Skip to content

Commit 9ed967a

Browse files
Merge branch '7.12' into backport/7.12/pr-91829
2 parents 7b41a23 + cb8e30b commit 9ed967a

File tree

107 files changed

+2608
-1237
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

107 files changed

+2608
-1237
lines changed

docs/apm/advanced-queries.asciidoc

Lines changed: 37 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -2,42 +2,63 @@
22
[[advanced-queries]]
33
=== Query your data
44

5-
Querying your APM data is a powerful tool that can make finding bottlenecks in your code even easier.
6-
Imagine you have a user that complains about a slow response time in a specific service.
7-
With the query bar, you can easily filter the APM app to only display trace data for that user,
8-
or, to only show transactions that are slower than a specified time threshold.
5+
Querying your APM data is an essential tool that can make finding bottlenecks in your code even more straightforward.
96

10-
[float]
11-
==== Example APM app queries
7+
Using the query bar, a powerful data query feature, you can pass advanced queries on your data
8+
to filter on specific pieces of information you’re interested in.
9+
10+
The query bar comes with a handy autocomplete that helps find the fields and even provides suggestions to the data they include.
11+
You can select the query bar and hit the down arrow on your keyboard to begin scanning recommendations.
1212

13-
* Exclude response times slower than 2000 ms: `transaction.duration.us > 2000000`
14-
* Filter by response status code: `context.response.status_code ≥ 400`
15-
* Filter by single user ID: `context.user.id : 12`
13+
[float]
14+
[[apm-app-advanced-queries]]
15+
=== Querying in the APM app
1616

17-
When querying in the APM app, you're merely searching and selecting data from fields in Elasticsearch documents.
18-
Queries entered into the query bar are also added as parameters to the URL,
19-
so it's easy to share a specific query or view with others.
17+
When querying in the APM app, you’re merely searching and selecting data from fields in {es} documents. Queries entered
18+
into the query bar are also added as parameters to the URL, so it’s easy to share a specific query or view with others.
2019

2120
When you type, you can begin to see some of the transaction fields available for filtering:
2221

2322
[role="screenshot"]
2423
image::apm/images/apm-query-bar.png[Example of the Kibana Query bar in APM app in Kibana]
2524

26-
TIP: Read the {kibana-ref}/kuery-query.html[Kibana Query Language Enhancements] documentation to learn more about the capabilities of the {kib} query language.
25+
[TIP]
26+
=====
27+
To learn more about the {kib} query language capabilities, see the {kibana-ref}/kuery-query.html[Kibana Query Language Enhancements] documentation.
28+
=====
29+
30+
[float]
31+
[[apm-app-queries]]
32+
==== APM app queries
33+
34+
APM queries can be handy for removing noise from your data in the <<services,Services>>, <<transactions,Transactions>>,
35+
<<errors,Errors>>, <<metrics,Metrics>>, and <<traces,Traces>> views.
36+
37+
For example, in the *Services* view, you can quickly view a list of all the instrumented services running on your production
38+
environment: `service.environment : production`. Or filter the list by including the APM agent's name and the host it’s running on:
39+
`service.environment : "production" and agent.name : "java" and host.name : "prod-server1"`.
40+
41+
On the *Traces* view, you might want to view failed transaction results from any of your running containers:
42+
`transaction.result :"FAILURE" and container.id : *`.
43+
44+
On the *Transactions* view, you may want to list only the slower transactions than a specified time threshold: `transaction.duration.us > 2000000`.
45+
Or filter the list by including the service version and the Kubernetes pod it's running on:
46+
`transaction.duration.us > 2000000 and service.version : "7.12.0" and kubernetes.pod.name : "pod-5468b47f57-pqk2m"`.
2747

2848
[float]
2949
[[discover-advanced-queries]]
3050
=== Querying in Discover
3151

3252
Alternatively, you can query your APM documents in {kibana-ref}/discover.html[*Discover*].
33-
Querying documents in *Discover* works the same way as querying in the APM app,
53+
Querying documents in *Discover* works the same way as queries in the APM app,
3454
and *Discover* supports all of the example APM app queries shown on this page.
3555

3656
[float]
37-
==== Example Discover query
57+
[[discover-queries]]
58+
==== Discover queries
3859

3960
One example where you may want to make use of *Discover*,
40-
is for viewing _all_ transactions for an endpoint, instead of just a sample.
61+
is to view _all_ transactions for an endpoint instead of just a sample.
4162

4263
TIP: Starting in v7.6, you can view ten samples per bucket in the APM app, instead of just one.
4364

docs/apm/correlations.asciidoc

Lines changed: 46 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -3,16 +3,16 @@
33
=== Find latency and error correlations
44

55
**Correlations** surface attributes of your data that are potentially correlated with high-latency or erroneous transactions.
6-
Surfaced attributes are user-defined, meaning that they are completely customizable to your APM data.
6+
By default, a number of attributes commonly known to cause performance issues, like version,
7+
infrastructure, and location, are included, but all are completely customizable to your APM data.
78
Find something interesting? A quick click of a button will auto-query your data as you work to resolve the underlying issue.
89

