diff --git a/docs/en/observability/images/logs-overlay-containers.png b/docs/en/observability/images/logs-overlay-containers.png new file mode 100644 index 0000000000..1364f296ed Binary files /dev/null and b/docs/en/observability/images/logs-overlay-containers.png differ diff --git a/docs/en/observability/images/metadata-overlay-containers.png b/docs/en/observability/images/metadata-overlay-containers.png new file mode 100644 index 0000000000..33b70cba49 Binary files /dev/null and b/docs/en/observability/images/metadata-overlay-containers.png differ diff --git a/docs/en/observability/images/metrics-overlay-containers.png b/docs/en/observability/images/metrics-overlay-containers.png new file mode 100644 index 0000000000..adf2c9be3d Binary files /dev/null and b/docs/en/observability/images/metrics-overlay-containers.png differ diff --git a/docs/en/observability/images/overview-overlay-containers.png b/docs/en/observability/images/overview-overlay-containers.png new file mode 100644 index 0000000000..63dded9a72 Binary files /dev/null and b/docs/en/observability/images/overview-overlay-containers.png differ diff --git a/docs/en/observability/monitor-infra/container-details-partial.asciidoc b/docs/en/observability/monitor-infra/container-details-partial.asciidoc new file mode 100644 index 0000000000..4101b51298 --- /dev/null +++ b/docs/en/observability/monitor-infra/container-details-partial.asciidoc @@ -0,0 +1,71 @@ +// This is collapsed by default +[%collapsible] +.*Overview* +==== + +The *Overview* tab displays key metrics about the selected container, such as CPU usage and memory usage. +The metrics shown may vary depending on the type of container you're monitoring. + +Change the time range to view metrics over a specific period of time. + +Expand each section to view more detail related to the selected container, such as metadata, +active alerts, and metrics. + +Hover over a specific time period on a chart to compare the various metrics at that given time. + +Click **Show all** to drill down into related data. + +[role="screenshot"] +image::images/overview-overlay-containers.png[Container overview] +==== + +[%collapsible] +.*Metadata* +==== + +The *Metadata* tab lists all the meta information relating to the container: + +* Host information +* Cloud information +* Agent information + +All of this information can help when investigating events—for example, filtering by operating system or architecture. + +[role="screenshot"] +image::images/metadata-overlay-containers.png[Container metadata] +==== + +[%collapsible] +.*Metrics* +==== + +The *Metrics* tab shows container metrics organized by type. + +[role="screenshot"] +image::images/metrics-overlay-containers.png[Metrics] +==== + +[%collapsible] +.*Logs* +==== + +The *Logs* tab displays logs relating to the container that you have selected. By default, the logs tab displays the following columns. + +|=== + +| *Timestamp* | The timestamp of the log entry from the `timestamp` field. + +| *Message* | The message extracted from the document. +The content of this field depends on the type of log message. +If no special log message type is detected, the {ecs-ref}/ecs-base.html[Elastic Common Schema (ECS)] +base field, `message`, is used. + +|=== + +You can customize the logs view by adding a column for an arbitrary field you would like +to filter by. For more information, refer to <>. +To view the logs in the {logs-app} for a detailed analysis, click *Open in Logs*. + +[role="screenshot"] +image::images/logs-overlay-containers.png[Container logs] +==== diff --git a/docs/en/observability/monitor-infra/container-metrics.asciidoc b/docs/en/observability/monitor-infra/container-metrics.asciidoc new file mode 100644 index 0000000000..88a03aab3f --- /dev/null +++ b/docs/en/observability/monitor-infra/container-metrics.asciidoc @@ -0,0 +1,84 @@ +[[container-metrics]] += Container metrics + +Learn about key container metrics displayed in the {infrastructure-app}: + +* <> +* <> + +[discrete] +[[key-metrics-docker]] +== Docker container metrics + +These are the key metrics displayed for Docker containers. + +[discrete] +[[key-metrics-docker-cpu]] +=== CPU usage metrics + +[options="header"] +|=== +| Metric | Description + +| **CPU Usage (%)** | Average CPU for the container. + +**Field Calculation:** `average(docker.cpu.total.pct)` +|=== + +[discrete] +[[key-metrics-docker-memory]] +=== Memory metrics + +[options="header"] +|=== +| Metric | Description + +|**Memory Usage (%)** | Average memory usage for the container. + +**Field Calculation:** `average(docker.memory.usage.pct)` +|=== + +[discrete] +[[key-metrics-docker-network]] +=== Network metrics + +[options="header"] +|=== +| Metric | Description + +| **Inbound Traffic (RX)** | Derivative of the maximum of `docker.network.in.bytes` scaled to a 1 second rate. + +| **Outbound Traffic (TX)** | Derivative of the maximum of `docker.network.out.bytes` scaled to a 1 second rate. +|=== + +[discrete] +[[key-metrics-kubernetes]] +== Kubernetes container metrics + +These are the key metrics displayed for Kubernetes (containerd) containers. + +[discrete] +[[key-metrics-kubernetes-cpu]] +=== CPU usage metrics + +[options="header"] +|=== +| Metric | Description + +| **CPU Usage (%)** | Average CPU for the container. + +**Field Calculation:** `average(kubernetes.container.cpu.usage.limit.pct)` +|=== + +[discrete] +[[key-metrics-kubernetes-memory]] +=== Memory metrics + +[options="header"] +|=== +| Metric | Description + +|**Memory Usage (%)** | Average memory usage for the container. + +**Field Calculation:** `average(kubernetes.container.memory.usage.limit.pct)` +|=== diff --git a/docs/en/observability/monitor-infra/docker-container-metrics.asciidoc b/docs/en/observability/monitor-infra/docker-container-metrics.asciidoc deleted file mode 100644 index dffec87732..0000000000 --- a/docs/en/observability/monitor-infra/docker-container-metrics.asciidoc +++ /dev/null @@ -1,20 +0,0 @@ -[[docker-container-metrics]] -= Docker container metrics - -To help you analyze the Docker container metrics listed on the *Inventory* page, you can select -view filters based on the following predefined metrics or you can add <>. - -|=== - -| *CPU Usage* | Average of `docker.cpu.total.pct`. - -| *Memory Usage* | Average of `docker.memory.usage.pct`. - -| *Inbound Traffic* | Derivative of the maximum of `docker.network.in.bytes` scaled to a 1 second rate. - -| *Outbound Traffic* | Derivative of the maximum of `docker.network.out.bytes` scaled to a 1 second rate. - -|=== - -For information about which required fields the {infrastructure-app} uses to display Docker container metrics, see the -<>. \ No newline at end of file diff --git a/docs/en/observability/monitor-infra/metrics-reference.asciidoc b/docs/en/observability/monitor-infra/metrics-reference.asciidoc index 35acc86eb0..dd5f34e355 100644 --- a/docs/en/observability/monitor-infra/metrics-reference.asciidoc +++ b/docs/en/observability/monitor-infra/metrics-reference.asciidoc @@ -5,14 +5,14 @@ Learn about the key metrics displayed in the Infrastructure app and how they are calculated. * <> +* <> * <> -* <> * <> include::host-metrics.asciidoc[leveloffset=+1] -include::kubernetes-pod-metrics.asciidoc[leveloffset=+1] +include::container-metrics.asciidoc[leveloffset=+1] -include::docker-container-metrics.asciidoc[leveloffset=+1] +include::kubernetes-pod-metrics.asciidoc[leveloffset=+1] include::aws-metrics.asciidoc[leveloffset=+1] diff --git a/docs/en/observability/monitor-infra/view-infrastructure-metrics.asciidoc b/docs/en/observability/monitor-infra/view-infrastructure-metrics.asciidoc index e8d284678e..8ed97f317e 100644 --- a/docs/en/observability/monitor-infra/view-infrastructure-metrics.asciidoc +++ b/docs/en/observability/monitor-infra/view-infrastructure-metrics.asciidoc @@ -35,10 +35,10 @@ Need help getting started? Follow the steps in To get started with your analysis, select the type of resources you want to show in the high-level view. From the *Show* menu, select one of the following: -* *Hosts* (the default) +* *Hosts* — the default * *Kubernetes Pods* -* *Docker Containers* -* *AWS*, which includes EC2 instances, S3 buckets, RDS databases, and SQS queues +* *Docker Containers* — shows _all_ containers, not just Docker +* *AWS* — includes EC2 instances, S3 buckets, RDS databases, and SQS queues When you hover over each resource in the waffle map, the metrics specific to that resource are displayed. @@ -77,6 +77,36 @@ include::host-details-partial.asciidoc[] NOTE: These metrics are also available when viewing hosts on the **Hosts** page. +[discrete] +[[analyze-containers-inventory]] +== View container metrics + +When you select **Docker containers**, the *Inventory* page displays a waffle map that shows the containers you +are monitoring and the current CPU usage for each container. +Alternatively, you can click the *Table view* icon image:images/table-view-icon.png[] +to switch to a table view. + +Without leaving the *Inventory* page, you can view enhanced metrics relating to each container +running in your infrastructure. + +**** +**Why do some containers report 0% or null (-) values in the waffle map?** + +The waffle map shows _all_ monitored containers, including containerd, +provided that the data collected from the container has the `container.id` field. +However, the waffle map currently only displays metrics for Docker fields. +This display problem will be resolved in a future release. +**** + +On the waffle map, select a container to display the container details +overlay. + +TIP: To expand the overlay and view more detail, click *Open as page* in the upper-right corner. + +The container details overlay contains the following tabs: + +include::container-details-partial.asciidoc[] + [discrete] [[analyze-resource-metrics]] == View metrics for other resources diff --git a/docs/en/observability/redirects.asciidoc b/docs/en/observability/redirects.asciidoc index 7f371de972..dd1df7b909 100644 --- a/docs/en/observability/redirects.asciidoc +++ b/docs/en/observability/redirects.asciidoc @@ -3,6 +3,11 @@ The following pages have moved or been deleted. +[role="exclude",id="docker-container-metrics"] +=== Docker container metrics + +Refer to <>. + //Start links removed in Spacetime revamp (https://github.com/elastic/observability-docs/pull/2880) [role="exclude",id="spin-up-stack"]