对 InsightsMetrics 表的查询
IoT Edge:设备脱机或未按预期速率上游发送消息
识别过去 2 天内未在 30 分钟内以预期速率向IoT 中心发送 D2C 消息的IoT Edge设备。
// To create an alert for this query, click '+ New alert rule'
let targetReceiver = "upstream";
InsightsMetrics
| where Origin == "iot.azm.ms" and Namespace == "metricsmodule"
| where Name == "edgehub_messages_sent_total"
| extend dimensions=parse_json(Tags)
| extend device = tostring(dimensions.edge_device)
| extend target = trim_start(@"[^/]+/", extractjson("$.to",
tostring(dimensions), typeof(string)))
| where target contains targetReceiver
| extend source = strcat(device, "::", trim_start(@"[^/]+/",
tostring(dimensions.from)))
| extend messages = toint(Val)
| extend timeUtc = TimeGenerated
| extend sourceTarget = strcat(source, "::", target)
| project timeUtc, source, sourceTarget, messages, device, _ResourceId
| order by device, sourceTarget, timeUtc
| serialize
| extend nextCount = next(messages, 1)
| extend nextSourceTarget= next(sourceTarget, 1)
| extend diff = iff((messages - nextCount) >= 0, messages - nextCount, 0)
| where sourceTarget == nextSourceTarget and diff >= 0
| project TimeGenerated = timeUtc, source, sourceTarget, messages, diff,
device, _ResourceId
| make-series sum(diff) default=0 on TimeGenerated from ago(2d) to now()
step 30m by device, _ResourceId
| mv-expand sum_diff, TimeGenerated
| project TimeGenerated=todatetime(TimeGenerated), device,
AggregatedValue=toint(sum_diff), _ResourceId
IoT Edge:边缘中心队列大小超过阈值
在评估期间,设备的 Edge 中心队列大小 (总和) 超过配置的阈值的次数。
// To create an alert for this query, click '+ New alert'
let qlenThreshold = 100;
InsightsMetrics
| where Origin == "iot.azm.ms" and Namespace == "metricsmodule"
| where Name == "edgehub_queue_length"
| extend dimensions=parse_json(Tags)
| extend device = tostring(dimensions.edge_device)
| extend ep = tostring(dimensions.endpoint)
| extend qlen = toint(Val)
| project device, qlen, ep, TimeGenerated, _ResourceId
| summarize sum(qlen) by TimeGenerated, device, _ResourceId
| where sum_qlen >= qlenThreshold
| project-away sum_qlen
最大节点磁盘数
平均间隔超过 30 分钟的最大节点磁盘使用率。
// To create an alert for this query, click '+ New alert rule'
//InsightMetrics contains all the custom metrics for Container Insights solution
InsightsMetrics // Replace Name with your custom metric
| where Name == "used_percent" and Namespace == "container.azm.ms/disk"
| summarize val= max(Val) by bin(TimeGenerated, 15m), _ResourceId
| render timechart
每个节点每秒读取的 Prometheus 磁盘数
查看 Prometheus 磁盘从默认 kubernetes 命名空间读取指标的时间图。
// To create an alert for this query, click '+ New alert rule'
// Update TimeGenerated field for custom time range
InsightsMetrics
| where Namespace == 'container.azm.ms/diskio'
| where TimeGenerated > ago(1h)
| where Name == 'reads'
| extend Tags = todynamic(Tags)
| extend HostName = tostring(Tags.hostName), Device = Tags.name
| extend NodeDisk = strcat(Device, "/", HostName)
| order by NodeDisk asc, TimeGenerated asc
| serialize //calculating the PreVal, PrevTimeGenerated to render the chart.
