Skip to content

Commit 2d79102

Browse files
hansenmchansenmc
committed
add Host filter
1 parent 3a4f0c8 commit 2d79102

File tree

4 files changed

+129
-86
lines changed

4 files changed

+129
-86
lines changed

src/main/resources/default/data/ui/views/access_logs.xml

Lines changed: 9 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,8 @@
2121
<search>
2222
<query>`marklogic_access`
2323
| stats count by status</query>
24-
<earliest>$date-range.earliest$</earliest>
25-
<latest>$date-range.latest$</latest>
24+
<earliest>0</earliest>
25+
<latest></latest>
2626
</search>
2727
</input>
2828
<input type="multiselect" token="method" searchWhenChanged="true">
@@ -38,8 +38,8 @@
3838
<search>
3939
<query>`marklogic_access`
4040
| stats count by method</query>
41-
<earliest>$date-range.earliest$</earliest>
42-
<latest>$date-range.latest$</latest>
41+
<earliest>0</earliest>
42+
<latest></latest>
4343
</search>
4444
</input>
4545
<input type="multiselect" token="server_port" searchWhenChanged="true">
@@ -55,26 +55,22 @@
5555
<search>
5656
<query>`marklogic_access`
5757
| stats count by server_port</query>
58-
<earliest>$date-range.earliest$</earliest>
59-
<latest>$date-range.latest$</latest>
58+
<earliest>0</earliest>
59+
<latest></latest>
6060
</search>
6161
</input>
6262
<input type="multiselect" token="host" searchWhenChanged="true">
6363
<label>Host</label>
64-
<choice value="*">All</choice>
65-
<default>*</default>
6664
<prefix>(</prefix>
6765
<suffix>)</suffix>
68-
<valuePrefix>host=</valuePrefix>
6966
<delimiter> OR </delimiter>
7067
<fieldForLabel>host</fieldForLabel>
7168
<fieldForValue>host</fieldForValue>
7269
<search>
73-
<query>`marklogic_access`
74-
| stats count by host</query>
75-
<earliest>$date-range.earliest$</earliest>
76-
<latest>$date-range.latest$</latest>
70+
<query>| metasearch (sourcetype=marklogic_error OR sourcetype=marklogic_audit) host=* | stats count by host</query>
7771
</search>
72+
<choice value="*">All</choice>
73+
<default>*</default>
7874
</input>
7975
<input type="text" token="search" searchWhenChanged="true">
8076
<label>search</label>

