Section3aInstallObservabilityApps: 'No' + Section5bALBCreateLogSource: 'No' + Section8aAutoEnableS3LogsELBResourcesOptions: 'New' + Section8bELBCreateLogSource: 'Yes' + Assertions: + - AssertType: ResourceExistence + Assert: + Resources: + - LambdaRole + - LambdaPermission + - PrimerInvoke + - TelemetryLambda + - CreateCommonResources + - AutoEnableOptions + - CreateCommonResources.LambdaRole + - CreateCommonResources.LambdaHelper + - CreateCommonResources.AccountCheck + - CreateCommonResources.CommonBucketSNSTopic + - CreateCommonResources.CommonS3Bucket + - CreateCommonResources.CommonBucketPolicyForOldRegion + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonBucketPolicy + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonCloudTrail + - CreateCommonResources.CommonSNSpolicy + - CreateCommonResources.SumoLogicSourceRole + - CreateCommonResources.SumoLogicHostedCollector + - CreateCommonResources.LambdaToDecideCWMetricsSources + - CreateCommonResources.Primerinvoke + - CreateCommonResources.ELBSource + - CreateCommonResources.ELBSNSSubscription + - CreateCommonResources.CloudTrailSource + - CreateCommonResources.CloudTrailSNSSubscription + - CreateCommonResources.SumoLogicELBS3Policy + - CreateCommonResources.SumoLogicCloudTrailS3Policy + - CreateCommonResources.AccountAliasValue + - CreateCommonResources.LambdaHelperAlias + - CreateCommonResources.LambdaRoleAlias + - CreateCommonResources.KinesisFirehoseLogsSource + - CreateCommonResources.KinesisFirehoseLogsStack + - CreateCommonResources.KinesisFirehoseMetricsSource + - CreateCommonResources.KinesisFirehoseMetricsStack + - AutoEnableOptions.AutoEnableS3LogsElbStack + - AutoEnableOptions.AutoEnableS3LogsElbStack.AutoEnableElbLogEventsInvokePermission + - AutoEnableOptions.AutoEnableS3LogsElbStack.AutoEnableElbLogEventsRuleTrigger + - AutoEnableOptions.AutoEnableS3LogsElbStack.EnableNewAWSResourcesLambda + - AutoEnableOptions.AutoEnableS3LogsElbStack.SumoLambdaRole + - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources + - AssertType: OutputsCheck + Assert: + Outputs: + - CreateCommonResources.LambdaHelperARN + - CreateCommonResources.EnterpriseCheck + - CreateCommonResources.PaidAccountCheck + - CreateCommonResources.LambdaRoleARN + - CreateCommonResources.BucketName + - CreateCommonResources.AccountAlias + - CreateCommonResources.CollectorName + - AutoEnableOptions.AutoEnableS3LogsElbStack.EnableNewAWSResourcesLambda + - AssertType: ParameterCheck + Assert: + CreateCommonResources: + CreateELBLogSource: 'Yes' + CreateELBS3Bucket: 'Yes' + ELBS3LogsBucketName: "" + ELBS3BucketPathExpression: 'classicloadbalancing/*' + ELBLogsSourceName: "elb-logs-" + ELBLogsSourceCategory: "aws/observability/elb/logs" + CreateALBLogSource: 'No' + AutoEnableOptions: + ELBAutoEnableS3Logs: 'Yes' + ELBAutoEnableS3LogsOptions: "New" + ELBS3LogsBucketName: 'aws-observability-logs' + ALBAutoEnableS3Logs: 'No' + AutoEnableOptions.AutoEnableS3LogsElbStack: + BucketName: 'aws-observability-logs' + AutoEnableResourceOptions: 'New' diff --git a/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/elb_auto_enable_none.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/elb_auto_enable_none.yaml new file mode 100644 index 00000000..2a6ff514 --- /dev/null +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/elb_auto_enable_none.yaml @@ -0,0 +1,85 @@ +--- +Global: + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" + StackName: AWSO + ParallelTestsRun: 1 + GlobalParameters: + Default: + Section1eSumoLogicResourceRemoveOnDeleteStack: 'true' + Section2aAccountAlias: 'elbnone' +TestCase: + TestName: elbAutoEnableNone + Regions: '${SUMO_REGIONS}' + Skip: false + Parameters: + Values: + Section1aSumoLogicDeployment: '${SUMO_DEPLOYMENT}' + Section1bSumoLogicAccessID: '${SUMO_ACCESS_ID}' + Section1cSumoLogicAccessKey: '${SUMO_ACCESS_KEY}' + Section1dSumoLogicOrganizationId: '${SUMO_ORG_ID}' + Section2aAccountAlias: 'elbnone' + Section2bAccountAliasMappingS3URL: '' + Section3aInstallObservabilityApps: 'No' + Section5bALBCreateLogSource: 'No' + Section8aAutoEnableS3LogsELBResourcesOptions: 'None' + Section8bELBCreateLogSource: 'Yes' + Assertions: + - AssertType: ResourceExistence + Assert: + Resources: + - LambdaRole + - LambdaPermission + - PrimerInvoke + - TelemetryLambda + - CreateCommonResources + - AutoEnableOptions + - CreateCommonResources.LambdaRole + - CreateCommonResources.LambdaHelper + - CreateCommonResources.AccountCheck + - CreateCommonResources.CommonBucketSNSTopic + - CreateCommonResources.CommonS3Bucket + - CreateCommonResources.CommonBucketPolicyForOldRegion + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonBucketPolicy + - CreateCommonResources.CommonBucketPolicyForOldRegion.CommonCloudTrail + - CreateCommonResources.CommonSNSpolicy + - CreateCommonResources.SumoLogicSourceRole + - CreateCommonResources.SumoLogicHostedCollector + - CreateCommonResources.LambdaToDecideCWMetricsSources + - CreateCommonResources.Primerinvoke + - CreateCommonResources.ELBSource + - CreateCommonResources.ELBSNSSubscription + - CreateCommonResources.CloudTrailSource + - CreateCommonResources.CloudTrailSNSSubscription + - CreateCommonResources.SumoLogicELBS3Policy + - CreateCommonResources.SumoLogicCloudTrailS3Policy + - CreateCommonResources.AccountAliasValue + - CreateCommonResources.LambdaHelperAlias + - CreateCommonResources.LambdaRoleAlias + - CreateCommonResources.KinesisFirehoseLogsSource + - CreateCommonResources.KinesisFirehoseLogsStack + - CreateCommonResources.KinesisFirehoseMetricsSource + - CreateCommonResources.KinesisFirehoseMetricsStack + - AutoEnableOptions.AutoSubscribeLambdaLogGroupsAWSResources + - AssertType: OutputsCheck + Assert: + Outputs: + - CreateCommonResources.LambdaHelperARN + - CreateCommonResources.EnterpriseCheck + - CreateCommonResources.PaidAccountCheck + - CreateCommonResources.LambdaRoleARN + - CreateCommonResources.BucketName + - CreateCommonResources.AccountAlias + - CreateCommonResources.CollectorName + - AssertType: ParameterCheck + Assert: + CreateCommonResources: + CreateELBLogSource: 'Yes' + CreateELBS3Bucket: 'Yes' + ELBS3LogsBucketName: "" + ELBS3BucketPathExpression: 'classicloadbalancing/*' + ELBLogsSourceName: "elb-logs-" + ELBLogsSourceCategory: "aws/observability/elb/logs" + CreateALBLogSource: 'No' + AutoEnableOptions: + ELBAutoEnableS3Logs: 'No' + ALBAutoEnableS3Logs: 'No' diff --git a/aws-observability/templates/test/testcases/lb/existing_source_with_alb_bucket.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/existing_source_with_alb_bucket.yaml similarity index 97% rename from aws-observability/templates/test/testcases/lb/existing_source_with_alb_bucket.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/lb/existing_source_with_alb_bucket.yaml index 81f5e39c..b75a1f17 100644 --- a/aws-observability/templates/test/testcases/lb/existing_source_with_alb_bucket.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/existing_source_with_alb_bucket.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: @@ -40,7 +40,7 @@ TestCase: AccountAlias: '${AccountAlias}' ImpactedParametersPath: SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" + - "parameters.Section7bCloudWatchLogsSourceUrl" - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - CFNTemplateURL: "test/setup-infra/create_sumo_role.yaml" CFNParameters: @@ -75,9 +75,9 @@ TestCase: Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' Section5eALBS3BucketPathExpression: '*abc*' Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section9bELBCreateLogSource: 'No' + Section7aCreateCloudWatchLogsSourceOptions: 'None' + Section7bCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' + Section8bELBCreateLogSource: 'No' Assertions: - AssertType: ResourceExistence Assert: diff --git a/aws-observability/templates/test/testcases/lb/existing_source_with_elb_bucket.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/existing_source_with_elb_bucket.yaml similarity index 97% rename from aws-observability/templates/test/testcases/lb/existing_source_with_elb_bucket.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/lb/existing_source_with_elb_bucket.yaml index c636ceaf..ec6b3d9a 100644 --- a/aws-observability/templates/test/testcases/lb/existing_source_with_elb_bucket.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/lb/existing_source_with_elb_bucket.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: @@ -40,7 +40,7 @@ TestCase: AccountAlias: '${AccountAlias}' ImpactedParametersPath: SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" + - "parameters.Section7bCloudWatchLogsSourceUrl" - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" - CFNTemplateURL: "test/setup-infra/create_sumo_role.yaml" CFNParameters: @@ -75,9 +75,9 @@ TestCase: Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' Section5eALBS3BucketPathExpression: '*abc*' Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section9bELBCreateLogSource: 'No' + Section7aCreateCloudWatchLogsSourceOptions: 'None' + Section7bCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' + Section8bELBCreateLogSource: 'No' Assertions: - AssertType: ResourceExistence Assert: diff --git a/aws-observability/templates/test/testcases/upgrade_update/update/v2_13/disabled_telemetry.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/upgrade_update/update/v3_0/disabled_telemetry.yaml similarity index 96% rename from aws-observability/templates/test/testcases/upgrade_update/update/v2_13/disabled_telemetry.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/upgrade_update/update/v3_0/disabled_telemetry.yaml index 7158253d..9b37c431 100644 --- a/aws-observability/templates/test/testcases/upgrade_update/update/v2_13/disabled_telemetry.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/upgrade_update/update/v3_0/disabled_telemetry.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.13.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: @@ -42,7 +42,7 @@ TestCase: AccountAlias: '${AccountAlias}' ImpactedParametersPath: SumoCloudWatchLogAPIURL: - - "parameters.Section7bLambdaCloudWatchLogsSourceUrl" + - "parameters.Section7bCloudWatchLogsSourceUrl" - "assertions[AssertType==ParameterCheck].Assert.sumoLambdaMetricsAppStack.Section6aCloudWatchLogsAPIUrl" Parameters: Values: @@ -61,9 +61,9 @@ TestCase: Section5dALBS3LogsBucketName: 'cf-templates-qpf3unpuo1hw-ap-southeast-4' Section5eALBS3BucketPathExpression: '*abc*' Section6aCreateCloudTrailLogSource: 'Yes' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' - Section7bLambdaCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' - Section9bELBCreateLogSource: 'No' + Section7aCreateCloudWatchLogsSourceOptions: 'None' + Section7bCloudWatchLogsSourceUrl: 'https://api.sumologic.com/api/v1/collectors/261725249/sources/1511499202' + Section8bELBCreateLogSource: 'No' UpdateParameters: Values: Section1fSumoLogicSendTelemetry: 'false' diff --git a/aws-observability/templates/test/testcases/upgrade_update/update/v2_14/existing_cloudtrail_bucket.yaml b/cloudformation-sumologic-aws-observability/templates/test/testcases/upgrade_update/update/v3_0/existing_cloudtrail_bucket.yaml similarity index 97% rename from aws-observability/templates/test/testcases/upgrade_update/update/v2_14/existing_cloudtrail_bucket.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testcases/upgrade_update/update/v3_0/existing_cloudtrail_bucket.yaml index 7f3738bd..d2cf49f8 100644 --- a/aws-observability/templates/test/testcases/upgrade_update/update/v2_14/existing_cloudtrail_bucket.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testcases/upgrade_update/update/v3_0/existing_cloudtrail_bucket.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: @@ -35,10 +35,10 @@ TestCase: Section6aCreateCloudTrailLogSource: 'Yes' Section6cCloudTrailLogsBucketName: 'cf-templates-1qpf3unpuo1hw-' Section6dCloudTrailBucketPathExpression: '*abc*' - Section7aLambdaCreateCloudWatchLogsSourceOptions: 'None' + Section7aCreateCloudWatchLogsSourceOptions: 'None' Section4bMetricsNameSpaces: 'AWS/ApiGateway, AWS/DynamoDB, AWS/ElastiCache, AWS/EC2' - Section9aAutoEnableS3LogsELBResourcesOptions: 'None' - Section9bELBCreateLogSource: 'Yes' + Section8aAutoEnableS3LogsELBResourcesOptions: 'None' + Section8bELBCreateLogSource: 'Yes' Section10aAppInstallLocation: "Admin Recommended Folder" Section10bShare: 'False' UpdateParameters: diff --git a/aws-observability/templates/test/testsuites/infra_testsuite.yaml b/cloudformation-sumologic-aws-observability/templates/test/testsuites/infra_testsuite.yaml similarity index 91% rename from aws-observability/templates/test/testsuites/infra_testsuite.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testsuites/infra_testsuite.yaml index 0890a05e..cd27cf96 100644 --- a/aws-observability/templates/test/testsuites/infra_testsuite.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testsuites/infra_testsuite.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.14.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: diff --git a/aws-observability/templates/test/testsuites/lb_testsuite.yaml b/cloudformation-sumologic-aws-observability/templates/test/testsuites/lb_testsuite.yaml similarity index 52% rename from aws-observability/templates/test/testsuites/lb_testsuite.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testsuites/lb_testsuite.yaml index d90c30fa..fa858826 100644 --- a/aws-observability/templates/test/testsuites/lb_testsuite.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testsuites/lb_testsuite.yaml @@ -11,4 +11,12 @@ TestSuiteName: loadBalancerTestsuite TestCases: - 'test/testcases/lb/existing_source_with_alb_bucket.yaml' - 'test/testcases/lb/existing_source_with_elb_bucket.yaml' - - 'test/testcases/lb/auto_enable_check_elb.yaml' \ No newline at end of file + - 'test/testcases/lb/auto_enable_check_elb.yaml' + - 'test/testcases/lb/alb_auto_enable_both.yaml' + - 'test/testcases/lb/alb_auto_enable_new.yaml' + - 'test/testcases/lb/alb_auto_enable_existing.yaml' + - 'test/testcases/lb/alb_auto_enable_none.yaml' + - 'test/testcases/lb/elb_auto_enable_both.yaml' + - 'test/testcases/lb/elb_auto_enable_new.yaml' + - 'test/testcases/lb/elb_auto_enable_existing.yaml' + - 'test/testcases/lb/elb_auto_enable_none.yaml' \ No newline at end of file diff --git a/aws-observability/templates/test/testsuites/update_v2_15_testsuite.yaml b/cloudformation-sumologic-aws-observability/templates/test/testsuites/update_v3_0_testsuite.yaml similarity index 52% rename from aws-observability/templates/test/testsuites/update_v2_15_testsuite.yaml rename to cloudformation-sumologic-aws-observability/templates/test/testsuites/update_v3_0_testsuite.yaml index aa1c82d0..74e64507 100644 --- a/aws-observability/templates/test/testsuites/update_v2_15_testsuite.yaml +++ b/cloudformation-sumologic-aws-observability/templates/test/testsuites/update_v3_0_testsuite.yaml @@ -1,6 +1,6 @@ --- Global: - TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v2.15.0/sumologic_observability.master.template.yaml" + TemplatePath: "https://sumologic-appdev-aws-sam-apps.s3.amazonaws.com/aws-observability-versions/v3.0.0/templates/sumologic_observability.master.template.yaml" StackName: AWSO ParallelTestsRun: 1 GlobalParameters: @@ -9,7 +9,7 @@ Global: Section2aAccountAlias: 'updatet1' Update: Section1fSumoLogicSendTelemetry: 'true' -TestSuiteName: updateTestsuiteV2_15 +TestSuiteName: updateTestsuiteV3_0 TestCases: - - 'test/testcases/upgrade_update/update/v2_15/disabled_telemetry.yaml' - - 'test/testcases/upgrade_update/update/v2_15/existing_cloudtrail_bucket.yaml' \ No newline at end of file + - 'test/testcases/upgrade_update/update/v3_0/disabled_telemetry.yaml' + - 'test/testcases/upgrade_update/update/v3_0/existing_cloudtrail_bucket.yaml' \ No newline at end of file diff --git a/aws-observability/apps/hostmetricsfields/host_metrics_add_fields.template.yaml b/cloudformation-sumologic-aws-observability/templates/utilities/hostmetricsfields/host_metrics_add_fields.template.yaml similarity index 94% rename from aws-observability/apps/hostmetricsfields/host_metrics_add_fields.template.yaml rename to cloudformation-sumologic-aws-observability/templates/utilities/hostmetricsfields/host_metrics_add_fields.template.yaml index 4b2661d1..ea780c89 100644 --- a/aws-observability/apps/hostmetricsfields/host_metrics_add_fields.template.yaml +++ b/cloudformation-sumologic-aws-observability/templates/utilities/hostmetricsfields/host_metrics_add_fields.template.yaml @@ -1,5 +1,6 @@ AWSTemplateFormatVersion: '2010-09-09' -Description: "Version - v2.15.0: Lambda Function to add fields to host metrics sources based on the available instances in all regions of the current AWS account." +Description: "Version - v3.0.0: Lambda Function to add fields to host metrics sources based on the available instances in all regions of the current AWS account." + Metadata: 'AWS::CloudFormation::Interface': @@ -114,6 +115,10 @@ Mappings: bucketname: appdevzipfiles-ap-southeast-1 ap-southeast-2: bucketname: appdevzipfiles-ap-southeast-2 + ap-southeast-4: + bucketname: appdevzipfiles-ap-southeast-4s + ap-southeast-6: + bucketname: appdevzipfiles-ap-southeast-6ss ap-northeast-1: bucketname: appdevzipfiles-ap-northeast-1 ca-central-1: @@ -146,6 +151,8 @@ Mappings: bucketname: appdevzipfiles-ap-northeast-3s ap-southeast-3: bucketname: appdevzipfiles-ap-southeast-3 + il-central-1: + bucketname: appdevzipfiles-il-central-1 Resources: @@ -185,7 +192,7 @@ Resources: Runtime: python3.14 Code: S3Bucket: !FindInMap [RegionMap, !Ref 'AWS::Region', bucketname] - S3Key: "sumologic-aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelperv2.0.23.zip" + S3Key: "sumologic-aws-observability/functions/sumo-app-utils/v3.0.0/sumo-app-utils.zip" MemorySize: 128 Timeout: 900 Role: !GetAtt LambdaRole.Arn diff --git a/aws-observability/apps/hostmetricsfields/test/TestTemplate.yaml b/cloudformation-sumologic-aws-observability/templates/utilities/hostmetricsfields/test/TestTemplate.yaml similarity index 100% rename from aws-observability/apps/hostmetricsfields/test/TestTemplate.yaml rename to cloudformation-sumologic-aws-observability/templates/utilities/hostmetricsfields/test/TestTemplate.yaml diff --git a/aws-observability/apps/permissionchecker/AWSObservabilityCFTemplateOptimizedPermissions.json b/cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/AWSObservabilityCFTemplateOptimizedPermissions.json similarity index 96% rename from aws-observability/apps/permissionchecker/AWSObservabilityCFTemplateOptimizedPermissions.json rename to cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/AWSObservabilityCFTemplateOptimizedPermissions.json index a3aeb380..d8357246 100644 --- a/aws-observability/apps/permissionchecker/AWSObservabilityCFTemplateOptimizedPermissions.json +++ b/cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/AWSObservabilityCFTemplateOptimizedPermissions.json @@ -68,8 +68,6 @@ "s3:PutBucketPublicAccessBlock", "s3:GetObject", "s3:ListBucket", - "serverlessrepo:CreateCloudFormationTemplate", - "serverlessrepo:GetCloudFormationTemplate", "sns:CreateTopic", "sns:DeleteTopic", "sns:GetTopicAttributes", diff --git a/aws-observability/apps/permissionchecker/AWSObservabilityCFTemplatePermissions.json b/cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/AWSObservabilityCFTemplatePermissions.json similarity index 89% rename from aws-observability/apps/permissionchecker/AWSObservabilityCFTemplatePermissions.json rename to cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/AWSObservabilityCFTemplatePermissions.json index 5160519a..c5da6198 100644 --- a/aws-observability/apps/permissionchecker/AWSObservabilityCFTemplatePermissions.json +++ b/cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/AWSObservabilityCFTemplatePermissions.json @@ -130,20 +130,6 @@ "s3:PutBucketPolicy", "s3:PutBucketPublicAccessBlock", "s3:PutBucketTagging", - "secretsmanager:DescribeSecret", - "secretsmanager:GetRandomPassword", - "secretsmanager:GetResourcePolicy", - "secretsmanager:GetSecretValue", - "secretsmanager:ListSecretVersionIds", - "serverlessrepo:CreateCloudFormationChangeSet", - "serverlessrepo:CreateCloudFormationTemplate", - "serverlessrepo:GetApplication", - "serverlessrepo:GetApplicationPolicy", - "serverlessrepo:GetCloudFormationTemplate", - "serverlessrepo:ListApplicationDependencies", - "serverlessrepo:ListApplicationVersions", - "serverlessrepo:ListApplications", - "serverlessrepo:SearchApplications", "sns:ConfirmSubscription", "sns:CreateTopic", "sns:DeleteEndpoint", diff --git a/aws-observability/apps/permissionchecker/permissioncheck.nested.template.test.yaml b/cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/permissioncheck.nested.template.test.yaml similarity index 84% rename from aws-observability/apps/permissionchecker/permissioncheck.nested.template.test.yaml rename to cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/permissioncheck.nested.template.test.yaml index 4bdca213..ed08dffa 100644 --- a/aws-observability/apps/permissionchecker/permissioncheck.nested.template.test.yaml +++ b/cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/permissioncheck.nested.template.test.yaml @@ -1,6 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' -Description: "Version - v2.15.0: This CloudFormation template will check for the permission required to deploy the AWS Observability CF template. Based on various error received, please provide the specific permissions to Sumo Logic role or AWS IAM Role used to deploy the template." -Transform: 'AWS::Serverless-2016-10-31' +Description: "Version - v3.0.0: This CloudFormation template will check for the permission required to deploy the AWS Observability CF template. Based on various error received, please provide the specific permissions to Sumo Logic role or AWS IAM Role used to deploy the template." Metadata: 'AWS::CloudFormation::Interface': @@ -16,13 +15,13 @@ Metadata: - Label: default: "Local Parameters. Do Not Edit the values." Parameters: - - TemplatesBucketName - - NestedTemplateVersion + - MPS3BucketName + - MPS3BucketRegion + - MPS3KeyPrefix - Label: default: "App Installation and sharing" Parameters: - - Section3aAppInstallLocation - Section3bShare ParameterLabels: @@ -35,13 +34,13 @@ Metadata: Section1dSumoLogicOrganizationId: default: "Sumo Logic Organization Id" - TemplatesBucketName: + MPS3BucketName: default: "Nested Templates Bucket Name" - NestedTemplateVersion: - default: "Nested Templates Version" + MPS3BucketRegion: + default: "Nested Templates Bucket Region" + MPS3KeyPrefix: + default: "Nested Templates Key Prefix" - Section3aAppInstallLocation: - default: "App Installation location" Section3bShare: default: "Share" @@ -69,23 +68,19 @@ Parameters: AllowedPattern: ".+" ConstraintDescription: "Sumo Logic Organization Id can not be empty." - TemplatesBucketName: + MPS3BucketName: Type: String AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - NestedTemplateVersion: + Description: S3 Bucket Name for all the nested templates. + MPS3BucketRegion: Type: String - Description: "Provide the version for the nested templates. Default is the latest version." AllowedPattern: ".+" - - Section3aAppInstallLocation: + Description: S3 Bucket Region for all the nested templates. + MPS3KeyPrefix: Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' + Description: "S3 Key Prefix for the nested templates." + AllowedPattern: ".+" + Section3bShare: Type: String Description: "True - Installed App will be visible to all members of the organisation. @@ -120,6 +115,10 @@ Mappings: bucketname: appdevzipfiles-ap-southeast-1 ap-southeast-2: bucketname: appdevzipfiles-ap-southeast-2 + ap-southeast-4: + bucketname: appdevzipfiles-ap-southeast-4s + ap-southeast-6: + bucketname: appdevzipfiles-ap-southeast-6ss ap-northeast-1: bucketname: appdevzipfiles-ap-northeast-1 ca-central-1: @@ -152,6 +151,8 @@ Mappings: bucketname: appdevzipfiles-ap-northeast-3s ap-southeast-3: bucketname: appdevzipfiles-ap-southeast-3 + il-central-1: + bucketname: appdevzipfiles-il-central-1 Region2ELBAccountId: us-east-1: @@ -222,6 +223,39 @@ Resources: ################# Create Lambda Role and Lambda Function to create Sumo Logic Custom Resources ################# ################# Checks for IAM and Lambda Permissions ################# ################# Checks for IAM ROLE - Sumo Source ################# + SumoLogGroupLambdaConnectorRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Principal: + Service: + - lambda.amazonaws.com + Action: + - sts:AssumeRole + Policies: + - PolicyName: LambdaExecutionPolicy + PolicyDocument: + Version: '2012-10-17' + Statement: + - Sid: ReadWriteFilterPolicy + Effect: Allow + Action: + - logs:DescribeLogGroups + - logs:DescribeLogStreams + - logs:PutSubscriptionFilter + - logs:ListTagsLogGroup + Resource: + - !Sub arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:* + - Sid: InvokePolicy + Effect: Allow + Action: + - lambda:InvokeFunction + Resource: + - !Sub arn:${AWS::Partition}:lambda:${AWS::Region}:${AWS::AccountId}:function:*SumoLogGroupLambda* + LambdaRole: Type: AWS::IAM::Role Metadata: @@ -294,13 +328,13 @@ Resources: "*" LambdaHelper: - Type: 'AWS::Serverless::Function' + Type: 'AWS::Lambda::Function' Properties: Handler: main.handler Runtime: python3.14 - CodeUri: - Bucket: !FindInMap [RegionMap, !Ref 'AWS::Region', bucketname] - Key: "sumologic-aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelperv2.0.23.zip" + Code: + S3Bucket: !FindInMap [RegionMap, !Ref 'AWS::Region', bucketname] + S3Key: "sumologic-aws-observability/functions/sumo-app-utils/v3.0.0/sumo-app-utils.zip" MemorySize: 128 Timeout: 900 Role: @@ -436,6 +470,7 @@ Resources: aws:SourceArn: !Sub - "arn:${AWS::Partition}:s3:::aws-test-observability-logs-${StackSuffix}" - StackSuffix: !Select + - 0 - !Split - "-" @@ -460,11 +495,9 @@ Resources: TrailName: "Aws-Observability-test" AutoEnableS3LogsAlbAWSResources: - Type: AWS::Serverless::Application + Type: AWS::CloudFormation::Stack Properties: - Location: - ApplicationId: arn:aws:serverlessrepo:us-east-1:956882708938:applications/sumologic-s3-logging-auto-enable - SemanticVersion: 1.0.19 + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}s3_logging_auto_enable.template.yaml" Parameters: BucketName: !Ref CommonS3Bucket BucketPrefix: "elasticloadbalancing" @@ -510,29 +543,13 @@ Resources: SumoAccessKey: !Ref Section1cSumoLogicAccessKey SumoDeployment: !Ref Section1aSumoLogicDeployment - sumoOverview: - Type: Custom::App - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - Region: !Ref "AWS::Region" - AppName: "Permission checker - AWS Observability DynamoDB App" - RetainOldAppOnUpdate: true - RemoveOnDeleteStack: true - SumoAccessID: !Ref Section1bSumoLogicAccessID - SumoAccessKey: !Ref Section1cSumoLogicAccessKey - SumoDeployment: !Ref Section1aSumoLogicDeployment - AppJsonS3Url: !Sub "https://${TemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${NestedTemplateVersion}/appjson/DynamoDb-App.json" - location: !Ref Section3aAppInstallLocation - share: !Ref Section3bShare - orgid: !Ref Section1dSumoLogicOrganizationId - sumoMonitorAlerts: Type: Custom::AlertsMonitor Properties: ServiceToken: !GetAtt LambdaHelper.Arn Region: !Ref "AWS::Region" - FolderName: !Sub "AWS Observability ${NestedTemplateVersion} " - MonitorsS3Url: !Sub "https://${TemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${NestedTemplateVersion}/appjson/Test-Alerts.json" + FolderName: !Sub "AWS Observability ${MPS3KeyPrefix} " + MonitorsS3Url: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}utilities/permissionchecker/test-monitors.json" SuffixDateTime: true RetainOldAlerts: true RemoveOnDeleteStack: true @@ -556,6 +573,21 @@ Resources: SumoAccessKey: !Ref Section1cSumoLogicAccessKey SumoDeployment: !Ref Section1aSumoLogicDeployment + sumoOverview: + Type: Custom::AppV2 + Properties: + ServiceToken: !GetAtt LambdaHelper.Arn + Region: !Ref AWS::Region + AppName: "Amazon RDS" + AppId: "c32ad59b-ee10-4cd1-8369-3639e8457b1f" + share: !Ref Section3bShare + orgid: !Ref Section1dSumoLogicOrganizationId + RemoveOnDeleteStack: true + RetainOldAppOnUpdate: true + SumoAccessID: !Ref Section1bSumoLogicAccessID + SumoAccessKey: !Ref Section1cSumoLogicAccessKey + SumoDeployment: !Ref Section1aSumoLogicDeployment + SumoLogicHostedCollector: Type: Custom::Collector Properties: @@ -589,27 +621,32 @@ Resources: CloudWatchEventFunction: Type: AWS::CloudFormation::Stack Properties: - TemplateURL: "https://s3.amazonaws.com/appdev-cloudformation-templates/DLQLambdaCloudFormation.json" + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}dlq_lambda_cloudformation.template.yaml" Parameters: SumoEndPointURL: "test-url" IncludeLogGroupInfo: true AutoSubscribeLambdaLogGroupsAWSResources: - Type: AWS::Serverless::Application + Type: AWS::Lambda::Function Properties: - Location: - ApplicationId: arn:aws:serverlessrepo:us-east-1:956882708938:applications/sumologic-loggroup-connector - SemanticVersion: 1.0.15 - Parameters: - DestinationArnType: "Lambda" - DestinationArnValue: !GetAtt CloudWatchEventFunction.Outputs.SumoCWLogsLambdaArn - LogGroupPattern: "lambda" - UseExistingLogs: "false" + Code: + S3Bucket: !FindInMap [RegionMap, !Ref AWS::Region, bucketname] + S3Key: sumologic-aws-observability/functions/loggroup-lambda-connector/v1.0.16/loggroup-lambda-connector.zip + Handler: loggroup-lambda-connector.handler + Runtime: nodejs24.x + MemorySize: 128 + Timeout: 900 + Role: !GetAtt SumoLogGroupLambdaConnectorRole.Arn + Environment: + Variables: + DESTINATION_ARN: !GetAtt CloudWatchEventFunction.Outputs.SumoCWLogsLambdaArn + LOG_GROUP_PATTERN: "lambda" + ROLE_ARN: !GetAtt LambdaRole.Arn KinesisFirehoseMetricsStack: Type: AWS::CloudFormation::Stack Properties: - TemplateURL: !Sub "https://${TemplatesBucketName}.s3.amazonaws.com/KinesisFirehoseCWMetrics.template.yaml" + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}kinesis_firehose_cw_metrics.template.yaml" Parameters: Section1aSumoLogicKinesisMetricsURL: !GetAtt KinesisFirehoseMetricsSource.SUMO_ENDPOINT Section2aCreateS3Bucket: "No" @@ -635,7 +672,7 @@ Resources: KinesisFirehoseLogsStack: Type: AWS::CloudFormation::Stack Properties: - TemplateURL: !Sub "https://${TemplatesBucketName}.s3.amazonaws.com/KinesisFirehoseCWLogs.template.yaml" + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}kinesis_firehose_cw_logs.template.yaml" Parameters: Section1aSumoLogicKinesisLogsURL: !GetAtt KinesisFirehoseLogsSource.SUMO_ENDPOINT Section2aCreateS3Bucket: "No" diff --git a/aws-observability/apps/permissionchecker/permissioncheck.nested.template.yaml b/cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/permissioncheck.nested.template.yaml similarity index 84% rename from aws-observability/apps/permissionchecker/permissioncheck.nested.template.yaml rename to cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/permissioncheck.nested.template.yaml index 7a18c825..ed0dd1e8 100644 --- a/aws-observability/apps/permissionchecker/permissioncheck.nested.template.yaml +++ b/cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/permissioncheck.nested.template.yaml @@ -1,6 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' -Description: "Version - v2.15.0: This CloudFormation template will check for the permission required to deploy the AWS Observability CF template. Based on various error received, please provide the specific permissions to Sumo Logic role or AWS IAM Role used to deploy the template." -Transform: 'AWS::Serverless-2016-10-31' +Description: "Version - v3.0.0: This CloudFormation template will check for the permission required to deploy the AWS Observability CF template. Based on various error received, please provide the specific permissions to Sumo Logic role or AWS IAM Role used to deploy the template." Metadata: 'AWS::CloudFormation::Interface': @@ -16,13 +15,13 @@ Metadata: - Label: default: "Local Parameters. Do Not Edit the values." Parameters: - - TemplatesBucketName - - NestedTemplateVersion + - MPS3BucketName + - MPS3BucketRegion + - MPS3KeyPrefix - Label: default: "App Installation and sharing" Parameters: - - Section3aAppInstallLocation - Section3bShare ParameterLabels: @@ -35,13 +34,13 @@ Metadata: Section1dSumoLogicOrganizationId: default: "Sumo Logic Organization Id" - TemplatesBucketName: + MPS3BucketName: default: "Nested Templates Bucket Name" - NestedTemplateVersion: - default: "Nested Templates Version" + MPS3BucketRegion: + default: "Nested Templates Bucket Region" + MPS3KeyPrefix: + default: "Nested Templates Key Prefix" - Section3aAppInstallLocation: - default: "App Installation location" Section3bShare: default: "Share" @@ -78,23 +77,19 @@ Parameters: AllowedPattern: ".+" ConstraintDescription: "Sumo Logic Organization Id can not be empty." - TemplatesBucketName: + MPS3BucketName: Type: String AllowedPattern: ".+" - Description: Bucket Name for all the nested templates. - NestedTemplateVersion: + Description: S3 Bucket Name for all the nested templates. + MPS3BucketRegion: Type: String - Description: "Provide the version for the nested templates. Default is the latest version." AllowedPattern: ".+" - - Section3aAppInstallLocation: + Description: S3 Bucket Region for all the nested templates. + MPS3KeyPrefix: Type: String - Description: "Personal Folder - Installs App in user's Personal folder. - Admin Recommended Folder - Installs App in admin Recommended Folder" - Default: 'Personal Folder' - AllowedValues: - - 'Personal Folder' - - 'Admin Recommended Folder' + Description: "S3 Key Prefix for the nested templates." + AllowedPattern: ".+" + Section3bShare: Type: String Description: "True - Installed App will be visible to all members of the organisation. @@ -129,6 +124,10 @@ Mappings: bucketname: appdevzipfiles-ap-southeast-1 ap-southeast-2: bucketname: appdevzipfiles-ap-southeast-2 + ap-southeast-4: + bucketname: appdevzipfiles-ap-southeast-4s + ap-southeast-6: + bucketname: appdevzipfiles-ap-southeast-6ss ap-northeast-1: bucketname: appdevzipfiles-ap-northeast-1 ca-central-1: @@ -161,6 +160,8 @@ Mappings: bucketname: appdevzipfiles-ap-northeast-3s ap-southeast-3: bucketname: appdevzipfiles-ap-southeast-3 + il-central-1: + bucketname: appdevzipfiles-il-central-1 Region2ELBAccountId: us-east-1: @@ -231,6 +232,39 @@ Resources: ################# Create Lambda Role and Lambda Function to create Sumo Logic Custom Resources ################# ################# Checks for IAM and Lambda Permissions ################# ################# Checks for IAM ROLE - Sumo Source ################# + SumoLogGroupLambdaConnectorRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Principal: + Service: + - lambda.amazonaws.com + Action: + - sts:AssumeRole + Policies: + - PolicyName: LambdaExecutionPolicy + PolicyDocument: + Version: '2012-10-17' + Statement: + - Sid: ReadWriteFilterPolicy + Effect: Allow + Action: + - logs:DescribeLogGroups + - logs:DescribeLogStreams + - logs:PutSubscriptionFilter + - logs:ListTagsLogGroup + Resource: + - !Sub arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:* + - Sid: InvokePolicy + Effect: Allow + Action: + - lambda:InvokeFunction + Resource: + - !Sub arn:${AWS::Partition}:lambda:${AWS::Region}:${AWS::AccountId}:function:*SumoLogGroupLambda* + LambdaRole: Type: AWS::IAM::Role Metadata: @@ -279,7 +313,7 @@ Resources: Principal: AWS: !Sub - "arn:${AWS::Partition}:iam::${AWSAccountId}:root" - - AWSAccountId: !FindInMap [ SumoAWSAccountIds, !Ref "AWS::Partition", AWSAccountId ] + - AWSAccountId: !FindInMap [SumoAWSAccountIds, !Ref "AWS::Partition", AWSAccountId] Action: sts:AssumeRole Condition: StringEquals: @@ -303,13 +337,13 @@ Resources: "*" LambdaHelper: - Type: 'AWS::Serverless::Function' + Type: 'AWS::Lambda::Function' Properties: Handler: main.handler Runtime: python3.14 - CodeUri: - Bucket: !FindInMap [RegionMap, !Ref 'AWS::Region', bucketname] - Key: "sumologic-aws-observability/apps/SumoLogicAWSObservabilityHelper/SumoLogicAWSObservabilityHelperv2.0.23.zip" + Code: + S3Bucket: !FindInMap [RegionMap, !Ref 'AWS::Region', bucketname] + S3Key: "sumologic-aws-observability/functions/sumo-app-utils/v3.0.0/sumo-app-utils.zip" MemorySize: 128 Timeout: 900 Role: @@ -443,8 +477,9 @@ Resources: aws:SourceAccount: !Ref "AWS::AccountId" ArnLike: aws:SourceArn: !Sub - - "arn:${AWS::Partition}:s3:::aws-test-observability-logs-${AccountSuffix}" - - AccountSuffix: !Select + - "arn:${AWS::Partition}:s3:::aws-test-observability-logs-${StackSuffix}" + - StackSuffix: !Select + - 0 - !Split - "-" @@ -469,11 +504,9 @@ Resources: TrailName: "Aws-Observability-test" AutoEnableS3LogsAlbAWSResources: - Type: AWS::Serverless::Application + Type: AWS::CloudFormation::Stack Properties: - Location: - ApplicationId: arn:aws:serverlessrepo:us-east-1:956882708938:applications/sumologic-s3-logging-auto-enable - SemanticVersion: 1.0.19 + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}s3_logging_auto_enable.template.yaml" Parameters: BucketName: !Ref CommonS3Bucket BucketPrefix: "elasticloadbalancing" @@ -519,29 +552,13 @@ Resources: SumoAccessKey: !Ref Section1cSumoLogicAccessKey SumoDeployment: !Ref Section1aSumoLogicDeployment - sumoOverview: - Type: Custom::App - Properties: - ServiceToken: !GetAtt LambdaHelper.Arn - Region: !Ref "AWS::Region" - AppName: "Permission checker - AWS Observability DynamoDB App" - RetainOldAppOnUpdate: true - RemoveOnDeleteStack: true - SumoAccessID: !Ref Section1bSumoLogicAccessID - SumoAccessKey: !Ref Section1cSumoLogicAccessKey - SumoDeployment: !Ref Section1aSumoLogicDeployment - AppJsonS3Url: !Sub "https://${TemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${NestedTemplateVersion}/appjson/DynamoDb-App.json" - location: !Ref Section3aAppInstallLocation - share: !Ref Section3bShare - orgid: !Ref Section1dSumoLogicOrganizationId - sumoMonitorAlerts: Type: Custom::AlertsMonitor Properties: ServiceToken: !GetAtt LambdaHelper.Arn Region: !Ref "AWS::Region" - FolderName: !Sub "AWS Observability ${NestedTemplateVersion} " - MonitorsS3Url: !Sub "https://${TemplatesBucketName}.s3.amazonaws.com/aws-observability-versions/${NestedTemplateVersion}/appjson/Test-Alerts.json" + FolderName: !Sub "AWS Observability ${MPS3KeyPrefix} " + MonitorsS3Url: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}utilities/permissionchecker/test-monitors.json" SuffixDateTime: true RetainOldAlerts: true RemoveOnDeleteStack: true @@ -565,6 +582,21 @@ Resources: SumoAccessKey: !Ref Section1cSumoLogicAccessKey SumoDeployment: !Ref Section1aSumoLogicDeployment + sumoOverview: + Type: Custom::AppV2 + Properties: + ServiceToken: !GetAtt LambdaHelper.Arn + Region: !Ref AWS::Region + AppName: "Amazon RDS" + AppId: "c32ad59b-ee10-4cd1-8369-3639e8457b1f" + share: !Ref Section3bShare + orgid: !Ref Section1dSumoLogicOrganizationId + RemoveOnDeleteStack: true + RetainOldAppOnUpdate: true + SumoAccessID: !Ref Section1bSumoLogicAccessID + SumoAccessKey: !Ref Section1cSumoLogicAccessKey + SumoDeployment: !Ref Section1aSumoLogicDeployment + SumoLogicHostedCollector: Type: Custom::Collector Properties: @@ -598,27 +630,32 @@ Resources: CloudWatchEventFunction: Type: AWS::CloudFormation::Stack Properties: - TemplateURL: "https://appdev-cloudformation-templates.s3.amazonaws.com/DLQLambdaCloudFormation.json" + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}dlq_lambda_cloudformation.template.yaml" Parameters: SumoEndPointURL: "test-url" IncludeLogGroupInfo: true AutoSubscribeLambdaLogGroupsAWSResources: - Type: AWS::Serverless::Application + Type: AWS::Lambda::Function Properties: - Location: - ApplicationId: arn:aws:serverlessrepo:us-east-1:956882708938:applications/sumologic-loggroup-connector - SemanticVersion: 1.0.15 - Parameters: - DestinationArnType: "Lambda" - DestinationArnValue: !GetAtt CloudWatchEventFunction.Outputs.SumoCWLogsLambdaArn - LogGroupPattern: "lambda" - UseExistingLogs: "false" + Code: + S3Bucket: !FindInMap [RegionMap, !Ref AWS::Region, bucketname] + S3Key: sumologic-aws-observability/functions/loggroup-lambda-connector/v1.0.16/loggroup-lambda-connector.zip + Handler: loggroup-lambda-connector.handler + Runtime: nodejs24.x + MemorySize: 128 + Timeout: 900 + Role: !GetAtt SumoLogGroupLambdaConnectorRole.Arn + Environment: + Variables: + DESTINATION_ARN: !GetAtt CloudWatchEventFunction.Outputs.SumoCWLogsLambdaArn + LOG_GROUP_PATTERN: "lambda" + ROLE_ARN: !GetAtt LambdaRole.Arn KinesisFirehoseMetricsStack: Type: AWS::CloudFormation::Stack Properties: - TemplateURL: !Sub "https://${TemplatesBucketName}.s3.amazonaws.com/KinesisFirehoseCWMetrics.template.yaml" + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}kinesis_firehose_cw_metrics.template.yaml" Parameters: Section1aSumoLogicKinesisMetricsURL: !GetAtt KinesisFirehoseMetricsSource.SUMO_ENDPOINT Section2aCreateS3Bucket: "No" @@ -644,7 +681,7 @@ Resources: KinesisFirehoseLogsStack: Type: AWS::CloudFormation::Stack Properties: - TemplateURL: !Sub "https://${TemplatesBucketName}.s3.amazonaws.com/KinesisFirehoseCWLogs.template.yaml" + TemplateURL: !Sub "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}kinesis_firehose_cw_logs.template.yaml" Parameters: Section1aSumoLogicKinesisLogsURL: !GetAtt KinesisFirehoseLogsSource.SUMO_ENDPOINT Section2aCreateS3Bucket: "No" diff --git a/aws-observability/apps/permissionchecker/permissioncheck.template.test.yaml b/cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/permissioncheck.template.test.yaml similarity index 87% rename from aws-observability/apps/permissionchecker/permissioncheck.template.test.yaml rename to cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/permissioncheck.template.test.yaml index 4becf68b..2a3e2c5a 100644 --- a/aws-observability/apps/permissionchecker/permissioncheck.template.test.yaml +++ b/cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/permissioncheck.template.test.yaml @@ -1,6 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' -Description: "Version - v2.15.0: Note: Before deploying this template, please select the appropriate region. This CloudFormation template will check for the permission required to deploy the AWS Observability CF template. Based on various error received, please provide the specific permissions to Sumo Logic role or AWS IAM Role used to deploy the template." -Transform: 'AWS::Serverless-2016-10-31' +Description: "Version - v3.0.0: Note: Before deploying this template, please select the appropriate region. This CloudFormation template will check for the permission required to deploy the AWS Observability CF template. Based on various error received, please provide the specific permissions to Sumo Logic role or AWS IAM Role used to deploy the template." Metadata: 'AWS::CloudFormation::Interface': @@ -50,8 +49,9 @@ Parameters: Mappings: CommonData: NestedTemplate: - BucketName: "sumologic-appdev-aws-sam-apps" - Version: "v2.15.0" + MPS3BucketName: "sumologic-appdev-aws-sam-apps" + MPS3BucketRegion: "us-east-1" + MPS3KeyPrefix: "aws-observability-versions/v3.0.0/templates/" Resources: @@ -59,16 +59,18 @@ Resources: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/permissionchecker/permissioncheck.nested.template.test.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] + - "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}utilities/permissionchecker/permissioncheck.nested.template.test.yaml" + - MPS3BucketName: !FindInMap [CommonData, NestedTemplate, MPS3BucketName] + MPS3BucketRegion: !FindInMap [CommonData, NestedTemplate, MPS3BucketRegion] + MPS3KeyPrefix: !FindInMap [CommonData, NestedTemplate, MPS3KeyPrefix] Parameters: Section1aSumoLogicDeployment: !Ref Section1aSumoLogicDeployment Section1bSumoLogicAccessID: !Ref Section1bSumoLogicAccessID Section1cSumoLogicAccessKey: !Ref Section1cSumoLogicAccessKey Section1dSumoLogicOrganizationId: !Ref Section1dSumoLogicOrganizationId - TemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - NestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] + MPS3BucketName: !FindInMap [CommonData, NestedTemplate, MPS3BucketName] + MPS3BucketRegion: !FindInMap [CommonData, NestedTemplate, MPS3BucketRegion] + MPS3KeyPrefix: !FindInMap [CommonData, NestedTemplate, MPS3KeyPrefix] LambdaRole: Type: AWS::IAM::Role diff --git a/aws-observability/apps/permissionchecker/permissioncheck.template.yaml b/cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/permissioncheck.template.yaml similarity index 87% rename from aws-observability/apps/permissionchecker/permissioncheck.template.yaml rename to cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/permissioncheck.template.yaml index 80c81bcb..1a04afe7 100644 --- a/aws-observability/apps/permissionchecker/permissioncheck.template.yaml +++ b/cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/permissioncheck.template.yaml @@ -1,6 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' -Description: "Version - v2.15.0. Note: Before deploying this template, please select the appropriate region. This CloudFormation template will check for the permission required to deploy the AWS Observability CF template. Based on various error received, please provide the specific permissions to Sumo Logic role or AWS IAM Role used to deploy the template." -Transform: 'AWS::Serverless-2016-10-31' +Description: "Version - v3.0.0: Note: Before deploying this template, please select the appropriate region. This CloudFormation template will check for the permission required to deploy the AWS Observability CF template. Based on various error received, please provide the specific permissions to Sumo Logic role or AWS IAM Role used to deploy the template." Metadata: 'AWS::CloudFormation::Interface': @@ -59,8 +58,9 @@ Parameters: Mappings: CommonData: NestedTemplate: - BucketName: "sumologic-appdev-aws-sam-apps" - Version: "v2.15.0" + MPS3BucketName: "sumologic-appdev-aws-sam-apps" + MPS3BucketRegion: "us-east-1" + MPS3KeyPrefix: "aws-observability-versions/v3.0.0/templates/" Resources: @@ -68,16 +68,18 @@ Resources: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - - "https://${BucketName}.s3.amazonaws.com/aws-observability-versions/${Version}/permissionchecker/permissioncheck.nested.template.yaml" - - BucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - Version: !FindInMap [CommonData, NestedTemplate, Version] + - "https://${MPS3BucketName}.s3.${MPS3BucketRegion}.${AWS::URLSuffix}/${MPS3KeyPrefix}utilities/permissionchecker/permissioncheck.nested.template.yaml" + - MPS3BucketName: !FindInMap [CommonData, NestedTemplate, MPS3BucketName] + MPS3BucketRegion: !FindInMap [CommonData, NestedTemplate, MPS3BucketRegion] + MPS3KeyPrefix: !FindInMap [CommonData, NestedTemplate, MPS3KeyPrefix] Parameters: Section1aSumoLogicDeployment: !Ref Section1aSumoLogicDeployment Section1bSumoLogicAccessID: !Ref Section1bSumoLogicAccessID Section1cSumoLogicAccessKey: !Ref Section1cSumoLogicAccessKey Section1dSumoLogicOrganizationId: !Ref Section1dSumoLogicOrganizationId - TemplatesBucketName: !FindInMap [CommonData, NestedTemplate, BucketName] - NestedTemplateVersion: !FindInMap [CommonData, NestedTemplate, Version] + MPS3BucketName: !FindInMap [CommonData, NestedTemplate, MPS3BucketName] + MPS3BucketRegion: !FindInMap [CommonData, NestedTemplate, MPS3BucketRegion] + MPS3KeyPrefix: !FindInMap [CommonData, NestedTemplate, MPS3KeyPrefix] LambdaRole: Type: AWS::IAM::Role @@ -144,6 +146,7 @@ Resources: ManagedPolicyArns: - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + DeleteCFNLambda: Type: "AWS::Lambda::Function" Properties: diff --git a/aws-observability/json/Test-Alerts.json b/cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/test-monitors.json similarity index 100% rename from aws-observability/json/Test-Alerts.json rename to cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/test-monitors.json diff --git a/aws-observability/apps/permissionchecker/test/TestTemplate.yaml b/cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/test/TestTemplate.yaml similarity index 100% rename from aws-observability/apps/permissionchecker/test/TestTemplate.yaml rename to cloudformation-sumologic-aws-observability/templates/utilities/permissionchecker/test/TestTemplate.yaml diff --git a/terraform-sumologic-aws-observability/LICENSE b/terraform-sumologic-aws-observability/LICENSE new file mode 100644 index 00000000..f9b9ffe9 --- /dev/null +++ b/terraform-sumologic-aws-observability/LICENSE @@ -0,0 +1,13 @@ +Copyright 2020. Sumo Logic Inc., All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. \ No newline at end of file diff --git a/terraform-sumologic-aws-observability/README.md b/terraform-sumologic-aws-observability/README.md new file mode 100644 index 00000000..c93a9e28 --- /dev/null +++ b/terraform-sumologic-aws-observability/README.md @@ -0,0 +1,114 @@ +# AWS Observability Terraform Module + +This Terraform module deploys the [Sumo Logic AWS Observability Solution](https://help.sumologic.com/docs/observability/aws/) — a full-stack observability solution for AWS environments. It configures AWS collection infrastructure and installs Sumo Logic apps, monitors, dashboards, and field extraction rules for the following AWS services: + +- Application Load Balancer (ALB) +- Classic Load Balancer (ELB) +- Network Load Balancer (NLB) +- API Gateway +- CloudTrail +- DynamoDB +- EC2 +- ECS +- ElastiCache +- Lambda +- RDS +- SNS +- SQS + +## Usage + +```hcl +provider "sumologic" { + environment = var.sumologic_environment + access_id = var.sumologic_access_id + access_key = var.sumologic_access_key +} + +provider "aws" { + region = "us-east-1" +} + +module "aws_observability" { + source = "SumoLogic/aws-observability/sumologic" + version = ">= 1.0.0" + + sumologic_environment = "us2" + sumologic_access_id = var.sumologic_access_id + sumologic_access_key = var.sumologic_access_key + sumologic_organization_id = var.sumologic_organization_id + aws_account_alias = "prod" +} +``` + +For multi-account or multi-region deployments, use the submodules directly: + +```hcl +# Install apps once per Sumo Logic org +module "apps" { + source = "SumoLogic/aws-observability/sumologic//modules/apps" + version = ">= 1.0.0" + ... +} + +# Install collection once per AWS account/region +module "collection" { + source = "SumoLogic/aws-observability/sumologic//modules/collection" + version = ">= 1.0.0" + ... +} +``` + +See the [`examples/`](./examples) directory for complete working configurations. + +## Submodules + +| Name | Description | +|------|-------------| +| [modules/apps](./modules/apps) | Installs Sumo Logic apps, monitors, metric rules, FERs, and the AWS Observability hierarchy. Deploy once per Sumo Logic organization. | +| [modules/collection](modules/collections) | Creates AWS collection infrastructure (CloudTrail, ELB, CloudWatch, Kinesis Firehose sources) and Sumo Logic collector. Deploy once per AWS account/region. | + +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 1.5.7 | +| aws | >= 5.16.2, < 7.0.0 | +| sumologic | >= 2.31.3, < 4.0.0 | +| time | >= 0.11.1 | +| random | >= 3.1.0 | + +## Providers + +| Name | Version | +|------|---------| +| [sumologic](https://registry.terraform.io/providers/SumoLogic/sumologic/latest) | >= 2.31.3, < 4.0.0 | +| [aws](https://registry.terraform.io/providers/hashicorp/aws/latest) | >= 5.16.2, < 7.0.0 | +| [time](https://registry.terraform.io/providers/hashicorp/time/latest) | >= 0.11.1 | + +## Modules + +| Name | Source | +|------|--------| +| [sumo-module](./modules/apps) | ./modules/apps | +| [collection-module](modules/collections) | ./modules/collection | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| sumologic\_environment | Sumo Logic deployment region (au, ca, ch, de, eu, esc, fed, jp, kr, us1, us2) | `string` | n/a | yes | +| sumologic\_access\_id | Sumo Logic Access ID | `string` | n/a | yes | +| sumologic\_access\_key | Sumo Logic Access Key | `string` | n/a | yes | +| sumologic\_organization\_id | Sumo Logic Organization ID | `string` | n/a | yes | +| aws\_account\_alias | Alias for the AWS account (lowercase letters and numbers only) | `string` | n/a | yes | +| sumologic\_folder\_installation\_location | Where to install the app folder (`"Personal Folder"` or `"Admin Recommended Folder"`) | `string` | `"Personal Folder"` | no | +| sumologic\_folder\_share\_with\_org | Share the AWS Observability folder with the entire org | `bool` | `true` | no | +| aws\_resource\_tags | Tags to apply to all AWS resources created by this module | `map(string)` | `{}` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| Apps | All outputs related to apps. | +| Collection | All outputs related to collection and sources. | diff --git a/terraform-sumologic-aws-observability/apps.sh b/terraform-sumologic-aws-observability/apps.sh new file mode 100755 index 00000000..9c23cc0f --- /dev/null +++ b/terraform-sumologic-aws-observability/apps.sh @@ -0,0 +1,99 @@ +#! /bin/bash + +# ---------------------------------------------------------------------------------------------------------------------------------------------------------- +# This script imports the existing app installations (required by aws observability solution) if app(s) are already installed in the user's Sumo Logic account. +# For SUMOLOGIC_ENV, provide one from the list : au, ca, ch, de, eu, esc, jp, us2, kr, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security" +# Before using this script, set following environment variables using below commands: +# export SUMOLOGIC_ENV="" +# export SUMOLOGIC_ACCESSID="" +# export SUMOLOGIC_ACCESSKEY="" +#----------------------------------------------------------------------------------------------------------------------------------------------------------- + +# Validate Sumo Logic environment/deployment. + +if ! [[ "$SUMOLOGIC_ENV" =~ ^(au|ca|ch|de|eu|esc|jp|us2|fed|kr|us1|stag)$ ]]; then + echo "$SUMOLOGIC_ENV is invalid Sumo Logic deployment. For SUMOLOGIC_ENV, provide one from list : au, ca, ch, de, eu, esc, fed, jp, kr, us1, us2 or stag. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security" + exit 1 +fi + +# Get Sumo Logic api endpoint based on SUMOLOGIC_ENV +if [ "${SUMOLOGIC_ENV}" == "us1" ]; then + SUMOLOGIC_BASE_URL="https://api.sumologic.com/api/" +elif [ "${SUMOLOGIC_ENV}" == "stag" ]; then + SUMOLOGIC_BASE_URL="https://stag-api.sumologic.net/api/" +else + SUMOLOGIC_BASE_URL="https://api.${SUMOLOGIC_ENV}.sumologic.com/api/" +fi + +# awso_apps_list contains apps required for AWS Observability Solution. +# Each entry is "uuid|name" matching the installation_apps_list in local.tf. +# Update the list if new apps are added to the solution. +declare -ra awso_apps_list=( + "b3210735-0917-459e-8d1e-722fee4c22fe|Amazon ECS(Without Container Insights and Traces)" + "82ab79f5-3e85-4974-852f-5cb8f8028230|Amazon ElastiCache" + "32c8b96c-161c-46d4-b81d-235cc0b56b87|Amazon Overview" + "c32ad59b-ee10-4cd1-8369-3639e8457b1f|Amazon RDS" + "9c203dfb-6088-4a76-b12e-cc3a78ce0df5|Amazon SNS" + "8b57f601-c163-4481-8ae7-d6e212516506|Amazon SQS" + "f1dfe2ea-ee27-4a74-972c-560424b9cb5c|AWS API Gateway" + "27a17946-e475-4d56-8a8f-bc3fbc0400ca|AWS Application Load Balancer" + "fb7a2e22-006c-40ea-945c-e73b6b369e7c|AWS Classic Load Balancer" + "092203f6-9443-47ca-b2b5-6a4c25e8c14c|AWS DynamoDB" + "f14714b5-6e86-40e7-aa6c-970e9182c0be|AWS EC2" + "d71cb5f7-bf92-4fac-984f-33fdaea856f7|AWS Lambda" + "5a6e7695-94a9-4548-a44a-054d4e793432|AWS Network Load Balancer" + "149c19d7-de3a-483b-a1a7-bbd825916548|Host Metrics (EC2)" +) + +function get_app_instances() { + local RESPONSE + readonly RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v2/apps/instances)" + + echo "${RESPONSE}" +} + +get_app_instances +INSTANCES_RESPONSE=$(get_app_instances) +outputVal=$? + +if ! jq -e <<< "${INSTANCES_RESPONSE}" > /dev/null 2>&1; then + printf "Failed requesting Apps instances API:\n%s\n" "${INSTANCES_RESPONSE}" + # Credential Issue + outputVal=2 +elif ! jq -e '.data' <<< "${INSTANCES_RESPONSE}" > /dev/null 2>&1; then + printf "Failed requesting Apps instances API:\n%s\n" "${INSTANCES_RESPONSE}" + # Permissions/credential issues + outputVal=3 +fi + +if [ $outputVal == 0 ]; then + for ENTRY in "${awso_apps_list[@]}"; do + APP_UUID="${ENTRY%%|*}" + APP_NAME="${ENTRY##*|}" + echo "$APP_NAME - $APP_UUID" + + INSTALLATION_ID=$(echo "${INSTANCES_RESPONSE}" | jq -r ".data[] | select(.uuid == \"${APP_UUID}\") | .id" | head -1) + + if [[ -z "${INSTALLATION_ID}" ]]; then + # App not installed in Sumo org, skip importing + continue + fi + + # App installation exists in Sumo org, hence import + terraform import \ + "module.app-module.sumologic_app.apps[\"${APP_NAME}\"]" "${INSTALLATION_ID}" + done +elif [ $outputVal == 2 ]; then + echo "Error in calling Sumo Logic Apps API." + echo "User's credentials (SUMOLOGIC_ACCESSID and SUMOLOGIC_ACCESSKEY) are not valid." +elif [ $outputVal == 3 ]; then + echo "Error in calling Sumo Logic Apps API. The reasons can be:" + echo "1. Credentials could not be verified. Cross check SUMOLOGIC_ACCESSID and SUMOLOGIC_ACCESSKEY." + echo "2. You do not have the role capabilities to manage Sumo Logic apps. Please see the Sumo Logic docs on role capabilities https://help.sumologic.com/Manage/Users-and-Roles/Manage-Roles/05-Role-Capabilities" +else + echo "Error in calling Sumo Logic Apps API. The reasons can be:" + echo "1. User's credentials (SUMOLOGIC_ACCESSID and SUMOLOGIC_ACCESSKEY) are not associated with SUMOLOGIC_ENV" + echo "2. You do not have the role capabilities to manage Sumo Logic apps. Please see the Sumo Logic docs on role capabilities https://help.sumologic.com/Manage/Users-and-Roles/Manage-Roles/05-Role-Capabilities" +fi diff --git a/terraform-sumologic-aws-observability/examples/appmodule/LICENSE b/terraform-sumologic-aws-observability/examples/appmodule/LICENSE new file mode 100644 index 00000000..f9b9ffe9 --- /dev/null +++ b/terraform-sumologic-aws-observability/examples/appmodule/LICENSE @@ -0,0 +1,13 @@ +Copyright 2020. Sumo Logic Inc., All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. \ No newline at end of file diff --git a/terraform-sumologic-aws-observability/examples/appmodule/README.md b/terraform-sumologic-aws-observability/examples/appmodule/README.md new file mode 100644 index 00000000..1e2a72aa --- /dev/null +++ b/terraform-sumologic-aws-observability/examples/appmodule/README.md @@ -0,0 +1,145 @@ +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.5.7 | +| [aws](#requirement\_aws) | >= 5.16.2, < 7.0.0 | +| [random](#requirement\_random) | >= 3.1.0 | +| [sumologic](#requirement\_sumologic) | >= 2.31.3, < 4.0.0 | +| [time](#requirement\_time) | >= 0.11.1 | + +## Providers + +| Name | Version | +|------|---------| +| [sumologic](#provider\_sumologic) | >= 2.31.3, < 4.0.0 | +| [time](#provider\_time) | >= 0.11.1 | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [sumo-module](#module\_sumo-module) | ../../app-modules | n/a | + +## Resources + +| Name | Type | +|------|------| +| [sumologic_field.account](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.accountid](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.apiid](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.apiname](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.cacheclusterid](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.clustername](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.dbclusteridentifier](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.dbidentifier](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.dbinstanceidentifier](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.functionname](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.instanceid](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.loadbalancer](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.loadbalancername](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.namespace](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.networkloadbalancer](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.queuename](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.region](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.tablename](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field.topicname](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityALBCloudTrailLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityAlbAccessLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityApiGatewayAccessLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityApiGatewayCloudTrailLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityCLBCloudTrailLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityDynamoDBCloudTrailLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityEC2CloudTrailLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityECSCloudTrailLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityElastiCacheCloudTrailLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityElbAccessLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityFieldExtractionRule](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityGenericCloudWatchLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityLambdaCloudWatchLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityNLBCloudTrailLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilityRdsCloudTrailLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilitySNSCloudTrailLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [sumologic_field_extraction_rule.AwsObservabilitySQSCloudTrailLogsFER](https://registry.terraform.io/providers/SumoLogic/sumologic/latest/docs/resources/field_extraction_rule) | resource | +| [time_sleep.wait_for_10_seconds](https://registry.terraform.io/providers/hashicorp/time/latest/docs/resources/sleep) | resource | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [alb\_monitors](#input\_alb\_monitors) | Indicates if the ALB Apps monitors should be enabled. true to disable; false to enable. | `bool` | `true` | no | +| [apps\_folder](#input\_apps\_folder) | Provide a folder name where all the apps will be installed under the Personal folder of the user whose access keys you have entered.
Default value will be: AWS Observability Apps | `string` | `"AWS Observability Apps"` | no | +| [aws\_account\_alias](#input\_aws\_account\_alias) | Provide the Name/Alias for the AWS environment from which you are collecting data. This name will appear in the Sumo Logic Explorer View, metrics, and logs.
If you are going to deploy the solution in multiple AWS accounts then this value has to be overidden at main.tf file.
Do not include special characters in the alias. | `string` | n/a | yes | +| [ec2metrics\_monitors](#input\_ec2metrics\_monitors) | Indicates if EC2 Metrics Apps monitors should be enabled. true to disable; false to enable. | `bool` | `true` | no | +| [ecs\_monitors](#input\_ecs\_monitors) | Indicates if ECS Apps monitors should be enabled. true to disable; false to enable. | `bool` | `true` | no | +| [elasticache\_monitors](#input\_elasticache\_monitors) | Indicates if Elasticache Apps monitors should be enabled. true to disable; false to enable. | `bool` | `true` | no | +| [monitors\_folder](#input\_monitors\_folder) | Provide a folder name where all the monitors will be installed under Monitor Folder.