| extend PrevVal = iif(prev(NodeDisk) != NodeDisk, 0.0, prev(Val)), PrevTimeGenerated = iif(prev(NodeDisk) != NodeDisk, datetime(null), prev(TimeGenerated))
| where isnotnull(PrevTimeGenerated) and PrevTimeGenerated != TimeGenerated
//Calculating the rate for disk using PreVal
| extend Rate = iif(PrevVal > Val, Val / (datetime_diff('Second', TimeGenerated, PrevTimeGenerated) * 1), iif(PrevVal == Val, 0.0, (Val - PrevVal) / (datetime_diff('Second', TimeGenerated, PrevTimeGenerated) * 1)))
| where isnotnull(Rate)
| project TimeGenerated, NodeDisk, Rate, _ResourceId
| render timechart
在 InsightsMetrics 中查找
在 InsightsMetrics 中查找以在 InsightsMetrics 表中搜索特定值。/n请注意,此查询需要更新 <SeachValue> 参数才能生成结果
// This query requires a parameter to run. Enter value in SearchValue to find in table.
let SearchValue = "<SearchValue>";//Please update term you would like to find in the table.
InsightsMetrics
| where * contains tostring(SearchValue)
| take 1000
正在收集哪些数据?
列出收集的性能计数器和对象类型。
InsightsMetrics
| where Origin == "vm.azm.ms"
| summarize by Namespace, Name
虚拟机可用内存
虚拟机可用内存。
InsightsMetrics
| where TimeGenerated > ago(1h)
| where Origin == "vm.azm.ms"
| where Namespace == "Memory"
| where Name == "AvailableMB"
| summarize avg(Val) by bin(TimeGenerated, 5m), Computer
| render timechart
按计算机绘制 CPU 使用率趋势图表
按百分位图表计算过去一小时内的 CPU 使用率模式。
InsightsMetrics
| where TimeGenerated > ago(1h)
| where Origin == "vm.azm.ms"
| where Namespace == "Processor"
| where Name == "UtilizationPercentage"
| summarize avg(Val) by bin(TimeGenerated, 5m), Computer //split up by computer
| render timechart
虚拟机可用磁盘空间
显示每个实例的可用磁盘空间的最新报告。
InsightsMetrics
| where TimeGenerated > ago(1h)
| where Origin == "vm.azm.ms"
| where Namespace == "LogicalDisk"
| where Name == "FreeSpaceMB"
| extend t=parse_json(Tags)
| summarize arg_max(TimeGenerated, *) by tostring(t["vm.azm.ms/mountId"]), Computer // arg_max over TimeGenerated returns the latest record
| project Computer, TimeGenerated, t["vm.azm.ms/mountId"], Val
使用检测信号跟踪 VM 可用性
显示 VM 在过去一小时内报告的可用性。
InsightsMetrics
| where TimeGenerated > ago(1h)
| where Origin == "vm.azm.ms"
| where Namespace == "Computer"
| where Name == "Heartbeat"
| summarize heartbeat_count = count() by bin(TimeGenerated, 5m), Computer
| extend alive=iff(heartbeat_count > 2, 1.0, 0.0) //computer considered "down" if it has 2 or fewer heartbeats in 5 min interval
| project TimeGenerated, alive, Computer
| render timechart with (ymin = 0, ymax = 1)
按 CPU 使用率排名前 10 位的虚拟机
按 CPU 利用率虚拟机前 10 个。
InsightsMetrics
| where TimeGenerated > ago(1h)
| where Origin == "vm.azm.ms"
| where Namespace == "Processor" and Name == "UtilizationPercentage"
| summarize P90 = percentile(Val, 90) by Computer
| top 10 by P90
后 10 个可用磁盘空间百分比
倒数 10 个可用磁盘空间百分比(按计算机)。
InsightsMetrics
| where TimeGenerated > ago(24h)
| where Origin == "vm.azm.ms"
| where Namespace == "LogicalDisk" and Name == "FreeSpacePercentage"
| summarize P90 = percentile(Val, 90) by Computer
| top 10 by P90 asc
反馈
即将发布:在整个 2024 年,我们将逐步淘汰作为内容反馈机制的“GitHub 问题”,并将其取代为新的反馈系统。 有关详细信息,请参阅:https://aka.ms/ContentUserFeedback。
提交和查看相关反馈