Controller (SaaS, On Premise)

cancel
Showing results for 
Search instead for 
Did you mean: 

App'D data to ELK

SOLVED

App'D data to ELK

Hi Team,

I've an requirement to send performance data to ELK.

 

We're trying to forward the AppDynamics alerts/events and Performance metrics data(Response time etc) to Elasticsearch (ELK).

 

Could someone please advise how can we get it done / any doc links to refer.


Regards,

Soundarajan

 

App'D data to ELK
7 REPLIES 7
Architect

Re: App'D data to ELK

Funny I just completed that task for Applications and nodes. 

Architect

Re: App'D data to ELK

For each document you want to post to ELK set it up like this. I pulled all applications via REST and then loope'd through all application id's and got each node. I put in "appname" and "date" into the json node element since the node REST call does not return appname. And I had to add the {"index":{}} before each node element in the file to autocreate an index in Elastic. This is required if you use the BULK API to Elastic. Ask your ELK admin how he would like you to post the json file. One more thing. You need to "clean" the file from whitspaces and stuff. I did that with the jq shell tool. You want to do performance stuff but It's just a matter of building the correct json elements

 

{"index":{}}
{
"appAgentVersion": "Server Agent v4.3.5.7 GA #15412 r0ec570a06345b1dd4dd9280d8cb449492a0e66fb 4689-4.3.5.next-analytics",
"machineAgentVersion": "Machine Agent v4.3.5.7 GA Build Date 2017-08-25 18:34:40",
"agentType": "APP_AGENT",
"date": "2018-05-03",
"appname": "MyAPP",
"type": "Other",
"machineName": "myserver.sebank.se",
"appAgentPresent": true,
"nodeUniqueLocalId": "",
"machineId": 90,
"machineOSType": "Linux",
"tierId": 150,
"tierName": "SDI",
"machineAgentPresent": true,
"name": "MyName",
"ipAddresses": null,
"id": 542
}

Re: App'D data to ELK

Thanks Gunnar for your reply, i'll try it and post you the update soon. 

Re: App'D data to ELK

Hi Gunnar,

 

Thanks for your help.

Our OPS team is able to send peformance metrics from APP'D to ELK with API.

Now we need to send triggered alerts from Appdynamics to ELK platform , how can we get it done. COuld you please advise. Thanks


Regards,

Soundarajan

Highlighted
Architect

Re: App'D data to ELK

We'll. I would create a custom action. And parse all the arguments that get passed to the custom action. And then create the same kind of json struct/element as for the performance metrics. This might need to go into another index in Elastsic since the json is going to differ.

 

This bash snippet will get all the arguments into variables. Then you need to create your own json element and post it to Elastic.

 

#!/bin/sh

DATE=`date +%Y/%m/%d-%H:%M:%S`
HOME=/opt/app/appdynamics-controller/custom/actions/YOURACTION/

APP_NAME=`echo $1 | sed 's/"//g'`
APP_ID=`echo $2 | sed 's/"//g'`
PVN_ALERT_TIME=`echo $3 | sed 's/"//g'`
PRIORITY=`echo $4 | sed 's/"//g'`
SEVERITY=`echo $5 | sed 's/"//g'`
ACTION_NAME=`echo $6 | sed 's/"//g'`
HEALTH_RULE_NAME=`echo $7 | sed 's/"//g'`
POLICY_ID=`echo $8 | sed 's/"//g'`
PVN_TIME_PERIOD_IN_MINUTES=`echo $9 | sed 's/"//g'`

shift 9

AFFECTED_ENTITY_TYPE=`echo $1 | sed 's/"//g'`
AFFECTED_ENTITY_NAME=`echo $2 | sed 's/"//g'`
AFFECTED_ENTITY_ID=`echo $3 | sed 's/"//g'`
NUMBER_OF_EVALUATION_ENTITIES=`echo $4 | sed 's/"//g'`