Default value will be: AWS Observability Monitors | `string` | `"AWS Observability Monitors"` | no | +| [sumo\_api\_endpoint](#input\_sumo\_api\_endpoint) | n/a | `string` | n/a | yes | +| [sumologic\_access\_id](#input\_sumologic\_access\_id) | Sumo Logic Access ID. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key | `string` | n/a | yes | +| [sumologic\_access\_key](#input\_sumologic\_access\_key) | Sumo Logic Access Key. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key | `string` | n/a | yes | +| [sumologic\_environment](#input\_sumologic\_environment) | Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security | `string` | n/a | yes | +| [sumologic\_folder\_installation\_location](#input\_sumologic\_folder\_installation\_location) | Indicates where to install the app folder. Enter "Personal Folder" for installing in "Personal" folder and "Admin Recommended Folder" for installing in "Admin Recommended" folder. | `string` | `"Personal Folder"` | no | +| [sumologic\_folder\_share\_with\_org](#input\_sumologic\_folder\_share\_with\_org) | Indicates if AWS Observability folder should be shared (view access) with entire organization. true to enable; false to disable. | `bool` | `true` | no | +| [sumologic\_organization\_id](#input\_sumologic\_organization\_id) | You can find your org on the Preferences page in the Sumo Logic UI. For more information, see the Preferences Page topic. Your org ID will be used to configure the IAM Role for Sumo Logic AWS Sources."
For more details, visit https://help.sumologic.com/01Start-Here/05Customize-Your-Sumo-Logic-Experience/Preferences-Page | `string` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| [alb\_apps\_folder\_id](#output\_alb\_apps\_folder\_id) | This output contains sumologic ALB apps folder. | +| [apigateway\_apps\_folder\_id](#output\_apigateway\_apps\_folder\_id) | This output contains sumologic API Gateway apps folder. | +| [apps\_folder\_id](#output\_apps\_folder\_id) | This output contains sumologic apps folder. | +| [clb\_apps\_folder\_id](#output\_clb\_apps\_folder\_id) | This output contains sumologic CLB apps folder. | +| [dynamodb\_apps\_folder\_id](#output\_dynamodb\_apps\_folder\_id) | This output contains sumologic DynamoDB apps folder. | +| [ec2CWmetrics\_apps\_folder\_id](#output\_ec2CWmetrics\_apps\_folder\_id) | This output contains sumologic EC2 CW metrics apps folder. | +| [ec2metrics\_apps\_folder\_id](#output\_ec2metrics\_apps\_folder\_id) | This output contains sumologic EC2 host metrics apps folder. | +| [ecs\_apps\_folder\_id](#output\_ecs\_apps\_folder\_id) | This output contains sumologic ECS apps folder. | +| [elasticache\_apps\_folder\_id](#output\_elasticache\_apps\_folder\_id) | This output contains sumologic ElastiCacheApp apps folder. | +| [hierarchy\_id](#output\_hierarchy\_id) | This output contains sumologic hierarchy id. | +| [lambda\_apps\_folder\_id](#output\_lambda\_apps\_folder\_id) | This output contains sumologic Lambda apps folder. | +| [monitors\_folder\_id](#output\_monitors\_folder\_id) | This output contains sumologic monitors folder. | +| [nlb\_apps\_folder\_id](#output\_nlb\_apps\_folder\_id) | This output contains sumologic NLB apps folder. | +| [overview\_apps\_folder\_id](#output\_overview\_apps\_folder\_id) | This output contains sumologic Overview apps folder. | +| [rds\_apps\_folder\_id](#output\_rds\_apps\_folder\_id) | This output contains sumologic RDS apps folder. | +| [sns\_apps\_folder\_id](#output\_sns\_apps\_folder\_id) | This output contains sumologic SNS apps folder. | +| [sqs\_apps\_folder\_id](#output\_sqs\_apps\_folder\_id) | This output contains sumologic SQS apps folder. | +| [sumologic\_field\_account](#output\_sumologic\_field\_account) | This output contains sumologic Account field id. | +| [sumologic\_field\_accountid](#output\_sumologic\_field\_accountid) | This output contains sumologic accountid field id. | +| [sumologic\_field\_apiid](#output\_sumologic\_field\_apiid) | This output contains sumologic apiid field id. | +| [sumologic\_field\_apiname](#output\_sumologic\_field\_apiname) | This output contains sumologic apiname field id. | +| [sumologic\_field\_cacheclusterid](#output\_sumologic\_field\_cacheclusterid) | This output contains sumologic cacheclusterid field id. | +| [sumologic\_field\_clustername](#output\_sumologic\_field\_clustername) | This output contains sumologic clustername field id. | +| [sumologic\_field\_dbclusteridentifier](#output\_sumologic\_field\_dbclusteridentifier) | This output contains sumologic dbclusteridentifier field id. | +| [sumologic\_field\_dbidentifier](#output\_sumologic\_field\_dbidentifier) | This output contains sumologic dbidentifier field id. | +| [sumologic\_field\_dbinstanceidentifier](#output\_sumologic\_field\_dbinstanceidentifier) | This output contains sumologic dbinstanceidentifier field id. | +| [sumologic\_field\_extraction\_rule\_alb](#output\_sumologic\_field\_extraction\_rule\_alb) | This output contains sumologic ALB field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_alb\_cloudtrail](#output\_sumologic\_field\_extraction\_rule\_alb\_cloudtrail) | This output contains sumologic ALB CloudTrail field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_apigateway](#output\_sumologic\_field\_extraction\_rule\_apigateway) | This output contains sumologic API gateway field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_apigateway\_access\_logs](#output\_sumologic\_field\_extraction\_rule\_apigateway\_access\_logs) | This output contains sumologic API gateway Access Logs field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_clb\_cloudtrail](#output\_sumologic\_field\_extraction\_rule\_clb\_cloudtrail) | This output contains sumologic CLB CloudTrail field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_cw](#output\_sumologic\_field\_extraction\_rule\_cw) | This output contains sumologic CloudWatch logs generic field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_dynamodb](#output\_sumologic\_field\_extraction\_rule\_dynamodb) | This output contains sumologic dynamoDB field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_ec2metrics](#output\_sumologic\_field\_extraction\_rule\_ec2metrics) | This output contains sumologic EC2 field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_ecs](#output\_sumologic\_field\_extraction\_rule\_ecs) | This output contains sumologic ECS field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_elasticache](#output\_sumologic\_field\_extraction\_rule\_elasticache) | This output contains sumologic Elasticache field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_elb](#output\_sumologic\_field\_extraction\_rule\_elb) | This output contains sumologic CLB field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_lambda](#output\_sumologic\_field\_extraction\_rule\_lambda) | This output contains sumologic Lambda cloudtrail field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_lambda\_cw](#output\_sumologic\_field\_extraction\_rule\_lambda\_cw) | This output contains sumologic Lambda cloudwatch field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_nlb\_cloudtrail](#output\_sumologic\_field\_extraction\_rule\_nlb\_cloudtrail) | This output contains sumologic NLB CloudTrail field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_rds](#output\_sumologic\_field\_extraction\_rule\_rds) | This output contains sumologic RDS field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_sns](#output\_sumologic\_field\_extraction\_rule\_sns) | This output contains sumologic SNS field extraction rule id. | +| [sumologic\_field\_extraction\_rule\_sqs](#output\_sumologic\_field\_extraction\_rule\_sqs) | This output contains sumologic SQS field extraction rule id. | +| [sumologic\_field\_functionname](#output\_sumologic\_field\_functionname) | This output contains sumologic functionname field id. | +| [sumologic\_field\_instanceid](#output\_sumologic\_field\_instanceid) | This output contains sumologic instanceid field id. | +| [sumologic\_field\_loadbalancer](#output\_sumologic\_field\_loadbalancer) | This output contains sumologic loadbalancer field id. | +| [sumologic\_field\_loadbalancername](#output\_sumologic\_field\_loadbalancername) | This output contains sumologic loadbalancername field id. | +| [sumologic\_field\_namespace](#output\_sumologic\_field\_namespace) | This output contains sumologic namespace field id. | +| [sumologic\_field\_networkloadbalancer](#output\_sumologic\_field\_networkloadbalancer) | This output contains sumologic networkloadbalancer field id. | +| [sumologic\_field\_queuename](#output\_sumologic\_field\_queuename) | This output contains sumologic queuename field id. | +| [sumologic\_field\_region](#output\_sumologic\_field\_region) | This output contains sumologic Region field id. | +| [sumologic\_field\_tablename](#output\_sumologic\_field\_tablename) | This output contains sumologic tablename field id. | +| [sumologic\_field\_topicname](#output\_sumologic\_field\_topicname) | This output contains sumologic topicname field id. | +| [sumologic\_metric\_rule\_api\_gw](#output\_sumologic\_metric\_rule\_api\_gw) | This output contains sumologic API Gateway metric rule name. | +| [sumologic\_metric\_rule\_nlb](#output\_sumologic\_metric\_rule\_nlb) | This output contains sumologic NLB metric rule name. | +| [sumologic\_metric\_rule\_rds\_cluster](#output\_sumologic\_metric\_rule\_rds\_cluster) | This output contains sumologic RDS cluster metric rule name. | +| [sumologic\_metric\_rule\_rds\_instance](#output\_sumologic\_metric\_rule\_rds\_instance) | This output contains sumologic RDS instance metric rule name. | diff --git a/terraform-sumologic-aws-observability/examples/appmodule/field.tf b/terraform-sumologic-aws-observability/examples/appmodule/field.tf new file mode 100644 index 00000000..279ccd8f --- /dev/null +++ b/terraform-sumologic-aws-observability/examples/appmodule/field.tf @@ -0,0 +1,446 @@ +# Wait resource +resource "time_sleep" "wait_for_10_seconds" { + create_duration = "10s" +} + +# common fields +resource "sumologic_field" "account" { + data_type = "String" + field_name = "account" + state = "Enabled" +} + +# common fields +resource "sumologic_field" "region" { + data_type = "String" + field_name = "region" + state = "Enabled" +} + +# common fields +resource "sumologic_field" "accountid" { + data_type = "String" + field_name = "accountid" + state = "Enabled" +} + +# common fields +resource "sumologic_field" "namespace" { + data_type = "String" + field_name = "namespace" + state = "Enabled" +} + +# Used in ALB +resource "sumologic_field" "loadbalancer" { + data_type = "String" + field_name = "loadbalancer" + state = "Enabled" +} + +# Used in Classic LB +resource "sumologic_field" "loadbalancername" { + data_type = "String" + field_name = "loadbalancername" + state = "Enabled" +} + +# Used in API gateway +resource "sumologic_field" "apiname" { + data_type = "String" + field_name = "apiname" + state = "Enabled" +} + +# Used in API gateway +resource "sumologic_field" "apiid" { + data_type = "String" + field_name = "apiid" + state = "Enabled" +} + +# Used in DynamoDB +resource "sumologic_field" "tablename" { + data_type = "String" + field_name = "tablename" + state = "Enabled" +} + +# Used in EC2 +resource "sumologic_field" "instanceid" { + data_type = "String" + field_name = "instanceid" + state = "Enabled" +} + +# Used in ECS +resource "sumologic_field" "clustername" { + data_type = "String" + field_name = "clustername" + state = "Enabled" +} + +# Used in Elasticache +resource "sumologic_field" "cacheclusterid" { + data_type = "String" + field_name = "cacheclusterid" + state = "Enabled" +} + +# Used in Lambda +resource "sumologic_field" "functionname" { + data_type = "String" + field_name = "functionname" + state = "Enabled" +} + +# Used in NLB +resource "sumologic_field" "networkloadbalancer" { + data_type = "String" + field_name = "networkloadbalancer" + state = "Enabled" +} + +# Used in RDS +resource "sumologic_field" "dbidentifier" { + data_type = "String" + field_name = "dbidentifier" + state = "Enabled" +} +resource "sumologic_field" "dbclusteridentifier" { + data_type = "String" + field_name = "dbclusteridentifier" + state = "Enabled" +} +resource "sumologic_field" "dbinstanceidentifier" { + data_type = "String" + field_name = "dbinstanceidentifier" + state = "Enabled" +} + +# Used in SNS +resource "sumologic_field" "topicname" { + data_type = "String" + field_name = "topicname" + state = "Enabled" +} + +# Used in SQS +resource "sumologic_field" "queuename" { + data_type = "String" + field_name = "queuename" + state = "Enabled" +} + +# ALB access log FER +resource "sumologic_field_extraction_rule" "AwsObservabilityAlbAccessLogsFER" { + depends_on = [time_sleep.wait_for_10_seconds] + name = "AwsObservabilityAlbAccessLogsFER" + scope = "account=* region=* (http or https or h2 or grpcs or ws or wss)" + parse_expression = <.*?)\"" nodrop + | parse regex field=req_instancesSet_items "\"instanceId\":\s*\"(?.*?)\"" nodrop + | json field=responseElements "instancesSet.items" as res_responseElements_items nodrop + | parse regex field=res_responseElements_items "\"instanceType\":\s*\"(?.*?)\"" nodrop + | parse regex field=res_responseElements_items "\"instanceId\":\s*\"(?.*?)\"" nodrop + | if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, "")))) as req_instanceid + | if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid + | if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType + | tolowercase(instanceid) as instanceid + | fields region, namespace, accountid, instanceid + EOT + enabled = true +} + +# ECS CloudTrail FER +resource "sumologic_field_extraction_rule" "AwsObservabilityECSCloudTrailLogsFER" { + depends_on = [time_sleep.wait_for_10_seconds] + name = "AwsObservabilityECSCloudTrailLogsFER" + scope = "account=* eventname eventsource \"ecs.amazonaws.com\"" + parse_expression = <\d{0,4}-\d{0,2}-\d{0,2}T\d{0,2}:\d{0,2}:\d{0,2}\.\d+Z)" + | where !isBlank(loadbalancername) and !isBlank(datetimevalue) + | "aws/elb" as namespace + | tolowercase(loadbalancername) as loadbalancername | fields loadbalancername, namespace + EOT + enabled = true +} + +# Lambda CloudTrail FER +resource "sumologic_field_extraction_rule" "AwsObservabilityFieldExtractionRule" { + depends_on = [time_sleep.wait_for_10_seconds] + name = "AwsObservabilityFieldExtractionRule" + scope = "account=* eventname eventsource \"lambda.amazonaws.com\"" + parse_expression = <[\S]+)$" nodrop + | parse field=resource "arn:*:lambda:*:function:*" as arn_part, f1, functionname2 nodrop + | if (isEmpty(functionname), functionname2, functionname) as functionname + | "aws/lambda" as namespace + | tolowercase(functionname) as functionname + | fields region, namespace, functionname, accountid + EOT + enabled = true +} + +# Lambda CloudWatch FER +resource "sumologic_field_extraction_rule" "AwsObservabilityLambdaCloudWatchLogsFER" { + depends_on = [time_sleep.wait_for_10_seconds] + name = "AwsObservabilityLambdaCloudWatchLogsFER" + scope = "account=* region=* _sourceHost=/aws/lambda/*" + parse_expression = <[^\/]*$)" + | if (isBlank(recipient_account_id), accountid, recipient_account_id) as accountid + | toLowerCase(queuename) as queuename + | "aws/sqs" as namespace + | fields region, namespace, queuename, accountid + EOT + enabled = true +} \ No newline at end of file diff --git a/terraform-sumologic-aws-observability/examples/appmodule/fields.sh b/terraform-sumologic-aws-observability/examples/appmodule/fields.sh new file mode 100644 index 00000000..a85abd6e --- /dev/null +++ b/terraform-sumologic-aws-observability/examples/appmodule/fields.sh @@ -0,0 +1,118 @@ +#! /bin/bash + +# ---------------------------------------------------------------------------------------------------------------------------------------------------------- +# This script imports the existing fields and FERs (required by aws observability solution) if field(s) and FER(s) are already present in the user's Sumo Logic account. +# For SUMOLOGIC_ENV, provide one from the list : au, ca, ch, de, eu, esc, jp, us2, kr, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security" +# Before using this script, set following environment variables using below commands: +# export SUMOLOGIC_ENV="" +# export SUMOLOGIC_ACCESSID="" +# export SUMOLOGIC_ACCESSKEY="" +#----------------------------------------------------------------------------------------------------------------------------------------------------------- + +# Validate Sumo Logic environment/deployment. +if ! [[ "$SUMOLOGIC_ENV" =~ ^(au|ca|ch|de|eu|esc|jp|us2|kr|fed|us1)$ ]]; then + echo "$SUMOLOGIC_ENV is invalid Sumo Logic deployment. For SUMOLOGIC_ENV, provide one from list : au, ca, ch, de, eu, esc, jp, us2, kr, fed or us1. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security" + exit 1 +fi + +# Get Sumo Logic api endpoint based on SUMOLOGIC_ENV +if [ "${SUMOLOGIC_ENV}" == "us1" ];then + SUMOLOGIC_BASE_URL="https://api.sumologic.com/api/" +else + SUMOLOGIC_BASE_URL="https://api.${SUMOLOGIC_ENV}.sumologic.com/api/" +fi + +# awso_list contains fields required for AWS Obervablity Solution. Update the list if new field is added to the solution. +declare -ra awso_list=(account accountid apiname cacheclusterid clustername dbclusteridentifier dbidentifier dbinstanceidentifier functionname instanceid loadbalancer loadbalancername namespace networkloadbalancer region tablename topicname) +# awso_fer_list contains FERs required for AWS Obervablity Solution. Update the list if new FER is added to the solution. +declare -ra awso_fer_list=(AwsObservabilityAlbAccessLogsFER AwsObservabilityApiGatewayCloudTrailLogsFER AwsObservabilityDynamoDBCloudTrailLogsFER AwsObservabilityEC2CloudTrailLogsFER AwsObservabilityECSCloudTrailLogsFER AwsObservabilityElastiCacheCloudTrailLogsFER AwsObservabilityElbAccessLogsFER AwsObservabilityFieldExtractionRule AwsObservabilityGenericCloudWatchLogsFER AwsObservabilityLambdaCloudWatchLogsFER AwsObservabilityRdsCloudTrailLogsFER AwsObservabilitySNSCloudTrailLogsFER) + +function get_remaining_fields() { + local RESPONSE + readonly RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/fields/quota)" + + echo "${RESPONSE}" +} + +# Check if we'd have at least 13 fields remaining after additional fields +# would be created for the collection +function should_create_fields() { + local RESPONSE + readonly RESPONSE=$(get_remaining_fields) + + if ! jq -e <<< "${RESPONSE}" ; then + printf "Failed requesting fields API:\n%s\n" "${RESPONSE}" + # Credential Issue + return 2 + fi + + if ! jq -e '.remaining' <<< "${RESPONSE}" ; then + printf "Failed requesting fields API:\n%s\n" "${RESPONSE}" + # Permissions/credential issuses + return 3 + fi + + local REMAINING + readonly REMAINING=$(jq -e '.remaining' <<< "${RESPONSE}") + + if [ $REMAINING -ge ${#awso_list[*]} ] ; then + # Function returning with success + return 0 + else + # Capacity not enough to create new fields + return 1 + fi +} + +should_create_fields +outputVal=$? +# Sumo Logic fields in field schema, FERs in FER schema - Decide to import +if [ $outputVal == 0 ] ; then + # Get list of all fields present in field schema of user's Sumo Logic org. + readonly FIELDS_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/fields | jq '.data[]' )" + + for FIELD in "${awso_list[@]}" ; do + FIELD_ID=$( echo "${FIELDS_RESPONSE}" | jq -r "select(.fieldName == \"${FIELD}\") | .fieldId" ) + if [[ -z "${FIELD_ID}" ]]; then + # If field is not present in Sumo org, skip importing + continue + fi + # Field exist in Sumo org, hence import + terraform import \ + sumologic_field."${FIELD}" "${FIELD_ID}" + done + # Get list of all FER present in FER schema of user's Sumo Logic org. + readonly FER_RESPONSE="$(curl -XGET -s \ + -u "${SUMOLOGIC_ACCESSID}:${SUMOLOGIC_ACCESSKEY}" \ + "${SUMOLOGIC_BASE_URL}"v1/extractionRules | jq '.data[] | del(.parseExpression)' )" + + for FER in "${awso_fer_list[@]}" ; do + FER_ID=$( echo "${FER_RESPONSE}" | jq -r "select(.name == \"${FER}\") | .id" ) + if [[ -z "${FER_ID}" ]]; then + # If FER is not present in Sumo org, skip importing + continue + fi + # FER exist in Sumo org, hence import + terraform import \ + sumologic_field_extraction_rule."${FER}" "${FER_ID}" + done +elif [ $outputVal == 1 ] ; then + echo "Couldn't automatically create fields and FERS" + echo "You do not have enough field capacity to create the required fields and FERS automatically." + echo "Please refer to https://help.sumologic.com/Manage/Fields to manually create the fields after you have removed unused fields and FERs to free up capacity." +elif [ $outputVal == 2 ] ; then + echo "Error in calling Sumo Logic Fields or FER API." + echo "User's credentials (SUMOLOGIC_ACCESSID and SUMOLOGIC_ACCESSKEY) are not valid." +elif [ $outputVal == 3 ] ; then + echo "Error in calling Sumo Logic Fields or FERs API. The reasons can be:" + echo "1. Credentials could not be verified. Cross check SUMOLOGIC_ACCESSID and SUMOLOGIC_ACCESSKEY." + echo "2. You do not have the role capabilities to create Sumo Logic fields or FERs. Please see the Sumo Logic docs on role capabilities https://help.sumologic.com/Manage/Users-and-Roles/Manage-Roles/05-Role-Capabilities" +else + echo "Error in calling Sumo Logic Fields or FERs API. The reasons can be:" + echo "1. User's credentials (SUMOLOGIC_ACCESSID and SUMOLOGIC_ACCESSKEY) are not associated with SUMOLOGIC_ENV" + echo "2. You do not have the role capabilities to create Sumo Logic fields or FERs. Please see the Sumo Logic docs on role capabilities https://help.sumologic.com/Manage/Users-and-Roles/Manage-Roles/05-Role-Capabilities" +fi \ No newline at end of file diff --git a/terraform-sumologic-aws-observability/examples/appmodule/main.auto.tfvars b/terraform-sumologic-aws-observability/examples/appmodule/main.auto.tfvars new file mode 100644 index 00000000..a0c95a7a --- /dev/null +++ b/terraform-sumologic-aws-observability/examples/appmodule/main.auto.tfvars @@ -0,0 +1,9 @@ +####### BELOW ARE REQUIRED PARAMETERS FOR TERRAFORM SCRIPT ####### +# Visit - https://help.sumologic.com/Solutions/AWS_Observability_Solution/03_Set_Up_the_AWS_Observability_Solution#sumo-logic-access-configuration-required +sumologic_environment = "" # Please replace (including brackets) with au, ca, ch, de, eu, esc, jp, us2, kr, fed or us1. +sumologic_access_id = "" +sumologic_access_key = "" +sumologic_organization_id = "" # Please replace (including brackets) with your Sumo Logic Organization ID. +aws_account_alias = "" # Please replace with an AWS account alias for identification in Sumo Logic Explorer View, metrics and logs. +# Example: https://api.sumologic.com/api/ Please update with your sumologic api endpoint. Refer, https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security +sumo_api_endpoint = "" #"" \ No newline at end of file diff --git a/terraform-sumologic-aws-observability/examples/appmodule/main.tf b/terraform-sumologic-aws-observability/examples/appmodule/main.tf new file mode 100644 index 00000000..eaa5cc29 --- /dev/null +++ b/terraform-sumologic-aws-observability/examples/appmodule/main.tf @@ -0,0 +1,20 @@ +# +# The below module is used to install apps, metric rules, Field extraction rules, Fields and Monitors. +# NOTE - The "app-modules" should be installed per Sumo Logic organization. +# +module "sumo-module" { + source = "../../modules/apps" + access_id = var.sumologic_access_id + access_key = var.sumologic_access_key + environment = var.sumologic_environment + json_file_directory_path = dirname(path.cwd) + folder_installation_location = var.sumologic_folder_installation_location + folder_share_with_org = var.sumologic_folder_share_with_org + sumologic_organization_id = var.sumologic_organization_id + apps_folder_name = var.apps_folder + monitors_folder_name = var.monitors_folder + alb_monitors_disabled = var.alb_monitors + ec2metrics_monitors_disabled = var.ec2metrics_monitors + ecs_monitors_disabled = var.ecs_monitors + elasticache_monitors_disabled = var.elasticache_monitors +} diff --git a/terraform-sumologic-aws-observability/examples/appmodule/output.tf b/terraform-sumologic-aws-observability/examples/appmodule/output.tf new file mode 100644 index 00000000..9d77f460 --- /dev/null +++ b/terraform-sumologic-aws-observability/examples/appmodule/output.tf @@ -0,0 +1,306 @@ +output "apps_folder_id" { + value = module.sumo-module.sumologic_apps_folder.id + description = "This output contains sumologic apps folder." +} + +output "alb_apps_folder_id" { + value = module.sumo-module.sumologic_content_alb.ALBApp.id + description = "This output contains sumologic ALB apps folder." +} + +output "apigateway_apps_folder_id" { + value = module.sumo-module.sumologic_content_apigateway.APIGatewayApp.id + description = "This output contains sumologic API Gateway apps folder." +} + +output "dynamodb_apps_folder_id" { + value = module.sumo-module.sumologic_content_dynamodb.DynamoDBApp.id + description = "This output contains sumologic DynamoDB apps folder." +} + +output "ec2metrics_apps_folder_id" { + value = module.sumo-module.sumologic_content_ec2metrics.EC2MetricsApp.id + description = "This output contains sumologic EC2 host metrics apps folder." +} + +output "ec2CWmetrics_apps_folder_id" { + value = module.sumo-module.sumologic_content_ec2metrics.EC2CWMetricsApp.id + description = "This output contains sumologic EC2 CW metrics apps folder." +} + +output "ecs_apps_folder_id" { + value = module.sumo-module.sumologic_content_ecs.ecsApp.id + description = "This output contains sumologic ECS apps folder." +} + +output "elasticache_apps_folder_id" { + value = module.sumo-module.sumologic_content_elasticache.ElastiCacheApp.id + description = "This output contains sumologic ElastiCacheApp apps folder." +} + +output "clb_apps_folder_id" { + value = module.sumo-module.sumologic_content_elb.ClassicLBApp.id + description = "This output contains sumologic CLB apps folder." +} + +output "lambda_apps_folder_id" { + value = module.sumo-module.sumologic_content_lambda.LambdaApp.id + description = "This output contains sumologic Lambda apps folder." +} + +output "nlb_apps_folder_id" { + value = module.sumo-module.sumologic_content_nlb.NlbApp.id + description = "This output contains sumologic NLB apps folder." +} + +output "overview_apps_folder_id" { + value = module.sumo-module.sumologic_content_overview.OverviewApp.id + description = "This output contains sumologic Overview apps folder." +} + +output "rds_apps_folder_id" { + value = module.sumo-module.sumologic_content_rds.RdsApp.id + description = "This output contains sumologic RDS apps folder." +} + +output "sns_apps_folder_id" { + value = module.sumo-module.sumologic_content_sns.SNSApp.id + description = "This output contains sumologic SNS apps folder." +} + +output "sqs_apps_folder_id" { + value = module.sumo-module.sumologic_content_sqs.SQSApp.id + description = "This output contains sumologic SQS apps folder." +} + +output "monitors_folder_id" { + value = module.sumo-module.sumologic_monitors_folder.id + description = "This output contains sumologic monitors folder." +} + +output "hierarchy_id" { + value = module.sumo-module.sumologic_hierarchy.id + description = "This output contains sumologic hierarchy id." +} + +# API gateway FER id +output "sumologic_field_extraction_rule_apigateway" { + value = sumologic_field_extraction_rule.AwsObservabilityApiGatewayCloudTrailLogsFER.id + description = "This output contains sumologic API gateway field extraction rule id." +} + +# API gateway FER id +output "sumologic_field_extraction_rule_apigateway_access_logs" { + value = sumologic_field_extraction_rule.AwsObservabilityApiGatewayAccessLogsFER.id + description = "This output contains sumologic API gateway Access Logs field extraction rule id." +} + +# ALB FER id +output "sumologic_field_extraction_rule_alb" { + value = sumologic_field_extraction_rule.AwsObservabilityAlbAccessLogsFER.id + description = "This output contains sumologic ALB field extraction rule id." +} + +# ALB CloudTrail FER id +output "sumologic_field_extraction_rule_alb_cloudtrail" { + value = sumologic_field_extraction_rule.AwsObservabilityALBCloudTrailLogsFER.id + description = "This output contains sumologic ALB CloudTrail field extraction rule id." +} + +# CLB FER id +output "sumologic_field_extraction_rule_elb" { + value = sumologic_field_extraction_rule.AwsObservabilityElbAccessLogsFER.id + description = "This output contains sumologic CLB field extraction rule id." +} + +# CLB CloudTrail FER id +output "sumologic_field_extraction_rule_clb_cloudtrail" { + value = sumologic_field_extraction_rule.AwsObservabilityCLBCloudTrailLogsFER.id + description = "This output contains sumologic CLB CloudTrail field extraction rule id." +} + +# NLB CloudTrail FER id +output "sumologic_field_extraction_rule_nlb_cloudtrail" { + value = sumologic_field_extraction_rule.AwsObservabilityNLBCloudTrailLogsFER.id + description = "This output contains sumologic NLB CloudTrail field extraction rule id." +} + +# DynamoDB FER id +output "sumologic_field_extraction_rule_dynamodb" { + value = sumologic_field_extraction_rule.AwsObservabilityDynamoDBCloudTrailLogsFER.id + description = "This output contains sumologic dynamoDB field extraction rule id." +} + +# Elasticache FER id +output "sumologic_field_extraction_rule_elasticache" { + value = sumologic_field_extraction_rule.AwsObservabilityElastiCacheCloudTrailLogsFER.id + description = "This output contains sumologic Elasticache field extraction rule id." +} + +# ECS FER id +output "sumologic_field_extraction_rule_ecs" { + value = sumologic_field_extraction_rule.AwsObservabilityECSCloudTrailLogsFER.id + description = "This output contains sumologic ECS field extraction rule id." +} + +# EC2 FER id +output "sumologic_field_extraction_rule_ec2metrics" { + value = sumologic_field_extraction_rule.AwsObservabilityEC2CloudTrailLogsFER.id + description = "This output contains sumologic EC2 field extraction rule id." +} + +# Lambda CloudTrail FER id +output "sumologic_field_extraction_rule_lambda" { + value = sumologic_field_extraction_rule.AwsObservabilityFieldExtractionRule.id + description = "This output contains sumologic Lambda cloudtrail field extraction rule id." +} + +# Lambda CloudWatch FER id +output "sumologic_field_extraction_rule_lambda_cw" { + value = sumologic_field_extraction_rule.AwsObservabilityLambdaCloudWatchLogsFER.id + description = "This output contains sumologic Lambda cloudwatch field extraction rule id." +} + +# RDS FER id +output "sumologic_field_extraction_rule_rds" { + value = sumologic_field_extraction_rule.AwsObservabilityRdsCloudTrailLogsFER.id + description = "This output contains sumologic RDS field extraction rule id." +} + +# CloudWatch generic FER id +output "sumologic_field_extraction_rule_cw" { + value = sumologic_field_extraction_rule.AwsObservabilityGenericCloudWatchLogsFER.id + description = "This output contains sumologic CloudWatch logs generic field extraction rule id." +} + +# SNS FER id +output "sumologic_field_extraction_rule_sns" { + value = sumologic_field_extraction_rule.AwsObservabilitySNSCloudTrailLogsFER.id + description = "This output contains sumologic SNS field extraction rule id." +} + +# SQS FER id +output "sumologic_field_extraction_rule_sqs" { + value = sumologic_field_extraction_rule.AwsObservabilitySQSCloudTrailLogsFER.id + description = "This output contains sumologic SQS field extraction rule id." +} + +# NLB Metric rule +output "sumologic_metric_rule_nlb" { + value = module.sumo-module.sumologic_metric_rules_nlb.NLBMetricRule.triggers.name + description = "This output contains sumologic NLB metric rule name." +} + +# API Gateway Metric rule +output "sumologic_metric_rule_api_gw" { + # value = module.sumo-module.sumologic_metric_rules_api_gw.ApiNameMetricRule.triggers.name + value = module.sumo-module.sumologic_metric_rules_api_gw.ApiNameMetricRule.triggers.name + description = "This output contains sumologic API Gateway metric rule name." +} + +# RDS Cluster Metric rule +output "sumologic_metric_rule_rds_cluster" { + value = module.sumo-module.sumologic_metric_rules_rds.ClusterMetricRule.triggers.name + description = "This output contains sumologic RDS cluster metric rule name." +} + +# RDS Instance Metric rule +output "sumologic_metric_rule_rds_instance" { + value = module.sumo-module.sumologic_metric_rules_rds.InstanceMetricRule.triggers.name + description = "This output contains sumologic RDS instance metric rule name." +} + +output "sumologic_field_account" { + value = sumologic_field.account.id + description = "This output contains sumologic Account field id." +} + +output "sumologic_field_region" { + value = sumologic_field.region.id + description = "This output contains sumologic Region field id." +} + +output "sumologic_field_accountid" { + value = sumologic_field.accountid.id + description = "This output contains sumologic accountid field id." +} + +output "sumologic_field_namespace" { + value = sumologic_field.namespace.id + description = "This output contains sumologic namespace field id." +} + +output "sumologic_field_loadbalancer" { + value = sumologic_field.loadbalancer.id + description = "This output contains sumologic loadbalancer field id." +} + +output "sumologic_field_loadbalancername" { + value = sumologic_field.loadbalancername.id + description = "This output contains sumologic loadbalancername field id." +} + +output "sumologic_field_apiname" { + value = sumologic_field.apiname.id + description = "This output contains sumologic apiname field id." +} + +output "sumologic_field_tablename" { + value = sumologic_field.tablename.id + description = "This output contains sumologic tablename field id." +} + +output "sumologic_field_instanceid" { + value = sumologic_field.instanceid.id + description = "This output contains sumologic instanceid field id." +} + +output "sumologic_field_clustername" { + value = sumologic_field.clustername.id + description = "This output contains sumologic clustername field id." +} + +output "sumologic_field_cacheclusterid" { + value = sumologic_field.cacheclusterid.id + description = "This output contains sumologic cacheclusterid field id." +} + +output "sumologic_field_functionname" { + value = sumologic_field.functionname.id + description = "This output contains sumologic functionname field id." +} + +output "sumologic_field_networkloadbalancer" { + value = sumologic_field.networkloadbalancer.id + description = "This output contains sumologic networkloadbalancer field id." +} + +output "sumologic_field_dbidentifier" { + value = sumologic_field.dbidentifier.id + description = "This output contains sumologic dbidentifier field id." +} + +output "sumologic_field_topicname" { + value = sumologic_field.topicname.id + description = "This output contains sumologic topicname field id." +} + +output "sumologic_field_queuename" { + value = sumologic_field.queuename.id + description = "This output contains sumologic queuename field id." +} + +output "sumologic_field_dbclusteridentifier" { + value = sumologic_field.dbclusteridentifier.id + description = "This output contains sumologic dbclusteridentifier field id." +} + +output "sumologic_field_dbinstanceidentifier" { + value = sumologic_field.dbinstanceidentifier.id + description = "This output contains sumologic dbinstanceidentifier field id." +} + +output "sumologic_field_apiid" { + value = sumologic_field.apiid.id + description = "This output contains sumologic apiid field id." +} \ No newline at end of file diff --git a/terraform-sumologic-aws-observability/examples/appmodule/providers.tf b/terraform-sumologic-aws-observability/examples/appmodule/providers.tf new file mode 100644 index 00000000..413e6d80 --- /dev/null +++ b/terraform-sumologic-aws-observability/examples/appmodule/providers.tf @@ -0,0 +1,21 @@ +provider "sumologic" { + environment = var.sumologic_environment + access_id = var.sumologic_access_id + access_key = var.sumologic_access_key + admin_mode = var.sumologic_folder_installation_location == "Personal Folder" ? false : true +} + +provider "aws" { + region = "us-east-1" + # + # Below properties should be added when you would like to onboard more than one region and account + # More Information regarding AWS Profile can be found at - + # + # Access configuration + # + # profile = + # + # Terraform alias + # + # alias = +} \ No newline at end of file diff --git a/terraform-sumologic-aws-observability/examples/appmodule/variables.tf b/terraform-sumologic-aws-observability/examples/appmodule/variables.tf new file mode 100644 index 00000000..2b9c9277 --- /dev/null +++ b/terraform-sumologic-aws-observability/examples/appmodule/variables.tf @@ -0,0 +1,148 @@ +variable "sumologic_environment" { + type = string + description = "Enter au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2. For more information on Sumo Logic deployments visit https://help.sumologic.com/APIs/General-API-Information/Sumo-Logic-Endpoints-and-Firewall-Security" + + validation { + condition = contains([ + "au", + "ca", + "ch", + "de", + "eu", + "esc", + "fed", + "jp", + "kr", + "us1", + "us2"], var.sumologic_environment) + error_message = "The value must be one of au, ca, ch, de, eu, esc, fed, jp, kr, us1 or us2." + } +} + +variable "sumologic_access_id" { + type = string + description = "Sumo Logic Access ID. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key" + + validation { + condition = can(regex("\\w+", var.sumologic_access_id)) + error_message = "The SumoLogic access ID must contain valid characters." + } +} + +variable "sumologic_access_key" { + type = string + description = "Sumo Logic Access Key. Visit https://help.sumologic.com/Manage/Security/Access-Keys#Create_an_access_key" + #sensitive = true + + validation { + condition = can(regex("\\w+", var.sumologic_access_key)) + error_message = "The SumoLogic access key must contain valid characters." + } + +} + +variable "sumologic_organization_id" { + type = string + description = <\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| timeslice 5m\n| count as ip_count by ClientIp, loadbalancer, account, region, namespace\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| where MaliciousConfidence=\"high\"\n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by loadbalancer, account, region, namespace\n| sort by ThreatCount", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| timeslice 5m\n| count as ip_count by ClientIp, loadbalancer, account, region, namespace\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and MaliciousConfidence=\"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by loadbalancer, account, region, namespace\n| sort by ThreatCount", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -587,11 +534,11 @@ { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/applicationelb", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/applicationelb", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, @@ -615,23 +562,20 @@ "valueType": "Any" } ], - "coloringRules": [], - "schedules": null + "coloringRules": [] }, { "type": "DashboardV2SyncDefinition", "name": "1. AWS Application Load Balancer - Response Analysis", "description": "See the details of the Load Balancer HTTP codes 3XX, 4XX, and 5XX by availability zone, and load balancer.", "title": "1. AWS Application Load Balancer - Response Analysis", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { "loadbalancer": [ "*" ], - "a023e85ba9e208b1e98ac2249da71c5c": [ - "*" - ], "namespace": [ "aws/applicationelb" ], @@ -746,17 +690,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} AvailabilityZone=* metric=HTTPCode_ELB_5XX_Count Statistic=Sum | sum by account, region, namespace, loadbalancer, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -773,17 +714,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| where (ElbStatusCode matches \"4*\")\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| count by ClientIP\n| lookup latitude, longitude from geo://location on ip = ClientIP\n| count by latitude, longitude\n| where !isnull(latitude)", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| where (ElbStatusCode matches \"4*\")\n| count by ClientIP\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = ClientIP\n| count by latitude, longitude, country_code, country_name, region, city, postal_code\n| where !isnull(latitude)", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -800,17 +738,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| where (ElbStatusCode matches \"5*\")\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| count by ClientIP\n| lookup latitude, longitude from geo://location on ip = ClientIP\n| count by latitude, longitude\n| where !isnull(latitude)", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| where (ElbStatusCode matches \"5*\")\n| count by ClientIP\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = ClientIP\n| count by latitude, longitude, country_code, country_name, region, city, postal_code\n| where !isnull(latitude)", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -827,17 +762,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| where (ElbStatusCode matches \"3*\")\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| count by ClientIP\n| lookup latitude, longitude from geo://location on ip = ClientIP\n| count by latitude, longitude\n| where !isnull(latitude)", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| where (ElbStatusCode matches \"3*\")\n| count by ClientIP\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = ClientIP\n| count by latitude, longitude, country_code, country_name, region, city, postal_code\n| where !isnull(latitude)", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -849,22 +781,19 @@ "id": null, "key": "panelPANE-CCFCC1BB99CA3843", "title": "Events - 5XX Response Codes", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Server Errors\"}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Server Errors\"}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| if(ElbStatusCode matches \"5*\", 1, 0) as ServerErrors \n| timeslice 1m\n| sum(ServerErrors) as ServerErrors by _timeslice\n| sort _timeslice asc", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -881,17 +810,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} AvailabilityZone=* metric=HTTPCode_ELB_4XX_Count Statistic=Sum | sum by account, region, namespace, loadbalancer, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -908,17 +834,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} AvailabilityZone=* metric=HTTPCode_ELB_3XX_Count Statistic=Sum | sum by account, region, namespace, loadbalancer, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -930,22 +853,19 @@ "id": null, "key": "panel848E183B8031884D", "title": "Events - 4XX Response Codes", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Server Errors\"}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Server Errors\"}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| if(ElbStatusCode matches \"4*\", 1, 0) as ServerErrors \n| timeslice 1m\n| sum(ServerErrors) as ServerErrors by _timeslice\n| sort _timeslice asc", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -957,22 +877,19 @@ "id": null, "key": "panel114E4560B4917A43", "title": "Events - 3XX Response Codes", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Server Errors\"}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Server Errors\"}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| if(ElbStatusCode matches \"3*\", 1, 0) as ServerErrors \n| timeslice 1m\n| sum(ServerErrors) as ServerErrors by _timeslice\n| sort _timeslice asc", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -989,17 +906,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI \n| if (ElbStatusCode matches \"5*\",1,0) as ELB_5XX\n| if (ElbStatusCode matches \"4*\",1,0) as ELB_4XX\n| if (ElbStatusCode matches \"3*\",1,0) as ELB_3XX\n| sum(ELB_5XX) as ELB_5XX, sum(ELB_4XX) as ELB_4XX, sum(ELB_3XX) as ELB_3XX by loadbalancer, Domain, URI\n| limit 20\n| sort by ELB_5XX", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1042,11 +956,11 @@ { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/applicationelb", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/applicationelb", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, @@ -1070,23 +984,20 @@ "valueType": "Any" } ], - "coloringRules": [], - "schedules": null + "coloringRules": [] }, { "type": "DashboardV2SyncDefinition", "name": "2. AWS Application Load Balancer - Target Group Response Analysis", "description": "See the details of the Target Group HTTP codes 2XX, 3XX, 4XX, and 5XX by target group, availability zone, and load balancer.", "title": "2. AWS Application Load Balancer - Target Group Response Analysis", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { "loadbalancer": [ "*" ], - "a023e85ba9e208b1e98ac2249da71c5c": [ - "*" - ], "namespace": [ "aws/applicationelb" ], @@ -1210,17 +1121,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n| if (TargetStatusCode matches \"5*\",1,0) as Target_5XX\n| if (TargetStatusCode matches \"4*\",1,0) as Target_4XX\n| if (TargetStatusCode matches \"3*\",1,0) as Target_3XX\n| if (TargetStatusCode matches \"2*\",1,0) as Target_2XX\n| sum(Target_5XX) as Target_5XX, sum(Target_4XX) as Target_4XX, sum(Target_3XX) as Target_3XX, sum(Target_2XX) as Target_2XX by loadbalancer, TargetGroup, Domain, URI\n| limit 20\n| sort by Target_5XX, Target_4XX, Target_3XX, Target_2XX", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| if (TargetStatusCode matches \"5*\",1,0) as Target_5XX\n| if (TargetStatusCode matches \"4*\",1,0) as Target_4XX\n| if (TargetStatusCode matches \"3*\",1,0) as Target_3XX\n| if (TargetStatusCode matches \"2*\",1,0) as Target_2XX\n| sum(Target_5XX) as Target_5XX, sum(Target_4XX) as Target_4XX, sum(Target_3XX) as Target_3XX, sum(Target_2XX) as Target_2XX by loadbalancer, TargetGroup, Domain, URI\n| limit 20\n| sort by Target_5XX, Target_4XX, Target_3XX, Target_2XX", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1237,17 +1145,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} AvailabilityZone=* TargetGroup=* metric=HTTPCode_Target_4XX_Count Statistic=Sum | parse field= TargetGroup */* as Unused, TargetGroup | sum by account, region, namespace, loadbalancer, TargetGroup, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1264,17 +1169,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} AvailabilityZone=* TargetGroup=* metric=HTTPCode_Target_2XX_Count Statistic=Sum | parse field= TargetGroup */* as Unused, TargetGroup | sum by account, region, namespace, loadbalancer, TargetGroup, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1291,17 +1193,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} AvailabilityZone=* TargetGroup=* metric=HTTPCode_Target_3XX_Count Statistic=Sum | parse field= TargetGroup */* as Unused, TargetGroup | sum by account, region, namespace, loadbalancer, TargetGroup, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1313,22 +1212,19 @@ "id": null, "key": "panelPANE-2A2CE58CB024284B", "title": "Events - 5XX Response Codes", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n| where !isEmpty(TargetGroup)\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| if(TargetStatusCode matches \"5*\", 1, 0) as TargetErrors \n| timeslice 1m\n| sum(TargetErrors) as TargetErrors by _timeslice, TargetGroup\n| transpose row _timeslice column TargetGroup", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| where !isEmpty(TargetGroup)\n| if(TargetStatusCode matches \"5*\", 1, 0) as TargetErrors \n| timeslice 1m\n| sum(TargetErrors) as TargetErrors by _timeslice, TargetGroup\n| transpose row _timeslice column TargetGroup", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1340,22 +1236,19 @@ "id": null, "key": "panelDCE3556190369A4B", "title": "Events - 4XX Response Codes", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n| where !isEmpty(TargetGroup)\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| if(TargetStatusCode matches \"4*\", 1, 0) as TargetErrors \n| timeslice 1m\n| sum(TargetErrors) as TargetErrors by _timeslice, TargetGroup\n| transpose row _timeslice column TargetGroup", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| where !isEmpty(TargetGroup)\n| if(TargetStatusCode matches \"4*\", 1, 0) as TargetErrors \n| timeslice 1m\n| sum(TargetErrors) as TargetErrors by _timeslice, TargetGroup\n| transpose row _timeslice column TargetGroup", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1367,22 +1260,19 @@ "id": null, "key": "panel74660D2CA5358B47", "title": "Events - 3XX Response Codes", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n| where !isEmpty(TargetGroup)\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| if(TargetStatusCode matches \"3*\", 1, 0) as TargetErrors \n| timeslice 1m\n| sum(TargetErrors) as TargetErrors by _timeslice, TargetGroup\n| transpose row _timeslice column TargetGroup", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| where !isEmpty(TargetGroup)\n| if(TargetStatusCode matches \"3*\", 1, 0) as TargetErrors \n| timeslice 1m\n| sum(TargetErrors) as TargetErrors by _timeslice, TargetGroup\n| transpose row _timeslice column TargetGroup", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1394,22 +1284,19 @@ "id": null, "key": "panelA5A5D6698A94CB4F", "title": "Events - 2XX Response Codes", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n| where !isEmpty(TargetGroup)\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| if(TargetStatusCode matches \"2*\", 1, 0) as TargetErrors \n| timeslice 1m\n| sum(TargetErrors) as TargetErrors by _timeslice, TargetGroup\n| transpose row _timeslice column TargetGroup", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop\n| where !isEmpty(TargetGroup)\n| if(TargetStatusCode matches \"2*\", 1, 0) as TargetErrors \n| timeslice 1m\n| sum(TargetErrors) as TargetErrors by _timeslice, TargetGroup\n| transpose row _timeslice column TargetGroup", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1426,17 +1313,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} AvailabilityZone=* TargetGroup=* metric=HTTPCode_Target_5XX_Count Statistic=Sum | parse field= TargetGroup */* as Unused, TargetGroup | sum by account, region, namespace, loadbalancer, TargetGroup, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1507,23 +1391,20 @@ "valueType": "Any" } ], - "coloringRules": [], - "schedules": null + "coloringRules": [] }, { "type": "DashboardV2SyncDefinition", "name": "3. AWS Application Load Balancer - Latency Overview", "description": "See the details of latency in your application load balancer by target group, availability zone, and load balancer.", "title": "3. AWS Application Load Balancer - Latency Overview", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { "loadbalancer": [ "*" ], - "a023e85ba9e208b1e98ac2249da71c5c": [ - "*" - ], "namespace": [ "aws/applicationelb" ], @@ -1587,17 +1468,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} metric=TargetResponseTime Statistic=Average targetgroup=* AvailabilityZone=* | parse field= TargetGroup */* as Unused, TargetGroup | sum by account, region, namespace, loadbalancer, TargetGroup, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1609,22 +1487,19 @@ "id": null, "key": "panelpane-46aba672bb08b846", "title": "Max and Average Total Client Latency by Target Group", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"column\",\"fontSize\":12,\"paginationPageSize\":100,\"displayType\":\"default\",\"fillOpacity\":1},\"color\":{\"family\":\"scheme1\"},\"hiddenQueryKeys\":[],\"legend\":{\"enabled\":false},\"axes\":{\"axisY\":{\"title\":\"Latency\"}},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"column\",\"fontSize\":12,\"paginationPageSize\":100,\"displayType\":\"default\",\"fillOpacity\":1},\"color\":{\"family\":\"scheme1\"},\"hiddenQueryKeys\":[],\"legend\":{\"enabled\":false},\"axes\":{\"axisY\":{\"title\":\"Latency\"}},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| (RequestProcessingTime+TargetProcessingTime+ResponseProcessingTime) as ClientLatency\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| avg(ClientLatency) as AverageClientLatency, max(ClientLatency) as MaximumClientLatency by TargetGroup\n| order by MaximumClientLatency", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| (RequestProcessingTime+TargetProcessingTime+ResponseProcessingTime) as ClientLatency\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| avg(ClientLatency) as AverageClientLatency, max(ClientLatency) as MaximumClientLatency by TargetGroup\n| order by MaximumClientLatency", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1636,22 +1511,19 @@ "id": null, "key": "panelpane-3ebb85e685bf1b4f", "title": "Max and Average Target Processing Time by Target Group", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"column\"},\"legend\":{\"enabled\":false},\"axes\":{\"axisY\":{\"title\":\"Latency\"}},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"column\"},\"legend\":{\"enabled\":false},\"axes\":{\"axisY\":{\"title\":\"Latency\"}},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| avg(TargetProcessingTime) as AverageTargetProcessingTime, max(TargetProcessingTime) as MaximumTargetProcessingTime by TargetGroup\n| order by MaximumTargetProcessingTime\n\n\n", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| avg(TargetProcessingTime) as AverageTargetProcessingTime, max(TargetProcessingTime) as MaximumTargetProcessingTime by TargetGroup\n| order by MaximumTargetProcessingTime\n\n\n", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1663,22 +1535,19 @@ "id": null, "key": "panelpane-c1ca3098892bea40", "title": "Average Total Client Latency Over Time by Target Group", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"area\"},\"axes\":{\"axisY\":{\"title\":\"Latency\"}},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"area\"},\"axes\":{\"axisY\":{\"title\":\"Latency\"}},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| (RequestProcessingTime+TargetProcessingTime+ResponseProcessingTime) as ClientLatency\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice 1m\n| avg(ClientLatency) as AverageClientLatency by TargetGroup ,_timeslice\n| transpose row _timeslice column TargetGroup\n\n", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| (RequestProcessingTime+TargetProcessingTime+ResponseProcessingTime) as ClientLatency\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice 1m\n| avg(ClientLatency) as AverageClientLatency by TargetGroup ,_timeslice\n| transpose row _timeslice column TargetGroup\n\n", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1690,22 +1559,19 @@ "id": null, "key": "panelpane-c301d958990e694d", "title": "Average Target Processing Time Over Time by Target Group", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"area\"},\"axes\":{\"axisY\":{\"title\":\"Latency\"}},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"area\"},\"axes\":{\"axisY\":{\"title\":\"Latency\"}},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| avg(TargetProcessingTime) as AverageTargetProcessingTime by _timeslice, TargetGroup\n| transpose row _timeslice column TargetGroup", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| avg(TargetProcessingTime) as AverageTargetProcessingTime by _timeslice, TargetGroup\n| transpose row _timeslice column TargetGroup", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1766,11 +1632,11 @@ { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/applicationelb", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/applicationelb", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, @@ -1794,23 +1660,20 @@ "valueType": "Any" } ], - "coloringRules": [], - "schedules": null + "coloringRules": [] }, { "type": "DashboardV2SyncDefinition", "name": "4. AWS Application Load Balancer - Latency Details", "description": "See the details of latency in your application load balancer including the average and maximum request and response processing time, by target group and ELB server.", "title": "4. AWS Application Load Balancer - Latency Details", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { "loadbalancer": [ "*" ], - "a023e85ba9e208b1e98ac2249da71c5c": [ - "*" - ], "namespace": [ "aws/applicationelb" ], @@ -1895,17 +1758,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| avg(RequestProcessingTime) as a1, avg(TargetProcessingTime) as a2,avg(ResponseProcessingTime) as a3 by _timeslice, Domain \n| (a1+a2+a3) as TotalProcessTime\n| fields _timeslice, Domain, TotalProcessTime \n| transpose row _timeslice column Domain\n", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| avg(RequestProcessingTime) as a1, avg(TargetProcessingTime) as a2,avg(ResponseProcessingTime) as a3 by _timeslice, Domain \n| (a1+a2+a3) as TotalProcessTime\n| fields _timeslice, Domain, TotalProcessTime \n| transpose row _timeslice column Domain\n", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1922,17 +1782,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| avg(RequestProcessingTime) as a1, avg(TargetProcessingTime) as a2,avg(ResponseProcessingTime) as a3 by _timeslice, loadbalancer \n| (a1+a2+a3) as TotalProcessTime\n| fields _timeslice, loadbalancer, TotalProcessTime \n| transpose row _timeslice column loadbalancer\n", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| avg(RequestProcessingTime) as a1, avg(TargetProcessingTime) as a2,avg(ResponseProcessingTime) as a3 by _timeslice, loadbalancer \n| (a1+a2+a3) as TotalProcessTime\n| fields _timeslice, loadbalancer, TotalProcessTime \n| transpose row _timeslice column loadbalancer\n", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1944,22 +1801,19 @@ "id": null, "key": "panelpane-9ce61eae9fc92848", "title": "Events - Average Request Processing Time by ELB Server", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\"},\"axes\":{\"axisY\":{\"title\":\"Time\"}},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\"},\"axes\":{\"axisY\":{\"title\":\"Time\"}},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| avg(RequestProcessingTime) as AverageRequestProcessingTime by _timeslice, loadbalancer\n| transpose row _timeslice column loadbalancer", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| avg(RequestProcessingTime) as AverageRequestProcessingTime by _timeslice, loadbalancer\n| transpose row _timeslice column loadbalancer", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1971,22 +1825,19 @@ "id": null, "key": "panelpane-6fda9ea0b259db4f", "title": "Events - Average Response Processing Time by ELB Server", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\"},\"axes\":{\"axisY\":{\"title\":\"Time\"}},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\"},\"axes\":{\"axisY\":{\"title\":\"Time\"}},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| avg(ResponseProcessingTime) as AverageResponseProcessingTime by _timeslice, loadbalancer\n| transpose row _timeslice column loadbalancer\n", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| avg(ResponseProcessingTime) as AverageResponseProcessingTime by _timeslice, loadbalancer\n| transpose row _timeslice column loadbalancer\n", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1998,22 +1849,19 @@ "id": null, "key": "panelpane-256726aaafcdba4d", "title": "Events - Average Request Processing Time by Target Group", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\"},\"axes\":{\"axisY\":{\"title\":\"Time\"}},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\"},\"axes\":{\"axisY\":{\"title\":\"Time\"}},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| avg(RequestProcessingTime) as AverageRequestProcessingTime by _timeslice, TargetGroup\n| transpose row _timeslice column TargetGroup\n", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| avg(RequestProcessingTime) as AverageRequestProcessingTime by _timeslice, TargetGroup\n| transpose row _timeslice column TargetGroup\n", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2030,17 +1878,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| max(RequestProcessingTime) as MaximumRequestProcessingTime by _timeslice, loadbalancer\n| transpose row _timeslice column loadbalancer\n", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| max(RequestProcessingTime) as MaximumRequestProcessingTime by _timeslice, loadbalancer\n| transpose row _timeslice column loadbalancer\n", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2057,17 +1902,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| timeslice by 1m\n| max(ResponseProcessingTime) as MaximumResponseProcessingTime by _timeslice, loadbalancer\n| transpose row _timeslice column loadbalancer\n", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -2084,17 +1926,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| avg(RequestProcessingTime) as a1, avg(TargetProcessingTime) as a2,avg(ResponseProcessingTime) as a3 by uri\n| (a1+a2+a3) as TotalProcessTime\n| fields URI, TotalProcessTime \n| sort by TotalProcessTime \n| limit 20\n\n", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| avg(RequestProcessingTime) as a1, avg(TargetProcessingTime) as a2,avg(ResponseProcessingTime) as a3 by uri\n| (a1+a2+a3) as TotalProcessTime\n| fields URI, TotalProcessTime \n| sort by TotalProcessTime \n| limit 20\n\n", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2106,22 +1945,19 @@ "id": null, "key": "panelPANE-BCC4A01F93DBD84C", "title": "Events - Average Response Processing Time by Target Group", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Time\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Time\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| avg(ResponseProcessingTime) as AverageResponseProcessingTime by _timeslice, TargetGroup\n| transpose row _timeslice column TargetGroup\n", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n| where RequestProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and TargetProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and ResponseProcessingTime matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n// Need to filter out logs where request_processing_time, target_processing_time, or response_processing_time are -1\n// This means the load balancer can't dispatch the request to a target\n| timeslice by 1m\n| avg(ResponseProcessingTime) as AverageResponseProcessingTime by _timeslice, TargetGroup\n| transpose row _timeslice column TargetGroup\n", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2164,11 +2000,11 @@ { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/applicationelb", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/applicationelb", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, @@ -2192,23 +2028,20 @@ "valueType": "Any" } ], - "coloringRules": [], - "schedules": null + "coloringRules": [] }, { "type": "DashboardV2SyncDefinition", "name": "5. AWS Application Load Balancer - Connections and Host Status", "description": "See the details of request and host status including the average unhealthy host count, and healthy host count by target group, availability zone, and load balancer, and request count, outliers in requests by backend, and requests by target.", "title": "5. AWS Application Load Balancer - Connections and Host Status", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { "loadbalancer": [ "*" ], - "a023e85ba9e208b1e98ac2249da71c5c": [ - "*" - ], "namespace": [ "aws/applicationelb" ], @@ -2292,17 +2125,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} metric=UnHealthyHostCount