diff --git a/entity-types/ext-onboarding_application/definition.yml b/entity-types/ext-onboarding_application/definition.yml new file mode 100644 index 0000000000..26026b72e2 --- /dev/null +++ b/entity-types/ext-onboarding_application/definition.yml @@ -0,0 +1,5 @@ +domain: EXT +type: ONBOARDING_APPLICATION + +configuration: + entityExpirationTime: FOUR_HOURS diff --git a/entity-types/media_streaming-video/golden_metrics.yml b/entity-types/media_streaming-video/golden_metrics.yml new file mode 100644 index 0000000000..d10fce48fe --- /dev/null +++ b/entity-types/media_streaming-video/golden_metrics.yml @@ -0,0 +1,61 @@ +rebufferingRatio: + title: Video Rebuffering Ratio (%) + unit: PERCENTAGE + query: + select : sum(timeSinceBufferBegin) / sum(timeSinceLastHeartbeat) - filter(sum(timeSincePaused), where actionName = 'CONTENT_RESUME' - filter(sum(timeSinceSeekBegin), where actionName = 'CONTENT_SEEK_END')) * 100 + from: VideoAction +adRebufferingRatio: + title: Ad Rebuffering Ratio (%) + unit: PERCENTAGE + query: + select: sum(timeSinceAdBufferBegin) / sum(timeSinceLastAdHeartbeat) - filter(sum(timeSinceAdPaused), where actionName = 'AD_RESUME' - filter(sum(timeSinceAdSeekBegin), where actionName = 'AD_SEEK_END')) * 100 + from: VideoAdAction +averageBitrate: + title: Average Bitrate + unit: BITS_PER_SECOND + query: + select: average(contentBitrate) + from: VideoAction +adAverageBitrate: + title: Ad Average Bitrate + unit: BITS_PER_SECOND + query: + select: average(adBitrate) + from: VideoAdAction +averageStartTimeS: + title: Average Start Time (s) + unit: SECONDS + query: + select: average(timeSinceRequested) + from: VideoAction + where: actionName = 'CONTENT_START' +adAverageStartTimeS: + title: Ad Average Start Time (s) + unit: SECONDS + query: + select: average(timeSinceAdRequested) + from: VideoAdAction +videoStartFailures: + title: Video Start Failures + unit: PERCENTAGE + query: + select: count(*) WHERE actionName = 'CONENT_ERROR' and contentPlayhead = 0 / (FROM VideoAction SELECT count(*) WHERE actionName = 'CONENT_START' and contentPlayhead=0) * 100 + from: VideoErrorAction +adStartFailures: + title: Ad Start Failures + unit: PERCENTAGE + query: + select: count(*) WHERE actionName = 'AD_ERROR' and adPlayhead = 0 / (FROM VideoAdAction SELECT count(*) WHERE actionName = 'AD_START' and adPlayhead = 0) * 100 + from: VideoErrorAction +videoPlaybackFailures: + title: Video Playback Failures + unit: PERCENTAGE + query: + select: count(*) WHERE actionName = 'CONTENT_ERROR' and contentPlayhead > 0 / (FROM VideoAction SELECT count(*) WHERE actionName = 'CONENT_REQUEST') * 100 + from: VideoErrorAction +adPlaybackFailures: + title: Ad Playback Failures + unit: PERCENTAGE + query: + select: count(*) WHERE actionName = 'AD_ERROR' and adPlayhead > 0 / (FROM VideoAdAction SELECT count(*) WHERE actionName = 'AD_REQUEST') * 100 + from: VideoErrorAction \ No newline at end of file diff --git a/entity-types/media_streaming-video/summary_metrics.yml b/entity-types/media_streaming-video/summary_metrics.yml new file mode 100644 index 0000000000..281b09cfd4 --- /dev/null +++ b/entity-types/media_streaming-video/summary_metrics.yml @@ -0,0 +1,40 @@ +rebufferingRatio: + goldenMetric: rebufferingRatio + unit: PERCENTAGE + title: Video Rebuffering Ratio (%) +adRebufferingRation: + goldenMetric: adRebufferingRatio + unit: PERCENTAGE + title: Ad Rebuffering Ratio (%) +averageBitrateMbps: + goldenMetric: averageBitrateMbps + unit: BITS_PER_SECOND + title: Average Bitrate (Mbps) +adAverageBitrateMbps: + goldenMetric: adAverageBitrateMbps + unit: BITS_PER_SECOND + title: Ad Average Bitrate (Mbps) +averageStartTimeS: + goldenMetric: averageStartTimeS + unit: SECONDS + title: Average Start Time (s) +adAverageStartTimeS: + goldenMetric: adAverageStartTimeS + unit: SECONDS + title: Ad Average Start Time (s) +videoStartFailures: + goldenMetric: videoStartFailures + unit: PERCENTAGE + title: Video Start Failures +adStartFailures: + goldenMetric: adStartFailures + unit: PERCENTAGE + title: Ad Start Failures +videoPlaybackFailures: + goldenMetric: videoPlaybackFailures + unit: PERCENTAGE + title: Video Playback Failures +adPlaybackFailures: + goldenMetric: adPlaybackFailures + unit: PERCENTAGE + title: Ad Playback Failures \ No newline at end of file diff --git a/entity-types/ngep-git_hub_integration/definition.yml b/entity-types/ngep-git_hub_integration/definition.yml new file mode 100644 index 0000000000..dd92f7560c --- /dev/null +++ b/entity-types/ngep-git_hub_integration/definition.yml @@ -0,0 +1,6 @@ +domain: NGEP +type: GIT_HUB_INTEGRATION + +configuration: + entityExpirationTime: MANUAL + alertable: false \ No newline at end of file diff --git a/entity-types/ngep-pipeline_cloud_rule/definition.yml b/entity-types/ngep-pipeline_cloud_rule/definition.yml new file mode 100644 index 0000000000..c270ffc610 --- /dev/null +++ b/entity-types/ngep-pipeline_cloud_rule/definition.yml @@ -0,0 +1,6 @@ +domain: NGEP +type: PIPELINE_CLOUD_RULE + +configuration: + entityExpirationTime: MANUAL + alertable: false diff --git a/entity-types/ngep-security_finding/definition.yml b/entity-types/ngep-security_finding/definition.yml new file mode 100644 index 0000000000..fd56d64951 --- /dev/null +++ b/entity-types/ngep-security_finding/definition.yml @@ -0,0 +1,6 @@ +domain: NGEP +type: SECURITY_FINDING + +configuration: + entityExpirationTime: MANUAL + alertable: false diff --git a/entity-types/ngep-team/definition.yml b/entity-types/ngep-team/definition.yml index e83b187466..5b46cc73ab 100644 --- a/entity-types/ngep-team/definition.yml +++ b/entity-types/ngep-team/definition.yml @@ -3,4 +3,4 @@ type: TEAM configuration: entityExpirationTime: MANUAL - alertable: true + alertable: false diff --git a/entity-types/ngep-teams_organization_settings/definition.yml b/entity-types/ngep-teams_organization_settings/definition.yml index 868c862be3..6e84f9a22e 100644 --- a/entity-types/ngep-teams_organization_settings/definition.yml +++ b/entity-types/ngep-teams_organization_settings/definition.yml @@ -3,4 +3,4 @@ type: TEAMS_ORGANIZATION_SETTINGS configuration: entityExpirationTime: MANUAL - alertable: true + alertable: false diff --git a/relationships/candidates/AWSAPPSYNCAPI.yml b/relationships/candidates/AWSAPPSYNCAPI.yml new file mode 100644 index 0000000000..9d4d030e0b --- /dev/null +++ b/relationships/candidates/AWSAPPSYNCAPI.yml @@ -0,0 +1,16 @@ +category: AWSAPPSYNCAPI +lookups: + - entityTypes: + - domain: INFRA + type: AWSAPPSYNCAPI + tags: + matchingMode: ALL + predicates: + - tagKeys: ["Http.Url"] + field: httpUrl + onMatch: + onMultipleMatches: RELATE_ALL + onMiss: + action: CREATE_UNINSTRUMENTED + uninstrumented: + type: AWSAPPSYNCAPI \ No newline at end of file diff --git a/relationships/candidates/AWSREDSHIFTCLUSTER.yml b/relationships/candidates/AWSREDSHIFTCLUSTER.yml new file mode 100644 index 0000000000..465bb09a2d --- /dev/null +++ b/relationships/candidates/AWSREDSHIFTCLUSTER.yml @@ -0,0 +1,16 @@ +category: AWSREDSHIFTCLUSTER +lookups: + - entityTypes: + - domain: INFRA + type: AWSREDSHIFTCLUSTER + tags: + matchingMode: ALL + predicates: + - tagKeys: ["configuration.endpoint.address"] + field: cloudEndpointAddress + onMatch: + onMultipleMatches: RELATE_ALL + onMiss: + action: CREATE_UNINSTRUMENTED + uninstrumented: + type: AWSREDSHIFTCLUSTER \ No newline at end of file diff --git a/relationships/synthesis/APM-APPLICATION-to-INFRA-AWSAPPSYNCAPI.yml b/relationships/synthesis/APM-APPLICATION-to-INFRA-AWSAPPSYNCAPI.yml new file mode 100644 index 0000000000..4f4b780fe6 --- /dev/null +++ b/relationships/synthesis/APM-APPLICATION-to-INFRA-AWSAPPSYNCAPI.yml @@ -0,0 +1,22 @@ +relationships: + - name: apmCallsInfraAppSyncApi + version: "1" + origins: + - Distributed Tracing + conditions: + - attribute: eventType + anyOf: [ "Span" ] + - attribute: peer.hostname + regex: '[a-z]+\d*[a-z]*\.appsync-api\.[a-z]{2}-[a-z]+-\d+\.amazonaws\.com' + relationship: + expires: P75M + relationshipType: CALLS + source: + extractGuid: + attribute: entity.guid + target: + lookupGuid: + candidateCategory: AWSAPPSYNCAPI + fields: + - field: httpUrl + attribute: Http.Url \ No newline at end of file diff --git a/relationships/synthesis/APM-APPLICATION-to-INFRA-AWSELASTICSEARCHCLUSTER.yml b/relationships/synthesis/APM-APPLICATION-to-INFRA-AWSELASTICSEARCHCLUSTER.yml index 417a9ddb7b..4f326b6d55 100644 --- a/relationships/synthesis/APM-APPLICATION-to-INFRA-AWSELASTICSEARCHCLUSTER.yml +++ b/relationships/synthesis/APM-APPLICATION-to-INFRA-AWSELASTICSEARCHCLUSTER.yml @@ -6,8 +6,8 @@ relationships: conditions: - attribute: eventType anyOf: [ "Span" ] - - attribute: db.system - anyOf: [ "elasticsearch" ] + - attribute: server.address + regex: ^search-[a-zA-Z0-9-]+-[a-zA-Z0-9]+\.([a-zA-Z0-9-]+)\.es\.amazonaws\.com$ relationship: expires: P75M relationshipType: CALLS diff --git a/relationships/synthesis/APM-APPLICATION-to-INFRA-KINESISSTREAM.yml b/relationships/synthesis/APM-APPLICATION-to-INFRA-KINESISSTREAM.yml index a7e291d4e7..09741c13d0 100644 --- a/relationships/synthesis/APM-APPLICATION-to-INFRA-KINESISSTREAM.yml +++ b/relationships/synthesis/APM-APPLICATION-to-INFRA-KINESISSTREAM.yml @@ -9,7 +9,7 @@ relationships: - attribute: cloud.platform anyOf: [ "aws_kinesis_data_streams"] - attribute: cloud.resource_id - regex: "^arn:aws:kinesis:([^:]*):([^:]*):stream\/([^:]*)" + regex: "^arn:aws:kinesis:([^:]*):([^:]*):stream/([^:]*)" relationship: expires: P75M relationshipType: CALLS @@ -21,4 +21,4 @@ relationships: candidateCategory: AWSKINESISSTREAM fields: - field: cloudResourceId - attribute: cloud.resource_id \ No newline at end of file + attribute: cloud.resource_id diff --git a/relationships/synthesis/APM-APPLICATION-to-INFRA-KINESSISDELIVERYSTREAM.yml b/relationships/synthesis/APM-APPLICATION-to-INFRA-KINESSISDELIVERYSTREAM.yml new file mode 100644 index 0000000000..c7ac946f49 --- /dev/null +++ b/relationships/synthesis/APM-APPLICATION-to-INFRA-KINESSISDELIVERYSTREAM.yml @@ -0,0 +1,24 @@ +relationships: + - name: apmCallsInfraKinesisDeliveryStream + version: "1" + origins: + - Distributed Tracing + conditions: + - attribute: eventType + anyOf: [ "Span" ] + - attribute: cloud.platform + anyOf: [ "aws_kinesis_delivery_streams" ] + - attribute: cloud.resource_id + regex: "^arn:aws:firehose:([^:]*):([^:]*):deliverystream\/([^:]*)" + relationship: + expires: P75M + relationshipType: CALLS + source: + extractGuid: + attribute: entity.guid + target: + lookupGuid: + candidateCategory: AWSKINESISDELIVERYSTREAM + fields: + - field: cloudResourceId + attribute: cloud.resource_id \ No newline at end of file diff --git a/relationships/synthesis/EXT-SERVICE-to-INFRA-AWSAPPSYNCAPI.yml b/relationships/synthesis/EXT-SERVICE-to-INFRA-AWSAPPSYNCAPI.yml new file mode 100644 index 0000000000..6b11d84189 --- /dev/null +++ b/relationships/synthesis/EXT-SERVICE-to-INFRA-AWSAPPSYNCAPI.yml @@ -0,0 +1,24 @@ +relationships: + - name: extServiceCallsInfraAppSyncApi + version: "1" + origins: + - Distributed Tracing + conditions: + - attribute: eventType + anyOf: [ "Span" ] + - attribute: instrumentation.provider + anyOf: [ "opentelemetry" ] + - attribute: net.peer.name + regex: '[a-z]+\d*[a-z]*\.appsync-api\.[a-z]{2}-[a-z]+-\d+\.amazonaws\.com' + relationship: + expires: P75M + relationshipType: CALLS + source: + extractGuid: + attribute: entity.guid + target: + lookupGuid: + candidateCategory: AWSAPPSYNCAPI + fields: + - field: httpUrl + attribute: Http.Url \ No newline at end of file diff --git a/relationships/synthesis/EXT-SERVICE-to-INFRA-REDSHIFTCLUSTER.yml b/relationships/synthesis/EXT-SERVICE-to-INFRA-REDSHIFTCLUSTER.yml new file mode 100644 index 0000000000..6af42cdd1f --- /dev/null +++ b/relationships/synthesis/EXT-SERVICE-to-INFRA-REDSHIFTCLUSTER.yml @@ -0,0 +1,24 @@ +relationships: + - name: extServiceCallsInfraRedshiftCluster + version: "1" + origins: + - Distributed Tracing + conditions: + - attribute: eventType + anyOf: [ "Span" ] + - attribute: instrumentation.provider + anyOf: [ "opentelemetry" ] + - attribute: rpc.service + anyOf: [ "Redshift" ] + relationship: + expires: P75M + relationshipType: CALLS + source: + extractGuid: + attribute: entity.guid + target: + lookupGuid: + candidateCategory: AWSREDSHIFTCLUSTER + fields: + - field: cloudEndpointAddress + attribute: configuration.endpoint.address \ No newline at end of file