shift 4

# LOOP ON 'NUMBER_OF_EVALUATION_ENTITIES'
if [ "$NUMBER_OF_EVALUATION_ENTITIES" -gt "0" ] ; then
        i=1
        while [ $i -le $NUMBER_OF_EVALUATION_ENTITIES ]
        do
                EVALUATION_ENTITY_TYPE[$i]=`echo $1 | sed 's/"//g'`
                EVALUATION_ENTITY_NAME[$i]=`echo $2 | sed 's/"//g'`
                EVALUATION_ENTITY_ID[$i]=`echo $3 | sed 's/"//g'`
                NUMBER_OF_TRIGGERED_CONDITIONS_PER_EVALUATION_ENTITY[$i]=`echo $4 | sed 's/"//g'`

                shift 4

                # LOOP ON 'NUMBER_OF_TRIGGERED_CONDITIONS_PER_EVALUATION_ENTITY[$i]'
                if [ "${NUMBER_OF_TRIGGERED_CONDITIONS_PER_EVALUATION_ENTITY[$i]}" -gt "0" ] ; then
                   n=1
                   while [ $n -le ${NUMBER_OF_TRIGGERED_CONDITIONS_PER_EVALUATION_ENTITY[$i]} ]
                        do
                                SCOPE_TYPE[$i,$n]=`echo $1 | sed 's/"//g'`
                                SCOPE_NAME[$i,$n]=`echo $2 | sed 's/"//g'`
                                SCOPE_ID[$i,$n]=`echo $3 | sed 's/"//g'`
                                CONDITION_NAME[$i,$n]=`echo $4 | sed 's/"//g'`
                                CONDITION_ID[$i,$n]=`echo $5 | sed 's/"//g'`
                                OPERATOR[$i,$n]=`echo $6 | sed 's/"//g'`
                                CONDITION_UNIT_TYPE[$i,$n]=`echo $7 | sed 's/"//g'`
                                CONDITION_UNIT_TYPE_CHK=`echo ${CONDITION_UNIT_TYPE[$i,$n]} | grep BASELINE`
                                if [ "$CONDITION_UNIT_TYPE_CHK" ] ; then
                                        USE_DEFAULT_BASELINE[$i,$n]=`echo $8 | sed 's/"//g'`
                                        BASELINE_NAME[$i,$n]=`echo $9 | sed 's/"//g'`

                                        shift 9

                                        BASELINE_ID[$i,$n]=`echo $1 | sed 's/"//g'`
                                        THRESHOLD_VALUE[$i,$n]=`echo $2 | sed 's/"//g'`
                                        OBSERVED_VALUE[$i,$n]=`echo $3 | sed 's/"//g'`

                                        shift 3
                                else
                                        THRESHOLD_VALUE[$i,$n]=`echo $8 | sed 's/"//g'`
                                        OBSERVED_VALUE[$i,$n]=`echo $9 | sed 's/"//g'`

                                        shift 9
                                fi

                        let n+=1
                        done
                fi
           let i+=1
        done
fi
SUMMARY_MESSAGE=`echo $1 | sed 's/"//g'`
INCIDENT_ID=`echo $2 | sed 's/"//g'`
DEEP_LINK_URL=`echo $3 | sed 's/"//g'`
EVENT_TYPE=`echo 4 | sed 's/"//g'`

#Concatenate real DEEP_LINK_URL
DEEP_LINK_URL=$DEEP_LINK_URL$INCIDENT_ID

exit 0

Re: App'D data to ELK

Hi Gunnar,


Thanks for your quick reply.

As you mentioned Custom actions in the solution, i guess it works better for on premise model.

Basically We're in SAAS model, I tried with custom actions earlier for kind of task, but im unable to place the custom script in Controller end due to shared SAAS environment.

 

Is there any other way to get this done?

 

Regards,
Soundarajan

Architect

Re: App'D data to ELK

Hmmm can you use http request action instead of a custom action. Never used it myself, so I don't know which argumants are passed where when it triggers. But there are some http templates that I think need a bit more documentation from AppD. (-:

 

Wait seems like AppD has done a bit more doc now. You can probably use this?

https://docs.appdynamics.com/display/PRO44/Predefined+Templating+Variables