src/main/resources/default/data/ui/views/audit_logs.xml

Lines changed: 22 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,20 @@
4848
<latest>$date-range.latest$</latest>
4949
</search>
5050
</input>
51+
<input type="multiselect" token="host" searchWhenChanged="true">
52+
<label>Host</label>
53+
<prefix>(</prefix>
54+
<suffix>)</suffix>
55+
<valuePrefix>host=</valuePrefix>
56+
<delimiter> OR </delimiter>
57+
<fieldForLabel>host</fieldForLabel>
58+
<fieldForValue>host</fieldForValue>
59+
<search>
60+
<query>| metasearch (sourcetype=marklogic_error OR sourcetype=marklogic_audit) host=* | stats count by host</query>
61+
</search>
62+
<choice value="*">All</choice>
63+
<default>*</default>
64+
</input>
5165
<input type="text" token="search" searchWhenChanged="true">
5266
<label>Search</label>
5367
<default></default>
@@ -59,7 +73,7 @@
5973
<single>
6074
<title>successful events</title>
6175
<search>
62-
<query>`marklogic_audit` $event$ $success$ $user$ $search$| where success="true" | timechart count as Success
76+
<query>`marklogic_audit` $event$ $success$ $user$ $host$ $search$| where success="true" | timechart count as Success
6377
| accum Success</query>
6478
<earliest>$date-range.earliest$</earliest>
6579
<latest>$date-range.latest$</latest>
@@ -77,7 +91,7 @@
7791
<single>
7892
<title>failure events</title>
7993
<search>
80-
<query>`marklogic_audit` $event$ $success$ $user$ $search$| where success="false" | timechart count as Failure
94+
<query>`marklogic_audit` $event$ $success$ $user$ $host$ $search$| where success="false" | timechart count as Failure
8195
| accum Failure</query>
8296
<earliest>$date-range.earliest$</earliest>
8397
<latest>$date-range.latest$</latest>
@@ -94,7 +108,7 @@
94108
<chart>
95109
<title>By event</title>
96110
<search>
97-
<query>`marklogic_audit` $event$ $success$ $user$ $search$ | stats count by event</query>
111+
<query>`marklogic_audit` $event$ $success$ $user$ $host$ $search$ | stats count by event</query>
98112
<earliest>$date-range.earliest$</earliest>
99113
<latest>$date-range.latest$</latest>
100114
</search>
@@ -107,7 +121,7 @@
107121
<chart>
108122
<title>By user</title>
109123
<search>
110-
<query>`marklogic_audit` $event$ $success$ $user$ $search$ | stats count by user | sort -count</query>
124+
<query>`marklogic_audit` $event$ $success$ $user$ $host$ $search$ | stats count by user | sort -count</query>
111125
<earliest>$date-range.earliest$</earliest>
112126
<latest>$date-range.latest$</latest>
113127
</search>
@@ -120,7 +134,7 @@
120134
<chart>
121135
<title>By database</title>
122136
<search>
123-
<query>`marklogic_audit` $event$ $success$ $user$ $search$ | stats count by database</query>
137+
<query>`marklogic_audit` $event$ $success$ $user$ $host$ $search$ | stats count by database</query>
124138
<earliest>$date-range.earliest$</earliest>
125139
<latest>$date-range.latest$</latest>
126140
</search>
@@ -135,7 +149,7 @@
135149
<chart>
136150
<title>Failure Events</title>
137151
<search>
138-
<query>`marklogic_audit` $event$ $success$ $user$ $search$| where success="false" | timechart count by event</query>
152+
<query>`marklogic_audit` $event$ $success$ $user$ $host$ $search$| where success="false" | timechart count by event</query>
139153
<earliest>$date-range.earliest$</earliest>
140154
<latest>$date-range.latest$</latest>
141155
</search>
@@ -160,7 +174,7 @@
160174
<chart>
161175
<title>Events</title>
162176
<search>
163-
<query>`marklogic_audit` $event$ $success$ $user$ $search$ | timechart count by event</query>
177+
<query>`marklogic_audit` $event$ $success$ $user$ $host$ $search$ | timechart count by event</query>
164178
<earliest>$date-range.earliest$</earliest>
165179
<latest>$date-range.latest$</latest>
166180
</search>
@@ -179,7 +193,7 @@
179193
<table>
180194
<title>Events</title>
181195
<search>
182-
<query>`marklogic_audit` $event$ $success$ $user$ $search$ | table _time,user,event,expr,success,database,user</query>
196+
<query>`marklogic_audit` $event$ $success$ $user$ $host$ $search$ | table _time,user,event,expr,success,database,user</query>
183197
<earliest>$date-range.earliest$</earliest>
184198
<latest>$date-range.latest$</latest>
185199
</search>