Statistic=Average AvailabilityZone=* TargetGroup=* | parse field= TargetGroup */* as Unused, TargetGroup | sum by account, region, namespace, loadbalancer, AvailabilityZone, TargetGroup ", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -2319,17 +2149,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} metric=TargetConnectionErrorCount Statistic=Sum AvailabilityZone=* TargetGroup=* | sum by account, region, namespace, loadbalancer, AvailabilityZone, TargetGroup", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -2341,22 +2168,19 @@ "id": null, "key": "panelpane-b0dcb7ce9acff84d", "title": "Active Connections", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Count\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{loadbalancer}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Count\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{loadbalancer}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} AvailabilityZone=* metric=ActiveConnectionCount Statistic=Sum | sum by account, region, namespace, loadbalancer", + "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} metric=ActiveConnectionCount Statistic=Sum | sum by account, region, namespace, loadbalancer", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2368,22 +2192,19 @@ "id": null, "key": "panelpane-0a6b3b1a8e6f2a4d", "title": "New Connections", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Count\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{loadbalancer}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Count\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{loadbalancer}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} AvailabilityZone=* metric= NewConnectionCount Statistic=Sum | sum by account, region, namespace, loadbalancer", + "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} metric= NewConnectionCount Statistic=Sum | sum by account, region, namespace, loadbalancer", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2400,17 +2221,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} AvailabilityZone=* metric=RejectedConnectionCount Statistic=Sum | sum by account, region, namespace, loadbalancer, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -2463,17 +2281,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} metric=ClientTLSNegotiationErrorCount Statistic=Sum AvailabilityZone=* | sum by account, region, namespace, loadbalancer, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -2490,17 +2305,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} metric=TargetTLSNegotiationErrorCount Statistic=Sum AvailabilityZone=* TargetGroup=* | sum by account, region, namespace, loadbalancer, AvailabilityZone, TargetGroup", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -2517,17 +2329,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} metric=HealthyHostCount Statistic=Average AvailabilityZone=* TargetGroup=* | parse field= TargetGroup */* as Unused, TargetGroup | sum by account, region, namespace, loadbalancer, AvailabilityZone, TargetGroup ", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -2570,11 +2379,11 @@ { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/applicationelb", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/applicationelb", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, @@ -2598,23 +2407,20 @@ "valueType": "Any" } ], - "coloringRules": [], - "schedules": null + "coloringRules": [] }, { "type": "DashboardV2SyncDefinition", "name": "6. AWS Application Load Balancer - Requests and Processed Bytes", "description": "See the details of requests and Processed bytes for your application load balancer.", "title": "6. AWS Application Load Balancer - Requests and Processed Bytes", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { "loadbalancer": [ "*" ], - "a023e85ba9e208b1e98ac2249da71c5c": [ - "*" - ], "namespace": [ "aws/applicationelb" ], @@ -2690,17 +2496,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Target \"*:*\" as TargetIp, TargetPort nodrop\n// Parse all fields above, then aggregate\n| timeslice 1m \n| count by _timeslice, TargetIp\n| outlier _count by TargetIp threshold=2, direction=- \n| where (_count_violation=1) and (_count_indicator=1)\n| fields _timeslice, TargetIp, _count \n| transpose row _timeslice column TargetIp", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -2717,17 +2520,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Target \"*:*\" as TargetIp, TargetPort nodrop\n// Parse all fields above, then aggregate\n| timeslice 1m \n| count by _timeslice, TargetIp\n| outlier _count by TargetIp threshold=2, direction=+ \n| where (_count_violation=1) and (_count_indicator=1) and !isEmpty(TargetIp)\n| fields _timeslice, TargetIp, _count \n| transpose row _timeslice column TargetIp", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -2744,17 +2544,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n// Parse all fields above, then aggregate\n| timeslice 1m \n| count by _timeslice, TargetGroup\n| outlier _count by TargetGroup threshold=2, direction=+ \n| where (_count_violation=1) and (_count_indicator=1)\n| fields _timeslice, TargetGroup, _count \n| transpose row _timeslice column TargetGroup", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n// Parse all fields above, then aggregate\n| timeslice 1m \n| count by _timeslice, TargetGroup\n| outlier _count by TargetGroup threshold=2, direction=+ \n| where (_count_violation=1) and (_count_indicator=1)\n| fields _timeslice, TargetGroup, _count \n| transpose row _timeslice column TargetGroup", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -2771,17 +2568,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:*:elasticloadbalancing:*:*:*\" as arn_part, AwsRegion, AccountId, TargetGroup nodrop\n// Parse all fields above, then aggregate\n| timeslice 1m \n| count by _timeslice, TargetGroup\n| outlier _count by TargetGroup threshold=2, direction=+ \n| where (_count_violation=1) and (_count_indicator=1)\n| fields _timeslice, TargetGroup, _count \n| transpose row _timeslice column TargetGroup", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=TargetGroupArn \"arn:aws:elasticloadbalancing:*:*:*\" as AwsRegion, AccountId, TargetGroup nodrop\n// Parse all fields above, then aggregate\n| timeslice 1m \n| count by _timeslice, TargetGroup\n| outlier _count by TargetGroup threshold=2, direction=+ \n| where (_count_violation=1) and (_count_indicator=1)\n| fields _timeslice, TargetGroup, _count \n| transpose row _timeslice column TargetGroup", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -2798,17 +2592,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} metric= RequestCount AvailabilityZone=* TargetGroup=* statistic=sum | sum by account, region, namespace, loadbalancer, TargetGroup", + "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} metric= RequestCount TargetGroup=* statistic=sum | sum by account, region, namespace, loadbalancer, TargetGroup", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -2820,22 +2611,19 @@ "id": null, "key": "panel9C8F307FA318284A", "title": "Processed Bytes", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{loadbalancer}} \"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Count\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{loadbalancer}} \"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} metric=ProcessedBytes AvailabilityZone=* Statistic=Sum | sum by account, region, namespace, loadbalancer", + "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancer={{loadbalancer}} metric=ProcessedBytes Statistic=Sum | sum by account, region, namespace, loadbalancer", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2870,17 +2658,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Target \"*:*\" as TargetIp, TargetPort nodrop\n// Parse all fields above, then aggregate\n| timeslice 1m \n| sum(ReceivedBytes) as ReceivedBytes by _timeslice", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -2897,17 +2682,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Target \"*:*\" as TargetIp, TargetPort nodrop\n// Parse all fields above, then aggregate\n| timeslice 1m \n| sum(SentBytes) as SentBytes by _timeslice", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -2950,11 +2732,11 @@ { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/applicationelb", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/applicationelb", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, @@ -2978,23 +2760,20 @@ "valueType": "Any" } ], - "coloringRules": [], - "schedules": null + "coloringRules": [] }, { "type": "DashboardV2SyncDefinition", "name": "7. AWS Application Load Balancer - Threat Intel", "description": "See the details of IP threats including the count, location, and highly malicious IP threats.", "title": "7. AWS Application Load Balancer - Threat Intel", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { "loadbalancer": [ "*" ], - "a023e85ba9e208b1e98ac2249da71c5c": [ - "*" - ], "namespace": [ "aws/applicationelb" ], @@ -3054,17 +2833,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp\n| where !isNull(MaliciousConfidence) \n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as threat_count", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and !isNull(MaliciousConfidence)\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as threat_count", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -3081,17 +2857,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| where MaliciousConfidence=\"high\"\n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by ClientIp, MaliciousConfidence, Actor, LabelName\n| sort by ThreatCount", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and MaliciousConfidence=\"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by ClientIp, MaliciousConfidence, Actor, LabelName\n| sort by ThreatCount", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -3108,17 +2881,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| where !isNull(MaliciousConfidence)\n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by ClientIp, MaliciousConfidence, Actor, LabelName\n| sort by MaliciousConfidence", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and !isNull(MaliciousConfidence)\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by ClientIp, MaliciousConfidence, Actor, LabelName\n| sort by MaliciousConfidence", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -3130,22 +2900,19 @@ "id": null, "key": "panelpane-c605d948852ffb48", "title": "Malicious Confidence", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| count as Count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp\n| where !isNull(MaliciousConfidence) \n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| count by MaliciousConfidence\n| sort by _count", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| count as Count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and !isNull(MaliciousConfidence)\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| count by MaliciousConfidence\n| sort by _count", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -3162,17 +2929,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as Count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp\n| where !isNull(MaliciousConfidence) \n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| count by ClientIp\n| lookup latitude, longitude from geo://location on ip = ClientIp\n| count by latitude, longitude\n| where !isnull(latitude)", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as Count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and !isNull(MaliciousConfidence)\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| count by ClientIp\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = ClientIp\n| count by latitude, longitude, country_code, country_name, region, city, postal_code\n| where !isnull(latitude)", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -3189,17 +2953,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp, URI\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| where MaliciousConfidence=\"high\"\n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| count(ip_count) as UniqueThreatIPs by URI\n| top 20 URI by UniqueThreatIPs, URI asc", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| where tolowercase(loadbalancer) matches tolowercase(\"{{loadbalancer}}\")\n| parse field=Request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp, URI\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and MaliciousConfidence=\"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| count(ip_count) as UniqueThreatIPs by URI\n| top 20 URI by UniqueThreatIPs, URI asc", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -3242,11 +3003,11 @@ { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/applicationelb", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/applicationelb", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, @@ -3270,520 +3031,7 @@ "valueType": "Any" } ], - "coloringRules": [], - "schedules": null - }, - { - "type": "DashboardV2SyncDefinition", - "name": "8. AWS Application Load Balancer - CloudTrail Audit", - "description": "See the details of CloudTrail Logs. It visualizes successful and failed events globally, event trends, error details, and user activities, offering insights into load balancer performance, security, and usage patterns.", - "title": "8. AWS Application Load Balancer - CloudTrail Audit", - "theme": "Light", - "topologyLabelMap": { - "data": { - "loadbalancer": [ - "*" - ], - "a023e85ba9e208b1e98ac2249da71c5c": [ - "*" - ], - "namespace": [ - "aws/applicationelb" - ], - "9922f1b450f22700f7995573ff435a24": [ - "*" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panel04C58849BF85EA40", - "structure": "{\"height\":6,\"width\":19,\"x\":5,\"y\":23}" - }, - { - "key": "panel08DA60FCB6CBA94F", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":16}" - }, - { - "key": "panel13A28BCF9195784A", - "structure": "{\"height\":9,\"width\":12,\"x\":12,\"y\":0}" - }, - { - "key": "panel554DCC97A661E840", - "structure": "{\"height\":7,\"width\":19,\"x\":5,\"y\":16}" - }, - { - "key": "panel63133FE7966C3B44", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":9}" - }, - { - "key": "panel81CB1F119E659A4D", - "structure": "{\"height\":7,\"width\":7,\"x\":5,\"y\":9}" - }, - { - "key": "panel8295225DA9487941", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":29}" - }, - { - "key": "panel8BD78A42A42E2941", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":23}" - }, - { - "key": "panel9724CE95BF93284E", - "structure": "{\"height\":9,\"width\":12,\"x\":0,\"y\":0}" - }, - { - "key": "panelA3841CC48DC37A4E", - "structure": "{\"height\":7,\"width\":9,\"x\":5,\"y\":29}" - }, - { - "key": "panelEB163726B40EDB42", - "structure": "{\"height\":7,\"width\":10,\"x\":14,\"y\":29}" - }, - { - "key": "panelFA76DDA1858D6941", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":36}" - }, - { - "key": "panelPANE-7B135CE68C4DE94E", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":9}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel04C58849BF85EA40", - "title": "Successful Event Details", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"table\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"2015-12-01\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\", \"apiVersion\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\"\n| where namespace matches \"{{namespace}}\" or isEmpty(namespace)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"name\", \"type\", \"loadBalancerArn\", \"listenerArn\" as req_name, req_type, req_lb_arn, req_listener_arn nodrop\n| parse regex field=req_lb_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| parse regex field=req_listener_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| req_name as loadbalancer \n| if (!isEmpty(loadbalancer), loadbalancer, name_from_lb_arn) as loadbalancer\n| if (!isEmpty(loadbalancer), loadbalancer, name_from_listener_arn) as loadbalancer\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where tolowercase(loadbalancer) matches \"{{loadbalancer}}\" or isBlank(loadbalancer)\n| where req_type != \"network\"\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| where event_status=\"Success\"\n| if (isEmpty(username), user, username) as user\n| timeslice 1s\n| count as event_count by _timeslice, event_name, region, src_ip, accountid, user, type, request_id, loadbalancer, user_agent\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel08DA60FCB6CBA94F", - "title": "Error Events by Event Name", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"innerRadius\":\"30%\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"errorCode\" \"2015-12-01\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\", \"apiVersion\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\" and !isBlank(error_code)\n| where namespace matches \"{{namespace}}\" or isEmpty(namespace)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"name\", \"type\", \"loadBalancerArn\", \"listenerArn\" as req_name, req_type, req_lb_arn, req_listener_arn nodrop\n| parse regex field=req_lb_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| parse regex field=req_listener_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| req_name as loadbalancer \n| if (!isEmpty(loadbalancer), loadbalancer, name_from_lb_arn) as loadbalancer\n| if (!isEmpty(loadbalancer), loadbalancer, name_from_listener_arn) as loadbalancer\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where tolowercase(loadbalancer) matches \"{{loadbalancer}}\" or isBlank(loadbalancer)\n| where req_type != \"network\"\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| where event_status = \"Failure\"\n| if (isEmpty(username), user, username) as user\n| count as event_count by event_name\n| sort by event_count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel13A28BCF9195784A", - "title": "Failure Events Location", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"2015-12-01\" errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\", \"apiVersion\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\" and !isBlank(error_code) and !(src_ip matches \"*.amazonaws.com\")\n| where namespace matches \"{{namespace}}\" or isEmpty(namespace)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"name\", \"type\", \"loadBalancerArn\", \"listenerArn\" as req_name, req_type, req_lb_arn, req_listener_arn nodrop\n| parse regex field=req_lb_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| parse regex field=req_listener_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| req_name as loadbalancer \n| if (!isEmpty(loadbalancer), loadbalancer, name_from_lb_arn) as loadbalancer\n| if (!isEmpty(loadbalancer), loadbalancer, name_from_listener_arn) as loadbalancer\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where tolowercase(loadbalancer) matches \"{{loadbalancer}}\"\n| where req_type != \"network\"\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| where event_status = \"Failure\"\n| if (isEmpty(username), user, username) as user\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isNull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel554DCC97A661E840", - "title": "Error Event Details", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"table\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"errorCode\" \"2015-12-01\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\", \"apiVersion\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\" and !isBlank(error_code)\n| where namespace matches \"{{namespace}}\" or isEmpty(namespace)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"name\", \"type\", \"loadBalancerArn\", \"listenerArn\" as req_name, req_type, req_lb_arn, req_listener_arn nodrop\n| parse regex field=req_lb_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| parse regex field=req_listener_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| req_name as loadbalancer \n| if (!isEmpty(loadbalancer), loadbalancer, name_from_lb_arn) as loadbalancer\n| if (!isEmpty(loadbalancer), loadbalancer, name_from_listener_arn) as loadbalancer\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where tolowercase(loadbalancer) matches \"{{loadbalancer}}\" or isBlank(loadbalancer)\n| where req_type != \"network\"\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| where event_status = \"Failure\"\n| if (isEmpty(username), user, username) as user\n| timeslice 1s\n| count as event_count by _timeslice, event_name, error_code, error_message, region, src_ip, accountid, user, type, request_id, loadbalancer, user_agent\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel63133FE7966C3B44", - "title": "Top 10 Error Codes", - "visualSettings": "{\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Light\"},\"overrides\":[],\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"title\":\"Error Code\",\"hideLabels\":false},\"axisY\":{\"title\":\"Event Count\"}},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"errorCode\" \"2015-12-01\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\", \"apiVersion\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\" and !isBlank(error_code)\n| where namespace matches \"{{namespace}}\" or isEmpty(namespace)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"name\", \"type\", \"loadBalancerArn\", \"listenerArn\" as req_name, req_type, req_lb_arn, req_listener_arn nodrop\n| parse regex field=req_lb_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| parse regex field=req_listener_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| req_name as loadbalancer \n| if (!isEmpty(loadbalancer), loadbalancer, name_from_lb_arn) as loadbalancer\n| if (!isEmpty(loadbalancer), loadbalancer, name_from_listener_arn) as loadbalancer\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where tolowercase(loadbalancer) matches \"{{loadbalancer}}\" or isBlank(loadbalancer)\n| where req_type != \"network\"\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| where event_status = \"Failure\"\n| if (isEmpty(username), user, username) as user\n| count as event_count by error_code \n| top 10 error_code by event_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel81CB1F119E659A4D", - "title": "Top 10 Users with Highest Failure", - "visualSettings": "{\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Light\"},\"legend\":{\"enabled\":false},\"overrides\":[],\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"title\":\"User\",\"hideLabels\":false},\"axisY\":{\"title\":\"Event Count\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" errorCode \"2015-12-01\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\", \"apiVersion\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\" and !isBlank(error_code)\n| where namespace matches \"{{namespace}}\" or isEmpty(namespace)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"name\", \"type\", \"loadBalancerArn\", \"listenerArn\" as req_name, req_type, req_lb_arn, req_listener_arn nodrop\n| parse regex field=req_lb_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| parse regex field=req_listener_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| req_name as loadbalancer \n| if (!isEmpty(loadbalancer), loadbalancer, name_from_lb_arn) as loadbalancer\n| if (!isEmpty(loadbalancer), loadbalancer, name_from_listener_arn) as loadbalancer\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where tolowercase(loadbalancer) matches \"{{loadbalancer}}\" or isBlank(loadbalancer)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| where event_status = \"Failure\"\n| if (isEmpty(username), user, username) as user\n| count as event_count by user\n| top 10 user by event_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8295225DA9487941", - "title": "Event by Status", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"innerRadius\":\"30%\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"2015-12-01\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\", \"apiVersion\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\"\n| where namespace matches \"{{namespace}}\" or isEmpty(namespace)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"name\", \"type\", \"loadBalancerArn\", \"listenerArn\" as req_name, req_type, req_lb_arn, req_listener_arn nodrop\n| parse regex field=req_lb_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| parse regex field=req_listener_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| req_name as loadbalancer \n| if (!isEmpty(loadbalancer), loadbalancer, name_from_lb_arn) as loadbalancer\n| if (!isEmpty(loadbalancer), loadbalancer, name_from_listener_arn) as loadbalancer\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where tolowercase(loadbalancer) matches \"{{loadbalancer}}\" or isBlank(loadbalancer)\n| where req_type != \"network\"\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count by event_status\n| sort by _count, event_status asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8BD78A42A42E2941", - "title": "Successful Events by Event Name", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"innerRadius\":\"30%\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"2015-12-01\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\", \"apiVersion\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\"\n| where namespace matches \"{{namespace}}\" or isEmpty(namespace)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"name\", \"type\", \"loadBalancerArn\", \"listenerArn\" as req_name, req_type, req_lb_arn, req_listener_arn nodrop\n| parse regex field=req_lb_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| parse regex field=req_listener_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| req_name as loadbalancer \n| if (!isEmpty(loadbalancer), loadbalancer, name_from_lb_arn) as loadbalancer\n| if (!isEmpty(loadbalancer), loadbalancer, name_from_listener_arn) as loadbalancer\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where tolowercase(loadbalancer) matches \"{{loadbalancer}}\" or isBlank(loadbalancer)\n| where req_type != \"network\"\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| where event_status= \"Success\"\n| if (isEmpty(username), user, username) as user\n| count as event_count by event_name\n| sort by event_count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel9724CE95BF93284E", - "title": "Successful Events Location", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" !errorCode \"2015-12-01\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\", \"apiVersion\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\" and isBlank(error_code) and !(src_ip matches \"*.amazonaws.com\")\n| where namespace matches \"{{namespace}}\" or isEmpty(namespace)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"name\", \"type\", \"loadBalancerArn\", \"listenerArn\" as req_name, req_type, req_lb_arn, req_listener_arn nodrop\n| parse regex field=req_lb_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| parse regex field=req_listener_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| req_name as loadbalancer \n| if (!isEmpty(loadbalancer), loadbalancer, name_from_lb_arn) as loadbalancer\n| if (!isEmpty(loadbalancer), loadbalancer, name_from_listener_arn) as loadbalancer\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where tolowercase(loadbalancer) matches \"{{loadbalancer}}\"\n| where req_type != \"network\"\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| where event_status = \"Success\"\n| if (isEmpty(username), user, username) as user\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isNull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA3841CC48DC37A4E", - "title": "Event Trend by Status", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\",\"displayType\":\"stacked\"},\"series\":{\"A_Failure\":{\"visible\":true},\"A_Success\":{\"visible\":true}},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"2015-12-01\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\", \"apiVersion\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\"\n| where namespace matches \"{{namespace}}\" or isEmpty(namespace)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"name\", \"type\", \"loadBalancerArn\", \"listenerArn\" as req_name, req_type, req_lb_arn, req_listener_arn nodrop\n| parse regex field=req_lb_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| parse regex field=req_listener_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| req_name as loadbalancer \n| if (!isEmpty(loadbalancer), loadbalancer, name_from_lb_arn) as loadbalancer\n| if (!isEmpty(loadbalancer), loadbalancer, name_from_listener_arn) as loadbalancer\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where tolowercase(loadbalancer) matches \"{{loadbalancer}}\" or isBlank(loadbalancer)\n| where req_type != \"network\"\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| timeslice 1h\n| count by _timeslice, event_status\n| fillmissing timeslice(1d), values (\"Success\", \"Failure\") in event_status\n| transpose row _timeslice column event_status", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelEB163726B40EDB42", - "title": "Top 10 Active Users/ Roles", - "visualSettings": "{\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Light\"},\"legend\":{\"enabled\":false},\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"title\":\"User\",\"hideLabels\":false},\"axisY\":{\"title\":\"Event Count\"}},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"2015-12-01\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\", \"apiVersion\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\"\n| where namespace matches \"{{namespace}}\" or isEmpty(namespace)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"name\", \"type\", \"loadBalancerArn\", \"listenerArn\" as req_name, req_type, req_lb_arn, req_listener_arn nodrop\n| parse regex field=req_lb_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| parse regex field=req_listener_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| req_name as loadbalancer \n| if (!isEmpty(loadbalancer), loadbalancer, name_from_lb_arn) as loadbalancer\n| if (!isEmpty(loadbalancer), loadbalancer, name_from_listener_arn) as loadbalancer\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where tolowercase(loadbalancer) matches \"{{loadbalancer}}\" or isBlank(loadbalancer)\n| where req_type != \"network\"\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as event_count by user\n| top 10 user by event_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelFA76DDA1858D6941", - "title": "Event Names Trend", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\",\"displayType\":\"stacked\"},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"2015-12-01\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\", \"apiVersion\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\"\n| where namespace matches \"{{namespace}}\" or isEmpty(namespace)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"name\", \"type\", \"loadBalancerArn\", \"listenerArn\" as req_name, req_type, req_lb_arn, req_listener_arn nodrop\n| parse regex field=req_lb_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| parse regex field=req_listener_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| req_name as loadbalancer \n| if (!isEmpty(loadbalancer), loadbalancer, name_from_lb_arn) as loadbalancer\n| if (!isEmpty(loadbalancer), loadbalancer, name_from_listener_arn) as loadbalancer\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where tolowercase(loadbalancer) matches \"{{loadbalancer}}\" or isBlank(loadbalancer)\n| where req_type != \"network\"\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| timeslice 1h\n| count as event_count by _timeslice, event_name\n| transpose row _timeslice column event_name\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-7B135CE68C4DE94E", - "title": "Disruptive Events", - "visualSettings": "{\"series\":{},\"overrides\":[],\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"2015-12-01\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\", \"apiVersion\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message, api_version nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and api_version matches \"2015-12-01\"\n| where namespace matches \"{{namespace}}\" or isEmpty(namespace)\n| where event_name matches \"Create*\" or event_name matches \"Delete*\"\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"name\", \"type\", \"loadBalancerArn\", \"listenerArn\" as req_name, req_type, req_lb_arn, req_listener_arn nodrop\n| parse regex field=req_lb_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| parse regex field=req_listener_arn \"(?:app)\\/(?[^\\/]+)\" nodrop\n| req_name as loadbalancer \n| if (!isEmpty(loadbalancer), loadbalancer, name_from_lb_arn) as loadbalancer\n| if (!isEmpty(loadbalancer), loadbalancer, name_from_listener_arn) as loadbalancer\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where tolowercase(loadbalancer) matches \"{{loadbalancer}}\" or isBlank(loadbalancer)\n| where req_type != \"network\"\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as freq by event_name, loadbalancer, user, event_status\n| sort by freq, event_name, loadbalancer, user", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account=*", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region=*", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/applicationelb", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/applicationelb", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": false, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "loadbalancer", - "displayName": "loadbalancer", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "loadbalancer=* account={{account}} region={{region}} namespace={{namespace}}", - "key": "loadbalancer" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [], - "schedules": null + "coloringRules": [] } ] } \ No newline at end of file diff --git a/terraform-sumologic-aws-observability/examples/aws-observability/json/Alerts-App.json b/terraform-sumologic-aws-observability/examples/aws-observability/json/Alerts-App.json new file mode 100644 index 00000000..2ecae908 --- /dev/null +++ b/terraform-sumologic-aws-observability/examples/aws-observability/json/Alerts-App.json @@ -0,0 +1,1701 @@ +{ + "name": "AWS Observability", + "description": "", + "type": "MonitorsLibraryFolderExport", + "children": [ + { + "name": "AWS API Gateway - High Latency", + "description": "This alert fires when we detect that the average latency for a given API Gateway is greater than or equal to one second for 5 minutes.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/apigateway metric=Latency statistic=Average account=* region=* apiname=* | avg by apiname, namespace, region, account" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 1000, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 1000, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "Amazon Elasticache - High Engine CPU Utilization", + "description": "This alert fires when the average CPU utilization for the Redis engine process within a 5 minute interval is high (>=90%). For larger node types with four vCPUs or more, use the EngineCPUUtilization metric to monitor and set thresholds for scaling.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/elasticache metric=EngineCPUUtilization statistic=Average account=* region=* CacheClusterId=* CacheNodeId=* | avg by CacheClusterId, CacheNodeId, account, region, namespace" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 90, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 90, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS EC2 - High Memory Utilization", + "description": "This alert fires when the average memory utilization within a 5 minute interval for an EC2 instance is high (>=85%).", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/ec2 metric=Mem_UsedPercent account=* region=* instanceid=* | avg by account, region, namespace, instanceid" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 85, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 85, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "Amazon Elasticache - Low Redis Cache Hit Rate", + "description": "This alert fires when the average cache hit rate for Redis within a 5 minute interval is low (<= 80%). This indicates low efficiency of the Redis instance. If cache ratio is lower than 80%, that indicates a significant amount of keys are either evicted, expired, or don't exist.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/elasticache metric=CacheHitRate statistic=Average account=* region=* CacheClusterId=* CacheNodeId=* | avg by account, region, namespace, CacheClusterId, CacheNodeId" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 80, + "thresholdType": "LessThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 80, + "thresholdType": "GreaterThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS API Gateway - High 5XX Errors", + "description": "This alert fires where there are too many HTTP requests (>5%) with a response status of 5xx within an interval of 5 minutes.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/apigateway metric=5xxError Statistic=Sum account=* region=* apiname=* | sum by apiname, account, region, namespace" + }, + { + "rowId": "B", + "query": "Namespace=aws/apigateway metric=count Statistic=Sum account=* region=* apiname=* | sum by apiname, account, region, namespace" + }, + { + "rowId": "C", + "query": "#A * 100 / #B along account, region, namespace" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS Application Load Balancer - High Latency", + "description": "This alert fires when we detect that the average latency for a given Application load balancer within a time interval of 5 minutes is greater than or equal to three seconds.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/applicationelb metric=TargetResponseTime Statistic=Average account=* region=* loadbalancer=* | eval(_value*1000) | sum by account, region, namespace, loadbalancer" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 3000, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 3000, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "Amazon ECS - High Memory Utilization", + "description": "This alert fires when the average memory utilization within a 5 minute interval for a service within a cluster is high (>=85%).", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/ecs metric=MemoryUtilization statistic=Average account=* region=* ClusterName=* ServiceName=* | avg by ClusterName, ServiceName, account, region, namespace" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 85, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 85, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "Amazon RDS - High Write Latency", + "description": "This alert fires when the average write latency of a database within a 5 minute interval is high (>=5 seconds) . High write latencies will affect the performance of your application.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/rds metric=WriteLatency statistic=Average account=* region=* dbidentifier=* | avg by dbidentifier, namespace, region, account" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS Application Load Balancer - High 4XX Errors", + "description": "This alert fires where there are too many HTTP requests (>5%) with a response status of 4xx within an interval of 5 minutes.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/applicationelb metric=HTTPCode_ELB_4XX_Count Statistic=Sum account=* region=* loadbalancer=* | sum by loadbalancer, account, region, namespace" + }, + { + "rowId": "B", + "query": "Namespace=aws/applicationelb metric=RequestCount Statistic=Sum account=* region=* loadbalancer=* | sum by loadbalancer, account, region, namespace" + }, + { + "rowId": "C", + "query": "#A * 100 / #B along loadbalancer, account, region, namespace" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "Amazon RDS - Low Burst Balance", + "description": "This alert fires when we observe a low burst balance (<= 50%) for a given database. A low burst balance indicates you won't be able to scale up as fast for burstable database workloads on gp2 volumes.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/rds metric=BurstBalance statistic=Average account=* region=* dbidentifier=* | avg by dbidentifier, namespace, region, account" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 50, + "thresholdType": "LessThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 50, + "thresholdType": "GreaterThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS Classic Load Balancer - Access from Highly Malicious Sources", + "description": "This alert fires when the Classic load balancer is accessed from highly malicious IP addresses within last 5 minutes.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Logs", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "account=* region=* namespace=aws/elb\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp, loadbalancername, account, region, namespace\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and MaliciousConfidence=\"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by ClientIp, loadbalancername, account, region, namespace, MaliciousConfidence, Actor, LabelName" + } + ], + "triggers": [ + { + "detectionMethod": "LogsStaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 0, + "thresholdType": "GreaterThan", + "field": "" + }, + { + "detectionMethod": "LogsStaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 0, + "thresholdType": "LessThanOrEqual", + "field": "" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": true, + "playbook": "" + }, + { + "name": "AWS Classic Load Balancer - High 5XX Errors", + "description": "This alert fires where there are too many HTTP requests (>5%) with a response status of 5xx within an interval of 5 minutes.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/elb metric=HTTPCode_ELB_5XX Statistic=Sum account=* region=* loadbalancername=* | sum by loadbalancername, account, region, namespace" + }, + { + "rowId": "B", + "query": "Namespace=aws/elb metric=RequestCount Statistic=Sum account=* region=* loadbalancername=* | sum by loadbalancername, account, region, namespace" + }, + { + "rowId": "C", + "query": "#A * 100 / #B along loadbalancername, account, region, namespace" + } + ], + "triggers": [ + { + "detectionMethod": "MetricsStaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "GreaterThanOrEqual", + "occurrenceType": "Always" + }, + { + "detectionMethod": "MetricsStaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "LessThan", + "occurrenceType": "Always" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS Network Load Balancer - High Unhealthy Hosts", + "description": "This alert fires when we detect that are there are too many unhealthy hosts (>=10%) within an interval of 5 minutes for a given network load balancer", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/NetworkELB metric=UnHealthyHostCount Statistic=sum account=* region=* LoadBalancer=* AvailabilityZone=* | sum by LoadBalancer, AvailabilityZone, account, region, namespace" + }, + { + "rowId": "B", + "query": "Namespace=aws/NetworkELB metric=HealthyHostCount Statistic=sum account=* region=* LoadBalancer=* AvailabilityZone=* | sum by LoadBalancer, AvailabilityZone, account, region, namespace" + }, + { + "rowId": "C", + "query": "#A * 100 / (#A + #B) along LoadBalancer, AvailabilityZone, account, region, namespace" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 10, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 10, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS API Gateway - High Integration Latency", + "description": "This alert fires when we detect that the average integration latency for a given API Gateway is greater than or equal to one second for 5 minutes.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/apigateway metric=IntegrationLatency statistic=Average account=* region=* apiname=* | avg by apiname, namespace, region, account" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 1000, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 1000, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS Lambda - High Percentage of Failed Requests", + "description": "This alert fires when we detect a large number of failed Lambda requests (>5%) within an interval of 5 minutes.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/lambda metric=Errors Statistic=Sum account=* region=* functionname=* | sum by functionname, account, region, namespace" + }, + { + "rowId": "B", + "query": "Namespace=aws/lambda metric=Invocations Statistic=Sum account=* region=* functionname=* | sum by functionname, account, region, namespace" + }, + { + "rowId": "C", + "query": "#A * 100 / #B along functionname, account, region, namespace" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS Application Load Balancer - High 5XX Errors", + "description": "This alert fires where there are too many HTTP requests (>5%) with a response status of 5xx within an interval of 5 minutes.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/applicationelb metric=HTTPCode_ELB_5XX_Count Statistic=Sum account=* region=* loadbalancer=* | sum by loadbalancer, account, region, namespace" + }, + { + "rowId": "B", + "query": "Namespace=aws/applicationelb metric=RequestCount Statistic=Sum account=* region=* loadbalancer=* | sum by loadbalancer, account, region, namespace" + }, + { + "rowId": "C", + "query": "#A * 100 / #B along loadbalancer, account, region, namespace" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "Amazon Elasticache - High Redis Memory Fragmentation Ratio", + "description": "This alert fires when the average Redis memory fragmentation ratio for within a 5 minute interval is high (>=1.5). Value equal to or greater than 1.5 Indicate significant memory fragmentation.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/elasticache metric=MemoryFragmentationRatio statistic=Average account=* region=* CacheClusterId=* CacheNodeId=* | avg by account, region, namespace, CacheClusterId, CacheNodeId" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 1.5, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 1.5, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "Amazon Elasticache - High CPU Utilization", + "description": "This alert fires when the average CPU utilization within a 5 minute interval for a host is high (>=90%). The CPUUtilization metric includes total CPU utilization across application, operating system and management processes. We highly recommend monitoring CPU utilization for hosts with two vCPUs or less.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/elasticache metric=CPUUtilization statistic=Average account=* region=* CacheClusterId=* CacheNodeId=* | avg by CacheClusterId, CacheNodeId, account, region, namespace" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 90, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 90, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "Amazon RDS - Low Aurora Buffer Cache Hit Ratio", + "description": "This alert fires when the average RDS Aurora buffer cache hit ratio within a 5 minute interval is low (<= 50%). This indicates that a lower percentage of requests were are served by the buffer cache, which could further indicate a degradation in application performance.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/rds metric=BufferCacheHitRatio statistic=Average account=* region=* dbidentifier=* | avg by dbidentifier, namespace, region, account" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 50, + "thresholdType": "LessThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 50, + "thresholdType": "GreaterThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS API Gateway - High 4XX Errors", + "description": "This alert fires where there are too many HTTP requests (>5%) with a response status of 4xx within an interval of 5 minutes.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/apigateway metric=4xxError Statistic=Sum account=* region=* apiname=* | sum by apiname, account, region, namespace" + }, + { + "rowId": "B", + "query": "Namespace=aws/apigateway metric=count Statistic=Sum account=* region=* apiname=* | sum by apiname, account, region, namespace" + }, + { + "rowId": "C", + "query": "#A * 100 / #B along apiname, account, region, namespace" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS EC2 - High Total CPU Utilization", + "description": "This alert fires when the average total CPU utilization within a 5 minute interval for an EC2 instance is high (>=85%).", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/ec2 metric=CPU_Total account=* region=* instanceid=* | avg by account, region, namespace, instanceid" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 85, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 85, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS Classic Load Balancer - High Latency", + "description": "This alert fires when we detect that the average latency for a given Classic load balancer within a time interval of 5 minutes is greater than or equal to three seconds.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/elb metric=Latency Statistic=Average account=* region=* loadbalancername=* | eval(_value*1000) | sum by account, region, namespace, loadbalancername" + } + ], + "triggers": [ + { + "detectionMethod": "MetricsStaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 3000, + "thresholdType": "GreaterThanOrEqual", + "occurrenceType": "Always" + }, + { + "detectionMethod": "MetricsStaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 3000, + "thresholdType": "LessThan", + "occurrenceType": "Always" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS EC2 - High Disk Utilization", + "description": "This alert fires when the average disk utilization within a 5 minute time interval for an EC2 instance is high (>=85%).", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/ec2 metric=Disk_UsedPercent account=* region=* instanceid=* | avg by account, region, namespace, instanceid, devname" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 85, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 85, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "Amazon ECS - High CPU Utilization", + "description": "This alert fires when the average CPU utilization within a 5 minute interval for a service within a cluster is high (>=85%).", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/ecs metric=CPUUtilization statistic=Average account=* region=* ClusterName=* ServiceName=* | avg by ClusterName, ServiceName, account, region, namespace" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 85, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 85, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS Network Load Balancer - High TLS Negotiation Errors", + "description": "This alert fires when we detect that there are too many TLS Negotiation Errors (>=10%) within an interval of 5 minutes for a given network load balancer", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/NetworkELB metric=ClientTLSNegotiationErrorCount Statistic=sum account=* region=* LoadBalancer=* | sum by LoadBalancer, account, region, namespace" + }, + { + "rowId": "B", + "query": "Namespace=aws/NetworkELB metric=TargetTLSNegotiationErrorCount Statistic=sum account=* region=* LoadBalancer=* | sum by LoadBalancer, account, region, namespace" + }, + { + "rowId": "C", + "query": "(#A + #B) along LoadBalancer, account, region, namespace" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 10, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 10, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "Amazon Elasticache - Multiple Failed Operations", + "description": "This alert fires when we detect multiple failed operations within a 15 minute interval for an ElastiCache service.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Logs", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "account=* region=* namespace=aws/elasticache \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" errorCode errorMessage\n| json \"eventSource\", \"errorCode\", \"errorMessage\", \"userIdentity\", \"requestParameters\", \"responseElements\" as event_source, error_code, error_message, user_identity, requestParameters, responseElements nodrop\n| json field=requestParameters \"cacheClusterId\" as req_cacheClusterId nodrop\n| json field=responseElements \"cacheClusterId\" as res_cacheClusterId nodrop\n| json field=user_identity \"arn\", \"userName\" nodrop \n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| where event_source matches \"elasticache.amazonaws.com\" and !isEmpty(error_code) and !isEmpty(error_message) and !isEmpty(user)\n| count as event_count by _messageTime, account, region, event_source, error_code, error_message, user, cacheclusterid\n| formatDate(_messageTime, \"MM/dd/yyyy HH:mm:ss:SSS Z\") as message_date\n| fields message_date, account, region, event_source, error_code, error_message, user, cacheclusterid\n| fields -_messageTime" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-15m", + "threshold": 10, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "ResultCount", + "triggerSource": "AllResults" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-15m", + "threshold": 10, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "ResultCount", + "triggerSource": "AllResults" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": true, + "playbook": "" + }, + { + "name": "Amazon Elasticache - High Redis Database Memory Usage", + "description": "This alert fires when the average database memory usage within a 5 minute interval for the Redis engine is high (>=95%). When the value reaches 100%, eviction may happen or write operations may fail based on ElastiCache policies thereby impacting application performance.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/elasticache metric=DatabaseMemoryUsagePercentage statistic=Average account=* region=* CacheClusterId=* CacheNodeId=* | avg by account, region, namespace, CacheClusterId, CacheNodeId" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 95, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 95, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS EC2 - High System CPU Utilization", + "description": "This alert fires when the average system CPU utilization within a 5 minute interval for an EC2 instance is high (>=85%).", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/ec2 metric=CPU_Sys account=* region=* instanceid=* | avg by account, region, namespace, instanceid" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 85, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 85, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS Lambda - Low Provisioned Concurrency Utilization", + "description": "This alert fires when the average provisioned concurrency utilization for 5 minutes is low (<= 50%). This indicates low provisioned concurrency utilization efficiency.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/lambda metric=ProvisionedConcurrencyUtilization statistic=Average account=* region=* functionname=* | avg by functionname, namespace, region, account" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 50, + "thresholdType": "LessThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 50, + "thresholdType": "GreaterThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS DynamoDB - High Max Provisioned Table Write Capacity", + "description": "This alert fires when we detect that the average percentage of write provisioned capacity used by the highest write provisioned table of an account for a time interval of 5 minutes is great than or equal to 80%. High values indicate requests to the database are being throttled, which could further indicate that your application may not be working as intended.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/dynamodb metric=MaxProvisionedTableWriteCapacityUtilization statistic=Average account=* region=* | avg by namespace, region, account" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 80, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 80, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS DynamoDB - High Max Provisioned Table Read Capacity", + "description": "This alert fires when we detect that the average percentage of read provisioned capacity used by the highest read provisioned table of an account for a time interval of 5 minutes is great than or equal to 80%. High values indicate requests to the database are being throttled, which could further indicate that your application may not be working as intended.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/dynamodb metric=MaxProvisionedTableReadCapacityUtilization statistic=Average account=* region=* | avg by namespace, region, account" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 80, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 80, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS DynamoDB - Multiple Tables deleted", + "description": "This alert fires when we detect multiple failed operations for Elasticache service within 15 minutes", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Logs", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "account=* region=* namespace=aws/dynamodb eventSource \"dynamodb.amazonaws.com\"\n| json \"eventSource\", \"eventName\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as event_source, event_name, tablename, SourceIp, UserName, ContextUserName nodrop\n| where event_source = \"dynamodb.amazonaws.com\" and event_name = \"DeleteTable\"\n| if (isEmpty(UserName), ContextUserName, UserName) as user\n| count by _messageTime, account, region, namespace, event_name, user, tablename\n| formatDate(_messageTime, \"MM/dd/yyyy HH:mm:ss:SSS Z\") as message_date\n| fields message_date, account, region, namespace, event_name, user, tablename\n| fields -_messageTime" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-15m", + "threshold": 5, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "ResultCount", + "triggerSource": "AllResults" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-15m", + "threshold": 5, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "ResultCount", + "triggerSource": "AllResults" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": true, + "playbook": "" + }, + { + "name": "AWS DynamoDB - High Account Provisioned Write Capacity", + "description": "This alert fires when we detect that the average write capacity provisioned for an account for a time interval of 5 minutes is greater than or equal to 80%. High values indicate requests to the database are being throttled, which could further indicate that your application may not be working as intended.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/dynamodb metric=AccountProvisionedWriteCapacityUtilization statistic=Average account=* region=* | avg by namespace, region, account" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 80, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 80, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "Amazon RDS - High Read Latency", + "description": "This alert fires when the average read latency of a database within a 5 minutes time inerval is high (>=5 seconds). High read latency will affect the performance of your application.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/rds metric=ReadLatency statistic=Average account=* region=* dbidentifier=* | avg by dbidentifier, namespace, region, account" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS Application Load Balancer - Access from Highly Malicious Sources", + "description": "This alert fires when an Application load balancer is accessed from highly malicious IP addresses within last 5 minutes", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Logs", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "account=* region=* namespace=aws/applicationelb\n| parse \"* * * * * * * * * * * * \\\"*\\\" \\\"*\\\" * * * \\\"*\\\"\" as Type, DateTime, loadbalancer, Client, Target, RequestProcessingTime, TargetProcessingTime, ResponseProcessingTime, ElbStatusCode, TargetStatusCode, ReceivedBytes, SentBytes, Request, UserAgent, SslCipher, SslProtocol, TargetGroupArn, TraceId\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp, loadbalancer, account, region, namespace\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and MaliciousConfidence=\"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by ClientIp, loadbalancer, account, region, namespace, MaliciousConfidence, Actor, LabelName" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 0, + "thresholdType": "GreaterThan", + "field": null, + "occurrenceType": "ResultCount", + "triggerSource": "AllResults" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 0, + "thresholdType": "LessThanOrEqual", + "field": null, + "occurrenceType": "ResultCount", + "triggerSource": "AllResults" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": true, + "playbook": "" + }, + { + "name": "AWS Classic Load Balancer - High 4XX Errors", + "description": "This alert fires where there are too many HTTP requests (>5%) with a response status of 4xx within an interval of 5 minutes.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/elb metric=HTTPCode_ELB_4XX Statistic=Sum account=* region=* loadbalancername=* | sum by loadbalancername, account, region, namespace" + }, + { + "rowId": "B", + "query": "Namespace=aws/elb metric=RequestCount Statistic=Sum account=* region=* loadbalancername=* | sum by loadbalancername, account, region, namespace" + }, + { + "rowId": "C", + "query": "#A * 100 / #B along loadbalancername, account, region, namespace" + } + ], + "triggers": [ + { + "detectionMethod": "MetricsStaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "GreaterThanOrEqual", + "occurrenceType": "Always" + }, + { + "detectionMethod": "MetricsStaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "LessThan", + "occurrenceType": "Always" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "Amazon RDS - High CPU Utilization", + "description": "This alert fires when we detect that the average CPU utilization for a database is high (>=85%) for an interval of 5 minutes.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/rds metric=CPUUtilization statistic=Average account=* region=* dbidentifier=* | avg by dbidentifier, namespace, region, account" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 85, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 85, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "Amazon RDS - High Disk Queue Depth", + "description": "This alert fires when the average disk queue depth for a database is high (>=5) for an interval of 5 minutes. Higher this value, higher will be the number of outstanding I/Os (read/write requests) waiting to access the disk, which will impact the performance of your application.