910
For example, a site reliability engineer, who is responsible for keeping production systems up and running,
1011
notices an increase in latency in certain transactions.
1112
Analyzing metadata or tags that exist in high-latency transactions but not in lower-latency transactions
1213
can potentially point towards the root cause.
1314
They may find that a particular piece of hardware, like a host or pod, has failed, increasing latency.
14-
Or, perhaps a set of users, based on IP address or region, is physically too far away from the nearest
15-
data center, increasing latency.
15+
Or, perhaps set of users, based on IP address or region, is facing increased latency due to local data center issues.
1616

1717
[discrete]
1818
[[view-correlations]]
@@ -27,8 +27,8 @@ Queries within the APM app apply to the correlations shown in the correlations f
2727

2828
If a correlated field seems noteworthy, use the **Filter** quick links:
2929

30-
* `+` creates a new query in the APM app for transactions containing the selected value.
31-
* `-` creates a new query in the APM app for transactions without the selected value.
30+
* `+` creates a new query in the APM app for filtering transactions containing the selected value.
31+
* `-` creates a new query in the APM app to filter out transactions containing the selected value.
3232

3333
[discrete]
3434
[[correlations-latency]]
@@ -37,8 +37,9 @@ If a correlated field seems noteworthy, use the **Filter** quick links:
3737
Correlations help you discover which fields are contributing to increased service latency.
3838

3939
A latency distribution chart visualizes the overall latency of the selected service's transactions.
40-
Correlated attributes are sorted by _Impact_–a visual representation of the score for the underlying
41-
aggregation that powers correlations.
40+
Correlated attributes are sorted by _Impact_–a visual representation of the
41+
{ref}/search-aggregations-bucket-significantterms-aggregation.html[significant terms aggregation]
42+
score that powers correlations.
4243
Attributes with a high impact, or attributes present in a large percentage of slow transactions,
4344
may contribute to increased latency.
4445

@@ -51,19 +52,25 @@ exists primarily in higher-latency transactions between 3.7 and 8.7 seconds.
5152
[role="screenshot"]
5253
image::apm/images/correlations-hover.png[Correlations hover effect]
5354

54-
Selecting the `+` filter creates a new query in the APM app for transactions with
55+
Select the `+` filter to create a new query in the APM app for transactions with
5556
`user_agent.name: HeadlessChrome`. With the "noise" now filtered out,
5657
you can begin viewing sample traces to continue your investigation.
5758

59+
As you sift through high-latency transactions, you'll likely notice other interesting attributes.
60+
Return to the correlations fly-out and select *Customize fields* to search on these new attributes.
61+
You may need to do this a few times–each time filtering out more and more noise and bringing you
62+
closer to a diagnosis.
63+
5864
[discrete]
5965
[[correlations-error-rate]]
6066
==== Find error rate correlations
6167

6268
Correlations help you discover which fields are contributing to failed transactions.
6369

6470
The Error rate over time chart visualizes the change in error rate over the selected time frame.
65-
Correlated attributes are sorted by _Impact_–a visual representation of the score for the underlying
66-
aggregation that powers correlations.
71+
Correlated attributes are sorted by _Impact_–a visual representation of the
72+
{ref}/search-aggregations-bucket-significantterms-aggregation.html[significant terms aggregation]
73+
score that powers correlations.
6774
Attributes with a high impact, or attributes present in a large percentage of failed transactions,
6875
may contribute to increased error rates.
6976

@@ -76,16 +83,41 @@ existed in 100% of failed transactions between 6:00 and 10:30.
7683
[role="screenshot"]
7784
image::apm/images/error-rate-hover.png[Correlations errors hover effect]
7885

79-
Selecting the `+` filter creates a new query in the APM app for transactions with
86+
Select the `+` filter to create a new query in the APM app for transactions with
8087
`url.original: http://localhost:3100...`. With the "noise" now filtered out,
8188
you can begin viewing sample traces to continue your investigation.
8289

90+
As you sift through erroneous transactions, you'll likely notice other interesting attributes.
91+
Return to the correlations fly-out and select *Customize fields* to search on these new attributes.
92+
You may need to do this a few times–each time filtering out more and more noise and bringing you
93+
closer to a diagnosis.
94+
8395
[discrete]
84-
[[correlations-custom-fields]]
96+
[[correlations-customize-fields]]
8597
==== Customize fields
8698

8799
Correlations are only as good as the data they're searching for.
88-
By default, a handful of potentially useful fields are selected, like `lables`, `service.version`, and `host.ip`.
89-
You can remove and add fields to this list under the **Customize fields** dropdown.
100+
By default, a handful of attributes commonly known to cause performance issues are included.
101+
During the course of an investigation however, you may to need to add and remove fields from
102+
this list multiple times as you narrow in on a diagnosis.
103+
104+
Add and remove fields under the **Customize fields** dropdown.
105+
The following fields are selected by default.
106+
To keep the default list manageable, only the first six matching fields with wildcards are used.
107+
108+
**Frontend (RUM) agent:**
109+
110+
* `labels.*`
111+
* `user.*`
112+
* `user_agent.name`
113+
* `user_agent.os.name`
114+
* `url.original`
115+
116+
**Backend agents:**
117+
118+
* `labels.*`
119+
* `host.ip`
120+
* `service.node.name`
121+
* `service.version`
90122