src/main/resources/default/data/ui/views/error_logs.xml

Lines changed: 67 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
<form>
22
<label>Error Logs</label>
33
<fieldset submitButton="false" autoRun="true">
4-
<input type="time" token="date" searchWhenChanged="true">
4+
<input type="time" token="date-range" searchWhenChanged="true">
55
<label></label>
66
<default>
77
<earliest>-24h@h</earliest>
@@ -19,13 +19,10 @@
1919
<fieldForLabel>severity</fieldForLabel>
2020
<fieldForValue>severity</fieldForValue>
2121
<search>
22-
<query>| inputlookup marklogic_severity
23-
| dedup severity</query>
24-
<earliest>-24h@h</earliest>
25-
<latest>now</latest>
22+
<query>| inputlookup marklogic_severity | dedup severity</query>
2623
</search>
2724
</input>
28-
<input type="multiselect" token="log_levels" searchWhenChanged="true">
25+
<input type="multiselect" token="log_level" searchWhenChanged="true">
2926
<label>Log Level</label>
3027
<prefix>(</prefix>
3128
<suffix>)</suffix>
@@ -35,22 +32,16 @@
3532
<fieldForValue>log_level</fieldForValue>
3633
<search>
3734
<query>| inputlookup marklogic_severity</query>
38-
<earliest>$date-range.earliest$</earliest>
39-
<latest>$date-range.latest$</latest>
4035
</search>
4136
<default>*</default>
4237
<choice value="*">All</choice>
4338
</input>
44-
<input type="multiselect" token="features" searchWhenChanged="true">
39+
<input type="multiselect" token="feature" searchWhenChanged="true">
4540
<label>Feature</label>
4641
<fieldForLabel>feature</fieldForLabel>
4742
<fieldForValue>feature</fieldForValue>
4843
<search>
49-
<query>|inputlookup marklogic_feature
50-
| dedup feature
51-
| table feature</query>
52-
<earliest>$date-range.earliest$</earliest>
53-
<latest>$date-range.latest$</latest>
44+
<query>|inputlookup marklogic_feature | dedup feature | table feature</query>
5445
</search>
5546
<prefix>(</prefix>
5647
<suffix>)</suffix>
@@ -59,6 +50,20 @@
5950
<choice value="*">All</choice>
6051
<default>*</default>
6152
</input>
53+
<input type="multiselect" token="host" searchWhenChanged="true">
54+
<label>Host</label>
55+
<prefix>(</prefix>
56+
<suffix>)</suffix>
57+
<valuePrefix>host=</valuePrefix>
58+
<delimiter> OR </delimiter>
59+
<fieldForLabel>host</fieldForLabel>
60+
<fieldForValue>host</fieldForValue>
61+
<search>
62+
<query>| metasearch sourcetype=marklogic_error host=* | stats count by host</query>
63+
</search>
64+
<choice value="*">All</choice>
65+
<default>*</default>
66+
</input>
6267
<input type="text" token="search" searchWhenChanged="true">
6368
<label>Search</label>
6469
<default></default>
@@ -69,11 +74,11 @@
6974
<single>
7075
<title>Error Messages</title>
7176
<search>
72-
<query>`marklogic_error` $log_levels$ $features$ $severity$ $search$
77+
<query>`marklogic_error` $log_level$ $feature$ $severity$ $host$ $search$
7378
| timechart count as Errors
74-
| accum Errors</query>
75-
<earliest>$date.earliest$</earliest>
76-
<latest>$date.latest$</latest>
79+
| accum Errors</query>
80+
<earliest>$date-range.earliest$</earliest>
81+
<latest>$date-range.latest$</latest>
7782
</search>
7883
<option name="colorBy">value</option>
7984
<option name="colorMode">block</option>
@@ -91,10 +96,12 @@
9196
<single>
9297
<title>Informational</title>
9398
<search>
94-
<query>`marklogic_error` $log_levels$ $features$ $severity$ $search$ | where severity = "informational" | timechart count as Errors
95-
| accum Errors</query>
96-
<earliest>$date.earliest$</earliest>
97-
<latest>$date.latest$</latest>
99+
<query>`marklogic_error` $log_level$ $feature$ $severity$ $host$ $search$
100+
| where severity = "informational"
101+
| timechart count as Errors
102+
| accum Errors</query>
103+
<earliest>$date-range.earliest$</earliest>
104+
<latest>$date-range.latest$</latest>
98105
</search>
99106
<option name="colorBy">value</option>
100107
<option name="colorMode">block</option>
@@ -109,10 +116,12 @@
109116
<single>
110117
<title>Medium</title>
111118
<search>
112-
<query>`marklogic_error` $log_levels$ $features$ $severity$ $search$ | where severity = "medium" | timechart count as Errors
113-
| accum Errors</query>
114-
<earliest>$date.earliest$</earliest>
115-
<latest>$date.latest$</latest>
119+
<query>`marklogic_error` $log_level$ $feature$ $severity$ $host$ $search$
120+
| where severity = "medium"
121+
| timechart count as Errors
122+
| accum Errors</query>
123+
<earliest>$date-range.earliest$</earliest>
124+
<latest>$date-range.latest$</latest>
116125
</search>
117126
<option name="colorMode">block</option>
118127
<option name="drilldown">all</option>
@@ -126,10 +135,12 @@
126135
<single>
127136
<title>High</title>
128137
<search>
129-
<query>`marklogic_error` $log_levels$ $features$ $severity$ $search$ | where severity = "high" | timechart count as Errors
130-
| accum Errors</query>
131-
<earliest>$date.earliest$</earliest>
132-