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/rds metric=DiskQueueDepth statistic=Average account=* region=* dbidentifier=* | avg by dbidentifier, namespace, region, account" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 5, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + }, + { + "name": "AWS DynamoDB - High Account Provisioned Read Capacity", + "description": "This alert fires when we detect that the average read capacity provisioned for an account for a time interval of 5 minutes is greater than or equal to 80%. High values indicate requests to the database are being throttled, which could further indicate that your application may not be working as intended.", + "type": "MonitorsLibraryMonitorExport", + "monitorType": "Metrics", + "evaluationDelay": "0m", + "alertName": null, + "runAs": null, + "notificationGroupFields": [], + "queries": [ + { + "rowId": "A", + "query": "Namespace=aws/dynamodb metric=AccountProvisionedReadCapacityUtilization statistic=Average account=* region=* | avg by namespace, region, account" + } + ], + "triggers": [ + { + "detectionMethod": "StaticCondition", + "triggerType": "Critical", + "timeRange": "-5m", + "threshold": 80, + "thresholdType": "GreaterThanOrEqual", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + }, + { + "detectionMethod": "StaticCondition", + "triggerType": "ResolvedCritical", + "timeRange": "-5m", + "threshold": 80, + "thresholdType": "LessThan", + "field": null, + "occurrenceType": "Always", + "triggerSource": "AnyTimeSeries" + } + ], + "notifications": [], + "isDisabled": true, + "groupNotifications": false, + "playbook": "" + } + ] +} diff --git a/terraform-sumologic-aws-observability/examples/aws-observability/json/Api-Gateway-App.json b/terraform-sumologic-aws-observability/examples/aws-observability/json/Api-Gateway-App.json new file mode 100644 index 00000000..46288e83 --- /dev/null +++ b/terraform-sumologic-aws-observability/examples/aws-observability/json/Api-Gateway-App.json @@ -0,0 +1,2009 @@ +{ + "type": "FolderSyncDefinition", + "name": "AWS API Gateway", + "description": "The Sumo Logic App for AWS API Gateway provides visibility into your Amazon APIGateway Service Metrics collected via a CloudWatch Metrics Source. The App’s Dashboards provide preconfigured searches and filters that allow you to monitor your API Gateway Infrastructure.", + "children": [ + { + "type": "DashboardV2SyncDefinition", + "name": "1. AWS API Gateway - Latency, Cache", + "description": "AWS API Gateway - Latency, Cache dashboard provides insights into API Gateway performance including API requests, latency, API cache hits, and back-end cache misses.", + "title": "1. AWS API Gateway - Latency, Cache", + "rootPanel": null, + "theme": "Light", + "topologyLabelMap": { + "data": { + "apiname": [ + "*" + ], + "namespace": [ + "aws/apigateway" + ], + "region": [ + "*" + ], + "account": [ + "*" + ] + } + }, + "refreshInterval": 0, + "timeRange": { + "type": "BeginBoundedTimeRange", + "from": { + "type": "RelativeTimeRangeBoundary", + "relativeTime": "-1d" + }, + "to": null + }, + "layout": { + "layoutType": "Grid", + "layoutStructures": [ + { + "key": "panelpane-1282e8dc8b362944", + "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" + }, + { + "key": "panelpane-07fe4834864daa40", + "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":1}" + }, + { + "key": "panelpane-d8cca1fd9e28fa4e", + "structure": "{\"height\":2,\"width\":12,\"x\":0,\"y\":7}" + }, + { + "key": "panelpane-be2d46b2823fbb44", + "structure": "{\"height\":2,\"width\":12,\"x\":12,\"y\":7}" + }, + { + "key": "panelpane-825676c9a42b7844", + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":9}" + }, + { + "key": "panelpane-95b93c0ea7c2694f", + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":9}" + }, + { + "key": "panelpane-de1fae9b96f50949", + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":16}" + }, + { + "key": "panelpane-611d41d29c4b0b46", + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":16}" + }, + { + "key": "panelpane-86be2b008a2db942", + "structure": "{\"height\":1,\"width\":12,\"x\":0,\"y\":15}" + }, + { + "key": "panelpane-903472b3b1481b4a", + "structure": "{\"height\":1,\"width\":12,\"x\":12,\"y\":15}" + } + ] + }, + "panels": [ + { + "id": null, + "key": "panelpane-1282e8dc8b362944", + "title": "API Calls Over Time", + "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "" + }, + { + "id": null, + "key": "panelpane-07fe4834864daa40", + "title": " API Requests (Today, Yesterday, Last Week)", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":\"3\"},\"axes\":{\"axisY\":{\"title\":\"Requests\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Today, {{apiname}}\"}},{\"series\":[],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Yesterday, {{apiname}}\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Last Week, {{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=count Statistic=sum account={{account}} region={{region}} apiname={{apiname}} | sum by apiname, namespace, region, account", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "Namespace={{namespace}} metric=count Statistic=sum account={{account}} region={{region}} apiname={{apiname}} | sum by apiname, namespace, region, account | timeshift 1d", + "queryType": "Metrics", + "queryKey": "B", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "Namespace={{namespace}} metric=count Statistic=sum account={{account}} region={{region}} apiname={{apiname}} | sum by apiname, namespace, region, account | timeshift 7d", + "queryType": "Metrics", + "queryKey": "C", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-d8cca1fd9e28fa4e", + "title": "Latency", + "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\",\"alignment\":\"left\",\"fontSize\":16},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "Time in between API Gateway receives request from client and returns response to the client" + }, + { + "id": null, + "key": "panelpane-be2d46b2823fbb44", + "title": "‎Integration Latency", + "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\",\"fontSize\":16,\"alignment\":\"left\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "Time in between API Gateway relays request to backend and receives response from backend" + }, + { + "id": null, + "key": "panelpane-825676c9a42b7844", + "title": "Average Latency (ms)", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":\"3\"},\"axes\":{\"axisY\":{\"title\":\"Millisecond\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=Latency statistic=Average account={{account}} region={{region}} apiname={{apiname}} | avg by apiname, namespace, region, account", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-95b93c0ea7c2694f", + "title": "Average Integration Latency (ms)", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":\"3\"},\"axes\":{\"axisY\":{\"title\":\"Millisecond\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=IntegrationLatency statistic=Average account={{account}} region={{region}} apiname={{apiname}} | avg by apiname, namespace, region, account", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-de1fae9b96f50949", + "title": "Cache Hit Rate", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Cache Hit Rate\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=CacheHitCount statistic=Average account={{account}} region={{region}} apiname={{apiname}} | avg by apiname, namespace, region, account | eval _value * 100 ", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-611d41d29c4b0b46", + "title": "Cache Miss Rate", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Cache Miss Rate\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=CacheMissCount statistic=Average account={{account}} region={{region}} apiname={{apiname}} | avg by apiname, namespace, region, account | eval _value * 100", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-86be2b008a2db942", + "title": " Requests Served From API Cache (Cache Hits)", + "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "" + }, + { + "id": null, + "key": "panelpane-903472b3b1481b4a", + "title": "Requests Served From Back-end (Cache Misses)", + "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "" + } + ], + "variables": [ + { + "id": null, + "name": "account", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "", + "key": "account" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "region", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}}", + "key": "region" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "namespace", + "displayName": null, + "defaultValue": "aws/apigateway", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}}", + "key": "namespace" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "apiname", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}}", + "key": "apiname" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + } + ], + "coloringRules": [] + }, + { + "type": "DashboardV2SyncDefinition", + "name": "1. AWS API Gateway - Overview", + "description": "AWS API Gateway - Overview dashboard provides insights into API Gateway performance throughout your infrastructure, including API calls, latency, client and server-side errors, API cache hits, and back-end cache misses.", + "title": "1. AWS API Gateway - Overview", + "rootPanel": null, + "theme": "Light", + "topologyLabelMap": { + "data": { + "namespace": [ + "aws/apigateway" + ], + "region": [ + "*" + ], + "_sumo_domain_name": [ + "aws" + ], + "account": [ + "*" + ] + } + }, + "refreshInterval": 0, + "timeRange": { + "type": "BeginBoundedTimeRange", + "from": { + "type": "RelativeTimeRangeBoundary", + "relativeTime": "-1d" + }, + "to": null + }, + "layout": { + "layoutType": "Grid", + "layoutStructures": [ + { + "key": "panelpane-1282e8dc8b362944", + "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" + }, + { + "key": "panelpane-d8cca1fd9e28fa4e", + "structure": "{\"height\":2,\"width\":12,\"x\":0,\"y\":21}" + }, + { + "key": "panelpane-be2d46b2823fbb44", + "structure": "{\"height\":2,\"width\":12,\"x\":12,\"y\":21}" + }, + { + "key": "panelpane-afb5d2309a793847", + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":31}" + }, + { + "key": "panelpane-825676c9a42b7844", + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":15}" + }, + { + "key": "panelpane-0f271c0fbb72984c", + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":31}" + }, + { + "key": "panelpane-aac836daa8753b49", + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":38}" + }, + { + "key": "panelpane-3f51a1d2b3563b4c", + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":38}" + }, + { + "key": "panelpane-de1fae9b96f50949", + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":15}" + }, + { + "key": "panelpane-86be2b008a2db942", + "structure": "{\"height\":1,\"width\":12,\"x\":0,\"y\":37}" + }, + { + "key": "panelpane-903472b3b1481b4a", + "structure": "{\"height\":1,\"width\":12,\"x\":12,\"y\":37}" + }, + { + "key": "panelpane-30914953bcc44b4e", + "structure": "{\"height\":1,\"width\":12,\"x\":0,\"y\":14}" + }, + { + "key": "panelpane-2e8c53a18e9a484c", + "structure": "{\"height\":1,\"width\":12,\"x\":12,\"y\":14}" + }, + { + "key": "panelpane-70bda313b0965946", + "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":8}" + }, + { + "key": "panelpane-7a458955b12bd94e", + "structure": "{\"height\":6,\"width\":6,\"x\":6,\"y\":8}" + }, + { + "key": "panelpane-c557c5d28b2c684f", + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":8}" + }, + { + "key": "panelpane-51ff6a2cae479944", + "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":23}" + }, + { + "key": "panelpane-30c3b615b3da684f", + "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":23}" + }, + { + "key": "panelPANE-F43AE7E8952D5A40", + "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":1}" + } + ] + }, + "panels": [ + { + "id": null, + "key": "panelpane-1282e8dc8b362944", + "title": "All API Calls", + "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "" + }, + { + "id": null, + "key": "panelpane-d8cca1fd9e28fa4e", + "title": "Latency", + "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\",\"alignment\":\"left\",\"fontSize\":16,\"format\":\"text\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "Overall Latency in ms" + }, + { + "id": null, + "key": "panelpane-be2d46b2823fbb44", + "title": "‎Integration Latency", + "visualSettings": "{\"text\":{\"backgroundColor\":\"#dfe5e9\",\"fontSize\":16,\"alignment\":\"left\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "Time in between API Gateway relays request to backend and receives response from backend" + }, + { + "id": null, + "key": "panelpane-afb5d2309a793847", + "title": "Average Latency (ms)", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":\"3\"},\"axes\":{\"axisY\":{\"title\":\"Millisecond\"}},\"overrides\":[{\"series\":[],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\"}},{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=Latency statistic=Average account={{account}} region={{region}} apiname={{apiname}} | avg by apiname, namespace, region, account", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-825676c9a42b7844", + "title": "5XX Errors", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":\"3\"},\"axes\":{\"axisY\":{\"title\":\"Sum of 5XX Errors\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=5XXError Statistic=Sum account={{account}} region={{region}} apiname={{apiname}} | sum by apiname, namespace, region, account", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-0f271c0fbb72984c", + "title": "Average Integration Latency (ms)", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"lineThickness\":\"3\"},\"axes\":{\"axisY\":{\"title\":\"Millisecond\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=IntegrationLatency statistic=Average account={{account}} region={{region}} apiname={{apiname}} | avg by apiname, namespace, region, account", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-aac836daa8753b49", + "title": "Cache Hit Rate", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Cache Hit Rate \"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=CacheHitCount statistic=Average account={{account}} region={{region}} apiname={{apiname}} | avg by apiname, namespace, region, account | eval _value * 100", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-3f51a1d2b3563b4c", + "title": "Cache Miss Rate", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Cache Miss Rate \"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=CacheMissCount statistic=Average account={{account}} region={{region}} apiname={{apiname}} | avg by apiname, namespace, region, account | eval _value * 100", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-de1fae9b96f50949", + "title": "4XX Errors", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Sum of 4XX Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=4XXError Statistic=Sum account={{account}} region={{region}} apiname={{apiname}} | sum by apiname, namespace, region, account", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-86be2b008a2db942", + "title": " Requests Served From API Cache (Cache Hits)", + "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "" + }, + { + "id": null, + "key": "panelpane-903472b3b1481b4a", + "title": "Requests Served From Back-end (Cache Misses)", + "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "" + }, + { + "id": null, + "key": "panelpane-30914953bcc44b4e", + "title": "Client Side Errors", + "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "" + }, + { + "id": null, + "key": "panelpane-2e8c53a18e9a484c", + "title": "Server Side Errors", + "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "" + }, + { + "id": null, + "key": "panelpane-70bda313b0965946", + "title": "API Calls", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Total Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false},\"valueFontSize\":20}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=count statistic=Sum account={{account}} region={{region}} apiname={{apiname}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-7a458955b12bd94e", + "title": "Unique API Calls", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Maximum\",\"label\":\"Unique Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false},\"valueFontSize\":20}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=count statistic=Sum account={{account}} region={{region}} apiname={{apiname}} | sum by apiname, namespace, region, account | count", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-c557c5d28b2c684f", + "title": "API Calls by apiname", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"aggregationType\":\"sum\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Calls\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=count statistic=Sum account={{account}} region={{region}} apiname={{apiname}} | sum by apiname | eval round(_value)", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-51ff6a2cae479944", + "title": "Average Latency (ms)", + "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":500,\"color\":\"#75bf00\"},{\"from\":500,\"to\":1000,\"color\":\"#f6c851\"},{\"from\":1000,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=Latency statistic=Average account={{account}} region={{region}} apiname={{apiname}} | avg by apiname, namespace, region, account", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-30c3b615b3da684f", + "title": "Average Integration Latency (ms)", + "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":500,\"color\":\"#75bf00\"},{\"from\":500,\"to\":1000,\"color\":\"#f6c851\"},{\"from\":1000,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=IntegrationLatency statistic=Average account={{account}} region={{region}} apiname={{apiname}} | avg by apiname, namespace, region, account", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-F43AE7E8952D5A40", + "title": " API Requests (Today, Yesterday, Last Week)", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Last Week\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=count Statistic=sum account={{account}} region={{region}} apiname={{apiname}} | sum by account, region, namespace", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "Namespace={{namespace}} metric=count Statistic=sum account={{account}} region={{region}} apiname={{apiname}} | sum by account, region, namespace | timeshift 1d", + "queryType": "Metrics", + "queryKey": "B", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "Namespace={{namespace}} metric=count Statistic=sum account={{account}} region={{region}} apiname={{apiname}} | sum by account, region, namespace | timeshift 7d", + "queryType": "Metrics", + "queryKey": "C", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + } + ], + "variables": [ + { + "id": null, + "name": "account", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "", + "key": "account" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "region", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}}", + "key": "region" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "namespace", + "displayName": null, + "defaultValue": "aws/apigateway", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}}", + "key": "namespace" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "apiname", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}}", + "key": "apiname" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + } + ], + "coloringRules": [] + }, + { + "type": "DashboardV2SyncDefinition", + "name": "2. AWS API Gateway - 4XX and 5XX Errors", + "description": "AWS API Gateway - 4xx and 5xx Errors dashboard provides insights into API Gateway HTTP 4xx and 5xx code errors throughout your infrastructure, including API requests, client-side errors, and server-side errors.", + "title": "2. AWS API Gateway - 4XX and 5XX Errors", + "rootPanel": null, + "theme": "Light", + "topologyLabelMap": { + "data": { + "apiname": [ + "*" + ], + "namespace": [ + "aws/apigateway" + ], + "region": [ + "*" + ], + "account": [ + "*" + ] + } + }, + "refreshInterval": 0, + "timeRange": { + "type": "BeginBoundedTimeRange", + "from": { + "type": "RelativeTimeRangeBoundary", + "relativeTime": "-1d" + }, + "to": null + }, + "layout": { + "layoutType": "Grid", + "layoutStructures": [ + { + "key": "panelpane-4d3d7212b5a8484a", + "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":9}" + }, + { + "key": "panelpane-ddc0c4fd966e4844", + "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":17}" + }, + { + "key": "panelpane-ecbd97eab891e846", + "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":1}" + }, + { + "key": "panelpane-4b69798bbe22784a", + "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":0}" + }, + { + "key": "panelpane-62f5162ba859eb45", + "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":8}" + }, + { + "key": "panelpane-ecd366908889b943", + "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":16}" + } + ] + }, + "panels": [ + { + "id": null, + "key": "panelpane-4d3d7212b5a8484a", + "title": "4XX Errors", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Sum of 4XX Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=4XXError Statistic=Sum account={{account}} region={{region}} apiname={{apiname}} | sum by apiname, namespace, region, account", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-ddc0c4fd966e4844", + "title": "5XX Errors", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Sum of 5XX Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=5XXError Statistic=Sum account={{account}} region={{region}} apiname={{apiname}} | sum by apiname, namespace, region, account", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-ecbd97eab891e846", + "title": "API Requests (Today, Yesterday, Last Week)", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Requests\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Today, {{apiname}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Yesterday, {{apiname}}\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Last Week, {{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=count Statistic=Sum account={{account}} region={{region}} apiname={{apiname}} | sum by apiname, namespace, region, account", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "Namespace={{namespace}} metric=count Statistic=Sum account={{account}} region={{region}} apiname={{apiname}} | sum by apiname, namespace, region, account | timeshift 1d", + "queryType": "Metrics", + "queryKey": "B", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "Namespace={{namespace}} metric=count Statistic=Sum account={{account}} region={{region}} apiname={{apiname}} | sum by apiname, namespace, region, account | timeshift 7d", + "queryType": "Metrics", + "queryKey": "C", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-4b69798bbe22784a", + "title": "All API Calls", + "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "" + }, + { + "id": null, + "key": "panelpane-62f5162ba859eb45", + "title": "Client Side Errors", + "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "" + }, + { + "id": null, + "key": "panelpane-ecd366908889b943", + "title": "Server Side Errors", + "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"fontSize\":24,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"#222D3B\",\"alignment\":\"center\",\"showTitle\":true,\"format\":\"text\",\"text\":\"\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "" + } + ], + "variables": [ + { + "id": null, + "name": "account", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "", + "key": "account" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "region", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}}", + "key": "region" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "namespace", + "displayName": null, + "defaultValue": "aws/apigateway", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}}", + "key": "namespace" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "apiname", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}}", + "key": "apiname" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + } + ], + "coloringRules": [] + }, + { + "type": "DashboardV2SyncDefinition", + "name": "2. AWS API Gateway - Audit Events", + "description": "AWS API Gateway - Audit Events dashboard provides detailed audit insights into API Gateway events by various dimensions including event names, trends, regions, user agents, and recipient account IDs.", + "title": "2. AWS API Gateway - Audit Events", + "rootPanel": null, + "theme": "Light", + "topologyLabelMap": { + "data": { + "namespace": [ + "aws/apigateway" + ], + "region": [ + "*" + ], + "account": [ + "*" + ] + } + }, + "refreshInterval": 0, + "timeRange": { + "type": "BeginBoundedTimeRange", + "from": { + "type": "RelativeTimeRangeBoundary", + "relativeTime": "-1d" + }, + "to": null + }, + "layout": { + "layoutType": "Grid", + "layoutStructures": [ + { + "key": "panelpane-d39a82d0b687ab49", + "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":27}" + }, + { + "key": "panelpane-78017f49a1d96a4a", + "structure": "{\"height\":7,\"width\":6,\"x\":6,\"y\":27}" + }, + { + "key": "panelPANE-C60FE45FAF802B4D", + "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":0}" + }, + { + "key": "panelPANE-54D6935CA0D19846", + "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":0}" + }, + { + "key": "panelPANE-D3C4BB28A83C9947", + "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":8}" + }, + { + "key": "panelPANE-A9432A4D87BED943", + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":8}" + }, + { + "key": "panelPANE-79C1069AAE9C2948", + "structure": "{\"height\":6,\"width\":6,\"x\":6,\"y\":8}" + }, + { + "key": "panelPANE-8D29F0E780F36846", + "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":14}" + }, + { + "key": "panelPANE-2EA5D39A9A67D846", + "structure": "{\"height\":6,\"width\":18,\"x\":6,\"y\":14}" + }, + { + "key": "panelPANE-A839F6B38A2CD840", + "structure": "{\"height\":7,\"width\":6,\"x\":0,\"y\":20}" + }, + { + "key": "panelPANE-FBDDCA8195930A44", + "structure": "{\"height\":7,\"width\":18,\"x\":6,\"y\":20}" + }, + { + "key": "panelPANE-A9420681BB19294B", + "structure": "{\"height\":7,\"width\":6,\"x\":0,\"y\":27}" + }, + { + "key": "panelPANE-E9024AE2A1BFCB4F", + "structure": "{\"height\":8,\"width\":24,\"x\":0,\"y\":34}" + } + ] + }, + "panels": [ + { + "id": null, + "key": "panelpane-d39a82d0b687ab49", + "title": "Events Trend by Event Name", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Events\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" eventName account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, errorCode, errorMessage, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(errorCode), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| timeslice 15m\n| count as eventCount by _timeslice, event_name\n| transpose row _timeslice column event_name", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-78017f49a1d96a4a", + "title": "Top User Agents", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"legend\":{\"enabled\":false},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" userAgent account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, errorCode, errorMessage, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(errorCode), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| count as eventCount by user_agent\n| sort by eventCount, user_agent asc", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-C60FE45FAF802B4D", + "title": "Failure Activity Location", + "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\"},\"title\":{\"fontSize\":16},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" errorCode account={{account}} Namespace={{namespace}} region={{region}} sourceIPAddress\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, errorCode, errorMessage, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\") and !isEmpty(errorCode)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(errorCode), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| count by src_ip\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = src_ip\n| where !isnull(latitude)", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-54D6935CA0D19846", + "title": "Successful Activity Location", + "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\"},\"title\":{\"fontSize\":16},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" !errorCode account={{account}} Namespace={{namespace}} region={{region}} sourceIPAddress\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, errorCode, errorMessage, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\") and isEmpty(errorCode)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(errorCode), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| count by src_ip\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = src_ip\n| where !isnull(latitude)", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-D3C4BB28A83C9947", + "title": "Event Status", + "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":false},\"overrides\":[{\"series\":[\"Success\"],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#75bf00\",\"type\":\"pie\"}},{\"series\":[\"Failure\"],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#f36644\",\"type\":\"pie\"}},{\"series\":[],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"type\":\"pie\"}}],\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, errorCode, errorMessage, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(errorCode), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| count as eventCount by eventStatus\n| sort by eventCount, eventStatus asc", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-A9432A4D87BED943", + "title": "Event Status Trend", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[\"Failure\"],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#f36644\",\"type\":\"column\"}},{\"series\":[\"Success\"],\"queries\":[],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#75bf00\",\"type\":\"column\"}}],\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, errorCode, errorMessage, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| if (isEmpty(errorCode), \"Success\", \"Failure\") as eventStatus\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(userName), user, userName) as user\n| timeslice 15m\n| count by _timeslice, eventStatus\n| fillmissing timeslice(15m), values (\"Success\", \"Failure\") in eventStatus\n| transpose row _timeslice column eventStatus", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-79C1069AAE9C2948", + "title": "Top Error Codes", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, errorCode, errorMessage, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\" and !isEmpty(errorCode)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| if (isEmpty(errorCode), \"Success\", \"Failure\") as eventStatus\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(userName), user, userName) as user\n| count as eventCount by errorCode \n| top 10 errorCode by eventCount, errorCode asc", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-8D29F0E780F36846", + "title": "Failed Events", + "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":false},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, errorCode, errorMessage, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\" and !isEmpty(errorCode)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(errorCode), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| count as eventCount by event_name\n| sort by eventCount, event_name asc", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-2EA5D39A9A67D846", + "title": "Failed Event Details", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, errorCode, errorMessage, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\" and !isEmpty(errorCode)\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop \n| json field=responseElements \"name\", \"Message\" as ApiName, responseMessage nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(errorCode), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(errorMessage), responseMessage, errorMessage) as errorMessage\n| timeslice 1s\n| count as eventCount by _timeslice, event_name, errorCode, errorMessage, Region, src_ip, accountId, user, type, requestID, user_agent\n| sort by _timeslice\n| limit 100", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-A839F6B38A2CD840", + "title": "Successful Events", + "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":false},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" !errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, errorCode, errorMessage, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(errorCode), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| where eventStatus = \"Success\"\n| count as eventCount by event_name\n| sort by eventCount, event_name asc", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-FBDDCA8195930A44", + "title": "Successful Event Details", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" !errorCode account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, errorCode, errorMessage, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(errorCode), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| where eventStatus = \"Success\"\n| timeslice 1s\n| count as eventCount by _timeslice, event_name, Region, src_ip, accountId, user, type, requestID, user_agent, ApiName\n| sort by _timeslice\n| limit 100", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-A9420681BB19294B", + "title": "Top Users", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, errorCode, errorMessage, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(errorCode), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| count as eventCount by type, user\n| topk(10, eventCount) by type | fields -_rank", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-E9024AE2A1BFCB4F", + "title": "Threat Table based on Caller IP Address", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "\"\\\"eventSource\\\":\\\"apigateway.amazonaws.com\\\"\" account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"responseElements\", \"sourceIPAddress\", \"errorCode\", \"errorMessage\", \"requestID\" as event_name, event_source, Region, user_agent, accountId1, userIdentity, requestParameters, responseElements, src_ip, errorCode, errorMessage, requestID nodrop\n| where event_source = \"apigateway.amazonaws.com\"\n| json field=userIdentity \"accountId\", \"arn\", \"userName\", \"type\" as accountId2, arn, username, type nodrop | parse field=arn \":assumed-role/*\" as user nodrop | parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"basePath\", \"domainName\" as basePath, domainName nodrop | json field=responseElements \"name\" as ApiName nodrop // CreateRestApi, CreateApiKey, CreateUsagePlan, CreateUsagePlanKey, CreateUsagePlanKey, ImportApi, ImportRestApi, UpdateRestApi, UpdateUsagePlan provides ApiName\n| if (!isEmpty(accountId1), accountId1, accountId2) as accountId\n| if (isEmpty(errorCode), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| count by src_ip, event_name, user, user_agent\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=src_ip \n| json field=raw \"labels[*].name\" as label_name \n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| where type=\"ip_address\" and malicious_confidence = \"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sort by _count\n| fields src_ip, event_name, user, user_agent, type, actor, malicious_confidence", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + } + ], + "variables": [ + { + "id": null, + "name": "account", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "", + "key": "account" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "region", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}}", + "key": "region" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "namespace", + "displayName": null, + "defaultValue": "aws/apigateway", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}}", + "key": "namespace" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + } + ], + "coloringRules": [] + }, + { + "type": "DashboardV2SyncDefinition", + "name": "3. AWS API Gateway - Enhanced Monitoring", + "description": "AWS API Gateway - Enhanced Monitoring dashboard provides detailed insights into API Gateway performance throughout your infrastructure, including the number and types of API calls, API resources, cache hits and misses, latency averages, and errors by HTTP method.", + "title": "3. AWS API Gateway - Enhanced Monitoring", + "rootPanel": null, + "theme": "Light", + "topologyLabelMap": { + "data": { + "apiname": [ + "*" + ], + "namespace": [ + "aws/apigateway" + ], + "region": [ + "*" + ], + "account": [ + "*" + ] + } + }, + "refreshInterval": 0, + "timeRange": { + "type": "BeginBoundedTimeRange", + "from": { + "type": "RelativeTimeRangeBoundary", + "relativeTime": "-1d" + }, + "to": null + }, + "layout": { + "layoutType": "Grid", + "layoutStructures": [ + { + "key": "panelpane-bf711447aeb87a4d", + "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":9}" + }, + { + "key": "panelpane-0c6ca348a22a684a", + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":15}" + }, + { + "key": "panelpane-fcf2a359aca4f947", + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":21}" + }, + { + "key": "panelpane-1bd728408f442a49", + "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":3}" + }, + { + "key": "panelpane-134c2b108813b846", + "structure": "{\"height\":6,\"width\":5,\"x\":5,\"y\":3}" + }, + { + "key": "panelpane-8623b689ab09684a", + "structure": "{\"height\":6,\"width\":5,\"x\":10,\"y\":3}" + }, + { + "key": "panelpane-2c931e93b0a25940", + "structure": "{\"height\":6,\"width\":9,\"x\":15,\"y\":3}" + }, + { + "key": "panelpane-6052fefb99524948", + "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":27}" + }, + { + "key": "panelpane-b7fcf1e9a9428b41", + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":15}" + }, + { + "key": "panelpane-3bd1f319951a1949", + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":21}" + }, + { + "key": "panelpane-4f8a91c58c9d3b4e", + "structure": "{\"height\":3,\"width\":24,\"x\":0,\"y\":0}" + } + ] + }, + "panels": [ + { + "id": null, + "key": "panelpane-bf711447aeb87a4d", + "title": "API Calls By HTTP Method", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Requests\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"column\",\"name\":\"{{Method}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=Count Statistic=Sum account={{account}} region={{region}} apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} | sum by method", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-0c6ca348a22a684a", + "title": "4XX Errors by HTTP Method", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Sum of 4XX Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"column\",\"name\":\"{{method}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=4XXError Statistic=Sum account={{account}} region={{region}} apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} | sum by method", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-fcf2a359aca4f947", + "title": "5XX Errors By HTTP Method", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Sum of 5XX Errors\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"column\",\"name\":\"{{method}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=5XXError Statistic=Sum account={{account}} region={{region}} apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} | sum by method", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-1bd728408f442a49", + "title": "API Calls", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Total Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=count statistic=Sum account={{account}} region={{region}} apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-134c2b108813b846", + "title": "Unique API Calls", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Unique Calls\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=count statistic=Sum account={{account}} region={{region}} apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} | sum by apiname, namespace, region, account, method | count", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-8623b689ab09684a", + "title": "API Resources", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Resource\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"\",\"hideData\":false,\"rounding\":0,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false,\"min\":0,\"max\":100,\"showThreshold\":false,\"showThresholdMarker\":false}}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=count statistic=Sum account={{account}} region={{region}} apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} | sum by apiname, namespace, region, account, resource | count", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-2c931e93b0a25940", + "title": "API Call Breakdown", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"aggregationType\":\"sum\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Calls\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=count statistic=Sum account={{account}} region={{region}} apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} | sum by apiname, method, resource | eval round(_value)", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-6052fefb99524948", + "title": "Cache Hits and Misses", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":\"0\",\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Rate\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Cache Hits, apiname={{apiname}} \"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Cache Miss, apiname={{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=CacheHitCount statistic=Average account={{account}} region={{region}} apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} | avg by apiname, namespace, region, account | eval _value * 100", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "Namespace={{namespace}} metric=CacheMissCount statistic=Average account={{account}} region={{region}} apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} | avg by apiname, namespace, region, account | eval _value * 100", + "queryType": "Metrics", + "queryKey": "B", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-b7fcf1e9a9428b41", + "title": "Average Latency (ms)", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Milliseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=Latency statistic=Average account={{account}} region={{region}} apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} | avg by apiname, namespace, region, account", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-3bd1f319951a1949", + "title": "Average Integration Latency (ms)", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":3},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Milliseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{apiname}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "Namespace={{namespace}} metric=IntegrationLatency statistic=Average account={{account}} region={{region}} apiname={{apiname}} stage={{stage}} method={{method}} resource={{resource}} | avg by apiname, namespace, region, account", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-4f8a91c58c9d3b4e", + "title": "Note", + "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"alignment\":\"left\",\"fontSize\":16,\"backgroundColor\":\"#dfe5e9\"},\"title\":{\"fontSize\":\"20\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "This dashboard works on detailed CloudWatch metrics which needs to be explicitly enabled. You can do this in the console by selecting \"Enable CloudWatch Metrics\" under a stage Settings tab. Alternatively, you can call the update-stage AWS CLI command to update the metricsEnabled property to true." + } + ], + "variables": [ + { + "id": null, + "name": "account", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "", + "key": "account" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "region", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}}", + "key": "region" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "namespace", + "displayName": null, + "defaultValue": "aws/apigateway", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}}", + "key": "namespace" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "apiname", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}}", + "key": "apiname" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "stage", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}}", + "key": "stage" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "method", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}} stage={{stage}}", + "key": "method" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "resource", + "displayName": null, + "defaultValue": null, + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}} apiname={{apiname}}", + "key": "resource" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + } + ], + "coloringRules": [] + } + ] +} \ No newline at end of file diff --git a/aws-observability/json/Classic-lb-App.json b/terraform-sumologic-aws-observability/examples/aws-observability/json/Classic-lb-App.json similarity index 74% rename from aws-observability/json/Classic-lb-App.json rename to terraform-sumologic-aws-observability/examples/aws-observability/json/Classic-lb-App.json index 62f7298d..9cf53585 100644 --- a/aws-observability/json/Classic-lb-App.json +++ b/terraform-sumologic-aws-observability/examples/aws-observability/json/Classic-lb-App.json @@ -8,6 +8,7 @@ "name": "1. AWS Classic Load Balancer - Overview", "description": "See the overview of Classic load balancer including the requests, healthy and unhealthy host count, backend response time, and active connections.", "title": "1. AWS Classic Load Balancer - Overview", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -19,9 +20,6 @@ ], "account": [ "*" - ], - "06c6033455922f6f2326e618d0bfc9d1": [ - "*" ] } }, @@ -109,17 +107,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=HealthyHostCount Statistic=Average | avg", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -136,17 +131,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=UnHealthyHostCount Statistic=Average | avg", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -163,17 +155,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=BackendConnectionErrors Statistic=Sum | sum", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -190,17 +179,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=RequestCount Statistic=Sum | sum", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -217,17 +203,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=SurgeQueueLength Statistic=Sum | sum", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -244,17 +227,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=SpilloverCount Statistic=Sum | sum", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -271,30 +251,24 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=HealthyHostCount Statistic=Average | avg by account, region, namespace, loadbalancername", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" }, { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=UnHealthyHostCount Statistic=Average | avg by account, region, namespace, loadbalancername", "queryType": "Metrics", "queryKey": "B", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -311,17 +285,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=RequestCount Statistic=Sum | sum by account, region, namespace, loadbalancername", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -338,17 +309,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=HTTPCode_ELB_4XX Statistic=Sum | sum by account, region, namespace, loadbalancername", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -365,17 +333,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, Client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop \n| count by ClientIP\n| lookup latitude, longitude from geo://location on ip = ClientIP\n| sum(_count) by latitude, longitude\n| where !isnull(latitude)", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, Client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=Client \"*:*\" as ClientIP, ClientPort nodrop \n| count by ClientIP\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = ClientIP\n| sum(_count) by latitude, longitude, country_code, country_name, region, city, postal_code\n| where !isnull(latitude)", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -392,17 +357,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=Latency Statistic=Average | eval(_value*1000) | avg by account, region, namespace, loadbalancername", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -419,17 +381,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=HTTPCode_ELB_5XX Statistic=Sum | sum by account, region, namespace, loadbalancername", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -446,17 +405,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=HTTPCode_ELB_4XX Statistic=Sum | sum by account, region, namespace, loadbalancername", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -473,17 +429,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=HTTPCode_ELB_5XX Statistic=Sum | sum by account, region, namespace, loadbalancername", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -500,17 +453,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| parse field=request \"* *://*:*/* HTTP\" as method, protocol, domain, server_port, path nodrop\n| parse field=client \"*:*\" as ClientIP, Cport nodrop\n| parse field=backend \"*:*\" as BackendIP, Backend_port nodrop\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| timeslice 5m\n| count as ip_count by ClientIp, loadbalancername, account, region, namespace\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where MaliciousConfidence=\"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by loadbalancername, account, region, namespace\n| sort by ThreatCount", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| parse field=request \"* *://*:*/* HTTP\" as method, protocol, domain, server_port, path nodrop\n| parse field=client \"*:*\" as ClientIP, Cport nodrop\n| parse field=backend \"*:*\" as BackendIP, Backend_port nodrop\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| timeslice 5m\n| count as ip_count by ClientIp, loadbalancername, account, region, namespace\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and MaliciousConfidence=\"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by loadbalancername, account, region, namespace\n| sort by ThreatCount", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -588,6 +538,7 @@ "name": "1. AWS Classic Load Balancer - Response Analysis", "description": "See the details of the Classic Load Balancer HTTP codes 3XX, 4XX, and 5XX by availability zone, and load balancer.", "title": "1. AWS Classic Load Balancer - Response Analysis", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -597,9 +548,6 @@ "namespace": [ "aws/elb" ], - "a03d34ede2414c1f5efc823a753cc47d": [ - "*" - ], "region": [ "*" ], @@ -711,17 +659,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} AvailabilityZone=* metric=HTTPCode_ELB_5XX Statistic=Sum | sum by account, region, namespace, loadbalancername, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -738,17 +683,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=client \"*:*\" as ClientIP, ClientPort nodrop\n| where (elb_status_code matches \"4*\")\n| count by ClientIP\n| lookup latitude, longitude from geo://location on ip = ClientIP\n| count by latitude, longitude\n| where !isnull(latitude)", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=client \"*:*\" as ClientIP, ClientPort nodrop\n| where (elb_status_code matches \"4*\")\n| count by ClientIP\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = ClientIP\n| count by latitude, longitude, country_code, country_name, region, city, postal_code\n| where !isnull(latitude)", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -765,17 +707,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=client \"*:*\" as ClientIP, ClientPort nodrop\n| where (elb_status_code matches \"5*\")\n| count by ClientIP\n| lookup latitude, longitude from geo://location on ip = ClientIP\n| count by latitude, longitude\n| where !isnull(latitude)", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=client \"*:*\" as ClientIP, ClientPort nodrop\n| where (elb_status_code matches \"5*\")\n| count by ClientIP\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = ClientIP\n| count by latitude, longitude, country_code, country_name, region, city, postal_code\n| where !isnull(latitude)", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -792,17 +731,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=client \"*:*\" as ClientIP, ClientPort nodrop\n| where (elb_status_code matches \"3*\")\n| count by ClientIP\n| lookup latitude, longitude from geo://location on ip = ClientIP\n| count by latitude, longitude\n| where !isnull(latitude)", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=client \"*:*\" as ClientIP, ClientPort nodrop\n| where (elb_status_code matches \"3*\")\n| count by ClientIP\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = ClientIP\n| count by latitude, longitude, country_code, country_name, region, city, postal_code\n| where !isnull(latitude)", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -819,17 +755,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=client \"*:*\" as ClientIP, ClientPort nodrop\n| if(elb_status_code matches \"5*\", 1, 0) as ServerErrors \n| timeslice 1m\n| sum(ServerErrors) as ServerErrors by _timeslice\n| sort _timeslice asc", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -846,17 +779,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=HTTPCode_ELB_4XX Statistic=Sum | sum by account, region, namespace, loadbalancername, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -873,43 +803,34 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} AvailabilityZone=* metric=HTTPCode_Backend_3XX Statistic=Sum | sum by account, region, namespace, loadbalancername, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" }, { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} AvailabilityZone=* metric=HTTPCode_Backend_4XX Statistic=Sum | sum by account, region, namespace, loadbalancername, AvailabilityZone", "queryType": "Metrics", "queryKey": "B", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" }, { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} AvailabilityZone=* metric=HTTPCode_Backend_5XX Statistic=Sum | sum by account, region, namespace, loadbalancername, AvailabilityZone", "queryType": "Metrics", "queryKey": "C", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -926,17 +847,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=client \"*:*\" as ClientIP, ClientPort nodrop\n| if(elb_status_code matches \"4*\", 1, 0) as ServerErrors \n| timeslice 1m\n| sum(ServerErrors) as ServerErrors by _timeslice\n| sort _timeslice asc", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -953,17 +871,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=client \"*:*\" as ClientIP, ClientPort nodrop\n| if(elb_status_code matches \"3*\", 1, 0) as ServerErrors \n| timeslice 1m\n| sum(ServerErrors) as ServerErrors by _timeslice\n| sort _timeslice asc", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -980,17 +895,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account=* region=* namespace=aws/elb\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI \n| if (elb_status_code matches \"5*\",1,0) as ELB_5XX\n| if (elb_status_code matches \"4*\",1,0) as ELB_4XX\n| if (elb_status_code matches \"3*\",1,0) as ELB_3XX\n| sum(ELB_5XX) as ELB_5XX, sum(ELB_4XX) as ELB_4XX, sum(ELB_3XX) as ELB_3XX by loadbalancername, Domain, URI\n| limit 20\n| sort by ELB_5XX", + "queryString": "account=* region=* namespace=aws/elb\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"*\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI \n| if (elb_status_code matches \"5*\",1,0) as ELB_5XX\n| if (elb_status_code matches \"4*\",1,0) as ELB_4XX\n| if (elb_status_code matches \"3*\",1,0) as ELB_3XX\n| sum(ELB_5XX) as ELB_5XX, sum(ELB_4XX) as ELB_4XX, sum(ELB_3XX) as ELB_3XX by loadbalancername, Domain, URI\n| limit 20\n| sort by ELB_5XX", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1068,6 +980,7 @@ "name": "2. AWS Classic Load Balancer - Backend Response Analysis", "description": "See the details of the Backend HTTP codes 2XX, 3XX, 4XX, and 5XX by availability zone, and load balancer name.", "title": "2. AWS Classic Load Balancer - Backend Response Analysis", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -1077,9 +990,6 @@ "namespace": [ "aws/elb" ], - "a03d34ede2414c1f5efc823a753cc47d": [ - "*" - ], "region": [ "*" ], @@ -1200,17 +1110,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| parse field=client \"*:*\" as clientIP, port nodrop\n| parse field=backend \"*:*\" as backendIP, backend_port nodrop\n| fields - request, client, backend\n| if (backend_status_code matches \"5*\",1,0) as Backend_5XX\n| if (backend_status_code matches \"4*\",1,0) as Backend_4XX\n| if (backend_status_code matches \"3*\",1,0) as Backend_3XX\n| if (backend_status_code matches \"2*\",1,0) as Backend_2XX\n| sum(Backend_5XX) as Backend_5XX, sum(Backend_4XX) as Backend_4XX, sum(Backend_3XX) as Backend_3XX, sum(Backend_2XX) as Backend_2XX by loadbalancername, Domain, URI\n| limit 20\n| sort by Backend_5XX, Backend_4XX, Backend_3XX, Backend_2XX ", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"*\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| parse field=client \"*:*\" as clientIP, port nodrop\n| parse field=backend \"*:*\" as backendIP, backend_port nodrop\n| fields - request, client, backend\n| if (backend_status_code matches \"5*\",1,0) as Backend_5XX\n| if (backend_status_code matches \"4*\",1,0) as Backend_4XX\n| if (backend_status_code matches \"3*\",1,0) as Backend_3XX\n| if (backend_status_code matches \"2*\",1,0) as Backend_2XX\n| sum(Backend_5XX) as Backend_5XX, sum(Backend_4XX) as Backend_4XX, sum(Backend_3XX) as Backend_3XX, sum(Backend_2XX) as Backend_2XX by loadbalancername, Domain, URI\n| limit 20\n| sort by Backend_5XX, Backend_4XX, Backend_3XX, Backend_2XX ", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1227,17 +1134,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} AvailabilityZone=* metric=HTTPCode_Backend_4XX Statistic=Sum | sum by account, region, namespace, loadbalancername, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -1254,17 +1158,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} AvailabilityZone=* metric=HTTPCode_Backend_2XX Statistic=Sum | sum by account, region, namespace, loadbalancername, AvailabilityZone ", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -1281,17 +1182,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} AvailabilityZone=* metric=HTTPCode_Backend_3XX Statistic=Sum | sum by account, region, namespace, loadbalancername, AvailabilityZone ", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -1308,17 +1206,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=client \"*:*\" as ClientIP, ClientPort nodrop\n| where !isEmpty(backend_status_code)\n| if(backend_status_code matches \"5*\", 1, 0) as BackendErrors\n| timeslice 1m\n| sum(BackendErrors) as BackendErrors by _timeslice, Loadbalancername\n| transpose row _timeslice column Loadbalancername", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1335,17 +1230,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=client \"*:*\" as ClientIP, ClientPort nodrop\n| where !isEmpty(backend_status_code)\n| if(backend_status_code matches \"4*\", 1, 0) as BackendErrors\n| timeslice 1m\n| sum(BackendErrors) as BackendErrors by _timeslice, Loadbalancername\n| transpose row _timeslice column Loadbalancername", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1362,17 +1254,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=client \"*:*\" as ClientIP, ClientPort nodrop\n| where !isEmpty(backend_status_code)\n| if(backend_status_code matches \"3*\", 1, 0) as BackendErrors\n| timeslice 1m\n| sum(BackendErrors) as BackendErrors by _timeslice, Loadbalancername\n| transpose row _timeslice column Loadbalancername", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1389,17 +1278,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=client \"*:*\" as ClientIP, ClientPort nodrop\n| where !isEmpty(backend_status_code)\n| if(backend_status_code matches \"2*\", 1, 0) as BackendErrors\n| timeslice 1m\n| sum(BackendErrors) as BackendErrors by _timeslice, Loadbalancername\n| transpose row _timeslice column Loadbalancername", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1416,17 +1302,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} AvailabilityZone=* metric=HTTPCode_Backend_5XX Statistic=Sum | sum by account, region, namespace, loadbalancername, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -1504,6 +1387,7 @@ "name": "3. AWS Classic Load Balancer - Latency Overview", "description": "See the details of latency in your classic load balancer by availability zone, and load balancer name.", "title": "3. AWS Classic Load Balancer - Latency Overview", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -1513,9 +1397,6 @@ "namespace": [ "aws/elb" ], - "a03d34ede2414c1f5efc823a753cc47d": [ - "*" - ], "region": [ "*" ], @@ -1576,17 +1457,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} AvailabilityZone=* metric=Latency Statistic=Average | avg by account, region, namespace, loadbalancername, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -1603,17 +1481,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| (request_processing_time+backend_processing_time+response_processing_time) as ClientLatency\n| avg(ClientLatency) as AverageClientLatency, max(ClientLatency) as MaximumClientLatency by loadbalancername\n| order by MaximumClientLatency", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1630,17 +1505,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| avg(backend_processing_time) as AverageBackendProcessingTime, max(backend_processing_time) as MaximumBackendProcessingTime by loadbalancername\n| order by MaximumBackendProcessingTime", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1657,17 +1529,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| (request_processing_time+backend_processing_time+response_processing_time) as ClientLatency\n| timeslice 1m\n| avg(ClientLatency) as AverageClientLatency by loadbalancername ,_timeslice\n| transpose row _timeslice column loadbalancername", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1684,17 +1553,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| (request_processing_time+backend_processing_time+response_processing_time) as ClientLatency\n| timeslice by 1m\n| avg(response_processing_time) as AverageResponseProcessingTime by _timeslice, loadbalancername\n| transpose row _timeslice column loadbalancername", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1790,6 +1656,7 @@ "name": "4. AWS Classic Load Balancer - Latency Details", "description": "See the details of latency in your classic load balancer including the average and maximum request and response processing time, by backend and ELB.", "title": "4. AWS Classic Load Balancer - Latency Details", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -1799,9 +1666,6 @@ "namespace": [ "aws/elb" ], - "a03d34ede2414c1f5efc823a753cc47d": [ - "*" - ], "region": [ "*" ], @@ -1883,17 +1747,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| timeslice by 1m\n| avg(request_processing_time) as a1, avg(backend_processing_time) as a2,avg(response_processing_time) as a3 by _timeslice, Domain \n| (a1+a2+a3) as TotalProcessTime\n| fields _timeslice, Domain, TotalProcessTime \n| transpose row _timeslice column Domain", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| timeslice by 1m\n| avg(request_processing_time) as a1, avg(backend_processing_time) as a2,avg(response_processing_time) as a3 by _timeslice, Domain \n| (a1+a2+a3) as TotalProcessTime\n| fields _timeslice, Domain, TotalProcessTime \n| transpose row _timeslice column Domain", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1910,17 +1771,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| timeslice by 1m\n| avg(request_processing_time) as a1, avg(backend_processing_time) as a2,avg(response_processing_time) as a3 by _timeslice, loadbalancername\n| (a1+a2+a3) as TotalProcessTime\n| fields _timeslice, loadbalancername, TotalProcessTime \n| transpose row _timeslice column loadbalancername", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| timeslice by 1m\n| avg(request_processing_time) as a1, avg(backend_processing_time) as a2,avg(response_processing_time) as a3 by _timeslice, loadbalancername\n| (a1+a2+a3) as TotalProcessTime\n| fields _timeslice, loadbalancername, TotalProcessTime \n| transpose row _timeslice column loadbalancername", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1937,17 +1795,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| timeslice by 1m\n| avg(response_processing_time) as AverageResponseProcessingTime by _timeslice, loadbalancername\n| transpose row _timeslice column loadbalancername", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| timeslice by 1m\n| avg(response_processing_time) as AverageResponseProcessingTime by _timeslice, loadbalancername\n| transpose row _timeslice column loadbalancername", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1964,17 +1819,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| timeslice by 1m\n| avg(request_processing_time) as AverageRequestProcessingTime by _timeslice, URI\n| transpose row _timeslice column URI", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| timeslice by 1m\n| avg(request_processing_time) as AverageRequestProcessingTime by _timeslice, URI\n| transpose row _timeslice column URI", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1991,17 +1843,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| timeslice by 1m\n| max(request_processing_time) as MaximumRequestProcessingTime by _timeslice, loadbalancername\n| transpose row _timeslice column loadbalancername", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| timeslice by 1m\n| max(request_processing_time) as MaximumRequestProcessingTime by _timeslice, loadbalancername\n| transpose row _timeslice column loadbalancername", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2018,17 +1867,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| timeslice by 1m\n| max(response_processing_time) as MaximumResponseProcessingTime by _timeslice, loadbalancername\n| transpose row _timeslice column loadbalancername", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2045,17 +1891,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| avg(request_processing_time) as a1, avg(backend_processing_time) as a2,avg(response_processing_time) as a3 by URI\n| (a1+a2+a3) as TotalProcessTime\n| fields URI, TotalProcessTime \n| sort by TotalProcessTime \n| limit 20", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2072,17 +1915,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| timeslice by 1m\n| avg(response_processing_time) as AverageResponseProcessingTime by _timeslice, URI\n| transpose row _timeslice column URI", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| timeslice by 1m\n| avg(response_processing_time) as AverageResponseProcessingTime by _timeslice, URI\n| transpose row _timeslice column URI", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2099,17 +1939,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| timeslice by 1m\n| avg(request_processing_time) as AverageRequestProcessingTime by _timeslice, loadbalancername\n| transpose row _timeslice column loadbalancername", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| where request_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and backend_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/ and response_processing_time matches /^[+]?