91123
TIP: Want to start over? Select **reset** to clear your customizations.

docs/apm/filters.asciidoc

Lines changed: 14 additions & 45 deletions
Original file line numberDiff line numberDiff line change
@@ -6,49 +6,34 @@
66
<titleabbrev>Filter data</titleabbrev>
77
++++
88

9-
APM provides two different ways you can filter your data within the APM App:
10-
11-
* <<global-filters>>
12-
* <<contextual-filters>>
13-
14-
[[global-filters]]
15-
==== Global filters
16-
17-
Global filters are ways you can filter any and all data across the APM app.
18-
They are available in the Services, Transactions, Errors, Metrics, and Traces views,
19-
and any filter applied will persist as you move between pages.
9+
Global filters are ways you can filter data across the APM app based on a specific
10+
time range or environment. They are available in the Services, Transactions, Errors,
11+
Metrics, and Traces views, and any filter applied will persist as you move between pages.
2012

2113
[role="screenshot"]
2214
image::apm/images/global-filters.png[Global filters available in the APM app in Kibana]
2315

24-
[float]
25-
===== Global time range
26-
27-
The <<set-time-filter,global time range filter>> in {kib} restricts APM data to a specific time period.
28-
29-
[float]
30-
[[query-bar]]
31-
===== Query bar
16+
[NOTE]
17+
=====
18+
If you prefer to use advanced queries on your data to filter on specific pieces
19+
of information, see <<advanced-queries,Query your data>>.
20+
=====
3221

33-
The query bar is a powerful data query feature.
34-
Similar to the query bar in {kibana-ref}/discover.html[Discover],
35-
it enables you to pass advanced queries on your data to filter on particular pieces of information that you're interested in.
36-
It comes with a handy autocomplete that helps find the fields and even provides suggestions to the data they include.
37-
You can select the query bar and hit the down arrow on your keyboard to begin seeing recommendations.
22+
[[global-time-range]]
23+
==== Global time range
3824

39-
See <<query-bar,advanced queries>> for more information and sample queries.
25+
The <<set-time-filter,global time range filter>> in {kib} restricts APM data to a specific time period.
4026

41-
[float]
4227
[[environment-selector]]
43-
===== Service environment filter
28+
==== Service environment filter
4429

4530
The environment selector is a global filter for `service.environment`.
46-
It allows you to view only relevant data, and is especially useful for separating development from production environments.
31+
It allows you to view only relevant data and is especially useful for separating development from production environments.
4732
By default, all environments are displayed. If there are no environment options, you'll see "not defined".
4833

4934
Service environments are defined when configuring your APM agents.
5035
It's vital to be consistent when naming environments in your agents.
51-
See the documentation for each agent you're using to learn how to configure service environments:
36+
To learn how to configure service environments, see the specific agent documentation:
5237

5338
* *Go:* {apm-go-ref}/configuration.html#config-environment[`ELASTIC_APM_ENVIRONMENT`]
5439
* *Java:* {apm-java-ref}/config-core.html#config-environment[`environment`]
@@ -58,19 +43,3 @@ See the documentation for each agent you're using to learn how to configure serv
5843
* *Python:* {apm-py-ref}/configuration.html#config-environment[`environment`]
5944
* *Ruby:* {apm-ruby-ref}/configuration.html#config-environment[`environment`]
6045
* *Real User Monitoring:* {apm-rum-ref}/configuration.html#environment[`environment`]
61-
62-
[[contextual-filters]]
63-
==== Contextual filters
64-
65-
Contextual filters are ways you can filter your specific APM data on each individual page.
66-
The filters shown are relevant to your data, and will persist between pages,
67-
but only where they are applicable -- they are typically most useful in their original context.
68-
As an example, if you select a host on the Services overview, then select a transaction group,
69-
the host filter will still be applied.
70-
71-
These filters are very useful for quickly and easily removing noise from your data.
72-
With just a click, you can filter your transactions by the transaction result,
73-
host, container ID, Kubernetes pod, and more.
74-
75-
[role="screenshot"]
76-
image::apm/images/local-filter.png[Local filters available in the APM app in Kibana]
-4.31 KB
Loading

docs/apm/images/apm-metrics.png

23.3 KB
Loading

docs/apm/images/apm-query-bar.png

-172 KB
Loading
127 KB
Loading

docs/apm/images/apm-traces.png

-85 KB
Loading
-92.3 KB
Loading

docs/apm/images/global-filters.png

-19.4 KB
Loading

0 commit comments

Comments
 (0)