Windows perfmon metricsetedit

Warning

This functionality is in beta and is subject to change. The design and code is considered to be less mature than official GA features. Elastic will take a best effort approach to fix any issues, but beta features are not subject to the support SLA of official GA features.

The perfmon metricset of the Windows module reads Windows performance counters.

Configurationedit

You must configure queries for the Windows performance counters that you wish to collect. The example below collects processor time and disk writes. With format you can set the output format for a specific counter. Possible values are float and long. If nothing is selected the default value is float. With instance_name, you can specify the name of the instance. Use this setting when: - You want to use an instance name that is different from the computed name. For example, Total instead of _Total. - You specify a counter that has no instance. For example, \TCPIP Performance Diagnostics\IPv4 NBLs/sec indicated without prevalidation. For wildcard queries this setting has no effect.

- module: windows
  metricsets: ["perfmon"]
  period: 10s
  perfmon.counters:
    - instance_label: "processor.name"
      instance_name: "Total"
      measurement_label: "processor.time.total.pct"
      query: '\Processor Information(_Total)\% Processor Time'
    - instance_label: "diskio.name"
      measurement_label: "diskio.write.bytes"
      query: '\PhysicalDisk(*)\Disk Writes/sec'
      format: "long"

Fieldsedit

For a description of each field in the metricset, see the exported fields section.

Here is an example document generated by this metricset:

{
    "@timestamp": "2016-05-23T08:05:34.853Z",
    "beat": {
        "hostname": "host.example.com",
        "name": "host.example.com"
    },
    "metricset": {
        "module": "windows",
        "name": "perfmon",
        "rtt": 115
    },
    "type": "metricsets",
    "windows": {
        "perfmon": {
            "disk": {
                "bytes": {
                    "read": {
                        "total": 0
                    }
                }
            },
            "processor": {
                "time": {
                    "idle": {
                        "average": {
                            "ns": 670661.5894039735
                        }
                    },
                    "total": {
                        "pct": 3.135058464112306
                    }
                }
            }
        }
    }
}