([0-9]+(?:[\\.][0-9]*)?|\\.[0-9]+)$/\n| timeslice by 1m\n| avg(request_processing_time) as AverageRequestProcessingTime by _timeslice, loadbalancername\n| transpose row _timeslice column loadbalancername", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2187,6 +2024,7 @@ "name": "5. AWS Classic Load Balancer - Connections and Host Status", "description": "See the details of connections and host status including the average unhealthy host count, and healthy host count by availability zone, and load balancer name.", "title": "5. AWS Classic Load Balancer - Connections and Host Status", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -2196,9 +2034,6 @@ "namespace": [ "aws/elb" ], - "a03d34ede2414c1f5efc823a753cc47d": [ - "*" - ], "region": [ "*" ], @@ -2283,17 +2118,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} AvailabilityZone=* metric=UnHealthyHostCount Statistic=Average | avg by account, region, namespace, loadbalancername, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -2310,17 +2142,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} AvailabilityZone=* metric=BackendConnectionErrors Statistic=Sum | sum by account, region, namespace, loadbalancername, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -2337,17 +2166,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=EstimatedALBActiveConnectionCount Statistic=Sum | sum by account, region, namespace, loadbalancername", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -2364,17 +2190,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=EstimatedALBNewConnectionCount Statistic=Sum | sum by account, region, namespace, loadbalancername", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -2391,17 +2214,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=SpilloverCount Statistic=Sum | sum by account, region, namespace, loadbalancername, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -2454,17 +2274,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} AvailabilityZone=* metric=HTTPCode_Backend_3XX Statistic=Sum | sum by account, region, namespace, loadbalancername, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -2481,17 +2298,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} AvailabilityZone=* metric=HTTPCode_Backend_4XX Statistic=Sum | sum by account, region, namespace, loadbalancername, AvailabilityZone", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -2508,17 +2322,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} AvailabilityZone=* metric=HealthyHostCount Statistic=Average | avg by account, region, namespace, loadbalancername, AvailabilityZone ", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -2605,6 +2416,7 @@ "name": "6. AWS Classic Load Balancer - Requests and Processed Bytes", "description": "See the details of requests and Processed bytes for your classic load balancer.", "title": "6. AWS Classic Load Balancer - Requests and Processed Bytes", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -2614,9 +2426,6 @@ "namespace": [ "aws/elb" ], - "a03d34ede2414c1f5efc823a753cc47d": [ - "*" - ], "region": [ "*" ], @@ -2689,17 +2498,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n// Parse all fields above, then aggregate\n| timeslice 1m \n| count by _timeslice, backend\n| outlier _count by backend threshold=2, direction=- \n| where (_count_violation=1) and (_count_indicator=1)\n| fields _timeslice, backend, _count \n| transpose row _timeslice column backend", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2716,17 +2522,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n// Parse all fields above, then aggregate\n| timeslice 1m \n| count by _timeslice, backend\n| outlier _count by backend threshold=2, direction=+ \n| where (_count_violation=1) and (_count_indicator=1) and !isEmpty(backend)\n| fields _timeslice, backend, _count \n| transpose row _timeslice column backend", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2743,17 +2546,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n// Parse all fields above, then aggregate\n| timeslice 1m \n| count by _timeslice, loadbalancername\n| outlier _count by loadbalancername threshold=2, direction=+ \n| where (_count_violation=1) and (_count_indicator=1)\n| fields _timeslice, loadbalancername, _count \n| transpose row _timeslice column loadbalancername", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2770,17 +2570,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n// Parse all fields above, then aggregate\n| timeslice 1m \n| count by _timeslice, loadbalancername\n| outlier _count by loadbalancername threshold=2, direction=+ \n| where (_count_violation=1) and (_count_indicator=1)\n| fields _timeslice, loadbalancername, _count \n| transpose row _timeslice column loadbalancername", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2797,17 +2594,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=RequestCount statistic=sum | sum by account, region, namespace, loadbalancername", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -2824,17 +2618,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} loadbalancername={{loadbalancername}} metric=EstimatedProcessedBytes Statistic=Sum | sum by account, region, namespace, loadbalancername", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Auto", + "timeSource": "Message" } ], "description": "", @@ -2869,17 +2660,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n// Parse all fields above, then aggregate\n| timeslice 1m \n| sum(received_bytes) as ReceivedBytes by _timeslice\n", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2896,17 +2684,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n// Parse all fields above, then aggregate\n| timeslice 1m \n| sum(sent_bytes) as SentBytes by _timeslice", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2984,6 +2769,7 @@ "name": "7. AWS Classic Load Balancer - Threat Intel", "description": "See the details of IP threats including the count, location, and highly malicious IP threats.", "title": "7. AWS Classic Load Balancer - Threat Intel", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -2993,9 +2779,6 @@ "namespace": [ "aws/elb" ], - "a03d34ede2414c1f5efc823a753cc47d": [ - "*" - ], "region": [ "*" ], @@ -3052,17 +2835,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where !isNull(MaliciousConfidence)\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as threat_count", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and !isNull(MaliciousConfidence)\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as threat_count", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -3079,17 +2859,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where MaliciousConfidence=\"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by ClientIp, MaliciousConfidence, Actor, LabelName\n| sort by ThreatCount", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and MaliciousConfidence=\"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by ClientIp, MaliciousConfidence, Actor, LabelName\n| sort by ThreatCount", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -3106,17 +2883,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where !isNull(MaliciousConfidence)\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by ClientIp, MaliciousConfidence, Actor, LabelName\n| sort by MaliciousConfidence", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and !isNull(MaliciousConfidence)\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as ThreatCount by ClientIp, MaliciousConfidence, Actor, LabelName\n| sort by MaliciousConfidence", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -3133,17 +2907,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| count as Count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where !isNull(MaliciousConfidence)\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| count by MaliciousConfidence\n| sort by _count", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp\n| count as Count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and !isNull(MaliciousConfidence)\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| count by MaliciousConfidence\n| sort by _count", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -3160,17 +2931,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request,user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| where !isNull(MaliciousConfidence)\n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| lookup latitude, longitude from geo://location on ip = ClientIp\n| sum(_count) as _count by latitude, longitude\n| where !isnull(latitude)", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request,user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as Count by ClientIp\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and !isNull(MaliciousConfidence)\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| count by ClientIp\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = ClientIp\n| count by latitude, longitude, country_code, country_name, region, city, postal_code\n| where !isnull(latitude)", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -3187,17 +2955,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp, URI\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where MaliciousConfidence=\"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| count(ip_count) as UniqueThreatIPs by URI\n| top 20 URI by UniqueThreatIPs, URI asc", + "queryString": "account={{account}} region={{region}} namespace={{namespace}}\n| parse \"* * * * * * * * * * * \\\"*\\\" \\\"*\\\" * *\" as datetime, loadbalancername, client, backend, request_processing_time, backend_processing_time, response_processing_time, elb_status_code, backend_status_code, received_bytes, sent_bytes, request, user_agent, ssl_cipher, ssl_protocol\n| where tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")\n| parse field=request \"* *://*:*/* HTTP\" as Method, Protocol, Domain, ServerPort, URI nodrop\n| parse regex \"(?\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})\" multi\n| where ClientIp != \"0.0.0.0\" and ClientIp != \"127.0.0.1\"\n| count as ip_count by ClientIp, URI\n| lookup type, actor, raw, threatlevel as MaliciousConfidence from sumo://threat/cs on threat=ClientIp \n| json field=raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" // and MaliciousConfidence=\"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| count(ip_count) as UniqueThreatIPs by URI\n| top 20 URI by UniqueThreatIPs, URI asc", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -3269,517 +3034,6 @@ } ], "coloringRules": [] - }, - { - "type": "DashboardV2SyncDefinition", - "name": "8. AWS Classic Load Balancer - CloudTrail Audit", - "description": "See the details of CloudTrail Logs. It visualizes successful and failed events globally, event trends, error details, and user activities, offering insights into load balancer performance, security, and usage patterns.", - "title": "8. AWS Classic Load Balancer - CloudTrail Audit", - "theme": "Light", - "topologyLabelMap": { - "data": { - "loadbalancername": [ - "*" - ], - "namespace": [ - "aws/elb" - ], - "9922f1b450f22700f7995573ff435a24": [ - "*" - ], - "a03d34ede2414c1f5efc823a753cc47d": [ - "*" - ], - "region": [ - "*" - ], - "account": [ - "*" - ] - } - }, - "refreshInterval": 0, - "timeRange": { - "type": "BeginBoundedTimeRange", - "from": { - "type": "RelativeTimeRangeBoundary", - "relativeTime": "-1d" - }, - "to": null - }, - "layout": { - "layoutType": "Grid", - "layoutStructures": [ - { - "key": "panel04C58849BF85EA40", - "structure": "{\"height\":6,\"width\":19,\"x\":5,\"y\":23}" - }, - { - "key": "panel08DA60FCB6CBA94F", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":16}" - }, - { - "key": "panel13A28BCF9195784A", - "structure": "{\"height\":9,\"width\":12,\"x\":12,\"y\":0}" - }, - { - "key": "panel554DCC97A661E840", - "structure": "{\"height\":7,\"width\":19,\"x\":5,\"y\":16}" - }, - { - "key": "panel63133FE7966C3B44", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":9}" - }, - { - "key": "panel81CB1F119E659A4D", - "structure": "{\"height\":7,\"width\":9,\"x\":5,\"y\":9}" - }, - { - "key": "panel8295225DA9487941", - "structure": "{\"height\":7,\"width\":5,\"x\":0,\"y\":29}" - }, - { - "key": "panel8BD78A42A42E2941", - "structure": "{\"height\":6,\"width\":5,\"x\":0,\"y\":23}" - }, - { - "key": "panel9724CE95BF93284E", - "structure": "{\"height\":9,\"width\":12,\"x\":0,\"y\":0}" - }, - { - "key": "panelA3841CC48DC37A4E", - "structure": "{\"height\":7,\"width\":9,\"x\":5,\"y\":29}" - }, - { - "key": "panelEB163726B40EDB42", - "structure": "{\"height\":7,\"width\":10,\"x\":14,\"y\":29}" - }, - { - "key": "panelFA76DDA1858D6941", - "structure": "{\"height\":7,\"width\":24,\"x\":0,\"y\":36}" - }, - { - "key": "panelPANE-7B135CE68C4DE94E", - "structure": "{\"height\":7,\"width\":10,\"x\":14,\"y\":9}" - } - ] - }, - "panels": [ - { - "id": null, - "key": "panel04C58849BF85EA40", - "title": "Successful Events Detail", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"table\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"\\\"apiVersion\\\":\\\"2012-06-01\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"loadBalancerName\" as loadbalancername nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")) or isBlank(loadbalancername)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| where event_status=\"Success\"\n| if (isEmpty(username), user, username) as user\n| timeslice 1s\n| count as event_count by _timeslice, event_name, region, src_ip, accountid, user, type, request_id, loadbalancername, user_agent\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel08DA60FCB6CBA94F", - "title": "Error Events by Event Name", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"innerRadius\":\"30%\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"errorCode\" \"\\\"apiVersion\\\":\\\"2012-06-01\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and !isBlank(error_code)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"loadBalancerName\" as loadbalancername nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")) or isBlank(loadbalancername)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as event_count by event_name\n| sort by event_count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel13A28BCF9195784A", - "title": "Failure Events Location", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"\\\"apiVersion\\\":\\\"2012-06-01\\\"\" errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and !isBlank(error_code) and !(src_ip matches \"*.amazonaws.com\")\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"loadBalancerName\" as loadbalancername nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\"))\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isNull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel554DCC97A661E840", - "title": "Error Events Detail", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"table\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"errorCode\" \"\\\"apiVersion\\\":\\\"2012-06-01\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and !isBlank(error_code)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"loadBalancerName\" as loadbalancername nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")) or isBlank(loadbalancername)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| timeslice 1s\n| count as event_count by _timeslice, event_name, error_code, error_message, region, src_ip, accountid, user, type, request_id, loadbalancername, user_agent\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel63133FE7966C3B44", - "title": "Top 10 Error Codes", - "visualSettings": "{\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Light\"},\"overrides\":[],\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"title\":\"Error Code\",\"hideLabels\":false},\"axisY\":{\"title\":\"Event Count\"}},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"\\\"apiVersion\\\":\\\"2012-06-01\\\"\" \"errorCode\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and !isBlank(error_code)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"loadBalancerName\" as loadbalancername nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")) or isBlank(loadbalancername)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as event_count by error_code \n| top 10 error_code by event_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel81CB1F119E659A4D", - "title": "Top 10 Users with Highest Failure", - "visualSettings": "{\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Light\"},\"legend\":{\"enabled\":false},\"overrides\":[],\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"title\":\"User\",\"hideLabels\":false},\"axisY\":{\"title\":\"Event Count\"}}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"\\\"apiVersion\\\":\\\"2012-06-01\\\"\" errorCode \n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and !isBlank(error_code)\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"loadBalancerName\" as loadbalancername nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")) or isBlank(loadbalancername)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as event_count by user\n| top 10 user by event_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8295225DA9487941", - "title": "Event by Status", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"innerRadius\":\"30%\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"\\\"apiVersion\\\":\\\"2012-06-01\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"loadBalancerName\" as loadbalancername nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")) or isBlank(loadbalancername)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count by event_status\n| sort by _count, event_status asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel8BD78A42A42E2941", - "title": "Successful Events by Event Name", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"innerRadius\":\"30%\"},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"\\\"apiVersion\\\":\\\"2012-06-01\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"loadBalancerName\" as loadbalancername nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")) or isBlank(loadbalancername)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| where event_status= \"Success\"\n| if (isEmpty(username), user, username) as user\n| count as event_count by event_name\n| sort by event_count, event_name asc", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel9724CE95BF93284E", - "title": "Successful Events Location", - "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"\\\"apiVersion\\\":\\\"2012-06-01\\\"\" !errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" and isBlank(error_code) and !(src_ip matches \"*.amazonaws.com\")\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"loadBalancerName\" as loadbalancername nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\"))\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isNull(latitude)", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelA3841CC48DC37A4E", - "title": "Event Trend by Status", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\",\"displayType\":\"stacked\"},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"\\\"apiVersion\\\":\\\"2012-06-01\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"loadBalancerName\" as loadbalancername nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")) or isBlank(loadbalancername)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| timeslice 1h\n| count by _timeslice, event_status\n| fillmissing timeslice(1d), values (\"Success\", \"Failure\") in event_status\n| transpose row _timeslice column event_status", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelEB163726B40EDB42", - "title": "Top 10 Users by Events", - "visualSettings": "{\"series\":{},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"color\":{\"family\":\"Categorical Light\"},\"legend\":{\"enabled\":false},\"axes\":{\"axisX\":{\"labelPlacement\":\"inside\",\"labelWrap\":true,\"labelMaxWidth\":500,\"labelFontColor\":\"black\",\"title\":\"User\",\"hideLabels\":false},\"axisY\":{\"title\":\"Event Count\"}},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"\\\"apiVersion\\\":\\\"2012-06-01\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"loadBalancerName\" as loadbalancername nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")) or isBlank(loadbalancername)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as event_count by user\n| top 10 user by event_count", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelFA76DDA1858D6941", - "title": "Event Trend by Event Name", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"column\",\"displayType\":\"stacked\"},\"series\":{},\"overrides\":[]}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"\\\"apiVersion\\\":\\\"2012-06-01\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" \n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"loadBalancerName\" as loadbalancername nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")) or isBlank(loadbalancername)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| timeslice 1h\n| count as event_count by _timeslice, event_name\n| transpose row _timeslice column event_name\n", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-7B135CE68C4DE94E", - "title": "Disruptive Events", - "visualSettings": "{\"series\":{},\"overrides\":[],\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"roundDataPoints\":true,\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventsource\\\":\\\"elasticloadbalancing.amazonaws.com\\\"\" \"\\\"apiVersion\\\":\\\"2012-06-01\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticloadbalancing.amazonaws.com\" \n| where event_name matches \"Create*\" or event_name matches \"Delete*\"\n| json field=userIdentity \"accountId\", \"type\", \"arn\", \"userName\" as accountid, type, arn, username nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountid, user nodrop\n| json field=requestParameters \"loadBalancerName\" as loadbalancername nodrop\n| if (isBlank(accountid), recipient_account_id, accountid) as accountid\n| where (tolowercase(loadbalancername) matches tolowercase(\"{{loadbalancername}}\")) or isBlank(loadbalancername)\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(username), user, username) as user\n| count as freq by event_name, loadbalancername, user, event_status\n| sort by freq, event_name, loadbalancername, user", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - } - ], - "variables": [ - { - "id": null, - "name": "account", - "displayName": "account", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account=*", - "key": "account" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "region", - "displayName": "region", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region=*", - "key": "region" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "namespace", - "displayName": "namespace", - "defaultValue": "aws/elb", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/elb", - "key": "namespace" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - }, - { - "id": null, - "name": "loadbalancername", - "displayName": "loadbalancername", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account=* region=* namespace=aws/elb loadbalancername=*", - "key": "loadbalancername" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" - } - ], - "coloringRules": [] } ] } \ No newline at end of file diff --git a/aws-observability/json/DynamoDb-App.json b/terraform-sumologic-aws-observability/examples/aws-observability/json/DynamoDb-App.json similarity index 84% rename from aws-observability/json/DynamoDb-App.json rename to terraform-sumologic-aws-observability/examples/aws-observability/json/DynamoDb-App.json index cb3db587..6bf0995a 100644 --- a/aws-observability/json/DynamoDb-App.json +++ b/terraform-sumologic-aws-observability/examples/aws-observability/json/DynamoDb-App.json @@ -1,13 +1,14 @@ { "type": "FolderSyncDefinition", "name": "AWS DynamoDB", - "description": "The Sumo Logic App for Amazon DynamoDB is using both logs and metrics to provide operational insights into your DynamoDB. The App includes Dashboards that allow you to monitor key metrics, view the throttle events, errors, latency, and help you plan the capacity of your DynamoDB instances.", + "description": "The Sumo Logic App for Amazon DynamoDB is a unified logs and metrics (ULM) App which provides operational insights into your DynamoDB solution. The App includes Dashboards that allow you to monitor key metrics and view the throttle events, errors, latency, and help you plan the capacity of your DynamoDB solution.", "children": [ { "type": "DashboardV2SyncDefinition", "name": "1. AWS DynamoDB - Capacity Planning", "description": "See the details of your DynamoDB capacity including the provisioned read/write consumed, read/write throttle events, and throttled requests.", "title": "1. AWS DynamoDB - Capacity Planning", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -97,30 +98,24 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} account={{account}} region={{region}} tablename={{tablename}} metric=ProvisionedReadCapacityUnits Statistic=Maximum | sum by account, region, namespace, tablename", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" }, { - "transient": false, "queryString": "namespace={{namespace}} account={{account}} region={{region}} tablename={{tablename}} metric=ConsumedReadCapacityUnits Statistic=Maximum | sum by account, region, namespace, tablename", "queryType": "Metrics", "queryKey": "B", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -137,30 +132,24 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} account={{account}} region={{region}} tablename={{tablename}} metric=ProvisionedWriteCapacityUnits Statistic=Maximum | sum by account, region, namespace, tablename", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" }, { - "transient": false, "queryString": "namespace={{namespace}} account={{account}} region={{region}} tablename={{tablename}} metric=ConsumedWriteCapacityUnits Statistic=Maximum | sum by account, region, namespace, tablename", "queryType": "Metrics", "queryKey": "B", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -177,17 +166,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} account={{account}} region={{region}} tablename={{tablename}} metric=ThrottledRequests Statistic=sum (operation=*get* or operation=*scan* or operation=*query*) | sum by account, region, namespace, tablename, operation", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -204,17 +190,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} account={{account}} region={{region}} tablename={{tablename}} metric=ThrottledRequests Statistic=sum (operation=*get* or operation=*scan* or operation=*query*) | sum by account, region, namespace, tablename, operation", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -231,17 +214,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} account={{account}} region={{region}} tablename={{tablename}} metric=ThrottledRequests Statistic=sum (operation=*update* or operation=*put* or operation=*delete* or operation=*write*) | sum by account, region, namespace, tablename, operation", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -258,17 +238,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} account={{account}} region={{region}} tablename={{tablename}} metric=ThrottledRequests Statistic=sum (operation=*update* or operation=*put* or operation=*delete* or operation=*write*) | sum by account, region, namespace, tablename, operation", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -285,17 +262,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} account={{account}} region={{region}} tablename={{tablename}} metric=ReadThrottleEvents Statistic=sum | sum by account, region, namespace, tablename", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -312,17 +286,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} account={{account}} region={{region}} tablename={{tablename}} metric=WriteThrottleEvents Statistic=sum | sum by account, region, namespace, tablename", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -339,30 +310,24 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": " region={{region}} namespace={{namespace}} account={{account}} metric=AccountMaxReads Statistic=Average | avg by account, region, namespace", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" }, { - "transient": false, "queryString": " region={{region}} namespace={{namespace}} account={{account}} metric=AccountMaxTableLevelReads Statistic=Average | avg by account, region, namespace", "queryType": "Metrics", "queryKey": "B", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -379,30 +344,24 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": " region={{region}} namespace={{namespace}} account={{account}} metric=AccountMaxWrites Statistic=Average | avg by account, region, namespace", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" }, { - "transient": false, "queryString": " region={{region}} namespace={{namespace}} account={{account}} metric=AccountMaxTableLevelWrites Statistic=Average | avg by account, region, namespace", "queryType": "Metrics", "queryKey": "B", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -442,8 +401,7 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, @@ -457,23 +415,21 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/dynamodb", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/dynamodb", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, @@ -487,8 +443,7 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false } ], "coloringRules": [] @@ -498,6 +453,7 @@ "name": "1. AWS DynamoDB - Overview", "description": "See the overview of your DynamoDB environment including the events, errors, requests, users, and latency.", "title": "1. AWS DynamoDB - Overview", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -611,17 +567,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} region={{region}} account={{account}} metric=AccountProvisionedWriteCapacityUtilization Statistic=Average | avg", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -638,17 +591,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} region={{region}} account={{account}} metric=UserErrors Statistic=SampleCount | sum", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -665,17 +615,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} region={{region}} account={{account}} metric=SystemErrors Statistic=SampleCount | sum", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -692,17 +639,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} region={{region}} account={{account}} tablename={{tablename}} metric=ConditionalCheckFailedRequests Statistic=SampleCount | sum", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -719,17 +663,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} region={{region}} account={{account}} tablename={{tablename}} metric=TransactionConflict Statistic=SampleCount | sum", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -746,17 +687,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} region={{region}} account={{account}} tablename={{tablename}} metric=SuccessfulRequestLatency Statistic=Average | sum by account, region, namespace, tablename", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -773,17 +711,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} region={{region}} account={{account}} tablename={{tablename}} metric=SuccessfulRequestLatency Statistic=SampleCount | sum by account, region, namespace, tablename", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -800,30 +735,24 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} region={{region}} account={{account}} metric=UserErrors Statistic=SampleCount | sum by account, region, namespace", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" }, { - "transient": false, "queryString": "namespace={{namespace}} region={{region}} account={{account}} metric=SystemErrors Statistic=SampleCount | sum by account, region, namespace", "queryType": "Metrics", "queryKey": "B", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -840,17 +769,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "Region={{region}} account={{account}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| timeslice 5m\n| count by EventName, _timeslice\n| transpose row _timeslice column EventName ", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -862,22 +788,19 @@ "id": null, "key": "panelpane-064f62b0b148db44", "title": "Top 10 Errors", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"table\"},\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"table\"}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} Region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\" errorCode errorMessage\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\", \"errorCode\", \"errorMessage\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName, ErrorCode, ErrorMessage nodrop\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isblank(tablename)\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| count as Count by ErrorCode, ErrorMessage\n| sort by Count\n| limit 10", + "queryString": "Region={{region}} account={{account}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\" errorCode errorMessage\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\", \"errorCode\", \"errorMessage\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName, ErrorCode, ErrorMessage nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| count as Count by ErrorCode, ErrorMessage\n| sort by Count\n| limit 10", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -889,22 +812,19 @@ "id": null, "key": "panelpane-c0cb88ffbad6eb42", "title": "Top 5 IAM Users", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"legend\":{\"enabled\":false},\"series\":{}}", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"legend\":{\"enabled\":false}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} namespace={{namespace}} Region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isblank(tablename)\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| count as Count by UserName\n| sort Count, UserName asc\n| limit 5", + "queryString": "account={{account}} namespace={{namespace}} Region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| count as Count by UserName\n| sort Count \n| limit 5", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -921,17 +841,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} region={{region}} account={{account}} metric=AccountProvisionedReadCapacityUtilization Statistic=Average | avg", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -943,22 +860,19 @@ "id": null, "key": "panelPANE-4AD569BB8E29FA47", "title": "Top 5 Events", - "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":false},\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":16},\"legend\":{\"enabled\":false}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} namespace={{namespace}} Region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isblank(tablename)\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| count as count by EventName\n| sort count, EventName asc\n| limit 5", + "queryString": "account={{account}} namespace={{namespace}} Region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| count as count by EventName\n| sort count \n| limit 5", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1002,17 +916,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} account={{account}} region={{region}} tablename={{tablename}} metric=ThrottledRequests Statistic=sum | sum by account, region, namespace, tablename", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1029,17 +940,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} namespace={{namespace}} region={{region}} tablename={{tablename}} metric=ConditionalCheckFailedRequests Statistic=SampleCount | sum by account, region, namespace, tablename", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1061,8 +969,7 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, @@ -1076,23 +983,21 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/dynamodb", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/dynamodb", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, @@ -1106,8 +1011,7 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false } ], "coloringRules": [] @@ -1117,6 +1021,7 @@ "name": "2. AWS DynamoDB - Latency and Errors", "description": "See the details of errors and latency of your DynamoDB including the user error, system error, failed request, and latency.", "title": "2. AWS DynamoDB - Latency and Errors", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -1174,17 +1079,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} region={{region}} account={{account}} tablename={{tablename}} metric=SuccessfulRequestLatency Statistic=Average (operation=*get* or operation=*scan* or operation=*query*) | sum by account, region, namespace, tablename, operation", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1201,17 +1103,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "namespace={{namespace}} region={{region}} account={{account}} tablename={{tablename}} metric=SuccessfulRequestLatency Statistic=Average (operation=*update* or operation=*put* or operation=*delete* or operation=*write*) | sum by account, region, namespace, tablename, operation", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1228,17 +1127,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} namespace={{namespace}} region={{region}} tablename={{tablename}} metric=ConditionalCheckFailedRequests Statistic=SampleCount | sum by account, region, namespace, tablename", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1255,17 +1151,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} namespace={{namespace}} region={{region}} tablename={{tablename}} metric=TransactionConflict Statistic=SampleCount | sum by account, region, namespace, tablename", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1287,8 +1180,7 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, @@ -1302,23 +1194,21 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/dynamodb", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/dynamodb", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, @@ -1332,8 +1222,7 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false } ], "coloringRules": [] @@ -1341,8 +1230,9 @@ { "type": "DashboardV2SyncDefinition", "name": "3. AWS DynamoDB - Events", - "description": "See the details on cloudtrail audit events in your DynamoDB including the location, users, errors, updates, creations, and deletions to tables.", + "description": "See the details on events in your DynamoDB including the location, users, errors, updates, creations, and deletions to tables.", "title": "3. AWS DynamoDB - Events", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -1412,17 +1302,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} namespace={{namespace}} region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isBlank(tablename)\n| count by EventName\n| sort by _count, EventName asc\n| limit 5", + "queryString": "account={{account}} namespace={{namespace}} region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where tolowercase(tablename) matches tolowercase(\"{{tablename}}\")\n| count by EventName\n| sort by _count, EventName asc\n| limit 5", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1434,22 +1321,19 @@ "id": null, "key": "panelpane-da8bb2b4afbc5948", "title": "Events Over Time", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} namespace={{namespace}} region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\" as EventName, Region, tablename, SourceIp, UserName\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isBlank(tablename)\n| timeslice 5m\n| count by EventName, _timeslice\n| transpose row _timeslice column EventName \n| fillmissing timeslice (5m)", + "queryString": "account={{account}} namespace={{namespace}} region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\" as EventName, Region, tablename, SourceIp, UserName\n| where tolowercase(tablename) matches tolowercase(\"{{tablename}}\")\n| timeslice 5m\n| count by EventName, _timeslice\n| transpose row _timeslice column EventName \n| fillmissing timeslice (5m)", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1466,17 +1350,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} namespace={{namespace}} region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\" errorCode errorMessage\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\", \"errorCode\", \"errorMessage\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName, ErrorCode, ErrorMessage nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isBlank(tablename)\n| where !isBlank(errorCode)\n| count", + "queryString": "account={{account}} namespace={{namespace}} region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\" errorCode errorMessage\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\", \"errorCode\", \"errorMessage\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName, ErrorCode, ErrorMessage nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where tolowercase(tablename) matches tolowercase(\"{{tablename}}\") and !isEmpty(ErrorCode)\n| count", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1488,22 +1369,19 @@ "id": null, "key": "panelpane-b8faa804b5a87b46", "title": "Top 10 IAM Users", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#ED3CPE\",\"outlierBandFillOpacity\":0.15,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":false,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} namespace={{namespace}} region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isBlank(tablename)\n| count as count by UserName\n| sort by count \n| limit 10", + "queryString": "account={{account}} namespace={{namespace}} region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where tolowercase(tablename) matches tolowercase(\"{{tablename}}\")\n| count as count by UserName\n| sort count \n| limit 10", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1520,17 +1398,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} namespace={{namespace}} region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\" errorCode errorMessage\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\", \"errorCode\", \"errorMessage\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName, ErrorCode, ErrorMessage nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isBlank(tablename)\n| where !isBlank(errorCode)\n| count as Count by ErrorCode, ErrorMessage, EventName, UserName, SourceIp\n| sort by Count, ErrorCode, ErrorMessage\n| limit 20", + "queryString": "account={{account}} namespace={{namespace}} region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\" errorCode errorMessage\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\", \"errorCode\", \"errorMessage\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName, ErrorCode, ErrorMessage nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where tolowercase(tablename) matches tolowercase(\"{{tablename}}\") and !isEmpty(ErrorCode)\n| count as Count by ErrorCode, ErrorMessage, EventName, UserName, SourceIp\n| sort by Count\n| limit 20", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1547,17 +1422,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} namespace={{namespace}} region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\", \"requestParameters.keySchema\", \"requestParameters.attributeDefinitions\", \"userAgent\", \"responseElements.tableDescription.provisionedThroughput\", \"userIdentity.sessionContext.attributes.mfaAuthenticated\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName, TableSchema, AttributeDefinition, UserAgent, ProvisionedThroughput, MFAAuthenticated nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isBlank(tablename)\n| formatDate(_messageTime, \"MM/dd/yyyy HH:mm:ss:SSS\") as MessageDate\n| count as Count by MessageDate, EventName, tablename, UserName, SourceIp, MFAAuthenticated\n| sort by MessageDate\n| fields MessageDate, EventName, tablename, UserName, SourceIp, MFAAuthenticated", + "queryString": "account={{account}} namespace={{namespace}} region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\", \"requestParameters.keySchema\", \"requestParameters.attributeDefinitions\", \"userAgent\", \"responseElements.tableDescription.provisionedThroughput\", \"userIdentity.sessionContext.attributes.mfaAuthenticated\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName, TableSchema, AttributeDefinition, UserAgent, ProvisionedThroughput, MFAAuthenticated nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where tolowercase(tablename) matches tolowercase(\"{{tablename}}\")\n| formatDate(_messageTime, \"MM/dd/yyyy HH:mm:ss:SSS\") as MessageDate\n| count as Count by MessageDate, EventName, tablename, UserName, SourceIp, MFAAuthenticated\n| sort by MessageDate\n| fields MessageDate, EventName, tablename, UserName, SourceIp, MFAAuthenticated", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1574,17 +1446,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} namespace={{namespace}} region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isBlank(tablename)\n| where !(SourceIp matches \"*.amazonaws.com\")\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| count by SourceIp\n| lookup latitude, longitude from geo://location on ip = SourceIp\n| where !isnull(latitude)\n| sum(_count) as count by latitude, longitude", + "queryString": "account={{account}} namespace={{namespace}} region={{region}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where tolowercase(tablename) matches tolowercase(\"{{tablename}}\")\n| count by SourceIp\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = SourceIp\n| count by latitude, longitude, country_code, country_name, region, city, postal_code", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1606,8 +1475,7 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, @@ -1621,23 +1489,21 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/dynamodb", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/dynamodb", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, @@ -1651,8 +1517,7 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false } ], "coloringRules": [] @@ -1662,6 +1527,7 @@ "name": "4. AWS DynamoDB - Threat Intel", "description": "See the details of IP threats including the count, location, and highly malicious IP threats.", "title": "4. AWS DynamoDB - Threat Intel", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -1723,17 +1589,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "region={{region}} account={{account}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isBlank(tablename)\n| where SourceIp != \"0.0.0.0\" and SourceIp != \"127.0.0.1\" and !(SourceIp matches \"*.amazonaws.com\")\n| count as ip_count by SourceIp\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=SourceIp \n| where !isNull(malicious_confidence)\n| json field=raw \"labels[*].name\" as label_name nodrop\n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as threat_count", + "queryString": "region={{region}} account={{account}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where tolowercase(tablename) matches tolowercase(\"{{tablename}}\")\n| where SourceIp != \"0.0.0.0\" and SourceIp != \"127.0.0.1\"\n| count as ip_count by SourceIp\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=SourceIp \n| json field=raw \"labels[*].name\" as label_name \n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| where type=\"ip_address\" and !isNull(malicious_confidence)\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum (ip_count) as threat_count", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1750,17 +1613,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "region={{region}} account={{account}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isBlank(tablename)\n| where SourceIp != \"0.0.0.0\" and SourceIp != \"127.0.0.1\" and !(SourceIp matches \"*.amazonaws.com\")\n| count as ip_count by SourceIp, tablename\n| lookup Type, Actor, Raw, ThreatLevel as MaliciousConfidence from sumo://threat/cs on threat=SourceIp \n| where MaliciousConfidence=\"high\"\n| json field=Raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| if (isEmpty(Actor), \"Unassigned\", Actor) as Actor\n| sum (ip_count) as ThreatCount by SourceIp, MaliciousConfidence, tablename, Actor, LabelName\n| sort by ThreatCount", + "queryString": "region={{region}} account={{account}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where tolowercase(tablename) matches tolowercase(\"{{tablename}}\")\n| where SourceIp != \"0.0.0.0\" and SourceIp != \"127.0.0.1\"\n| timeslice 5m\n| count as ip_count by SourceIp, tablename\n| lookup Type, Actor, Raw, ThreatLevel as MaliciousConfidence from sumo://threat/cs on threat=SourceIp \n| json field=Raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and MaliciousConfidence=\"high\"\n| if (isEmpty(Actor), \"Unassigned\", Actor) as Actor\n| sum (ip_count) as ThreatCount by SourceIp, MaliciousConfidence, tablename, Actor, LabelName\n| sort by ThreatCount", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1777,17 +1637,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "region={{region}} account={{account}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isBlank(tablename)\n| where SourceIp != \"0.0.0.0\" and SourceIp != \"127.0.0.1\" and !(SourceIp matches \"*.amazonaws.com\")\n| count as ip_count by SourceIp\n| lookup Type, Actor, Raw, ThreatLevel as MaliciousConfidence from sumo://threat/cs on threat=SourceIp \n| where !isNull(MaliciousConfidence)\n| json field=Raw \"labels[*].name\" as LabelName nodrop\n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| if (isEmpty(Actor), \"Unassigned\", Actor) as Actor\n| sum (ip_count) as ThreatCount by SourceIp, MaliciousConfidence, Actor, LabelName\n| sort by ThreatCount, MaliciousConfidence asc", + "queryString": "region={{region}} account={{account}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where tolowercase(tablename) matches tolowercase(\"{{tablename}}\")\n| where SourceIp != \"0.0.0.0\" and SourceIp != \"127.0.0.1\"\n| count as ip_count by SourceIp\n| lookup Type, Actor, Raw, ThreatLevel as MaliciousConfidence from sumo://threat/cs on threat=SourceIp \n| json field=Raw \"labels[*].name\" as LabelName \n| replace(LabelName, \"\\\\/\",\"->\") as LabelName\n| replace(LabelName, \"\\\"\",\" \") as LabelName\n| where type=\"ip_address\" and !isNull(MaliciousConfidence)\n| if (isEmpty(Actor), \"Unassigned\", Actor) as Actor\n| sum (ip_count) as ThreatCount by SourceIp, MaliciousConfidence, Actor, LabelName\n| sort by ThreatCount", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1799,22 +1656,19 @@ "id": null, "key": "panelpane-c605d948852ffb48", "title": "Malicious Confidence", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"bar\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.3,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "region={{region}} account={{account}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isBlank(tablename)\n| where SourceIp != \"0.0.0.0\" and SourceIp != \"127.0.0.1\" and !(SourceIp matches \"*.amazonaws.com\")\n| count as ip_count by SourceIp\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=SourceIp\n| json field=raw \"labels[*].name\" as label_name nodrop\n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sum(ip_count) as ThreatCount by malicious_confidence\n| sort by ThreatCount, malicious_confidence asc", + "queryString": "region={{region}} account={{account}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where tolowercase(tablename) matches tolowercase(\"{{tablename}}\")\n| where SourceIp != \"0.0.0.0\" and SourceIp != \"127.0.0.1\"\n| count as ip_count by SourceIp\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=SourceIp \n| json field=raw \"labels[*].name\" as label_name \n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| where type=\"ip_address\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| count by malicious_confidence\n| sort by _count", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1831,17 +1685,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "region={{region}} account={{account}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| where (tolowercase(tablename) matches tolowercase(\"{{tablename}}\")) or isBlank(tablename)\n| where SourceIp != \"0.0.0.0\" and SourceIp != \"127.0.0.1\" and !