<latest>$date.latest$</latest>
138+
<query>`marklogic_error` $log_level$ $feature$ $severity$ $host$ $search$
139+
| where severity = "high"
140+
| timechart count as Errors
141+
| accum Errors</query>
142+
<earliest>$date-range.earliest$</earliest>
143+
<latest>$date-range.latest$</latest>
133144
</search>
134145
<option name="colorBy">value</option>
135146
<option name="colorMode">block</option>
@@ -145,10 +156,12 @@
145156
<single>
146157
<title>Critical</title>
147158
<search>
148-
<query>`marklogic_error` $log_levels$ $features$ $severity$ $search$ | where severity = "critical" | timechart count as Errors
159+
<query>`marklogic_error` $log_level$ $feature$ $severity$ $host$ $search$
160+
| where severity = "critical"
161+
| timechart count as Errors
149162
| accum Errors</query>
150-
<earliest>$date.earliest$</earliest>
151-
<latest>$date.latest$</latest>
163+
<earliest>$date-range.earliest$</earliest>
164+
<latest>$date-range.latest$</latest>
152165
</search>
153166
<option name="colorBy">trend</option>
154167
<option name="colorMode">block</option>
@@ -168,7 +181,8 @@
168181
<chart>
169182
<title>By Severity</title>
170183
<search>
171-
<query>`marklogic_error` $log_levels$ $features$ $severity$ $search$ | stats count by severity</query>
184+
<query>`marklogic_error` $log_level$ $feature$ $severity$ $host$ $search$
185+
| stats count by severity</query>
172186
<earliest>-24h@h</earliest>
173187
<latest>now</latest>
174188
</search>
@@ -188,7 +202,8 @@
188202
<chart>
189203
<title>By Log Level</title>
190204
<search>
191-
<query>`marklogic_error` $log_levels$ $features$ $severity$ $search$ | stats count by log_level</query>
205+
<query>`marklogic_error` $log_level$ $feature$ $severity$ $host$ $search$
206+
| stats count by log_level</query>
192207
<earliest>-24h@h</earliest>
193208
<latest>now</latest>
194209
</search>
@@ -202,7 +217,8 @@
202217
<chart>
203218
<title>By Feature</title>
204219
<search>
205-
<query>`marklogic_error` $log_levels$ $features$ $severity$ $search$ | stats count by feature</query>
220+
<query>`marklogic_error` $log_level$ $feature$ $severity$ $host$ $search$
221+
| stats count by feature</query>
206222
<earliest>-24h@h</earliest>
207223
<latest>now</latest>
208224
</search>
@@ -223,9 +239,10 @@
223239
<chart>
224240
<title>Errors</title>
225241
<search>
226-
<query>`marklogic_error` $log_levels$ $features$ $severity$ $search$ NOT XDMP-INMM* | timechart count by error_code usenull=f limit=0</query>
227-
<earliest>$date.earliest$</earliest>
228-
<latest>$date.latest$</latest>
242+
<query>`marklogic_error` $log_level$ $feature$ $severity$ $host$ $search$ NOT XDMP-INMM*
243+
| timechart count by error_code usenull=f limit=0</query>
244+
<earliest>$date-range.earliest$</earliest>
245+
<latest>$date-range.latest$</latest>
229246
</search>
230247
<option name="charting.axisTitleX.visibility">collapsed</option>
231248
<option name="charting.axisY.scale">log</option>
@@ -243,7 +260,8 @@
243260
<panel>
244261
<chart>
245262
<search>
246-
<query>`marklogic_error` $log_levels$ $features$ $severity$ NOT XDMP-INMM* | timechart count by error_code</query>
263+
<query>`marklogic_error` $log_level$ $feature$ $severity$ $host$ NOT XDMP-INMM*
264+
| timechart count by error_code</query>
247265
<earliest>-24h@h</earliest>
248266
<latest>now</latest>
249267
</search>
@@ -266,9 +284,13 @@
266284
<table>
267285
<title>Error Explanation and Response (click to view MarkLogic documentation)</title>
268286
<search>
269-
<query>`marklogic_error` $log_levels$ $features$ $severity$ $search$
270-
| dedup error_code | lookup marklogic_error error_code OUTPUTNEW error_description, error_cause, error_response, error_url | lookup marklogic_severity severity OUTPUTNEW severity_threshold | sort -severity_threshold
271-
| table error_code, severity, error_cause, error_response | where error_response!=""</query>
287+
<query>`marklogic_error` $log_level$ $feature$ $severity$ $host$ $search$
288+
| dedup error_code
289+
| lookup marklogic_error error_code OUTPUTNEW error_description, error_cause, error_response, error_url
290+
| lookup marklogic_severity severity OUTPUTNEW severity_threshold
291+
| sort -severity_threshold
292+
| table error_code, severity, error_cause, error_response
293+
| where error_response!=""</query>
272294
<earliest>-24h@h</earliest>
273295
<latest>now</latest>
274296
</search>
@@ -284,7 +306,8 @@
284306
<panel>
285307
<event>
286308
<search>
287-
<query>`marklogic_error` $log_levels$ $features$ $severity$ $search$ | table _time,_icon,error_code,severity,log_level,log_message</query>
309+
<query>`marklogic_error` $log_level$ $feature$ $severity$ $host$ $search$
310+
| table _time,_icon,error_code,severity,log_level,log_message</query>
288311
<earliest>-24h@h</earliest>
289312
<latest>now</latest>
290313
</search>

0 commit comments

Comments
 (0)