(SourceIp matches \"*.amazonaws.com\")\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| count as ip_count by SourceIp\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=SourceIp\n| where !isNull(malicious_confidence)\n| json field=raw \"labels[*].name\" as label_name nodrop\n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| lookup latitude, longitude from geo://location on ip = SourceIp\n| where !isnull(latitude)\n| sum(ip_count) as count by latitude, longitude", + "queryString": "region={{region}} account={{account}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"dynamodb.amazonaws.com\\\"\"\n| json \"eventName\", \"awsRegion\", \"requestParameters.tableName\", \"sourceIPAddress\", \"userIdentity.userName\", \"userIdentity.sessionContext.sessionIssuer.userName\" as EventName, Region, tablename, SourceIp, UserName, ContextUserName nodrop\n| if (isEmpty(UserName), ContextUserName, UserName) as UserName\n| where tolowercase(tablename) matches tolowercase(\"{{tablename}}\")\n| where SourceIp != \"0.0.0.0\" and SourceIp != \"127.0.0.1\"\n| count as ip_count by SourceIp\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=SourceIp \n| json field=raw \"labels[*].name\" as label_name \n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| where type=\"ip_address\" and !isNull(malicious_confidence)\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| count by SourceIp\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = SourceIp\n| count by latitude, longitude, country_code, country_name, region, city, postal_code\n| where !isnull(latitude)", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1863,8 +1714,7 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, @@ -1878,23 +1728,21 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/dynamodb", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/dynamodb", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false }, { "id": null, @@ -1908,8 +1756,7 @@ }, "allowMultiSelect": false, "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" + "hideFromUI": false } ], "coloringRules": [] diff --git a/aws-observability/json/EC2-CW-Metrics-App.json b/terraform-sumologic-aws-observability/examples/aws-observability/json/EC2-CW-Metrics-App.json similarity index 87% rename from aws-observability/json/EC2-CW-Metrics-App.json rename to terraform-sumologic-aws-observability/examples/aws-observability/json/EC2-CW-Metrics-App.json index 6d3bb94b..c09939af 100644 --- a/aws-observability/json/EC2-CW-Metrics-App.json +++ b/terraform-sumologic-aws-observability/examples/aws-observability/json/EC2-CW-Metrics-App.json @@ -1,7 +1,7 @@ { "type": "FolderSyncDefinition", - "name": "AWS EC2", - "description": "The Sumo Logic App for AWS EC2 allows you to collect your EC2 instance Cloudwatch metrics and display them using predefined dashboards. The App provides dashboards to display analysis of EC2 instance metrics for cpu, disk, network, EBS, Health Status Check and EC2 related events.", + "name": "AWS EC2 CW Metrics", + "description": "The Sumo Logic App for AWS EC2 (CloudWatch Metrics) allows you to collect your EC2 instance metrics and display them using predefined dashboards. The App provides dashboards to display analysis of EC2 instance metrics for cpu, disk, network, EBS and Health Status Check.", "children": [ { "type": "DashboardV2SyncDefinition", @@ -11,9 +11,6 @@ "theme": "Light", "topologyLabelMap": { "data": { - "927d0fd880a5fa0ea69512008e99c562": [ - "*" - ], "namespace": [ "aws/ec2" ], @@ -201,7 +198,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -228,7 +225,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -255,7 +252,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -282,7 +279,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -309,7 +306,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -336,7 +333,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -363,7 +360,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -390,7 +387,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -417,7 +414,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -444,7 +441,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -471,7 +468,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -498,7 +495,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -543,7 +540,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -570,7 +567,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -597,7 +594,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -624,7 +621,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -651,7 +648,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -678,7 +675,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -705,7 +702,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -732,7 +729,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -759,7 +756,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -786,7 +783,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -813,7 +810,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -840,7 +837,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -867,7 +864,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -894,7 +891,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -930,7 +927,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -957,7 +954,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -984,7 +981,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1011,7 +1008,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1047,7 +1044,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -1074,7 +1071,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -1160,9 +1157,6 @@ "instanceid": [ "*" ], - "f5ef50254e45958882a2c1e37f528308": [ - "*" - ], "namespace": [ "aws/ec2" ], @@ -1326,7 +1320,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1353,7 +1347,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -1380,7 +1374,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -1407,7 +1401,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1434,7 +1428,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1461,7 +1455,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -1488,7 +1482,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -1515,7 +1509,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1542,7 +1536,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1569,7 +1563,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1596,7 +1590,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1623,7 +1617,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1650,7 +1644,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1677,7 +1671,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1722,7 +1716,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -1749,7 +1743,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -1776,7 +1770,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1803,7 +1797,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1839,7 +1833,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1866,7 +1860,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1893,7 +1887,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1920,7 +1914,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1947,7 +1941,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -1974,7 +1968,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -2001,7 +1995,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null }, @@ -2014,7 +2008,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null }, @@ -2027,7 +2021,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -2054,7 +2048,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -2140,15 +2134,12 @@ }, { "type": "DashboardV2SyncDefinition", - "name": "2.1 AWS EC2 - Events (CloudTrail)", + "name": "2.1 AWS EC2 - Events", "description": "The AWS EC2 - Events dashboard provides detailed insights into all cloudtrail audit events associated with EC2 instances and specifically helps identify changes, errors, and user activities.", - "title": "2.1 AWS EC2 - Events (CloudTrail)", + "title": "2.1 AWS EC2 - Events", "theme": "Light", "topologyLabelMap": { "data": { - "927d0fd880a5fa0ea69512008e99c562": [ - "*" - ], "namespace": [ "aws/ec2" ], @@ -2226,7 +2217,7 @@ }, { "key": "panelPANE-4B95C387A7D03B47", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":61}" + "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":47}" }, { "key": "panelF999E9E5A6591B41", @@ -2247,22 +2238,6 @@ { "key": "panelPANE-E40BD69ABB08F949", "structure": "{\"height\":2,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panel436F7C6F97E64A4F", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":47}" - }, - { - "key": "panel98552E029DBAD84E", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":48}" - }, - { - "key": "panel0103B81F8FB24A44", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":54}" - }, - { - "key": "panelE67A0E2585D0D841", - "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":55}" } ] }, @@ -2277,7 +2252,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| count by event_status\n| sort by _count, event_status asc", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count by event_status\n| sort by _count, event_status asc", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2304,7 +2279,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" !errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\" and isBlank(error_code)\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| count by event_name\n| sort by _count, event_name asc", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" !errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\" and isBlank(error_code)\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count by event_name\n| sort by _count, event_name asc", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2331,7 +2306,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" sourceIPAddress !errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\") and isBlank(error_code)\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isNull(latitude)", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" sourceIPAddress !errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\") and isBlank(error_code)\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isNull(latitude)", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2358,7 +2333,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| timeslice 1h\n| count by _timeslice, event_name\n| transpose row _timeslice column event_name", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| timeslice 1h\n| count by _timeslice, event_name\n| transpose row _timeslice column event_name", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2385,7 +2360,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\" and !isEmpty(error_code)\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| count by event_name\n| sort by _count, event_name asc", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\" and !isEmpty(error_code)\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count by event_name\n| sort by _count, event_name asc", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2412,7 +2387,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| count as count by error_code | sort by count, error_code asc | limit 10", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count as count by error_code | sort by count, error_code asc | limit 10", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2439,7 +2414,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\" and !isEmpty(error_code)\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| timeslice 1s\n| count as Count by _timeslice, event_name, error_code, error_message, src_ip, user, type, request_id, user_agent, instanceid, instancetype\n| sort by _timeslice\n| limit 100", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\" and !isEmpty(error_code)\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| timeslice 1s\n| count as Count by _timeslice, event_name, error_code, error_message, src_ip, user, type, request_id, user_agent, instanceid, instancetype\n| sort by _timeslice\n| limit 100", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2466,7 +2441,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" !errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\" and isEmpty(error_code)\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| timeslice 1s\n| count as count by _timeslice, event_name, src_ip, user, type, request_id, user_agent, instanceid, instancetype\n| sort by _timeslice\n| limit 100", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" !errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\" and isEmpty(error_code)\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| timeslice 1s\n| count as count by _timeslice, event_name, src_ip, user, type, request_id, user_agent, instanceid, instancetype\n| sort by _timeslice\n| limit 100", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2493,7 +2468,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" AssumedRole\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| where type = \"AssumedRole\"\n| count as count by user\n| sort by count, user asc | limit 10", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" AssumedRole\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where type = \"AssumedRole\"\n| count as count by user\n| sort by count, user asc | limit 10", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2520,7 +2495,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| count as count by event_name\n| sort by count, event_name asc | limit 20", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count as count by event_name\n| sort by count, event_name asc | limit 20", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2547,7 +2522,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| if (event_name matches \"*Describe*\" or event_name matches \"Get*\" or event_name matches \"*List*\", \"ReadOnly\", if (event_name matches \"*Delete*\" or event_name matches \"*Terminate*\", \"Delete\", if (event_name matches \"*Create*\", \"Create\", if (!(event_name matches \"*Describe*\") and !(event_name matches \"Get*\") and !(event_name matches \"*List*\") and !(event_name matches \"*Delete*\") and !(event_name matches \"Terminate*\") and !(event_name matches \"Create*\") and !(event_name matches \"MonitorInstances\") and !(event_name matches \"RunInstances\"), \"Update\", \"Others\")))) as EventType\n| count by EventType | sort by _count, EventType asc", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| if (event_name matches \"*Describe*\" or event_name matches \"Get*\" or event_name matches \"*List*\", \"ReadOnly\", if (event_name matches \"*Delete*\" or event_name matches \"*Terminate*\", \"Delete\", if (event_name matches \"*Create*\", \"Create\", if (!(event_name matches \"*Describe*\") and !(event_name matches \"Get*\") and !(event_name matches \"*List*\") and !(event_name matches \"*Delete*\") and !(event_name matches \"Terminate*\") and !(event_name matches \"Create*\") and !(event_name matches \"MonitorInstances\") and !(event_name matches \"RunInstances\"), \"Update\", \"Others\")))) as EventType\n| count by EventType | sort by _count, EventType asc", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2574,7 +2549,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| timeslice 1h\n| count by _timeslice, event_status\n| transpose row _timeslice column event_status", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| timeslice 1h\n| count by _timeslice, event_status\n| transpose row _timeslice column event_status", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2601,7 +2576,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" IAMUser\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| where type = \"IAMUser\"\n| count as count by user\n| sort by count, user asc | limit 10", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" IAMUser\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where type = \"IAMUser\"\n| count as count by user\n| sort by count, user asc | limit 10", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2628,14 +2603,14 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" sourceIPAddress\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\")\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| count by src_ip, event_name // , user, user_agent, instanceid\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=src_ip\n| where malicious_confidence = \"high\"\n| json field=raw \"labels[*].name\" as label_name nodrop\n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sort by _count\n| fields src_ip, event_name, type, actor, malicious_confidence // , user, user_agent, instanceid", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" sourceIPAddress\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\")\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count by src_ip, event_name // , user, user_agent, instanceid\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=src_ip\n| where type=\"ip_address\" and malicious_confidence = \"high\"\n| json field=raw \"labels[*].name\" as label_name \n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sort by _count\n| fields src_ip, event_name, type, actor, malicious_confidence // , user, user_agent, instanceid", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -2655,7 +2630,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" sourceIPAddress errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\") and !isBlank(error_code)\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isNull(latitude)", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" sourceIPAddress errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\") and !isBlank(error_code)\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count by src_ip\n| lookup latitude, longitude from geo://location on ip = src_ip\n| where !isNull(latitude)", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2682,7 +2657,7 @@ "queries": [ { "transient": false, - "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" userAgent\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| count as count by user_agent\n| sort by count, user_agent asc | limit 10", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" userAgent\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count as count by user_agent\n| sort by count, user_agent asc | limit 10", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, @@ -2725,78 +2700,6 @@ "keepVisualSettingsConsistentWithParent": true, "panelType": "TextPanel", "text": "This dashboard requires AWS CloudTrail Logs from AWS account and the contents are specific for AWS EC2 instance(s)." - }, - { - "id": null, - "key": "panel436F7C6F97E64A4F", - "title": "Volume Events", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"series\":{},\"legend\":{\"enabled\":false},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\",\"verticalAlignment\":\"center\",\"horizontalAlignment\":\"center\",\"showTitle\":false,\"fontSize\":16},\"title\":{\"fontSize\":16}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "Volume Events" - }, - { - "id": null, - "key": "panel98552E029DBAD84E", - "title": "Latest Volume Events", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/ec2 eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| toLowerCase(event_name) as _event_name\n| where event_source = \"ec2.amazonaws.com\" AND _event_name matches \"*volume*\"\n| tolowercase(instanceid) as instanceid\n| where instanceid matches \"{{instanceid}}\" OR isBlank(instanceid)\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"volumeId\" as volumeid_req nodrop \n| json field=responseElements \"volumeId\" as volumeid_res nodrop\n| if (isBlank(volumeid_req), volumeid_res, volumeid_req) as volumeid\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| timeslice 1s\n| count as count by _timeslice, event_name, volumeid, instanceid, src_ip, user, type, request_id, user_agent, event_status\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel0103B81F8FB24A44", - "title": "EBS Snapshot Events", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"series\":{},\"legend\":{\"enabled\":false},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\",\"verticalAlignment\":\"center\",\"horizontalAlignment\":\"center\",\"showTitle\":false,\"fontSize\":16},\"title\":{\"fontSize\":16}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "EBS Snapshot Events" - }, - { - "id": null, - "key": "panelE67A0E2585D0D841", - "title": "Latest Snapshot Events", - "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"},\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} namespace=aws/ec2 eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\", \"serviceEventDetails.snapshotId\"as event_source, region, requestParameters, responseElements, accountid, snapshotid_srvcEvntDtls nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| toLowerCase(event_name) as _event_name\n| where event_source = \"ec2.amazonaws.com\" AND _event_name matches \"*snapshot*\" \n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:*:iam::*:*\" as arn_part, accountId, user nodrop\n| json field=requestParameters \"volumeId\", \"snapshotId\" as volumeid_req, snapshotid_req nodrop \n| json field=responseElements \"volumeId\",\"snapshotId\" as volumeid_res, snapshotid_res nodrop\n| if (isBlank(volumeid_req), volumeid_res, volumeid_req) as volumeid\n| json field=requestParameters \"snapshotSet.items\" as req_snapshotSet_items nodrop\n| parse regex field=req_snapshotSet_items \"\\\"snapshotId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (isBlank(snapshotid_req), snapshotid_res, snapshotid_req) as snapshotid\n| if (isBlank(snapshotid), req_snapshotId, snapshotid) as snapshotid\n| if (isBlank(snapshotid), snapshotid_srvcEvntDtls, snapshotid) as snapshotid\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(snapshotid) as snapshotid\n| timeslice 1s\n| count as count by _timeslice, event_name, volumeid, snapshotid, src_ip, user, type, request_id, user_agent, event_status\n| sort by _timeslice\n| limit 100", - "queryType": "Logs", - "queryKey": "A", - "metricsQueryMode": null, - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] } ], "variables": [ @@ -2844,21 +2747,6 @@ "includeAllOption": true, "hideFromUI": false, "valueType": "Any" - }, - { - "id": null, - "name": "instanceid", - "displayName": "instanceid", - "defaultValue": "*", - "sourceDefinition": { - "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace={{namespace}}", - "key": "instanceid" - }, - "allowMultiSelect": false, - "includeAllOption": true, - "hideFromUI": false, - "valueType": "Any" } ], "coloringRules": [] @@ -2874,9 +2762,6 @@ "instanceid": [ "*" ], - "f5ef50254e45958882a2c1e37f528308": [ - "*" - ], "namespace": [ "aws/ec2" ], @@ -2964,7 +2849,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -2991,7 +2876,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -3018,7 +2903,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -3045,7 +2930,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -3090,7 +2975,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -3117,7 +3002,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -3230,9 +3115,6 @@ "instanceid": [ "*" ], - "f5ef50254e45958882a2c1e37f528308": [ - "*" - ], "namespace": [ "aws/ec2" ], @@ -3324,7 +3206,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -3351,7 +3233,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -3378,7 +3260,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -3405,7 +3287,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -3432,7 +3314,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -3459,7 +3341,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -3486,7 +3368,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -3513,7 +3395,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -3540,7 +3422,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -3567,7 +3449,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -3671,9 +3553,6 @@ "instanceid": [ "*" ], - "f5ef50254e45958882a2c1e37f528308": [ - "*" - ], "namespace": [ "aws/ec2" ], @@ -3761,7 +3640,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -3788,7 +3667,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -3815,7 +3694,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -3842,7 +3721,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -3869,7 +3748,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -3896,7 +3775,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -3941,7 +3820,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -3968,7 +3847,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -4063,9 +3942,6 @@ "instanceid": [ "*" ], - "f5ef50254e45958882a2c1e37f528308": [ - "*" - ], "namespace": [ "aws/ec2" ], @@ -4153,7 +4029,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -4180,7 +4056,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": 1000 } @@ -4207,7 +4083,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -4234,7 +4110,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -4261,7 +4137,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -4288,7 +4164,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -4333,7 +4209,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -4360,7 +4236,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -4455,9 +4331,6 @@ "instanceid": [ "*" ], - "f5ef50254e45958882a2c1e37f528308": [ - "*" - ], "namespace": [ "aws/ec2" ], @@ -4545,7 +4418,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null }, @@ -4558,7 +4431,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -4585,7 +4458,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null }, @@ -4598,7 +4471,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -4625,7 +4498,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -4652,7 +4525,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -4679,7 +4552,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -4706,7 +4579,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null }, @@ -4719,7 +4592,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -4755,7 +4628,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -4782,7 +4655,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } @@ -4809,7 +4682,7 @@ "metricsQueryData": null, "tracesQueryData": null, "spansQueryData": null, - "parseMode": "Manual", + "parseMode": "Auto", "timeSource": "Message", "outputCardinalityLimit": null } diff --git a/aws-observability/json/EC2-Metrics-App.json b/terraform-sumologic-aws-observability/examples/aws-observability/json/EC2-Metrics-App.json similarity index 63% rename from aws-observability/json/EC2-Metrics-App.json rename to terraform-sumologic-aws-observability/examples/aws-observability/json/EC2-Metrics-App.json index cf29f7c9..c6b64ac5 100644 --- a/aws-observability/json/EC2-Metrics-App.json +++ b/terraform-sumologic-aws-observability/examples/aws-observability/json/EC2-Metrics-App.json @@ -1,13 +1,14 @@ { "type": "FolderSyncDefinition", - "name": "Host Metrics (EC2)", - "description": "The Sumo Logic App for Host Metrics (EC2) allows you to collect your EC2 instance metrics and display them using predefined dashboards. The App provides dashboards to display analysis of EC2 instance metrics for cpu, disk, memory, network, TCP.", + "name": "AWS EC2 Metrics", + "description": "The Sumo Logic App for AWS EC2 Metrics allows you to collect your EC2 instance metrics and display them using predefined search queries and Dashboards. The App provides Dashboards to display analysis of EC2 instance metrics for cpu, disk, memory, network.", "children": [ { "type": "DashboardV2SyncDefinition", - "name": "1.2. AWS EC2 Overview (Host Metrics)", - "description": "The AWS EC2 Overview (Host Metrics) dashboard provides at-a-glance information about a EC2 CPU, memory, network and disk usage.", - "title": "1.2. AWS EC2 Overview (Host Metrics)", + "name": "1. AWS EC2 Metrics - Overview", + "description": "The AWS EC2 Metrics - Overview dashboard provides at-a-glance information about a EC2 CPU, memory, network and disk usage.", + "title": "1. AWS EC2 Metrics - Overview", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -39,87 +40,83 @@ "layoutStructures": [ { "key": "panelpane-b03ffbbdb0b59b4d", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":27}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":24}" }, { "key": "panelpane-73159cd48a30e84d", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":27}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":24}" }, { "key": "panelpane-7c0398e384ef0b4b", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":33}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":30}" }, { "key": "panelpane-2a01fd42b58b994e", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":33}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":30}" }, { "key": "panelpane-21f9df3286d4d843", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":39}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":36}" }, { "key": "panelpane-b0342f51a88b2a47", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":39}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":36}" }, { "key": "panelpane-2f4529faa0fcc94e", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":45}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":42}" }, { "key": "panelpane-909c4962a7e08843", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":45}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":42}" }, { "key": "panelpane-33b218968b91a845", - "structure": "{\"height\":6,\"width\":5,\"x\":9,\"y\":15}" + "structure": "{\"height\":6,\"width\":5,\"x\":9,\"y\":12}" }, { "key": "panelpane-481cfaaf957d7842", - "structure": "{\"height\":6,\"width\":5,\"x\":14,\"y\":15}" + "structure": "{\"height\":6,\"width\":5,\"x\":14,\"y\":12}" }, { "key": "panelpane-d3677624bfee3b41", - "structure": "{\"height\":6,\"width\":5,\"x\":9,\"y\":21}" + "structure": "{\"height\":6,\"width\":5,\"x\":9,\"y\":18}" }, { "key": "panelpane-cea7ffdeb458fb4e", - "structure": "{\"height\":6,\"width\":5,\"x\":14,\"y\":21}" + "structure": "{\"height\":6,\"width\":5,\"x\":14,\"y\":18}" }, { "key": "panelpane-33ac098a81186b4e", - "structure": "{\"height\":6,\"width\":5,\"x\":19,\"y\":15}" + "structure": "{\"height\":6,\"width\":5,\"x\":19,\"y\":12}" }, { "key": "panelpane-9d0a24618eef0a4e", - "structure": "{\"height\":6,\"width\":5,\"x\":19,\"y\":21}" + "structure": "{\"height\":6,\"width\":5,\"x\":19,\"y\":18}" }, { "key": "panelpane-1e29da5dbd267a45", - "structure": "{\"height\":6,\"width\":9,\"x\":0,\"y\":15}" + "structure": "{\"height\":6,\"width\":9,\"x\":0,\"y\":12}" }, { "key": "panelPANE-2061037A94244A4B", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":3}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":0}" }, { "key": "panelPANE-DE8ED3CB8CEBF849", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":3}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":0}" }, { "key": "panel2F40FE32B1ED8A48", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":9}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":6}" }, { "key": "panel092B86A6AF75C942", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":9}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":6}" }, { "key": "panelE292F5CA9886CA4E", - "structure": "{\"height\":6,\"width\":9,\"x\":0,\"y\":21}" - }, - { - "key": "panelPANE-669661608BAAEB4B", - "structure": "{\"height\":3,\"width\":24,\"x\":0,\"y\":0}" + "structure": "{\"height\":6,\"width\":9,\"x\":0,\"y\":18}" } ] }, @@ -133,17 +130,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric=CPU_Idle account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | avg by instanceType", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -160,43 +154,34 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_LoadAvg_1min | avg by metric", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" }, { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_LoadAvg_5min | avg by metric", "queryType": "Metrics", "queryKey": "B", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" }, { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_LoadAvg_15min | avg by metric", "queryType": "Metrics", "queryKey": "C", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -208,22 +193,19 @@ "id": null, "key": "panelpane-7c0398e384ef0b4b", "title": "Total Free System Memory per Instance Type", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Free Memory\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{InstanceType}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Free Memory\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{InstanceType}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_Free | sum by instanceType", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -235,22 +217,19 @@ "id": null, "key": "panelpane-2a01fd42b58b994e", "title": "Total Used, Less Buffers and Cached Memory per Instance Type", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Used Memory\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{InstanceType}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Used Memory\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{InstanceType}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_ActualUsed | sum by instanceType", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -262,22 +241,19 @@ "id": null, "key": "panelpane-21f9df3286d4d843", "title": "Disk Used Bytes per Instance Type", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Disk Used Bytes\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{InstanceType}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Disk Used Bytes\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{InstanceType}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_Used | sum by instanceType", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -289,22 +265,19 @@ "id": null, "key": "panelpane-b0342f51a88b2a47", "title": "Disk Available Bytes per Instance Type", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Disk Available Bytes\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{InstanceType}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Disk Available Bytes\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{InstanceType}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_Available | sum by instanceType", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -316,22 +289,19 @@ "id": null, "key": "panelpane-2f4529faa0fcc94e", "title": "Network InByte Rate per Instance Type", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Network InByte Rate\",\"minimum\":0},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{InstanceType}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Network InByte Rate\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{InstanceType}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_InBytes | sum by instanceType | rate increasing", + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_InBytes | sum by instanceType | rate", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -343,22 +313,19 @@ "id": null, "key": "panelpane-909c4962a7e08843", "title": "Network OutByte Rate per Instance Type", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"wrap\":true,\"enabled\":true},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Network OutByte Rate\",\"minimum\":0},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{InstanceType}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"wrap\":true,\"enabled\":true},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Network OutByte Rate\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{InstanceType}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_OutBytes | sum by instanceType | rate increasing", + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_OutBytes | sum by instanceType | rate", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -375,17 +342,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric=CPU_Total account={{account}} region={{region}} namespace={{namespace}} instanceid={{instanceid}} | avg", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -402,17 +366,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric= Mem_UsedPercent account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | avg", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -429,17 +390,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric= TCP_InboundTotal account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | avg", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -456,17 +414,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric= TCP_OutboundTotal account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | avg", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -483,17 +438,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric= Net_InBytes account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | avg | eval _value/1024/1024", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -510,17 +462,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric= Net_OutBytes account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | avg | eval _value/1024/1024", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -537,17 +486,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric=CPU_Sys account={{account}} region={{region}} namespace={{namespace}} instanceid={{instanceid}} | eval(_value/_value) | quantize to 60m using count | count by instancetype", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -564,17 +510,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric=CPU_Total account={{account}} region={{region}} namespace={{namespace}} instanceid={{instanceid}} | filter latest > 75 | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -591,17 +534,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric= Mem_UsedPercent account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | filter latest > 75 | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -618,17 +558,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric=CPU_Total account={{account}} region={{region}} namespace={{namespace}} instanceid={{instanceid}} | filter latest <= 10 | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -645,17 +582,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric= Mem_UsedPercent account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | filter latest <= 10 | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -672,32 +606,20 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric=CPU_Total account={{account}} region={{region}} namespace={{namespace}} | avg by instancetype | topk(25, avg)", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", "timeRange": null, "coloringRules": null, "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-669661608BAAEB4B", - "title": "Note", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"format\":\"markdownV2\",\"fontSize\":14,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false},\"title\":{\"fontSize\":16}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "This dashboard requires Sumo Logic installed collector to be present on the host and [Host Metric](https://help.sumologic.com/03Send-Data/Sources/01Sources-for-Installed-Collectors/Host-Metrics-Source) source to be configured. Click [here](https://help.sumologic.com/Observability_Solution/AWS_Observability_Solution/03_Other_Configurations_and_Tools/Add_Fields_to_Existing_Host_Metrics_Sources) to learn how to tag account and namespace fields to the existing source(s) for them to be visible in the AWS Observability Solution dashboards." } ], "variables": [ @@ -734,11 +656,11 @@ { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/ec2", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/ec2", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, @@ -766,9 +688,10 @@ }, { "type": "DashboardV2SyncDefinition", - "name": "1.2. AWS EC2 Summary (Host Metrics)", - "description": "The AWS EC2 Summary (Host Metrics) dashboard provides at-a-glance information about a EC2 CPU, memory, network and disk usage.", - "title": "1.2. AWS EC2 Summary (Host Metrics)", + "name": "1. AWS EC2 Metrics - Summary", + "description": "The AWS EC2 Metrics - Summary dashboard provides at-a-glance information about a EC2 CPU, memory, network and disk usage.", + "title": "1. AWS EC2 Metrics - Summary", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -800,63 +723,59 @@ "layoutStructures": [ { "key": "panelpane-b03ffbbdb0b59b4d", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":8}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":5}" + }, + { + "key": "panelpane-73159cd48a30e84d", + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":5}" }, { "key": "panelpane-7c0398e384ef0b4b", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":14}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":11}" }, { "key": "panelpane-2a01fd42b58b994e", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":14}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":11}" }, { "key": "panelpane-21f9df3286d4d843", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":20}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":17}" }, { "key": "panelpane-b0342f51a88b2a47", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":20}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":17}" }, { "key": "panelpane-909c4962a7e08843", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":26}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":23}" + }, + { + "key": "panelpane-33b218968b91a845", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":0}" }, { "key": "panelpane-481cfaaf957d7842", - "structure": "{\"height\":5,\"width\":4,\"x\":4,\"y\":3}" + "structure": "{\"height\":5,\"width\":4,\"x\":4,\"y\":0}" }, { "key": "panelpane-d3677624bfee3b41", - "structure": "{\"height\":5,\"width\":4,\"x\":16,\"y\":3}" + "structure": "{\"height\":5,\"width\":4,\"x\":16,\"y\":0}" }, { "key": "panelpane-cea7ffdeb458fb4e", - "structure": "{\"height\":5,\"width\":4,\"x\":20,\"y\":3}" + "structure": "{\"height\":5,\"width\":4,\"x\":20,\"y\":0}" }, { "key": "panelpane-33ac098a81186b4e", - "structure": "{\"height\":5,\"width\":4,\"x\":8,\"y\":3}" + "structure": "{\"height\":5,\"width\":4,\"x\":8,\"y\":0}" }, { "key": "panelpane-9d0a24618eef0a4e", - "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":3}" + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":0}" }, { "key": "panel92B3F2A48B5DCA4F", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":26}" - }, - { - "key": "panelPANE-60B5D586941BE849", - "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":3}" - }, - { - "key": "panelPANE-8F83BD319926A843", - "structure": "{\"height\":3,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panel5691F7AA847CD846", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":8,\"minHeight\":3,\"minWidth\":3}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":23}" } ] }, @@ -870,17 +789,58 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric=CPU_Idle account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-73159cd48a30e84d", + "title": "Overall Average CPU Load (1m, 5m, 15m)", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Average CPU Load\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"1 Minute Average CPU Load\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"5 Minute Average CPU Load\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"15 Minute Average CPU Load\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_LoadAvg_1min | avg by metric", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_LoadAvg_5min | avg by metric", + "queryType": "Metrics", + "queryKey": "B", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_LoadAvg_15min | avg by metric", + "queryType": "Metrics", + "queryKey": "C", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -892,22 +852,19 @@ "id": null, "key": "panelpane-7c0398e384ef0b4b", "title": "Total Free System Memory", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Free Memory\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Free Memory\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{instanceid}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_Free | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -919,22 +876,19 @@ "id": null, "key": "panelpane-2a01fd42b58b994e", "title": "Total Used, Less Buffers and Cached Memory", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Used Memory\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Used Memory\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{instanceid}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_ActualUsed | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -946,22 +900,19 @@ "id": null, "key": "panelpane-21f9df3286d4d843", "title": "Disk Used Bytes", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Disk Used Bytes\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"instanceid={{instanceid}} dirname={{dirname}} devname={{devname}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Disk Used Bytes\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"instanceid={{instanceid}} dirname={{dirname}} devname={{devname}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_Used | sum by account, region, namespace, instanceid, dirname, devname", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -973,22 +924,19 @@ "id": null, "key": "panelpane-b0342f51a88b2a47", "title": "Disk Available Bytes", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Disk Available Bytes\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"instanceid={{instanceid}} dirname={{dirname}} devname={{devname}}\"}}],\"color\":{\"family\":\"scheme7\"},\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Disk Available Bytes\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"instanceid={{instanceid}} dirname={{dirname}} devname={{devname}}\"}}],\"color\":{\"family\":\"scheme7\"}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_Available | sum by account, region, namespace, instanceid, dirname, devname", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -1000,22 +948,43 @@ "id": null, "key": "panelpane-909c4962a7e08843", "title": "Network OutByte Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"wrap\":true,\"enabled\":true},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Network OutByte Rate\",\"minimum\":0},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"legend\":{\"wrap\":true,\"enabled\":true},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Network OutByte Rate\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{instanceid}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_OutBytes | sum by instanceid | rate", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-33b218968b91a845", + "title": "CPU Utilization", + "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#527b01\"},{\"from\":75,\"to\":85,\"color\":\"#b18209\"},{\"from\":85,\"to\":101,\"color\":\"#b63010\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":true,\"min\":0,\"max\":100},\"label\":\"% CPU Usage\",\"valueFontSize\":20,\"option\":\"Average\",\"labelFontSize\":8},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_OutBytes | sum by instanceid | rate increasing", + "queryString": "metric=CPU_Total account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | avg", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -1032,17 +1001,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric= Mem_UsedPercent account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | avg", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1059,17 +1025,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric= TCP_InboundTotal account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | avg", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1086,17 +1049,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric= TCP_OutboundTotal account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | avg", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1113,17 +1073,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric= Net_InBytes account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | avg | eval _value/1024/1024", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1140,17 +1097,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric= Net_OutBytes account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | avg | eval _value/1024/1024", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1162,111 +1116,19 @@ "id": null, "key": "panel92B3F2A48B5DCA4F", "title": "Network InByte Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Network InByte Rate\",\"minimum\":0},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{instanceid}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_InBytes | sum by instanceid | rate increasing", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-60B5D586941BE849", - "title": "CPU Utilization", - "visualSettings": "{\"general\":{\"type\":\"svp\"},\"svp\":{\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#527b01\"},{\"from\":75,\"to\":85,\"color\":\"#b18209\"},{\"from\":85,\"to\":101,\"color\":\"#b63010\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":true,\"min\":0,\"max\":100},\"label\":\"% CPU Usage\",\"valueFontSize\":20,\"option\":\"Average\",\"labelFontSize\":8},\"series\":{},\"legend\":{\"enabled\":false}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "metric=CPU_Total account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | avg", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-8F83BD319926A843", - "title": "Note", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"format\":\"markdownV2\",\"fontSize\":14,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false},\"title\":{\"fontSize\":16}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "This dashboard requires Sumo Logic installed collector to be present on the host and [Host Metric](https://help.sumologic.com/03Send-Data/Sources/01Sources-for-Installed-Collectors/Host-Metrics-Source) source to be configured. Click [here](https://help.sumologic.com/Observability_Solution/AWS_Observability_Solution/03_Other_Configurations_and_Tools/Add_Fields_to_Existing_Host_Metrics_Sources) to learn how to tag account and namespace fields to the existing source(s) for them to be visible in the AWS Observability Solution dashboards." - }, - { - "id": null, - "key": "panel5691F7AA847CD846", - "title": "Overall Average CPU Load (1m, 5m, 15m)", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Average CPU Load\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"1 Minute Average CPU Load\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"5 Minute Average CPU Load\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"15 Minute Average CPU Load\"}}]}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Network InByte Rate\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{instanceid}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_LoadAvg_1min | avg by metric", + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_InBytes | sum by instanceid | rate", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_LoadAvg_5min | avg by metric", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_LoadAvg_15min | avg by metric", - "queryType": "Metrics", - "queryKey": "C", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1309,11 +1171,11 @@ { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/ec2", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/ec2", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, @@ -1341,9 +1203,10 @@ }, { "type": "DashboardV2SyncDefinition", - "name": "2.2. AWS EC2 CPU (Host Metrics)", - "description": "The AWS EC2 CPU (Host Metrics) dashboard provides details information about a EC2 CPU usage.", - "title": "2.2. AWS EC2 CPU (Host Metrics)", + "name": "2. AWS EC2 Metrics - CPU", + "description": "The AWS EC2 Metrics - CPU dashboard provides details information about a EC2 CPU usage.", + "title": "2. AWS EC2 Metrics - CPU", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -1375,39 +1238,35 @@ "layoutStructures": [ { "key": "panelpane-b8fdf6e2b8c1d843", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":3}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":0}" }, { "key": "panelpane-faa47ec2a6e5d947", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":9}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":6}" }, { "key": "panelpane-c59320268cdb7a49", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":3}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":0}" }, { "key": "panelpane-88f4336192c38b49", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":21}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":18}" }, { "key": "panelpane-373635dab1b6b944", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":21}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":18}" }, { "key": "panelpane-1902994c9e385941", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":9}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":6}" }, { "key": "panelpane-29ddbf5e98aa884e", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":15}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":12}" }, { - "key": "panelPANE-DF143E118916F949", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":15}" - }, - { - "key": "panelPANE-81DC18F39F979843", - "structure": "{\"height\":3,\"width\":24,\"x\":0,\"y\":0}" + "key": "panelpane-46c987c099bacb4c", + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":12}" } ] }, @@ -1421,17 +1280,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_User | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1448,17 +1304,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_Nice | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1475,17 +1328,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_Sys | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1502,17 +1352,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_Irq | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1529,17 +1376,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric= CPU_SoftIrq | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1556,17 +1400,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_Idle | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1583,17 +1424,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric= CPU_Stolen | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1603,39 +1441,27 @@ }, { "id": null, - "key": "panelPANE-DF143E118916F949", + "key": "panelpane-46c987c099bacb4c", "title": "CPU IO Wait Time", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Percentage\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{instanceid}}\"}}],\"series\":{},\"legend\":{\"enabled\":false}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Percentage\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{instanceid}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=CPU_IOWait | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": null + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", "timeRange": null, "coloringRules": null, "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-81DC18F39F979843", - "title": "Note", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"format\":\"markdownV2\",\"fontSize\":14,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false},\"title\":{\"fontSize\":16}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "This dashboard requires Sumo Logic installed collector to be present on the host and [Host Metric](https://help.sumologic.com/03Send-Data/Sources/01Sources-for-Installed-Collectors/Host-Metrics-Source) source to be configured. Click [here](https://help.sumologic.com/Observability_Solution/AWS_Observability_Solution/03_Other_Configurations_and_Tools/Add_Fields_to_Existing_Host_Metrics_Sources) to learn how to tag account and namespace fields to the existing source(s) for them to be visible in the AWS Observability Solution dashboards." } ], "variables": [ @@ -1672,11 +1498,11 @@ { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/ec2", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/ec2", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, @@ -1704,15 +1530,13 @@ }, { "type": "DashboardV2SyncDefinition", - "name": "3.2. AWS EC2 Memory (Host Metrics)", - "description": "The AWS EC2 Memory (Host Metrics) dashboard provides details information about a EC2 memory usage.", - "title": "3.2. AWS EC2 Memory (Host Metrics)", + "name": "3. AWS EC2 - Events", + "description": "The AWS EC2 Metrics - Audit Event Overview dashboard provides detailed insights into all events associated with EC2 instances and specifically helps identify changes, errors, and users", + "title": "3. AWS EC2 - Events", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { - "instanceid": [ - "*" - ], "namespace": [ "aws/ec2" ], @@ -1737,56 +1561,97 @@ "layoutType": "Grid", "layoutStructures": [ { - "key": "panelpane-efa308ec98ca9a47", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":3}" + "key": "panelPANE-9A6827ADAFD40B48", + "structure": "{\"height\":8,\"width\":6,\"x\":0,\"y\":10}" }, { - "key": "panelpane-51fa4586b262ea45", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":3}" + "key": "panel808FD9FD8BFB6846", + "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":32}" }, { - "key": "panelpane-f40f828787debb4b", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":9}" + "key": "panelPANE-F6D67170A3207848", + "structure": "{\"height\":10,\"width\":12,\"x\":0,\"y\":0}" }, { - "key": "panelpane-f77ed3b9a7469a41", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":9}" + "key": "panelPANE-55BA9CD690905848", + "structure": "{\"height\":5,\"width\":12,\"x\":12,\"y\":18}" }, { - "key": "panelpane-14a8edc8a9082a44", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":15}" + "key": "panelE1BCBDE685FB3944", + "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":39}" }, { - "key": "panelpane-fd78c765b827f940", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":15}" + "key": "panelPANE-4D66006086774A44", + "structure": "{\"height\":8,\"width\":6,\"x\":6,\"y\":10}" + }, + { + "key": "panelPANE-829F6ADB86227949", + "structure": "{\"height\":6,\"width\":18,\"x\":6,\"y\":39}" + }, + { + "key": "panel1DA5F9AA9C03F945", + "structure": "{\"height\":6,\"width\":18,\"x\":6,\"y\":32}" + }, + { + "key": "panelPANE-C6B1C1249FED294C", + "structure": "{\"height\":8,\"width\":9,\"x\":6,\"y\":23}" + }, + { + "key": "panel422C79CD944AC840", + "structure": "{\"height\":8,\"width\":6,\"x\":18,\"y\":10}" + }, + { + "key": "panelB86F7C84926F1844", + "structure": "{\"height\":8,\"width\":6,\"x\":12,\"y\":10}" + }, + { + "key": "panelABB275868F4B2A44", + "structure": "{\"height\":5,\"width\":12,\"x\":0,\"y\":18}" + }, + { + "key": "panelA10E415491CA1B4F", + "structure": "{\"height\":8,\"width\":6,\"x\":0,\"y\":23}" + }, + { + "key": "panelPANE-4B95C387A7D03B47", + "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":45}" + }, + { + "key": "panelF999E9E5A6591B41", + "structure": "{\"height\":10,\"width\":12,\"x\":12,\"y\":0}" + }, + { + "key": "panelC8228A47A6D3DA4D", + "structure": "{\"height\":8,\"width\":9,\"x\":15,\"y\":23}" + }, + { + "key": "panelPANE-4022F95385542A46", + "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":31}" }, { - "key": "panelPANE-6B4E2CE18CB63944", - "structure": "{\"height\":3,\"width\":24,\"x\":0,\"y\":0}" + "key": "panelD9E5828D86D12941", + "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":38}" } ] }, "panels": [ { "id": null, - "key": "panelpane-efa308ec98ca9a47", - "title": "Total Physical RAM", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "key": "panelPANE-9A6827ADAFD40B48", + "title": "Event Status", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"series\":{},\"legend\":{\"enabled\":false},\"overrides\":[{\"series\":[\"Success\"],\"queries\":[],\"properties\":{\"color\":\"#75bf00\"}},{\"series\":[\"Failure\"],\"queries\":[],\"properties\":{\"color\":\"#f36644\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_Total | sum by account, region, namespace, instanceid", - "queryType": "Metrics", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count by eventStatus\n| sort by _count, eventStatus asc", + "queryType": "Logs", "queryKey": "A", - "metricsQueryMode": "Advanced", + "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -1796,37 +1661,21 @@ }, { "id": null, - "key": "panelpane-51fa4586b262ea45", - "title": "Memory Free vs Used Percentage", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Percentage\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Used Percent - {{instanceid}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Free Percent - {{instanceid}}\"}}]}", + "key": "panel808FD9FD8BFB6846", + "title": "Successful Events", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"series\":{},\"legend\":{\"enabled\":false}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_UsedPercent | sum by account, region, namespace, instanceid", - "queryType": "Metrics", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" !errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| where isBlank(error_code)\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count by event_name\n| sort by _count, event_name asc", + "queryType": "Logs", "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - }, - { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric= Mem_FreePercent | sum by account, region, namespace, instanceid", - "queryType": "Metrics", - "queryKey": "B", - "metricsQueryMode": "Advanced", + "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -1836,24 +1685,21 @@ }, { "id": null, - "key": "panelpane-f40f828787debb4b", - "title": "Total Free, Buffers and Cached Memory", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "key": "panelPANE-F6D67170A3207848", + "title": "Successful Event Locations", + "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"series\":{}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_ActualFree | sum by account, region, namespace, instanceid", - "queryType": "Metrics", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" sourceIPAddress !errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| where isEmpty(error_code)\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count by src_ip\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = src_ip\n| where !isNull(latitude)", + "queryType": "Logs", "queryKey": "A", - "metricsQueryMode": "Advanced", + "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -1863,24 +1709,21 @@ }, { "id": null, - "key": "panelpane-f77ed3b9a7469a41", - "title": "Total Used, Less Buffers and Cached Memory", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "key": "panelPANE-55BA9CD690905848", + "title": "Events Types Trend", + "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"overrides\":[],\"series\":{},\"general\":{\"type\":\"line\",\"displayType\":\"default\",\"markerSize\":5,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":1,\"mode\":\"timeSeries\"},\"color\":{\"family\":\"Categorical Default\"}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_ActualUsed | sum by account, region, namespace, instanceid", - "queryType": "Metrics", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| timeslice 1h\n| count by _timeslice, event_name\n| transpose row _timeslice column event_name", + "queryType": "Logs", "queryKey": "A", - "metricsQueryMode": "Advanced", + "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -1890,24 +1733,545 @@ }, { "id": null, - "key": "panelpane-14a8edc8a9082a44", - "title": "Total Free Memory", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "key": "panelE1BCBDE685FB3944", + "title": "Failed Events", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"series\":{},\"legend\":{\"enabled\":false}}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_Free | sum by account, region, namespace, instanceid", - "queryType": "Metrics", + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| where !isEmpty(error_code)\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count by event_name\n| sort by _count, event_name asc", + "queryType": "Logs", "queryKey": "A", - "metricsQueryMode": "Advanced", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-4D66006086774A44", + "title": "Top 10 Error Codes", + "visualSettings": "{\"title\":{\"fontSize\":16},\"series\":{},\"legend\":{\"enabled\":false},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count as count by error_code | sort by count, error_code asc | limit 10", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-829F6ADB86227949", + "title": "Latest Failed Events", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| where !isEmpty(error_code)\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| timeslice 1s\n| count as Count by _timeslice, event_name, error_code, error_message, src_ip, user, type, request_id, user_agent, instanceid, instancetype\n| sort by _timeslice\n| limit 100", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel1DA5F9AA9C03F945", + "title": "Latest Successful Events", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" !errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| where isEmpty(error_code)\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| timeslice 1s\n| count as Count by _timeslice, event_name, src_ip, user, type, request_id, user_agent, instanceid, instancetype\n| sort by _timeslice\n| limit 100", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-C6B1C1249FED294C", + "title": "Top 10 AssumedRole Users", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" AssumedRole\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where type = \"AssumedRole\"\n| count as Count by user\n| sort by Count, user asc | limit 10", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel422C79CD944AC840", + "title": "Top Events Types", + "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"series\":{},\"overrides\":[],\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count as Count by event_name\n| sort by Count, event_name asc | limit 10", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelB86F7C84926F1844", + "title": "Event Types", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"overrides\":[],\"series\":{\"A_readonlyEvents\":{\"visible\":true},\"A_updateEvents\":{\"visible\":true}},\"legend\":{\"enabled\":false}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| if (event_name matches \"*Describe*\" or event_name matches \"Get*\" or event_name matches \"*List*\", \"ReadOnly\", if (event_name matches \"*Delete*\" or event_name matches \"*Terminate*\", \"Delete\", if (event_name matches \"*Create*\", \"Create\", if (!(event_name matches \"*Describe*\") and !(event_name matches \"Get*\") and !(event_name matches \"*List*\") and !(event_name matches \"*Delete*\") and !(event_name matches \"Terminate*\") and !(event_name matches \"Create*\") and !(event_name matches \"MonitorInstances\") and !(event_name matches \"RunInstances\"), \"Update\", \"Others\")))) as EventType\n| count by EventType | sort by _count, EventType asc", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelABB275868F4B2A44", + "title": "Events Status Trend", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[\"Failure\"],\"queries\":[],\"properties\":{\"color\":\"#f36644\"}},{\"series\":[\"Success\"],\"queries\":[],\"properties\":{\"color\":\"#75bf00\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\"\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| timeslice 1h\n| count by _timeslice, eventStatus\n| transpose row _timeslice column eventStatus", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelA10E415491CA1B4F", + "title": "Top 10 IAM Users", + "visualSettings": "{\"title\":{\"fontSize\":16},\"overrides\":[],\"series\":{\"A_readonlyEvents\":{\"visible\":true},\"A_updateEvents\":{\"visible\":true}},\"legend\":{\"enabled\":false},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" IAMUser\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| where type = \"IAMUser\"\n| count as Count by user\n| sort by Count, user asc | limit 10", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-4B95C387A7D03B47", + "title": "Events from Known Malicious IP Addresses", + "visualSettings": "{\"general\":{\"mode\":\"distribution\",\"type\":\"pie\",\"displayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"30%\",\"maxNumOfSlices\":10},\"title\":{\"fontSize\":14},\"axes\":{\"axisX\":{\"titleFontSize\":12,\"labelFontSize\":12},\"axisY\":{\"titleFontSize\":12,\"labelFontSize\":12}},\"series\":{},\"legend\":{\"enabled\":false}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" sourceIPAddress\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count by src_ip, event_name, user, user_agent\n| lookup type, actor, raw, threatlevel as malicious_confidence from sumo://threat/cs on threat=src_ip \n| json field=raw \"labels[*].name\" as label_name \n| replace(label_name, \"\\\\/\",\"->\") as label_name\n| replace(label_name, \"\\\"\",\" \") as label_name\n| where type=\"ip_address\" and malicious_confidence = \"high\"\n| if (isEmpty(actor), \"Unassigned\", actor) as Actor\n| sort by _count\n| fields src_ip, event_name, user, user_agent, type, actor, malicious_confidence", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelF999E9E5A6591B41", + "title": "Failure Event Locations", + "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" sourceIPAddress errorCode\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| where !isBlank(error_code)\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count by src_ip\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = src_ip\n| where !isNull(latitude)", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelC8228A47A6D3DA4D", + "title": "Top 10 User Agents", + "visualSettings": "{\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"series\":{},\"overrides\":[],\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} eventname eventsource \"ec2.amazonaws.com\" userAgent\n| json \"eventSource\", \"awsRegion\", \"requestParameters\", \"responseElements\", \"recipientAccountId\" as event_source, region, requestParameters, responseElements, accountid nodrop\n| json \"userIdentity\", \"eventName\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"requestID\", \"errorCode\", \"errorMessage\", \"eventCategory\", \"managementEvent\" as userIdentity, event_name, src_ip, user_agent, event_type, request_id, error_code, error_message, event_category, management_event nodrop\n| where event_source = \"ec2.amazonaws.com\"\n| \"aws/ec2\" as namespace\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| json field=requestParameters \"instanceType\", \"instancesSet\", \"instanceId\", \"DescribeInstanceCreditSpecificationsRequest.InstanceId.content\" as req_instancetype, req_instancesSet, req_instanceid_1, req_instanceid_2 nodrop\n| json field=req_instancesSet \"item\", \"items\" as req_instancesSet_item, req_instancesSet_items nodrop\n| parse regex field=req_instancesSet_item \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=req_instancesSet_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| json field=responseElements \"instancesSet.items\" as res_responseElements_items nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceType\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| parse regex field=res_responseElements_items \"\\\"instanceId\\\":\\s*\\\"(?.*?)\\\"\" nodrop\n| if (!isBlank(req_instanceid_1), req_instanceid_1, if (!isBlank(req_instanceid_2), req_instanceid_2, if (!isBlank(req_instanceid_3), req_instanceid_3, if (!isBlank(req_instanceid_4), req_instanceid_4, \"\")))) as req_instanceid\n| if (!isBlank(req_instanceid), req_instanceid, res_instanceid) as instanceid\n| if (!isBlank(req_instancetype), req_instancetype, res_instancetype) as instanceType \n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| tolowercase(instanceid) as instanceid\n| count as event_count by user_agent\n| sort by event_count, user_agent asc | limit 10", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-4022F95385542A46", + "title": "Successful Events", + "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"series\":{},\"legend\":{\"enabled\":false},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\",\"verticalAlignment\":\"center\",\"horizontalAlignment\":\"center\",\"showTitle\":false}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "Successful Events" + }, + { + "id": null, + "key": "panelD9E5828D86D12941", + "title": "Failure Events", + "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"title\":{\"fontSize\":14},\"series\":{},\"legend\":{\"enabled\":false},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\",\"verticalAlignment\":\"center\",\"horizontalAlignment\":\"center\",\"showTitle\":false}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "TextPanel", + "text": "Failure Events" + } + ], + "variables": [ + { + "id": null, + "name": "account", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "", + "key": "account" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false, + "valueType": "Any" + }, + { + "id": null, + "name": "region", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}}", + "key": "region" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false, + "valueType": "Any" + }, + { + "id": null, + "name": "namespace", + "displayName": "namespace", + "defaultValue": "aws/ec2", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}}", + "key": "namespace" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false, + "valueType": "Any" + } + ], + "coloringRules": [] + }, + { + "type": "DashboardV2SyncDefinition", + "name": "3. AWS EC2 Metrics - Memory", + "description": "The AWS EC2 Metrics - Memory dashboard provides details information about a EC2 memory usage.", + "title": "3. AWS EC2 Metrics - Memory", + "rootPanel": null, + "theme": "Light", + "topologyLabelMap": { + "data": { + "instanceid": [ + "*" + ], + "namespace": [ + "aws/ec2" + ], + "region": [ + "*" + ], + "account": [ + "*" + ] + } + }, + "refreshInterval": 0, + "timeRange": { + "type": "BeginBoundedTimeRange", + "from": { + "type": "RelativeTimeRangeBoundary", + "relativeTime": "-1d" + }, + "to": null + }, + "layout": { + "layoutType": "Grid", + "layoutStructures": [ + { + "key": "panelpane-efa308ec98ca9a47", + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":0}" + }, + { + "key": "panelpane-51fa4586b262ea45", + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":0}" + }, + { + "key": "panelpane-f40f828787debb4b", + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":6}" + }, + { + "key": "panelpane-f77ed3b9a7469a41", + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":6}" + }, + { + "key": "panelpane-14a8edc8a9082a44", + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":12}" + }, + { + "key": "panelpane-fd78c765b827f940", + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":12}" + } + ] + }, + "panels": [ + { + "id": null, + "key": "panelpane-efa308ec98ca9a47", + "title": "Total Physical RAM", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_Total | sum by account, region, namespace, instanceid", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-51fa4586b262ea45", + "title": "Memory Free vs Used Percentage", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Percentage\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Used Percent - {{instanceid}}\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Free Percent - {{instanceid}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_UsedPercent | sum by account, region, namespace, instanceid", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric= Mem_FreePercent | sum by account, region, namespace, instanceid", + "queryType": "Metrics", + "queryKey": "B", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-f40f828787debb4b", + "title": "Total Free, Buffers and Cached Memory", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{instanceid}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_ActualFree | sum by account, region, namespace, instanceid", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-f77ed3b9a7469a41", + "title": "Total Used, Less Buffers and Cached Memory", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"{{instanceid}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_ActualUsed | sum by account, region, namespace, instanceid", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelpane-14a8edc8a9082a44", + "title": "Total Free Memory", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_Free | sum by account, region, namespace, instanceid", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -1919,37 +2283,25 @@ "id": null, "key": "panelpane-fd78c765b827f940", "title": "Total Used Memory", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Mem_Used | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", "timeRange": null, "coloringRules": null, "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-6B4E2CE18CB63944", - "title": "Note", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"format\":\"markdownV2\",\"fontSize\":14,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false},\"title\":{\"fontSize\":16}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "This dashboard requires Sumo Logic installed collector to be present on the host and [Host Metric](https://help.sumologic.com/03Send-Data/Sources/01Sources-for-Installed-Collectors/Host-Metrics-Source) source to be configured. Click [here](https://help.sumologic.com/Observability_Solution/AWS_Observability_Solution/03_Other_Configurations_and_Tools/Add_Fields_to_Existing_Host_Metrics_Sources) to learn how to tag account and namespace fields to the existing source(s) for them to be visible in the AWS Observability Solution dashboards." } ], "variables": [ @@ -1986,11 +2338,11 @@ { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/ec2", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/ec2", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, @@ -2018,9 +2370,10 @@ }, { "type": "DashboardV2SyncDefinition", - "name": "4.2. AWS EC2 Disk (Host Metrics)", - "description": "The AWS EC2 Disk (Host Metrics) dashboard provides details information about a EC2 Disk usage.", - "title": "4.2. AWS EC2 Disk (Host Metrics)", + "name": "4. AWS EC2 Metrics - Disk", + "description": "The AWS EC2 Metrics - Disk dashboard provides details information about a EC2 Disk usage.", + "title": "4. AWS EC2 Metrics - Disk", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -2052,63 +2405,35 @@ "layoutStructures": [ { "key": "panelpane-f5adc9cfa7ab084e", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":9}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":6}" }, { "key": "panelpane-fbbffe38bcd87a4d", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":9}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":6}" }, { "key": "panelpane-74ec11c0b1d21845", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":16}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":12}" }, { "key": "panelpane-972ecae0a835ab49", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":29}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":12}" }, { "key": "panelpane-e941049387bcc843", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":16}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":18}" }, { "key": "panelpane-24a34d858564ca43", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":29}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":18}" }, { "key": "panelPANE-7940D0AEBE753846", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":3}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":0}" }, { "key": "panelPANE-A8BE6B8FB2B93A44", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":3}" - }, - { - "key": "panelPANE-83E140288B3B9A48", - "structure": "{\"height\":3,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panel888DBB5FA4FA294E", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":22}" - }, - { - "key": "panel28D28566BBFD3B4C", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":35}" - }, - { - "key": "panelPANE-60752DE0A8D6184C", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":15}" - }, - { - "key": "panelF655848EA2E3D843", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":22}" - }, - { - "key": "panel2358A1BAB0241A42", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":28}" - }, - { - "key": "panel9F7F10FE8C8B484F", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":35}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":0}" } ] }, @@ -2117,22 +2442,19 @@ "id": null, "key": "panelpane-f5adc9cfa7ab084e", "title": "Disk Used Bytes", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"instanceid={{instanceid}} DevName={{DevName}} DirName={{DirName}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"instanceid={{instanceid}} DevName={{DevName}} DirName={{DirName}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_Used | sum by account, region, namespace, instanceid, dirname, devname", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -2144,22 +2466,19 @@ "id": null, "key": "panelpane-fbbffe38bcd87a4d", "title": "Disk Available Bytes", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"instanceid={{instanceid}} DevName={{DevName}} DirName={{DirName}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"instanceid={{instanceid}} DevName={{DevName}} DirName={{DirName}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_Available | sum by account, region, namespace, instanceid, dirname, devname", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -2171,22 +2490,19 @@ "id": null, "key": "panelpane-74ec11c0b1d21845", "title": "Disk Read Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Rate\",\"minimum\":0},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Rate\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_Reads | sum by instanceid | rate increasing", + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_Reads | sum by instanceid | rate", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -2198,22 +2514,19 @@ "id": null, "key": "panelpane-972ecae0a835ab49", "title": "Disk Read Byte Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Byte Rate\",\"minimum\":0},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Byte Rate\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_ReadBytes | sum by instanceid | rate increasing", + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_ReadBytes | sum by instanceid | rate", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -2225,22 +2538,19 @@ "id": null, "key": "panelpane-e941049387bcc843", "title": "Disk Write Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Rate\",\"minimum\":0},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Rate\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_Writes | sum by instanceid | rate increasing", + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_Writes | sum by instanceid | rate", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -2252,22 +2562,19 @@ "id": null, "key": "panelpane-24a34d858564ca43", "title": "Disk Write Byte Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Byte Rate\",\"minimum\":0},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Byte Rate\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_WriteBytes | sum by instanceid | rate increasing", + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_WriteBytes | sum by instanceid | rate", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -2284,17 +2591,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric=Disk_UsedPercent account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | sum by account, region, namespace, instanceid, dirname, devname", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -2311,152 +2615,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "metric=Disk_Queue account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} | sum by account, region, namespace, instanceid, dirname, devname", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-83E140288B3B9A48", - "title": "Note", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"format\":\"markdownV2\",\"fontSize\":14,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false},\"title\":{\"fontSize\":16}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "This dashboard requires Sumo Logic installed collector to be present on the host and [Host Metric](https://help.sumologic.com/03Send-Data/Sources/01Sources-for-Installed-Collectors/Host-Metrics-Source) source to be configured. Click [here](https://help.sumologic.com/Observability_Solution/AWS_Observability_Solution/03_Other_Configurations_and_Tools/Add_Fields_to_Existing_Host_Metrics_Sources) to learn how to tag account and namespace fields to the existing source(s) for them to be visible in the AWS Observability Solution dashboards." - }, - { - "id": null, - "key": "panel888DBB5FA4FA294E", - "title": "Disk Read", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Operations\"},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_Reads | sum by instanceid", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel28D28566BBFD3B4C", - "title": "Disk Read Byte", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_ReadBytes | sum by instanceid", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-60752DE0A8D6184C", - "title": "Disk Read, Write (Operations)", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\",\"fontSize\":14},\"series\":{},\"legend\":{\"enabled\":false},\"title\":{\"fontSize\":16}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelF655848EA2E3D843", - "title": "Disk Write", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Operations\"},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_Writes | sum by instanceid", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel2358A1BAB0241A42", - "title": "Disk Read, Write (Bytes)", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\",\"fontSize\":14},\"series\":{},\"legend\":{\"enabled\":false},\"title\":{\"fontSize\":16}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panel9F7F10FE8C8B484F", - "title": "Disk Write Byte", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Disk_WriteBytes | sum by instanceid", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -2499,11 +2665,11 @@ { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/ec2", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/ec2", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, @@ -2531,9 +2697,10 @@ }, { "type": "DashboardV2SyncDefinition", - "name": "5.2. AWS EC2 Network (Host Metrics)", - "description": "The AWS EC2 Network (Host Metrics) dashboard provides details information about a EC2 Network activities based on In and out packets, bytes.", - "title": "5.2. AWS EC2 Network (Host Metrics)", + "name": "5. AWS EC2 Metrics - Network", + "description": "The AWS EC2 Metrics - Network dashboard provides details information about a EC2 Network activities based on In and out packets, bytes.", + "title": "5. AWS EC2 Metrics - Network", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -2565,47 +2732,19 @@ "layoutStructures": [ { "key": "panelpane-aae783508eb33b4b", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":19}" + "structure": "{\"height\":9,\"width\":12,\"x\":0,\"y\":0}" }, { "key": "panelpane-38312cc29dd88a45", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":19}" + "structure": "{\"height\":9,\"width\":12,\"x\":12,\"y\":0}" }, { "key": "panelpane-256276e180045843", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":4}" + "structure": "{\"height\":9,\"width\":12,\"x\":0,\"y\":9}" }, { "key": "panelpane-f0bf2577bbe6ba48", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":4}" - }, - { - "key": "panelPANE-6721BD51887F684F", - "structure": "{\"height\":3,\"width\":24,\"x\":0,\"y\":0}" - }, - { - "key": "panelPANE-CEAEA20CA5CBCA4A", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":3}" - }, - { - "key": "panelPANE-1FD6EE6CB9C8B949", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":18}" - }, - { - "key": "panelD31811DD9ADB8842", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":11}" - }, - { - "key": "panel0010AA82AEFC3842", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":11}" - }, - { - "key": "panel560A181992908B47", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":26}" - }, - { - "key": "panel5B0F35BAB437E845", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":26}" + "structure": "{\"height\":9,\"width\":12,\"x\":12,\"y\":9}" } ] }, @@ -2614,22 +2753,19 @@ "id": null, "key": "panelpane-aae783508eb33b4b", "title": "Network InPacket Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Rate\",\"minimum\":0},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Rate\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_InPackets | sum by instanceid | rate increasing", + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_InPackets | sum by instanceid | rate", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -2641,22 +2777,19 @@ "id": null, "key": "panelpane-38312cc29dd88a45", "title": "Network OutPacket Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Rate\",\"minimum\":0},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Rate\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_OutPackets | sum by instanceid | rate increasing", + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_OutPackets | sum by instanceid | rate", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -2668,22 +2801,19 @@ "id": null, "key": "panelpane-256276e180045843", "title": "Network InByte Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Rate\",\"minimum\":0},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Rate\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_InBytes | sum by instanceid | rate increasing", + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_InBytes | sum by instanceid | rate", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -2695,157 +2825,19 @@ "id": null, "key": "panelpane-f0bf2577bbe6ba48", "title": "Network OutByte Rate", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Rate\",\"minimum\":0},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_OutBytes | sum by instanceid | rate increasing", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-6721BD51887F684F", - "title": "Note", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"format\":\"markdownV2\",\"fontSize\":14,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false},\"title\":{\"fontSize\":16}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "This dashboard requires Sumo Logic installed collector to be present on the host and [Host Metric](https://help.sumologic.com/03Send-Data/Sources/01Sources-for-Installed-Collectors/Host-Metrics-Source) source to be configured. Click [here](https://help.sumologic.com/Observability_Solution/AWS_Observability_Solution/03_Other_Configurations_and_Tools/Add_Fields_to_Existing_Host_Metrics_Sources) to learn how to tag account and namespace fields to the existing source(s) for them to be visible in the AWS Observability Solution dashboards." - }, - { - "id": null, - "key": "panelPANE-CEAEA20CA5CBCA4A", - "title": "Network (Bytes)", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\",\"fontSize\":14},\"series\":{},\"legend\":{\"enabled\":false},\"title\":{\"fontSize\":16}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelPANE-1FD6EE6CB9C8B949", - "title": "Network (Packets)", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"format\":\"markdownV2\",\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\",\"fontSize\":14},\"series\":{},\"legend\":{\"enabled\":false},\"title\":{\"fontSize\":16}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "" - }, - { - "id": null, - "key": "panelD31811DD9ADB8842", - "title": "Network InByte", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\",\"minimum\":0,\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_InBytes | sum by instanceid", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel0010AA82AEFC3842", - "title": "Network OutByte", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Bytes\",\"unit\":{\"value\":\"B\",\"isCustom\":false}},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_OutBytes | sum by instanceid", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel560A181992908B47", - "title": "Network InPacket", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Packets\"},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Rate\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_InPackets | sum by instanceid", + "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_OutBytes | sum by instanceid | rate", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 - } - ], - "description": "", - "timeRange": null, - "coloringRules": null, - "linkedDashboards": [] - }, - { - "id": null, - "key": "panel5B0F35BAB437E845", - "title": "Network OutPacket", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"color\":{\"family\":\"scheme7\"},\"axes\":{\"axisY\":{\"title\":\"Packets\"},\"axisX\":{\"title\":\"\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"{{instanceid}}\"}}],\"series\":{}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "SumoSearchPanel", - "queries": [ - { - "transient": false, - "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=Net_OutPackets | sum by instanceid", - "queryType": "Metrics", - "queryKey": "A", - "metricsQueryMode": "Advanced", - "metricsQueryData": null, - "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -2888,11 +2880,11 @@ { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/ec2", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/ec2", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, @@ -2920,9 +2912,10 @@ }, { "type": "DashboardV2SyncDefinition", - "name": "6.2. AWS EC2 TCP (Host Metrics)", - "description": "The AWS EC2 TCP (Host Metrics) dashboard provides details information about a EC2 connection details.", - "title": "6.2. AWS EC2 TCP (Host Metrics)", + "name": "6. AWS EC2 Metrics - TCP", + "description": "The AWS EC2 Metrics - TCP dashboard provides details information about a EC2 connection details.", + "title": "6. AWS EC2 Metrics - TCP", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { @@ -2954,39 +2947,35 @@ "layoutStructures": [ { "key": "panelpane-17ee2e37b6eccb47", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":3}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":0}" }, { "key": "panelpane-c24a86f4a132b84c", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":3}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":0}" }, { "key": "panelpane-820b2a5db0d45848", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":15}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":12}" }, { "key": "panelpane-d8ac2293bd568940", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":15}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":12}" }, { "key": "panelpane-ef64ec5dbc991840", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":21}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":18}" }, { "key": "panelpane-35dcff5392216a4f", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":21}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":18}" }, { "key": "panelPANE-EC5685348CE70A41", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":9}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":6}" }, { "key": "panelPANE-B10542A88EB87840", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":9}" - }, - { - "key": "panelPANE-3DF23A5780C32B4B", - "structure": "{\"height\":3,\"width\":24,\"x\":0,\"y\":0}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":6}" } ] }, @@ -3000,17 +2989,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=TCP_InboundTotal | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -3027,17 +3013,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=TCP_OutboundTotal | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -3054,17 +3037,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=TCP_Listen | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -3081,17 +3061,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=TCP_Established | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -3108,17 +3085,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=TCP_CloseWait ", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -3135,17 +3109,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=TCP_TimeWait | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -3162,17 +3133,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=TCP_Idle | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -3189,32 +3157,20 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} instanceid={{instanceid}} namespace={{namespace}} metric=TCP_Close | sum by account, region, namespace, instanceid", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", "timeRange": null, "coloringRules": null, "linkedDashboards": [] - }, - { - "id": null, - "key": "panelPANE-3DF23A5780C32B4B", - "title": "Note", - "visualSettings": "{\"general\":{\"mode\":\"TextPanel\",\"type\":\"text\",\"displayType\":\"default\"},\"text\":{\"format\":\"markdownV2\",\"fontSize\":14,\"backgroundColor\":\"#dfe5e9\",\"textColor\":\"black\"},\"series\":{},\"legend\":{\"enabled\":false},\"title\":{\"fontSize\":16}}", - "keepVisualSettingsConsistentWithParent": true, - "panelType": "TextPanel", - "text": "This dashboard requires Sumo Logic installed collector to be present on the host and [Host Metric](https://help.sumologic.com/03Send-Data/Sources/01Sources-for-Installed-Collectors/Host-Metrics-Source) source to be configured. Click [here](https://help.sumologic.com/Observability_Solution/AWS_Observability_Solution/03_Other_Configurations_and_Tools/Add_Fields_to_Existing_Host_Metrics_Sources) to learn how to tag account and namespace fields to the existing source(s) for them to be visible in the AWS Observability Solution dashboards." } ], "variables": [ @@ -3251,11 +3207,11 @@ { "id": null, "name": "namespace", - "displayName": "namespace", + "displayName": null, "defaultValue": "aws/ec2", "sourceDefinition": { "variableSourceType": "MetadataVariableSourceDefinition", - "filter": "account={{account}} region={{region}} namespace=aws/ec2", + "filter": "account={{account}} region={{region}}", "key": "namespace" }, "allowMultiSelect": false, diff --git a/aws-observability/json/Ecs-App.json b/terraform-sumologic-aws-observability/examples/aws-observability/json/Ecs-App.json similarity index 100% rename from aws-observability/json/Ecs-App.json rename to terraform-sumologic-aws-observability/examples/aws-observability/json/Ecs-App.json diff --git a/terraform-sumologic-aws-observability/examples/aws-observability/json/ElastiCache-App.json b/terraform-sumologic-aws-observability/examples/aws-observability/json/ElastiCache-App.json new file mode 100644 index 00000000..79c72e22 --- /dev/null +++ b/terraform-sumologic-aws-observability/examples/aws-observability/json/ElastiCache-App.json @@ -0,0 +1,4710 @@ +{ + "type": "FolderSyncDefinition", + "name": "Amazon ElastiCache", + "description": "Amazon ElastiCache allows you to set up, run, and scale popular open-source compatible in-memory data stores in the cloud. \n\nThe Amazon ElastiCache dashboards provide visibility into key event and performance analytics that enable proactive diagnosis and response to system and environment issues. Use the preconfigured dashboards for at-a-glance analysis of event status trends, locations, successes and failures, as well as system health and performance metrics. The dashboards also have additional performance insights for Redis clusters.", + "children": [ + { + "type": "DashboardV2SyncDefinition", + "name": "1. Amazon ElastiCache - Host Performance Details", + "description": "The Amazon ElastiCache - Host Performance Details dashboard shows an overview of the resource utilization for a given ElastiCache cluster across its nodes and also showcases trends around CPU, memory, swap usage and network traffic.", + "title": "1. Amazon ElastiCache - Host Performance Details", + "rootPanel": null, + "theme": "Light", + "topologyLabelMap": { + "data": { + "namespace": [ + "aws/elasticache" + ], + "region": [ + "*" + ], + "cacheclusterid": [ + "*" + ], + "account": [ + "*" + ] + } + }, + "refreshInterval": 0, + "timeRange": { + "type": "BeginBoundedTimeRange", + "from": { + "type": "RelativeTimeRangeBoundary", + "relativeTime": "-1d" + }, + "to": null + }, + "layout": { + "layoutType": "Grid", + "layoutStructures": [ + { + "key": "panelPANE-1161D6DCA0CF2842", + "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":19}" + }, + { + "key": "panel013CB3A4B9DC3A4C", + "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":26}" + }, + { + "key": "panelFE6ADF0195E64842", + "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":19}" + }, + { + "key": "panelA3C245028BD9D843", + "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":26}" + }, + { + "key": "panelA26E1E6397AB7B42", + "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":5}" + }, + { + "key": "panel3C352A88A33C0A4E", + "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":12}" + }, + { + "key": "panel3C01D90E9E2B7B4D", + "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":5}" + }, + { + "key": "panel84447385941EF844", + "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":12}" + }, + { + "key": "panelPANE-436BAC5F8F71C844", + "structure": "{\"height\":5,\"width\":24,\"x\":0,\"y\":0}" + } + ] + }, + "panels": [ + { + "id": null, + "key": "panelPANE-1161D6DCA0CF2842", + "title": "Network Packets In", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Packets\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}} \"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsIn statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region, namespace", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel013CB3A4B9DC3A4C", + "title": "Network Packets Out", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Packets\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}} \"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsOut statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region, namespace", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelFE6ADF0195E64842", + "title": "Network Bytes In", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Bytes\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}} \"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesIn statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheClusterId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelA3C245028BD9D843", + "title": "Network Bytes Out", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Bytes\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesOut statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelA26E1E6397AB7B42", + "title": "Freeable Memory (GB)", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"GB\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}} \"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=FreeableMemory statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace | eval _value / (1024 * 1024 * 1024)", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel3C352A88A33C0A4E", + "title": "Swap Usage (MB)", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"MB\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}} \"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SwapUsage statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace | eval _value / (1024 * 1024)", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel3C01D90E9E2B7B4D", + "title": "CPU Utilization", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Percent\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}} \"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel84447385941EF844", + "title": "Engine CPU Utilization", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Percent\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}} \"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EngineCPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-436BAC5F8F71C844", + "title": "Cluster and Node Details", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\",\"decimals\":2},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"CPU Utilization\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"Freeable Memory (GB)\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"name\":\"Engine CPU Utilization\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=FreeableMemory statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region | eval _value / (1024 * 1024 * 1024) ", + "queryType": "Metrics", + "queryKey": "B", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EngineCPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace", + "queryType": "Metrics", + "queryKey": "C", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + } + ], + "variables": [ + { + "id": null, + "name": "account", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "", + "key": "account" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "region", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}}", + "key": "region" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "namespace", + "displayName": null, + "defaultValue": "aws/elasticache", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}}", + "key": "namespace" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheClusterId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}}", + "key": "cacheclusterid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheNodeId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", + "key": "cachenodeid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + } + ], + "coloringRules": [] + }, + { + "type": "DashboardV2SyncDefinition", + "name": "1. Amazon ElastiCache - Host Performance Overview", + "description": "The Amazon ElastiCache - Host Performance Overview dashboard provides detailed insights into CPU, memory and network performance metrics of hosts running your ElastiCache clusters.", + "title": "1. Amazon ElastiCache - Host Performance Overview", + "rootPanel": null, + "theme": "Light", + "topologyLabelMap": { + "data": { + "namespace": [ + "aws/elasticache" + ], + "region": [ + "*" + ], + "_sumo_domain_name": [ + "aws" + ], + "account": [ + "*" + ] + } + }, + "refreshInterval": 0, + "timeRange": { + "type": "BeginBoundedTimeRange", + "from": { + "type": "RelativeTimeRangeBoundary", + "relativeTime": "-1d" + }, + "to": null + }, + "layout": { + "layoutType": "Grid", + "layoutStructures": [ + { + "key": "panelPANE-DAD554E4A6BCC843", + "structure": "{\"height\":5,\"width\":3,\"x\":15,\"y\":0}" + }, + { + "key": "panelPANE-3FF7DB0BB6188A4D", + "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":5}" + }, + { + "key": "panelPANE-AD09413E82EF994D", + "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":5}" + }, + { + "key": "panelPANE-6CF530B1B7B1384B", + "structure": "{\"height\":5,\"width\":3,\"x\":0,\"y\":0}" + }, + { + "key": "panelPANE-80FE1A5C8372F84F", + "structure": "{\"height\":5,\"width\":3,\"x\":6,\"y\":0}" + }, + { + "key": "panelPANE-EDD9E06BB32AEA42", + "structure": "{\"height\":5,\"width\":3,\"x\":3,\"y\":0}" + }, + { + "key": "panel989CF605A88D3844", + "structure": "{\"height\":5,\"width\":3,\"x\":21,\"y\":0}" + }, + { + "key": "panel64548DCEB83D194D", + "structure": "{\"height\":5,\"width\":3,\"x\":18,\"y\":0}" + }, + { + "key": "panelF38FB8BA80FD884B", + "structure": "{\"height\":5,\"width\":3,\"x\":9,\"y\":0}" + }, + { + "key": "panelD6156E21B17CA94F", + "structure": "{\"height\":5,\"width\":3,\"x\":12,\"y\":0}" + }, + { + "key": "panelPANE-DE9EBFD69FD53A46", + "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":11}" + }, + { + "key": "panel4A4045BBA3228A4F", + "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":11}" + }, + { + "key": "panel608F10C3A9631A40", + "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":17}" + }, + { + "key": "panel622549C5B893994A", + "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":17}" + }, + { + "key": "panel0E86E8BAA74A8842", + "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":17}" + }, + { + "key": "panel8E23238D95CBF942", + "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":11}" + }, + { + "key": "panelF634964B97D8CB4B", + "structure": "{\"height\":6,\"width\":8,\"x\":16,\"y\":5}" + } + ] + }, + "panels": [ + { + "id": null, + "key": "panelPANE-DAD554E4A6BCC843", + "title": "Bytes In", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"GB\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesIn statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum | eval _value / (1024 * 1024 * 1024)", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-3FF7DB0BB6188A4D", + "title": "Average Engine CPU Utilization", + "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#75bf00\"},{\"from\":75,\"to\":85,\"color\":\"#f6c851\"},{\"from\":85,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EngineCPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by account, region, namespace, CacheClusterId, CacheNodeId", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Auto", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-AD09413E82EF994D", + "title": "Average CPU Utilization", + "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#75bf00\"},{\"from\":75,\"to\":85,\"color\":\"#f6c851\"},{\"from\":85,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Auto", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-6CF530B1B7B1384B", + "title": "Avg CPU Utilization", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Average\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#16943E\"},{\"from\":75,\"to\":85,\"color\":\"#DFBE2E\"},{\"from\":85,\"to\":101,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false},\"gauge\":{\"show\":true}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Auto", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-80FE1A5C8372F84F", + "title": "Avg Free Memory (GB)", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"GB\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=FreeableMemory statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg | eval _value / (1024 * 1024 * 1024)", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Auto", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-EDD9E06BB32AEA42", + "title": "Avg Engine CPU Utilization ", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#16943E\"},{\"from\":75,\"to\":85,\"color\":\"#DFBE2E\"},{\"from\":85,\"to\":101,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false},\"gauge\":{\"show\":true,\"min\":0,\"max\":100}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EngineCPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Auto", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel989CF605A88D3844", + "title": "Swap Usage", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"MB\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SwapUsage statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg | eval _value / (1024 * 1024)", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel64548DCEB83D194D", + "title": "Bytes Out", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"GB\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesOut statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum | eval _value / (1024 * 1024 * 1024)", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelF38FB8BA80FD884B", + "title": "Packets In", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Million\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsIn statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum | eval _value / 1000000", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelD6156E21B17CA94F", + "title": "Packets Out", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Million\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsOut statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum | eval _value / 1000000", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-DE9EBFD69FD53A46", + "title": "Bytes In - Today Vs Yesterday", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"axisYType\":\"secondary\",\"displayType\":\"smooth\",\"name\":\"Percentage Change\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesIn Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "#A | timeshift 1d", + "queryType": "Metrics", + "queryKey": "B", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "((#A-#B)/#B)*100", + "queryType": "Metrics", + "queryKey": "C", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel4A4045BBA3228A4F", + "title": "Bytes Out - Today Vs Yesterday", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"axisYType\":\"secondary\",\"displayType\":\"smooth\",\"name\":\"Percentage Change\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesOut Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "#A | timeshift 1d", + "queryType": "Metrics", + "queryKey": "B", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "((#A-#B)/#B)*100", + "queryType": "Metrics", + "queryKey": "C", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel608F10C3A9631A40", + "title": "Net Difference of In and Out (Packets) Network Traffic", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{\"A_metric=sum(NetworkPacketsIn)\":{\"visible\":true},\"B_metric=sum(NetworkPacketsIn) _timeshift=1d\":{\"visible\":true},\"C_A.metric=sum(NetworkPacketsIn) metric=sum(NetworkPacketsIn) _timeshift=1d\":{\"visible\":true}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"PacketsIn\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"PacketsOut\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"axisYType\":\"secondary\",\"displayType\":\"smooth\",\"name\":\"Net Difference\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsIn Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | rate | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsOut Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | rate | sum", + "queryType": "Metrics", + "queryKey": "B", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "#B - #A", + "queryType": "Metrics", + "queryKey": "C", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel622549C5B893994A", + "title": "Packets Out - Today Vs Yesterday", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"axisYType\":\"secondary\",\"displayType\":\"smooth\",\"name\":\"Percentage Change\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsOut Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "#A | timeshift 1d", + "queryType": "Metrics", + "queryKey": "B", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "((#A-#B)/#B)*100", + "queryType": "Metrics", + "queryKey": "C", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel0E86E8BAA74A8842", + "title": "Packets In - Today Vs Yesterday", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"axisYType\":\"secondary\",\"displayType\":\"smooth\",\"name\":\"Percentage Change\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkPacketsIn Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "#A | timeshift 1d", + "queryType": "Metrics", + "queryKey": "B", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "((#A-#B)/#B)*100", + "queryType": "Metrics", + "queryKey": "C", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel8E23238D95CBF942", + "title": "Net Difference of In and Out (Bytes) Network Traffic", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{\"A_metric=sum(NetworkPacketsIn)\":{\"visible\":true},\"B_metric=sum(NetworkPacketsIn) _timeshift=1d\":{\"visible\":true},\"C_A.metric=sum(NetworkPacketsIn) metric=sum(NetworkPacketsIn) _timeshift=1d\":{\"visible\":true}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"BytesIn\"}},{\"series\":[],\"queries\":[\"B\"],\"properties\":{\"name\":\"BytesOut\"}},{\"series\":[],\"queries\":[\"C\"],\"properties\":{\"axisYType\":\"secondary\",\"displayType\":\"smooth\",\"name\":\"Net Difference\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesIn Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | rate | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NetworkBytesOut Statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | rate | sum", + "queryType": "Metrics", + "queryKey": "B", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + }, + { + "queryString": "#B - #A", + "queryType": "Metrics", + "queryKey": "C", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelF634964B97D8CB4B", + "title": "Swap Usage (MB)", + "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":25,\"color\":\"#75bf00\"},{\"from\":25,\"to\":50,\"color\":\"#f6c851\"},{\"from\":50,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"max\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SwapUsage statistic=Maximum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | max by account, region, namespace, CacheClusterId, CacheNodeId | eval _value / (1024 * 1024)", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + } + ], + "variables": [ + { + "id": null, + "name": "account", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "", + "key": "account" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "region", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}}", + "key": "region" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "namespace", + "displayName": null, + "defaultValue": "aws/elasticache", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}}", + "key": "namespace" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheClusterId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}}", + "key": "cacheclusterid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheNodeId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", + "key": "cachenodeid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + } + ], + "coloringRules": [] + }, + { + "type": "DashboardV2SyncDefinition", + "name": "2. Amazon ElastiCache - Audit Event Overview", + "description": "The Amazon ElastiCache - Audit Event Overview dashboard provides detailed insights into all events associated with ElastiCache clusters and specifically helps identify changes, errors, users and replication groups.", + "title": "2. Amazon ElastiCache - Audit Event Overview", + "rootPanel": null, + "theme": "Light", + "topologyLabelMap": { + "data": { + "namespace": [ + "aws/elasticache" + ], + "region": [ + "*" + ], + "account": [ + "*" + ] + } + }, + "refreshInterval": 0, + "timeRange": { + "type": "BeginBoundedTimeRange", + "from": { + "type": "RelativeTimeRangeBoundary", + "relativeTime": "-1d" + }, + "to": null + }, + "layout": { + "layoutType": "Grid", + "layoutStructures": [ + { + "key": "panelPANE-9A6827ADAFD40B48", + "structure": "{\"height\":5,\"width\":6,\"x\":0,\"y\":0}" + }, + { + "key": "panel808FD9FD8BFB6846", + "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":23}" + }, + { + "key": "panelPANE-F6D67170A3207848", + "structure": "{\"height\":10,\"width\":12,\"x\":12,\"y\":0}" + }, + { + "key": "panelPANE-55BA9CD690905848", + "structure": "{\"height\":5,\"width\":12,\"x\":0,\"y\":10}" + }, + { + "key": "panelE1BCBDE685FB3944", + "structure": "{\"height\":6,\"width\":6,\"x\":0,\"y\":29}" + }, + { + "key": "panelPANE-4D66006086774A44", + "structure": "{\"height\":5,\"width\":6,\"x\":6,\"y\":0}" + }, + { + "key": "panelPANE-829F6ADB86227949", + "structure": "{\"height\":6,\"width\":18,\"x\":6,\"y\":29}" + }, + { + "key": "panel1DA5F9AA9C03F945", + "structure": "{\"height\":6,\"width\":18,\"x\":6,\"y\":23}" + }, + { + "key": "panelPANE-9D1136C884776B4C", + "structure": "{\"height\":5,\"width\":6,\"x\":0,\"y\":5}" + }, + { + "key": "panelPANE-C6B1C1249FED294C", + "structure": "{\"height\":8,\"width\":12,\"x\":0,\"y\":15}" + }, + { + "key": "panel422C79CD944AC840", + "structure": "{\"height\":8,\"width\":12,\"x\":12,\"y\":15}" + }, + { + "key": "panelB86F7C84926F1844", + "structure": "{\"height\":5,\"width\":6,\"x\":6,\"y\":5}" + }, + { + "key": "panelABB275868F4B2A44", + "structure": "{\"height\":5,\"width\":12,\"x\":12,\"y\":10}" + } + ] + }, + "panels": [ + { + "id": null, + "key": "panelPANE-9A6827ADAFD40B48", + "title": "Event Status", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"series\":{},\"legend\":{\"enabled\":false},\"overrides\":[{\"series\":[\"Success\"],\"queries\":[],\"properties\":{\"color\":\"#75bf00\"}},{\"series\":[\"Failure\"],\"queries\":[],\"properties\":{\"color\":\"#f36644\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\"\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\" as req_replicationGroupId, req_engine, req_engineVersion nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\" as res_replicationGroupId, res_engine, res_engineVersion, res_status nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| count by eventStatus\n| sort by _count, eventStatus asc", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel808FD9FD8BFB6846", + "title": "Successful Events", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"series\":{},\"legend\":{\"enabled\":false}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" !errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and isEmpty(error_code)\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\" as req_replicationGroupId, req_engine, req_engineVersion nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\" as res_replicationGroupId, res_engine, res_engineVersion, res_status nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| count by event_name\n| sort by _count, event_name asc", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-F6D67170A3207848", + "title": "Event Locations", + "visualSettings": "{\"general\":{\"mode\":\"map\",\"type\":\"map\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" sourceIPAddress\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and !(src_ip matches \"*.amazonaws.com\")\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\" as req_replicationGroupId, req_engine, req_engineVersion nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\" as res_replicationGroupId, res_engine, res_engineVersion, res_status nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| count by src_ip\n| lookup latitude, longitude, country_code, country_name, region, city, postal_code from geo://location on ip = src_ip\n| where !isNull(latitude)", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-55BA9CD690905848", + "title": "Events Trend", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"overrides\":[],\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\"\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\" as req_replicationGroupId, req_engine, req_engineVersion nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\" as res_replicationGroupId, res_engine, res_engineVersion, res_status nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| timeslice 1h\n| count by _timeslice, event_name\n| transpose row _timeslice column event_name", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelE1BCBDE685FB3944", + "title": "Failed Events", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"series\":{},\"legend\":{\"enabled\":false}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and !isEmpty(error_code)\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\" as req_replicationGroupId, req_engine, req_engineVersion nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\" as res_replicationGroupId, res_engine, res_engineVersion, res_status nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| count by event_name\n| sort by _count, event_name asc", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-4D66006086774A44", + "title": "Top 10 Error Codes", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"series\":{},\"legend\":{\"enabled\":false}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and !isEmpty(error_code)\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\" as req_replicationGroupId, req_engine, req_engineVersion nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\" as res_replicationGroupId, res_engine, res_engineVersion, res_status nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| count as Count by error_code | sort by Count, error_code asc | limit 10", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-829F6ADB86227949", + "title": "Failed Event Details", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and !isEmpty(error_code)\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\" as req_replicationGroupId, req_engine, req_engineVersion nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\" as res_replicationGroupId, res_engine, res_engineVersion, res_status nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| timeslice 1s\n| count as Count by _timeslice, event_name, error_code, error_message, src_ip, user, type, request_id, user_agent, engine, engine_version\n| sort by _timeslice", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel1DA5F9AA9C03F945", + "title": "Successful Event Details", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" !errorCode\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and isEmpty(error_code)\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\" as req_replicationGroupId, req_engine, req_engineVersion nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\" as res_replicationGroupId, res_engine, res_engineVersion, res_status nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| timeslice 1s\n| count as Count by _timeslice, event_name, src_ip, user, type, request_id, user_agent, engine, engine_version\n| sort by _timeslice", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-9D1136C884776B4C", + "title": "Top 10 ReplicationGroupId's", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"timeSeries\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" replicationGroupId\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" \n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\" as req_replicationGroupId, req_engine, req_engineVersion nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\" as res_replicationGroupId, res_engine, res_engineVersion, res_status nodrop\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| where !isEmpty(replicationgroupid)\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| res_status as Status\n| count as Count by replicationgroupid | sort by Count, replicationgroupid asc | limit 10", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-C6B1C1249FED294C", + "title": "Top 10 Users", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\"\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\" as req_replicationGroupId, req_engine, req_engineVersion nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\" as res_replicationGroupId, res_engine, res_engineVersion, res_status nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| count as Count by type, user\n| sort by Count, type asc, user asc | limit 10", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel422C79CD944AC840", + "title": "Events by User", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"bar\",\"displayType\":\"stacked\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"mode\":\"distribution\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\"\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\" as req_replicationGroupId, req_engine, req_engineVersion nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\" as res_replicationGroupId, res_engine, res_engineVersion, res_status nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| count by user, event_name\n| transpose row user column event_name", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelB86F7C84926F1844", + "title": "Event Types", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"pie\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"startAngle\":270,\"innerRadius\":\"50%\",\"maxNumOfSlices\":10,\"mode\":\"distribution\"},\"overrides\":[],\"series\":{\"A_readonlyEvents\":{\"visible\":true},\"A_updateEvents\":{\"visible\":true}},\"legend\":{\"enabled\":false}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\"\n| if (event_name matches \"*Describe*\" or event_name matches \"*List*\", \"ReadOnly\", if (!(event_name matches \"*Describe*\") and !(event_name matches \"*List*\"), \"Update\", \"Unkown\")) as EventType\n| where EventType<>\"Unknown\"\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\" as req_replicationGroupId, req_engine, req_engineVersion nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\" as res_replicationGroupId, res_engine, res_engineVersion, res_status nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| count by EventType", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelABB275868F4B2A44", + "title": "Events Status Trend", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"column\",\"displayType\":\"stacked\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"fillOpacity\":1,\"mode\":\"timeSeries\"},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[\"Failure\"],\"queries\":[],\"properties\":{\"color\":\"#f36644\"}},{\"series\":[\"Success\"],\"queries\":[],\"properties\":{\"color\":\"#75bf00\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\"\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\"\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\" as req_replicationGroupId, req_engine, req_engineVersion nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\" as res_replicationGroupId, res_engine, res_engineVersion, res_status nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| timeslice 1h\n| count by _timeslice, eventStatus\n| transpose row _timeslice column eventStatus", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + } + ], + "variables": [ + { + "id": null, + "name": "account", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "", + "key": "account" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "region", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}}", + "key": "region" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "namespace", + "displayName": null, + "defaultValue": "aws/elasticache", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}}", + "key": "namespace" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheClusterId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}}", + "key": "cacheclusterid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheNodeId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", + "key": "cachenodeid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + } + ], + "coloringRules": [] + }, + { + "type": "DashboardV2SyncDefinition", + "name": "2. Amazon ElastiCache - Redis Performance Details", + "description": "The Amazon ElastiCache - Redis Performance Details dashboard provides detailed insights into cache hits, keys, replication, connections and failures of Redis ElastiCache clusters.", + "title": "2. Amazon ElastiCache - Redis Performance Details", + "rootPanel": null, + "theme": "Light", + "topologyLabelMap": { + "data": { + "namespace": [ + "aws/elasticache" + ], + "region": [ + "*" + ], + "cacheclusterid": [ + "*" + ], + "account": [ + "*" + ] + } + }, + "refreshInterval": 0, + "timeRange": { + "type": "BeginBoundedTimeRange", + "from": { + "type": "RelativeTimeRangeBoundary", + "relativeTime": "-1d" + }, + "to": null + }, + "layout": { + "layoutType": "Grid", + "layoutStructures": [ + { + "key": "panelPANE-3A698F8A9F87D943", + "structure": "{\"height\":5,\"width\":8,\"x\":8,\"y\":10}" + }, + { + "key": "panel4B06F578B4BFEA4B", + "structure": "{\"height\":5,\"width\":8,\"x\":0,\"y\":0}" + }, + { + "key": "panelD3510977A9100B4C", + "structure": "{\"height\":5,\"width\":8,\"x\":0,\"y\":5}" + }, + { + "key": "panel45FB62658515F940", + "structure": "{\"height\":5,\"width\":8,\"x\":0,\"y\":10}" + }, + { + "key": "panel4C36770FB66C0A41", + "structure": "{\"height\":5,\"width\":8,\"x\":8,\"y\":15}" + }, + { + "key": "panel2F33FBF99B938942", + "structure": "{\"height\":5,\"width\":8,\"x\":8,\"y\":5}" + }, + { + "key": "panelA7D4B21DAC6ECA4C", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":10}" + }, + { + "key": "panel531765FA95966846", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":15}" + }, + { + "key": "panel4900BEC9B252BB4C", + "structure": "{\"height\":5,\"width\":8,\"x\":8,\"y\":0}" + }, + { + "key": "panelD94772A7BD6BD941", + "structure": "{\"height\":5,\"width\":8,\"x\":0,\"y\":15}" + }, + { + "key": "panelEEE8CD57BDA0B840", + "structure": "{\"height\":5,\"width\":8,\"x\":8,\"y\":20}" + }, + { + "key": "panel4190B757A8B60B4E", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":5}" + }, + { + "key": "panel8CD5BE7AB40B3840", + "structure": "{\"height\":5,\"width\":8,\"x\":0,\"y\":20}" + }, + { + "key": "panel7B6650EFB77E4847", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":0}" + }, + { + "key": "panel322681E79C3C2A4A", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":20}" + } + ] + }, + "panels": [ + { + "id": null, + "key": "panelPANE-3A698F8A9F87D943", + "title": "Background Save Status", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Save In Progress\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SaveInProgress statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel4B06F578B4BFEA4B", + "title": "Cache Hits", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Hits\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CacheHits statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelD3510977A9100B4C", + "title": "Cache Misses", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Misses\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CacheMisses statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel45FB62658515F940", + "title": "Active Defrag Hits", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Hits\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ActiveDefragHits statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel4C36770FB66C0A41", + "title": "Replication Bytes - Primary to Replicas", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Bytes\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ReplicationBytes statistic=average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel2F33FBF99B938942", + "title": "Master Link Health Status", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Health Status\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=MasterLinkHealthStatus statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": " Primary node sync status with Redis on EC2", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelA7D4B21DAC6ECA4C", + "title": "Reclaimed - Key Expiration Events", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Keys\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=Reclaimed statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel531765FA95966846", + "title": "Keys Tracked by Redis", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Keys\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=KeysTracked statistic=Maximum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | max by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel4900BEC9B252BB4C", + "title": "Key - Time To Live", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Milliseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=DB0AverageTTL statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelD94772A7BD6BD941", + "title": "Number of Current Client Connections", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CurrConnections statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelEEE8CD57BDA0B840", + "title": "Replication Lag", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Seconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ReplicationLag statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel4190B757A8B60B4E", + "title": "Keys Evicted Due To Max Memory Limit", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Keys\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=Evictions statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel8CD5BE7AB40B3840", + "title": "New Connections Accepted By Server", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Connections\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NewConnections statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel7B6650EFB77E4847", + "title": "Items in Cache", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Items\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CurrItems statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel322681E79C3C2A4A", + "title": "Authentication and Authorization Failures", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Failures\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=*Failures statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + } + ], + "variables": [ + { + "id": null, + "name": "account", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "", + "key": "account" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "region", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}}", + "key": "region" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "namespace", + "displayName": null, + "defaultValue": "aws/elasticache", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}}", + "key": "namespace" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheClusterId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}}", + "key": "cacheclusterid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheNodeId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", + "key": "cachenodeid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + } + ], + "coloringRules": [] + }, + { + "type": "DashboardV2SyncDefinition", + "name": "3. Amazon ElastiCache - Redis Command Latency", + "description": "The Amazon ElastiCache - Redis Command Latency dashboard provides detailed insights into latency of various Redis commands.", + "title": "3. Amazon ElastiCache - Redis Command Latency", + "rootPanel": null, + "theme": "Light", + "topologyLabelMap": { + "data": { + "namespace": [ + "aws/elasticache" + ], + "region": [ + "*" + ], + "cacheclusterid": [ + "*" + ], + "account": [ + "*" + ] + } + }, + "refreshInterval": 0, + "timeRange": { + "type": "BeginBoundedTimeRange", + "from": { + "type": "RelativeTimeRangeBoundary", + "relativeTime": "-1d" + }, + "to": null + }, + "layout": { + "layoutType": "Grid", + "layoutStructures": [ + { + "key": "panelPANE-DAD554E4A6BCC843", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":10}" + }, + { + "key": "panelPANE-80FE1A5C8372F84F", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":10}" + }, + { + "key": "panel989CF605A88D3844", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":20}" + }, + { + "key": "panel2439E90A96110842", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":5}" + }, + { + "key": "panelB9A9D10FBAA24946", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":5}" + }, + { + "key": "panel8855326E87766846", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":20}" + }, + { + "key": "panel5C5F34089624DB45", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":0}" + }, + { + "key": "panel213A8089AD47DB49", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":25}" + }, + { + "key": "panel68FD6E1FADC27840", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":15}" + }, + { + "key": "panel0A8F5410B2A40A47", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":25}" + }, + { + "key": "panel99529F87A22CD940", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":0}" + }, + { + "key": "panel509CEF36B7C8AB4B", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":30}" + }, + { + "key": "panel63CB5EBC9B50D943", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":15}" + }, + { + "key": "panelPANE-3A698F8A9F87D943", + "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":0}" + }, + { + "key": "panel4B06F578B4BFEA4B", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":0}" + }, + { + "key": "panel85BF423289A9A849", + "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":5}" + }, + { + "key": "panelD3510977A9100B4C", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":5}" + }, + { + "key": "panel26A5E8FFADB40B43", + "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":10}" + }, + { + "key": "panel45FB62658515F940", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":10}" + }, + { + "key": "panel8B618144B3D12B4F", + "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":15}" + }, + { + "key": "panelF21A4871A2A5EA43", + "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":20}" + }, + { + "key": "panel27C8934BB5EF8B4F", + "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":25}" + }, + { + "key": "panel4C36770FB66C0A41", + "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":30}" + }, + { + "key": "panel2F33FBF99B938942", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":15}" + }, + { + "key": "panelA7D4B21DAC6ECA4C", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":20}" + }, + { + "key": "panel531765FA95966846", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":25}" + }, + { + "key": "panelF914B054A0E02B48", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":30}" + }, + { + "key": "panel4900BEC9B252BB4C", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":30}" + } + ] + }, + "panels": [ + { + "id": null, + "key": "panelPANE-DAD554E4A6BCC843", + "title": "Key Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=KeyBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-80FE1A5C8372F84F", + "title": "String Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StringBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel989CF605A88D3844", + "title": "Set Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel2439E90A96110842", + "title": "Set Type Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetTypeCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelB9A9D10FBAA24946", + "title": "Get Type Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GetTypeCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel8855326E87766846", + "title": "List Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ListBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel5C5F34089624DB45", + "title": "Hash Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HashBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel213A8089AD47DB49", + "title": "SortedSet Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SortedSetBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel68FD6E1FADC27840", + "title": "HyperLogLog Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HyperLogLogBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel0A8F5410B2A40A47", + "title": "Stream Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StreamBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel99529F87A22CD940", + "title": "Eval Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EvalBasedCmdsLatency statistic=average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel509CEF36B7C8AB4B", + "title": "GeoSpatial Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GeoSpatialBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel63CB5EBC9B50D943", + "title": "PubSub Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=PubSubBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-3A698F8A9F87D943", + "title": "Eval Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EvalBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel4B06F578B4BFEA4B", + "title": "Hash Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HashBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel85BF423289A9A849", + "title": "Get Type Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GetTypeCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelD3510977A9100B4C", + "title": "Set Type Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetTypeCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel26A5E8FFADB40B43", + "title": "Key Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=KeyBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel45FB62658515F940", + "title": "String Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StringBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel8B618144B3D12B4F", + "title": "PubSub Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=PubSubBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelF21A4871A2A5EA43", + "title": "Set Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel27C8934BB5EF8B4F", + "title": "SortedSet Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SortedSetBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel4C36770FB66C0A41", + "title": "GeoSpatial Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GeoSpatialBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel2F33FBF99B938942", + "title": "HyperLogLog Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HyperLogLogBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelA7D4B21DAC6ECA4C", + "title": "List Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ListBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel531765FA95966846", + "title": "Stream Based Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StreamBasedCmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelF914B054A0E02B48", + "title": "All *Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Microseconds\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=*CmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel4900BEC9B252BB4C", + "title": "All *Cmds Latency", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Microseconds\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=*CmdsLatency statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + } + ], + "variables": [ + { + "id": null, + "name": "account", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "", + "key": "account" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "region", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}}", + "key": "region" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "namespace", + "displayName": null, + "defaultValue": "aws/elasticache", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}}", + "key": "namespace" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheClusterId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}}", + "key": "cacheclusterid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheNodeId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", + "key": "cachenodeid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + } + ], + "coloringRules": [] + }, + { + "type": "DashboardV2SyncDefinition", + "name": "3. Amazon ElastiCache - Redis Performance Overview", + "description": "The Amazon ElastiCache - Redis Performance Overview dashboard provides an overview into performance, evictions and authentication and authorization failures of ElastiCache Redis clusters.", + "title": "3. Amazon ElastiCache - Redis Performance Overview", + "rootPanel": null, + "theme": "Light", + "topologyLabelMap": { + "data": { + "namespace": [ + "aws/elasticache" + ], + "region": [ + "*" + ], + "account": [ + "*" + ] + } + }, + "refreshInterval": 0, + "timeRange": { + "type": "BeginBoundedTimeRange", + "from": { + "type": "RelativeTimeRangeBoundary", + "relativeTime": "-1d" + }, + "to": null + }, + "layout": { + "layoutType": "Grid", + "layoutStructures": [ + { + "key": "panelPANE-DAD554E4A6BCC843", + "structure": "{\"height\":5,\"width\":4,\"x\":4,\"y\":17}" + }, + { + "key": "panelPANE-3FF7DB0BB6188A4D", + "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":6}" + }, + { + "key": "panelPANE-1C688241A2863A4E", + "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":0}" + }, + { + "key": "panelPANE-801680AAAF52094B", + "structure": "{\"height\":6,\"width\":8,\"x\":8,\"y\":6}" + }, + { + "key": "panelPANE-AD09413E82EF994D", + "structure": "{\"height\":6,\"width\":8,\"x\":0,\"y\":0}" + }, + { + "key": "panelPANE-396C9FA3B219CB46", + "structure": "{\"height\":12,\"width\":8,\"x\":16,\"y\":0}" + }, + { + "key": "panelPANE-6CF530B1B7B1384B", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":12}" + }, + { + "key": "panelPANE-80FE1A5C8372F84F", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":17}" + }, + { + "key": "panelPANE-EDD9E06BB32AEA42", + "structure": "{\"height\":5,\"width\":4,\"x\":4,\"y\":12}" + }, + { + "key": "panelPANE-99CD4FA5B28B0B4C", + "structure": "{\"height\":5,\"width\":4,\"x\":8,\"y\":12}" + }, + { + "key": "panel344E0AB5B863A84E", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":12}" + }, + { + "key": "panel989CF605A88D3844", + "structure": "{\"height\":5,\"width\":4,\"x\":8,\"y\":17}" + }, + { + "key": "panel2439E90A96110842", + "structure": "{\"height\":5,\"width\":4,\"x\":20,\"y\":17}" + }, + { + "key": "panelB9A9D10FBAA24946", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":17}" + }, + { + "key": "panel8855326E87766846", + "structure": "{\"height\":5,\"width\":4,\"x\":16,\"y\":12}" + }, + { + "key": "panel5C5F34089624DB45", + "structure": "{\"height\":5,\"width\":4,\"x\":20,\"y\":12}" + }, + { + "key": "panelDFA21075A50A1943", + "structure": "{\"height\":5,\"width\":4,\"x\":16,\"y\":17}" + } + ] + }, + "panels": [ + { + "id": null, + "key": "panelPANE-DAD554E4A6BCC843", + "title": "Current Connections", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CurrConnections statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-3FF7DB0BB6188A4D", + "title": "Engine CPU Utilization", + "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#75bf00\"},{\"from\":75,\"to\":85,\"color\":\"#f6c851\"},{\"from\":85,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EngineCPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by account, region, namespace, CacheClusterId, CacheNodeId", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-1C688241A2863A4E", + "title": "Database Memory Usage Percentage", + "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":85,\"color\":\"#75bf00\"},{\"from\":85,\"to\":95,\"color\":\"#f6c851\"},{\"from\":95,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=DatabaseMemoryUsagePercentage statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by account, region, namespace, CacheClusterId, CacheNodeId", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-801680AAAF52094B", + "title": "Replica Lag (seconds)", + "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":3,\"color\":\"#75bf00\"},{\"from\":3,\"to\":5,\"color\":\"#f6c851\"},{\"from\":5,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ReplicationLag statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-AD09413E82EF994D", + "title": "CPU Utilization", + "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#75bf00\"},{\"from\":75,\"to\":85,\"color\":\"#f6c851\"},{\"from\":85,\"to\":null,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by CacheClusterId, CacheNodeId, account, region, namespace", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-396C9FA3B219CB46", + "title": "Cache Hit Rate", + "visualSettings": "{\"general\":{\"mode\":\"honeyComb\",\"type\":\"honeyComb\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"honeyComb\":{\"thresholds\":[{\"from\":85,\"to\":100,\"color\":\"#75bf00\"},{\"from\":80,\"to\":85,\"color\":\"#f6c851\"},{\"from\":0,\"to\":80,\"color\":\"#f36644\"}],\"shape\":\"hexagon\",\"groupBy\":[],\"aggregationType\":\"avg\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CacheHitRate statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg by account, region, namespace, CacheClusterId, CacheNodeId", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-6CF530B1B7B1384B", + "title": "CPU Utilization", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"mode\":\"singleValueMetrics\"},\"svp\":{\"option\":\"Average\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#16943E\"},{\"from\":75,\"to\":85,\"color\":\"#DFBE2E\"},{\"from\":85,\"to\":101,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false},\"gauge\":{\"show\":true}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-80FE1A5C8372F84F", + "title": "Authentication Failures", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Failures\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":5,\"color\":\"#16943E\"},{\"from\":5,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=AuthenticationFailures statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-EDD9E06BB32AEA42", + "title": "Engine CPU Utilization ", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#16943E\"},{\"from\":75,\"to\":85,\"color\":\"#DFBE2E\"},{\"from\":85,\"to\":101,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false},\"gauge\":{\"show\":true,\"min\":0,\"max\":100}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EngineCPUUtilization statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-99CD4FA5B28B0B4C", + "title": "Database Memory Usage", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":75,\"color\":\"#16943E\"},{\"from\":75,\"to\":85,\"color\":\"#DFBE2E\"},{\"from\":85,\"to\":101,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false},\"gauge\":{\"show\":true,\"min\":0,\"max\":100}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=DatabaseMemoryUsagePercentage statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel344E0AB5B863A84E", + "title": "Cache Hit Rate", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"%\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"No data\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":85,\"to\":101,\"color\":\"#16943E\"},{\"from\":75,\"to\":85,\"color\":\"#DFBE2E\"},{\"from\":0,\"to\":75,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":false},\"gauge\":{\"show\":true}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CacheHitRate statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel989CF605A88D3844", + "title": "Key Authorization Failures", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Failures\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":5,\"color\":\"#16943E\"},{\"from\":5,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=KeyAuthorizationFailures statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | Sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel2439E90A96110842", + "title": "Evictions", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Evictions\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=Evictions statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelB9A9D10FBAA24946", + "title": "New Connections", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Connections\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=NewConnections statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel8855326E87766846", + "title": "Memory Fragmentation Ratio", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Average\",\"label\":\"Ratio\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":1,\"to\":1.5,\"color\":\"#16943E\"},{\"from\":0,\"to\":1,\"color\":\"#DFBE2E\"},{\"from\":1.5,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=MemoryFragmentationRatio statistic=Average CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | avg", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel5C5F34089624DB45", + "title": "Bytes Used For Cache", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"GB\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":2,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":1,\"to\":null,\"color\":\"#16943E\"},{\"from\":0.5,\"to\":1,\"color\":\"#DFBE2E\"},{\"from\":0,\"to\":0.5,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=BytesUsedForCache statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum | eval _value / (1024*1024*1024)", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelDFA21075A50A1943", + "title": "Command Authorization Failures", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Failures\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":0,\"to\":5,\"color\":\"#16943E\"},{\"from\":5,\"to\":10,\"color\":\"#DFBE2E\"},{\"from\":10,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=CommandAuthorizationFailures statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + } + ], + "variables": [ + { + "id": null, + "name": "account", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "", + "key": "account" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "region", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}}", + "key": "region" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "namespace", + "displayName": null, + "defaultValue": "aws/elasticache", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}}", + "key": "namespace" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheClusterId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}}", + "key": "cacheclusterid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheNodeId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", + "key": "cachenodeid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + } + ], + "coloringRules": [] + }, + { + "type": "DashboardV2SyncDefinition", + "name": "4. Amazon ElastiCache - Audit Event Details", + "description": "The Amazon ElastiCache - Audit Event Details dashboard provides detailed insights into key operations made on your ElastiCache clusters.", + "title": "4. Amazon ElastiCache - Audit Event Details", + "rootPanel": null, + "theme": "Light", + "topologyLabelMap": { + "data": { + "namespace": [ + "aws/elasticache" + ], + "region": [ + "*" + ], + "account": [ + "*" + ] + } + }, + "refreshInterval": 0, + "timeRange": { + "type": "BeginBoundedTimeRange", + "from": { + "type": "RelativeTimeRangeBoundary", + "relativeTime": "-1d" + }, + "to": null + }, + "layout": { + "layoutType": "Grid", + "layoutStructures": [ + { + "key": "panelPANE-4C321E5190BBC948", + "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":0}" + }, + { + "key": "panelE8A325FDA251DB4E", + "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":0,\"minHeight\":3,\"minWidth\":3}" + }, + { + "key": "panel8DB1C189BCAC284A", + "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":0,\"minHeight\":3,\"minWidth\":3}" + }, + { + "key": "panelD63592089E8E5A4A", + "structure": "{\"height\":6,\"width\":24,\"x\":0,\"y\":0,\"minHeight\":3,\"minWidth\":3}" + } + ] + }, + "panels": [ + { + "id": null, + "key": "panelPANE-4C321E5190BBC948", + "title": "Create, Add, Increase ElastiCache Events", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" (Create* or CreateCacheCluster or CacheClusterProvisioningComplete or AddCacheNodeComplete or IncreaseReplicaCount)\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and (event_name matches \"Create*\" or event_name in (\"CreateCacheCluster\", \"CacheClusterProvisioningComplete\", \"AddCacheNodeComplete\", \"IncreaseReplicaCount\"))\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\", \"cacheSubnetGroupName\", \"vpcId\", \"snapshotRetentionLimit\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId, cachesubnetgroupname, vpcid, snapshotretentionlimit nodrop\n| json field=responseElements \"autoMinorVersionUpgrade\", \"cacheNodeType\", \"numCacheNodes\" as auto_minorversion_upgrade, cachenodetype, numcachenodes nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| res_status as Status\n| timeslice 1s\n| count as Count by _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid // , engine, engine_version, cachesubnetgroupname, vpcid, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes\n| fields _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid // , engine, engine_version, cachesubnetgroupname, vpcid, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes, Count\n| sort by _timeslice", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelE8A325FDA251DB4E", + "title": "Modify ElastiCache Events", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" (Modify* or ModifyCacheCluster or CacheClusterParametersChanged or CacheClusterScalingComplete or CacheClusterSecurityGroupModified or IncreaseReplicaCount or DecreaseReplicaCount)\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and (event_name matches \"Modify*\" or event_name in (\"ModifyCacheCluster\", \"CacheClusterParametersChanged\", \"CacheClusterScalingComplete\", \"CacheClusterSecurityGroupModified\", \"IncreaseReplicaCount\", \"DecreaseReplicaCount\"))\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\", \"snapshotRetentionLimit\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId, snapshotretentionlimit nodrop\n| json field=responseElements \"autoMinorVersionUpgrade\", \"cacheNodeType\", \"numCacheNodes\" as auto_minorversion_upgrade, cachenodetype, numcachenodes nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountid, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as event_status\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| res_status as Status\n| timeslice 1s\n| count as Count by _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid // , engine, engine_version, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes\n| fields _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid // , engine, engine_version, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes, Count\n| sort by _timeslice", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel8DB1C189BCAC284A", + "title": "Delete, Remove, Decrease, Revoke, Reset ElastiCache Events", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" (Delete* or Remove* or Decrease* or RemoveCacheNodeComplete or DeleteCacheClusterComplete or DecreaseReplicaCount or Revoke* or Reset*)\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and (event_name matches \"Delete*\" or event_name matches \"Remove*\" or event_name matches \"Decrease*\" or event_name matches \"Revoke*\" or event_name matches \"Reset*\" or event_name in (\"RemoveCacheNodeComplete\", \"DeleteCacheClusterComplete\", \"DecreaseReplicaCount\"))\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\", \"snapshotRetentionLimit\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId, snapshotretentionlimit nodrop\n| json field=responseElements \"autoMinorVersionUpgrade\", \"cacheNodeType\", \"numCacheNodes\" as auto_minorversion_upgrade, cachenodetype, numcachenodes nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| res_status as Status\n| timeslice 1s\n| count as Count by _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid //, engine, engine_version, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes\n| fields _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid //, engine, engine_version, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes, Count\n| sort by _timeslice", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelD63592089E8E5A4A", + "title": "Node Reboot ElastiCache Events", + "visualSettings": "{\"title\":{\"fontSize\":16},\"general\":{\"type\":\"table\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"paginationPageSize\":100,\"fontSize\":12,\"mode\":\"distribution\"},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} \"\\\"eventSource\\\":\\\"elasticache.amazonaws.com\\\"\" (Reboot* or CacheNodesRebooted)\n| json \"userIdentity\", \"eventSource\", \"eventName\", \"awsRegion\", \"sourceIPAddress\", \"userAgent\", \"eventType\", \"recipientAccountId\", \"requestParameters\", \"responseElements\", \"requestID\", \"errorCode\", \"errorMessage\" as userIdentity, event_source, event_name, region, src_ip, user_agent, event_type, recipient_account_id, requestParameters, responseElements, request_id, error_code, error_message nodrop\n| where event_source = \"elasticache.amazonaws.com\" and (event_name matches \"Reboot*\" or event_name=\"CacheNodesRebooted\")\n| json field=userIdentity \"type\", \"principalId\", \"arn\", \"userName\", \"accountId\" nodrop\n| json field=userIdentity \"sessionContext.attributes.mfaAuthenticated\" as mfaAuthenticated nodrop\n| json field=requestParameters \"replicationGroupId\", \"engine\", \"engineVersion\", \"cacheClusterId\" as req_replicationGroupId, req_engine, req_engineVersion, req_cacheClusterId nodrop\n| json field=responseElements \"replicationGroupId\", \"engine\", \"engineVersion\", \"status\", \"cacheClusterId\", \"res_cacheClusterStatus\", \"snapshotRetentionLimit\" as res_replicationGroupId, res_engine, res_engineVersion, res_status, res_cacheClusterId, res_cacheClusterStatus, snapshotretentionlimit nodrop\n| json field=responseElements \"autoMinorVersionUpgrade\", \"cacheNodeType\", \"numCacheNodes\" as auto_minorversion_upgrade, cachenodetype, numcachenodes nodrop\n| parse field=arn \":assumed-role/*\" as user nodrop \n| parse field=arn \"arn:aws:iam::*:*\" as accountId, user nodrop\n| if (isEmpty(error_code), \"Success\", \"Failure\") as eventStatus\n| if (isEmpty(userName), user, userName) as user\n| if (isEmpty(req_replicationGroupId), res_replicationGroupId, req_replicationGroupId) as replicationgroupid\n| if (isEmpty(req_engine), res_engine, req_engine) as engine\n| if (isEmpty(req_engineVersion), res_engineVersion, req_engineVersion) as engine_version\n| if (isEmpty(req_cacheClusterId), res_cacheClusterId, req_cacheClusterId) as cacheclusterid\n| eventStatus as status\n| where tolowercase(cacheclusterid) matches tolowercase(\"{{CacheClusterId}}\")\n| timeslice 1s\n| count as Count by _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid // , engine, engine_version, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes\n| fields _timeslice, event_name, src_ip, user, type, request_id, user_agent, cacheclusterid, replicationgroupid // , engine, engine_version, snapshotretentionlimit, status, auto_minorversion_upgrade, cachenodetype, numcachenodes, Count\n| sort by _timeslice", + "queryType": "Logs", + "queryKey": "A", + "metricsQueryMode": null, + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + } + ], + "variables": [ + { + "id": null, + "name": "account", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "", + "key": "account" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "region", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}}", + "key": "region" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "namespace", + "displayName": null, + "defaultValue": "aws/elasticache", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}}", + "key": "namespace" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheClusterId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}}", + "key": "cacheclusterid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheNodeId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", + "key": "cachenodeid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + } + ], + "coloringRules": [] + }, + { + "type": "DashboardV2SyncDefinition", + "name": "4. Amazon ElastiCache - Redis Command Stats", + "description": "The Amazon ElastiCache - Redis Command Stats dashboard provides detailed insights into the number of commands being performed.", + "title": "4. Amazon ElastiCache - Redis Command Stats", + "rootPanel": null, + "theme": "Light", + "topologyLabelMap": { + "data": { + "namespace": [ + "aws/elasticache" + ], + "region": [ + "*" + ], + "cacheclusterid": [ + "*" + ], + "account": [ + "*" + ] + } + }, + "refreshInterval": 0, + "timeRange": { + "type": "BeginBoundedTimeRange", + "from": { + "type": "RelativeTimeRangeBoundary", + "relativeTime": "-1d" + }, + "to": null + }, + "layout": { + "layoutType": "Grid", + "layoutStructures": [ + { + "key": "panelPANE-DAD554E4A6BCC843", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":10}" + }, + { + "key": "panelPANE-80FE1A5C8372F84F", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":10}" + }, + { + "key": "panel989CF605A88D3844", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":20}" + }, + { + "key": "panel2439E90A96110842", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":5}" + }, + { + "key": "panelB9A9D10FBAA24946", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":5}" + }, + { + "key": "panel8855326E87766846", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":20}" + }, + { + "key": "panel5C5F34089624DB45", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":0}" + }, + { + "key": "panel213A8089AD47DB49", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":25}" + }, + { + "key": "panel68FD6E1FADC27840", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":15}" + }, + { + "key": "panel0A8F5410B2A40A47", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":25}" + }, + { + "key": "panel99529F87A22CD940", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":0}" + }, + { + "key": "panel509CEF36B7C8AB4B", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":30}" + }, + { + "key": "panel63CB5EBC9B50D943", + "structure": "{\"height\":5,\"width\":4,\"x\":0,\"y\":15}" + }, + { + "key": "panelPANE-3A698F8A9F87D943", + "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":0}" + }, + { + "key": "panel4B06F578B4BFEA4B", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":0}" + }, + { + "key": "panel85BF423289A9A849", + "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":5}" + }, + { + "key": "panelD3510977A9100B4C", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":5}" + }, + { + "key": "panel26A5E8FFADB40B43", + "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":10}" + }, + { + "key": "panel45FB62658515F940", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":10}" + }, + { + "key": "panel8B618144B3D12B4F", + "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":15}" + }, + { + "key": "panelF21A4871A2A5EA43", + "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":15,\"minHeight\":3,\"minWidth\":3}" + }, + { + "key": "panel27C8934BB5EF8B4F", + "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":15,\"minHeight\":3,\"minWidth\":3}" + }, + { + "key": "panel4C36770FB66C0A41", + "structure": "{\"height\":5,\"width\":8,\"x\":4,\"y\":15,\"minHeight\":3,\"minWidth\":3}" + }, + { + "key": "panel2F33FBF99B938942", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":10,\"minHeight\":3,\"minWidth\":3}" + }, + { + "key": "panelA7D4B21DAC6ECA4C", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":10,\"minHeight\":3,\"minWidth\":3}" + }, + { + "key": "panel531765FA95966846", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":10,\"minHeight\":3,\"minWidth\":3}" + }, + { + "key": "panelF914B054A0E02B48", + "structure": "{\"height\":5,\"width\":4,\"x\":12,\"y\":25,\"minHeight\":3,\"minWidth\":3}" + }, + { + "key": "panel4900BEC9B252BB4C", + "structure": "{\"height\":5,\"width\":8,\"x\":16,\"y\":10,\"minHeight\":3,\"minWidth\":3}" + } + ] + }, + "panels": [ + { + "id": null, + "key": "panelPANE-DAD554E4A6BCC843", + "title": "Key Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=KeyBasedCmds statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-80FE1A5C8372F84F", + "title": "String Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StringBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel989CF605A88D3844", + "title": "Set Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel2439E90A96110842", + "title": "Set Type Cmds", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetTypeCmds statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelB9A9D10FBAA24946", + "title": "Get Type Cmds", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GetTypeCmds statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel8855326E87766846", + "title": "List Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ListBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel5C5F34089624DB45", + "title": "Hash Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HashBasedCmds statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel213A8089AD47DB49", + "title": "Sorted Set Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SortedSetBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel68FD6E1FADC27840", + "title": "HyperLogLog Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HyperLogLogBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel0A8F5410B2A40A47", + "title": "Stream Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StreamBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel99529F87A22CD940", + "title": "Eval Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EvalBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel509CEF36B7C8AB4B", + "title": "Geospatial Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GeoSpatialBasedCmds statistic=Sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel63CB5EBC9B50D943", + "title": "PubSub Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"#222D3B\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=PubSubBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelPANE-3A698F8A9F87D943", + "title": "Eval Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=EvalBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel4B06F578B4BFEA4B", + "title": "Hash Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HashBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel85BF423289A9A849", + "title": "Get Type Cmds", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GetTypeCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelD3510977A9100B4C", + "title": "Set Type Cmds", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetTypeCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel26A5E8FFADB40B43", + "title": "Key Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=KeyBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel45FB62658515F940", + "title": "String Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StringBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel8B618144B3D12B4F", + "title": "PubSub Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=PubSubBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelF21A4871A2A5EA43", + "title": "Set Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SetBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel27C8934BB5EF8B4F", + "title": "Sorted Set Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=SortedSetBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel4C36770FB66C0A41", + "title": "Geospatial Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=GeoSpatialBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel2F33FBF99B938942", + "title": "HyperLogLog Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=HyperLogLogBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelA7D4B21DAC6ECA4C", + "title": "List Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=ListBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel531765FA95966846", + "title": "Stream Based Cmds", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=StreamBasedCmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panelF914B054A0E02B48", + "title": "All *Cmds", + "visualSettings": "{\"general\":{\"mode\":\"singleValueMetrics\",\"type\":\"svp\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\"},\"title\":{\"fontSize\":16},\"svp\":{\"option\":\"Sum\",\"label\":\"Commands\",\"useBackgroundColor\":false,\"useNoData\":false,\"noDataString\":\"0\",\"hideData\":false,\"rounding\":0,\"valueFontSize\":24,\"labelFontSize\":14,\"thresholds\":[{\"from\":null,\"to\":null,\"color\":\"#16943E\"},{\"from\":null,\"to\":null,\"color\":\"#DFBE2E\"},{\"from\":null,\"to\":null,\"color\":\"#BF2121\"}],\"sparkline\":{\"show\":true,\"color\":\"\"},\"gauge\":{\"show\":false}},\"series\":{}}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=*Cmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + }, + { + "id": null, + "key": "panel4900BEC9B252BB4C", + "title": "All *Cmds", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\",\"type\":\"line\",\"displayType\":\"default\",\"outlierBandColor\":\"#FDECF5\",\"outlierBandMarkerColor\":\"#F032A9\",\"outlierBandFillOpacity\":0.5,\"outlierBandLineThickness\":2,\"outlierBandMarkerSize\":10,\"outlierBandMarkerType\":\"triangle\",\"outlierBandLineDashType\":\"solid\",\"outlierBandDisplayType\":\"default\",\"markerSize\":0,\"lineDashType\":\"solid\",\"markerType\":\"none\",\"lineThickness\":2},\"title\":{\"fontSize\":16},\"axes\":{\"axisX\":{\"title\":\"\",\"titleFontSize\":11,\"labelFontSize\":10},\"axisY\":{\"titleFontSize\":11,\"labelFontSize\":12,\"logarithmic\":false,\"gridColor\":\"#dde4e9\",\"title\":\"Commands\"}},\"legend\":{\"enabled\":true,\"verticalAlign\":\"bottom\",\"fontSize\":12,\"maxHeight\":50,\"showAsTable\":false,\"wrap\":true},\"color\":{\"family\":\"scheme9\"},\"series\":{},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"properties\":{\"name\":\"{{CacheClusterId}}, {{CacheNodeId}}\"}}]}", + "keepVisualSettingsConsistentWithParent": true, + "panelType": "SumoSearchPanel", + "queries": [ + { + "queryString": "account={{account}} region={{region}} namespace={{namespace}} metric=*Cmds statistic=sum CacheClusterId={{CacheClusterId}} CacheNodeId={{CacheNodeId}} | sum by CacheClusterId, CacheNodeId, account, region", + "queryType": "Metrics", + "queryKey": "A", + "metricsQueryMode": "Advanced", + "metricsQueryData": null, + "tracesQueryData": null, + "parseMode": "Manual", + "timeSource": "Message" + } + ], + "description": "", + "timeRange": null, + "coloringRules": null, + "linkedDashboards": [] + } + ], + "variables": [ + { + "id": null, + "name": "account", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "", + "key": "account" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "region", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}}", + "key": "region" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "namespace", + "displayName": null, + "defaultValue": "aws/elasticache", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}}", + "key": "namespace" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheClusterId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}}", + "key": "cacheclusterid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + }, + { + "id": null, + "name": "CacheNodeId", + "displayName": null, + "defaultValue": "*", + "sourceDefinition": { + "variableSourceType": "MetadataVariableSourceDefinition", + "filter": "account={{account}} region={{region}} namespace={{namespace}} CacheClusterId={{CacheClusterId}}", + "key": "cachenodeid" + }, + "allowMultiSelect": false, + "includeAllOption": true, + "hideFromUI": false + } + ], + "coloringRules": [] + } + ] +} \ No newline at end of file diff --git a/aws-observability/json/Lambda-App.json b/terraform-sumologic-aws-observability/examples/aws-observability/json/Lambda-App.json similarity index 67% rename from aws-observability/json/Lambda-App.json rename to terraform-sumologic-aws-observability/examples/aws-observability/json/Lambda-App.json index 6abaec6a..7ca3d211 100644 --- a/aws-observability/json/Lambda-App.json +++ b/terraform-sumologic-aws-observability/examples/aws-observability/json/Lambda-App.json @@ -1,19 +1,17 @@ { "type": "FolderSyncDefinition", "name": "AWS Lambda", - "description": "The Sumo Logic AWS Lambda App uses the Lambda logs via CloudWatch, CloudWatch Metrics and the CloudTrail Lambda Data Events to visualize the operational and performance trends in all the Lambda functions in your account. The preconfigured dashboards provide insights into executions, memory and duration usage by function versions or aliases, errors, billed duration, function callers, IAM users, and threat details.", + "description": "The Sumo Logic AWS Lambda App uses the Lambda logs via CloudWatch, CloudWatch Metrics and the CloudTrail Lambda Data Events to visualize the operational and performance trends in all the Lambda functions in your account. The preconfigured dashboards provide insights into executions such as memory and duration usage by function versions or aliases, errors, billed duration, function callers, IAM users, and threat details.", "children": [ { "type": "DashboardV2SyncDefinition", "name": "1. AWS Lambda - Overview", "description": "The AWS Lambda - Overview dashboard provides intuitive insights with CloudWatch Lambda metrics, CloudTrail audit logs for Lambda, as well as Lambda logs to give you an at-a-glance view of actions, performance, and health of your AWS Lambda functions.", "title": "1. AWS Lambda - Overview", + "rootPanel": null, "theme": "Light", "topologyLabelMap": { "data": { - "9bfbcb9b1f28dcbf2412921022a5649c": [ - "*" - ], "namespace": [ "aws/lambda" ], @@ -62,19 +60,19 @@ }, { "key": "panelpane-bae35066b5b60848", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":16}" + "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":15}" }, { "key": "panelpane-f03235ddbab6fa4b", - "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":23}" + "structure": "{\"height\":6,\"width\":12,\"x\":0,\"y\":22}" }, { "key": "panelpane-02614a9cbadabb4e", - "structure": "{\"height\":7,\"width\":3,\"x\":12,\"y\":16}" + "structure": "{\"height\":6,\"width\":3,\"x\":12,\"y\":16}" }, { "key": "panelpane-58fe78d0978b6843", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":29}" + "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":28}" }, { "key": "panelpane-9661a24080cb7a43", @@ -90,23 +88,23 @@ }, { "key": "panelpane-d9f052d8a3216943", - "structure": "{\"height\":7,\"width\":9,\"x\":15,\"y\":16}" + "structure": "{\"height\":6,\"width\":9,\"x\":15,\"y\":16}" }, { "key": "panelpane-10f4e6b2b578c949", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":44}" + "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":43}" }, { "key": "panelpane-d93f12b480302940", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":51}" + "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":50}" }, { "key": "panelpane-6a76b586aaa6eb44", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":51}" + "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":50}" }, { "key": "panelpane-6dcf5bbf91746849", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":44}" + "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":43}" }, { "key": "panelPANE-2E7EA641BAAB3A42", @@ -114,27 +112,27 @@ }, { "key": "panelPANE-32972729B258184D", - "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":23}" + "structure": "{\"height\":6,\"width\":12,\"x\":12,\"y\":22}" }, { "key": "panelPANE-F3CF4036807F6A48", - "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":36}" + "structure": "{\"height\":7,\"width\":12,\"x\":0,\"y\":35}" }, { "key": "panelPANE-7CDE0CEA8CE70A4E", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":15}" + "structure": "{\"height\":1,\"width\":12,\"x\":12,\"y\":15}" }, { "key": "panelPANE-E8769C639BAF1947", - "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":43}" + "structure": "{\"height\":1,\"width\":24,\"x\":0,\"y\":42}" }, { "key": "panelPANE-646319CAA0B03A4E", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":29}" + "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":28}" }, { "key": "panelA75FF450AE9AAB4D", - "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":36}" + "structure": "{\"height\":7,\"width\":12,\"x\":12,\"y\":35}" } ] }, @@ -148,17 +146,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "\"lambda.amazonaws.com\" IAMUser account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"sourceIPAddress\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"additionalEventData\" as event_name, event_source, Region, user_agent, src_ip, accountId, userIdentity, requestParameters, additionalEventData nodrop\n| json field=userIdentity \"type\", \"userName\", \"invokedBy\", \"arn\" as caller_type, user_name, invoked_by, arn nodrop | json field=requestParameters \"functionName\", \"resource\" as functionname, resource nodrop | json field=additionalEventData \"functionVersion\" as func_version nodrop \n| where caller_type = \"IAMUser\"\n| parse regex field=functionname \"\\w+:\\w+:\\S+:[\\w-]+:\\S+:\\S+:(?[\\S]+)$\" nodrop\n| parse field=resource \"arn:*:lambda:*:function:*\" as arn_part, f1, functionname2 nodrop\n| if (isEmpty(functionname), functionname2, functionname) as functionname\n| where tolowercase(functionname) matches tolowercase(\"{{functionname}}\")\n| parse regex field=func_version \"\\w+:\\w+:\\S+:[\\w-]+:\\S+:\\S+:(?[\\S]+:[\\S ]+)$\" nodrop\n| parse field=arn \"arn:*:*::*:*\" as arn_part, f1, f2, assumedroleuser nodrop\n| if (isNull(user_name), invoked_by, user_name) as caller\n| if (isNull(invoked_by), user_name, invoked_by) as caller\n| if (isNull(caller), assumedroleuser, caller) as caller\n| count as Invocations by caller\n| top 10 caller by Invocations", + "queryString": "\"lambda.amazonaws.com\" \"\\\"eventName\\\":\\\"Invoke\\\"\" IAMUser account={{account}} Namespace={{namespace}} region={{region}}\n| json \"eventName\", \"eventSource\", \"awsRegion\", \"userAgent\", \"sourceIPAddress\", \"recipientAccountId\", \"userIdentity\", \"requestParameters\", \"additionalEventData\" as event_name, event_source, Region, user_agent, src_ip, accountId, userIdentity, requestParameters, additionalEventData nodrop\n| json field=userIdentity \"type\", \"userName\", \"invokedBy\", \"arn\" as caller_type, user_name, invoked_by, arn nodrop | json field=requestParameters \"functionName\", \"resource\" as functionname, resource nodrop | json field=additionalEventData \"functionVersion\" as func_version nodrop \n| where event_name = \"Invoke\" and caller_type = \"IAMUser\"\n| parse regex field=functionname \"\\w+:\\w+:\\S+:[\\w-]+:\\S+:\\S+:(?[\\S]+)$\" nodrop\n| parse field=resource \"arn:aws:lambda:*:function:*\" as f1, functionname2 nodrop\n| if (isEmpty(functionname), functionname2, functionname) as functionname\n| where tolowercase(functionname) matches tolowercase(\"{{functionname}}\")\n| parse regex field=func_version \"\\w+:\\w+:\\S+:[\\w-]+:\\S+:\\S+:(?[\\S]+:[\\S ]+)$\" nodrop\n| parse field=arn \"arn:aws:*::*:*\" as f1, f2, assumedroleuser nodrop\n| if (isNull(user_name), invoked_by, user_name) as caller\n| if (isNull(invoked_by), user_name, invoked_by) as caller\n| if (isNull(caller), assumedroleuser, caller) as caller\n| count as Invocations by caller\n| top 10 caller by Invocations", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Manual", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -170,48 +165,39 @@ "id": null, "key": "panelpane-8e03665b8cdca84a", "title": "Invocations - Today vs Yesterday vs Last Week", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Invocations\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"color\":\"#8be2ff\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"color\":\"#9bd3e6\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"color\":\"#cbbfff\",\"name\":\"Last Week\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Invocations\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"type\":\"line\",\"name\":\"Last Week\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "Namespace={{namespace}} metric=Invocations statistic=Sum account={{account}} region={{region}} functionname={{functionname}} Resource=* | sum by account, region, namespace", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" }, { - "transient": false, "queryString": "Namespace={{namespace}} metric=Invocations statistic=Sum account={{account}} region={{region}} functionname={{functionname}} Resource=* | sum by account, region, namespace | timeshift -1d", "queryType": "Metrics", "queryKey": "B", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" }, { - "transient": false, "queryString": "Namespace={{namespace}} metric=Invocations statistic=Sum account={{account}} region={{region}} functionname={{functionname}} Resource=* | sum by account, region, namespace | timeshift -7d ", "queryType": "Metrics", "queryKey": "C", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -223,48 +209,39 @@ "id": null, "key": "panelpane-ca5a7c80a6581847", "title": "Errors - Today vs Yesterday vs Last Week", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Errors\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#8be2ff\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#9bd3e6\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#cbbfff\",\"name\":\"Last Week\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Errors\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"Last Week\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "Namespace={{namespace}} metric=Errors statistic=Sum account={{account}} region={{region}} functionname={{functionname}} Resource=* | sum by account, region, namespace", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" }, { - "transient": false, "queryString": "Namespace={{namespace}} metric=Errors statistic=Sum account={{account}} region={{region}} functionname={{functionname}} Resource=* | sum by account, region, namespace | timeshift 1d", "queryType": "Metrics", "queryKey": "B", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" }, { - "transient": false, "queryString": "Namespace={{namespace}} metric=Errors statistic=Sum account={{account}} region={{region}} functionname={{functionname}} Resource=* | sum by account, region, namespace | timeshift 7d", "queryType": "Metrics", "queryKey": "C", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -276,48 +253,39 @@ "id": null, "key": "panelpane-3607a1da9980c849", "title": "Duration - Today vs Yesterday vs Last Week", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Milliseconds\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#8be2ff\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#9bd3e6\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#cbbfff\",\"name\":\"Last Week\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Milliseconds\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"Last Week\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "Namespace={{namespace}} metric=Duration statistic=average account={{account}} region={{region}} functionname={{functionname}} Resource=* | avg by account, region, namespace", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" }, { - "transient": false, "queryString": "Namespace={{namespace}} metric=Duration statistic=average account={{account}} region={{region}} functionname={{functionname}} Resource=* | avg by account, region, namespace | timeshift 1d", "queryType": "Metrics", "queryKey": "B", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" }, { - "transient": false, "queryString": "Namespace={{namespace}} metric=Duration statistic=average account={{account}} region={{region}} functionname={{functionname}} Resource=* | avg by account, region, namespace | timeshift 7d", "queryType": "Metrics", "queryKey": "C", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -329,48 +297,39 @@ "id": null, "key": "panelpane-3aa7297fa4a29944", "title": "Throttling - Today vs Yesterday vs Last Week", - "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Avg Throttling Events\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#8be2ff\",\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#9bd3e6\",\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"color\":\"#cbbfff\",\"name\":\"Last Week\"}}],\"series\":{}}", + "visualSettings": "{\"general\":{\"mode\":\"timeSeries\"},\"axes\":{\"axisY\":{\"title\":\"Avg Throttling Events\"}},\"overrides\":[{\"series\":[],\"queries\":[\"A\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"Today\"}},{\"series\":[],\"queries\":[\"B\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"Yesterday\"}},{\"series\":[],\"queries\":[\"C\"],\"userProvidedChartType\":false,\"properties\":{\"name\":\"Last Week\"}}]}", "keepVisualSettingsConsistentWithParent": true, "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "Namespace={{namespace}} metric=Throttles statistic=average account={{account}} region={{region}} functionname={{functionname}} Resource=* | avg by account, region, namespace", "queryType": "Metrics", "queryKey": "A", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" }, { - "transient": false, "queryString": "Namespace={{namespace}} metric=Throttles statistic=average account={{account}} region={{region}} functionname={{functionname}} Resource=* | avg by account, region, namespace | timeshift 1d", "queryType": "Metrics", "queryKey": "B", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" }, { - "transient": false, "queryString": "Namespace={{namespace}} metric=Throttles statistic=average account={{account}} region={{region}} functionname={{functionname}} Resource=* | avg by account, region, namespace | timeshift 7d", "queryType": "Metrics", "queryKey": "C", "metricsQueryMode": "Advanced", "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, - "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "parseMode": "Manual", + "timeSource": "Message" } ], "description": "", @@ -387,17 +346,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "account={{account}} region={{region}} Namespace={{namespace}} Duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n// | json \"logStream\", \"logGroup\" nodrop\n| _sourceName as logStream | _sourceHost as logGroup\n| parse regex field=message \"REPORT\\s+RequestId:\\s+(?[^\\s]+)\\s+Duration:\\s+(?[^\\s]+)\\s+ms\\s+Billed Duration:\\s+(?[^\\s]+)\\s+ms\\s+Memory\\s+Size:\\s+(?[^\\s]+)\\s+MB\\s+Max\\s+Memory\\s+Used:\\s+(?[^\\s]+)\\s+MB\" nodrop\n| parse regex field=message \"REPORT\\s+RequestId:\\s+(?[^\\s]+)\\s+Duration:\\s+(?[^\\s]+)\\s+ms\\s+Billed Duration:\\s+(?[^\\s]+)\\s+ms\\s+Memory\\s+Size:\\s+(?[^\\s]+)\\s+MB\\s+Max\\s+Memory\\s+Used:\\s+(?[^\\s]+)\\s+MB\\s+Init\\s+Duration:\\s+(?[^\\s]+)\" nodrop\n| parse field=loggroup \"/aws/lambda/*\" as functionname\n| where tolowercase(functionname) matches tolowercase(\"{{functionname}}\")\n| sum(Duration) as %\"Total Duration\", avg(Duration) as %\"Avg Duration\", avg(initdur) as %\"Avg Init Duration\", count as Invocations by functionname\n| top 10 functionname by %\"Avg Duration\", %\"Total Duration\", %\"Avg Init Duration\", Invocations\n| format( \"%.2f\",%\"Avg Duration\") as %\"Avg Duration\"\n| format( \"%.2f\",%\"Total Duration\") as %\"Total Duration\"\n| format( \"%.2f\",%\"Avg Init Duration\") as %\"Avg Init Duration\"", + "queryString": "account={{account}} region={{region}} Namespace={{namespace}} Duration\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n// | json \"logStream\", \"logGroup\" nodrop\n| _sourceName as logStream | _sourceHost as logGroup\n| parse regex field=message \"REPORT\\s+RequestId:\\s+(?[^\\s]+)\\s+Duration:\\s+(?[^\\s]+)\\s+ms\\s+Billed Duration:\\s+(?[^\\s]+)\\s+ms\\s+Memory\\s+Size:\\s+(?[^\\s]+)\\s+MB\\s+Max\\s+Memory\\s+Used:\\s+(?[^\\s]+)\\s+MB\" \n| parse field=loggroup \"/aws/lambda/*\" as functionname\n| where tolowercase(functionname) matches tolowercase(\"{{functionname}}\")\n| sum(Duration) as %\"Total Duration\", avg(Duration) as %\"Avg Duration\", count as Invocations by functionname\n| top 10 functionname by %\"Avg Duration\", %\"Total Duration\", Invocations\n| format( \"%.2f\",%\"Avg Duration\") as %\"Avg Duration\"\n| format( \"%.2f\",%\"Total Duration\") as %\"Total Duration\"", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": 1000 + "timeSource": "Message" } ], "description": "", @@ -414,17 +370,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, "queryString": "account={{account}} region={{region}} Namespace={{namespace}} Memory Used Size\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n// | json \"logStream\", \"logGroup\" nodrop\n| _sourceName as logStream | _sourceHost as logGroup\n| parse regex field=message \"REPORT\\s+RequestId:\\s+(?[^\\s]+)\\s+Duration:\\s+(?[^\\s]+)\\s+ms\\s+Billed Duration:\\s+(?[^\\s]+)\\s+ms\\s+Memory\\s+Size:\\s+(?[^\\s]+)\\s+MB\\s+Max\\s+Memory\\s+Used:\\s+(?[^\\s]+)\\s+MB\" \n| parse field=loggroup \"/aws/lambda/*\" as functionname\n| where tolowercase(functionname) matches tolowercase(\"{{functionname}}\")\n| max(MaxMemoryUsed) as MaxMemoryUsed, avg(MemorySize) as AvgMemorySize by functionname\n| top 10 functionname by MaxMemoryUsed, functionname asc, AvgMemorySize", "queryType": "Logs", "queryKey": "A", "metricsQueryMode": null, "metricsQueryData": null, "tracesQueryData": null, - "spansQueryData": null, "parseMode": "Auto", - "timeSource": "Message", - "outputCardinalityLimit": null + "timeSource": "Message" } ], "description": "", @@ -441,17 +394,14 @@ "panelType": "SumoSearchPanel", "queries": [ { - "transient": false, - "queryString": "(errorMessage or ERROR or CRITICAL or \"Task timed out\") account={{account}} region={{region}} Namespace={{namespace}}\n| json \"message\" nodrop | if (_raw matches \"{*\", message, _raw) as message\n// | json \"logStream\", \"logGroup\" nodrop\n| _sourceName as logStream | _sourceHost as logGroup\n| parse field=logstream \"*/[*]*\" as logstreamDate, version, logstreamID\n| parse field=loggroup \"/aws/lambda/*\" as functionname\n| where tolowercase(functionname) matches tolowercase(\"{{functionname}}\")\n| parse regex field=message \"^(?