Metrics

The ElastiFlow Unified Collectors expose the /metrics endpoint to provide Prometheus-compatible statistics related to its performance and the resources it uses.

The endpoint returns data in a Prometheus text-based exposition format. Please refer to the Prometheus documentation to learn more.

Statistics

This section describes the statistics that can be retrieved from the /metrics endpoint.

app_info

app_info provides application details. The following is an example of an app_info record:

app_info{arch="arm64",cpus="8",env="native",hostname="M1-MacBook-Pro.local",os="darwin",run_id="b1214e11-198f-43e7-81f1-c9986e9b3ff7"} 1

The app_info data provides the following labels:

Label	Description
arch	environment running application
cpus	number of cpus available
env	native install or Docker
hostname	name of machine
os	operating system running application
run_id	run id of application

license_units

license_units provides license details. The following is an example of a license_units record:

license_units{account_id="",expiration="0",level="0",riskiq_disabled="false"} 1

The license_units record provides the following labels:

Label	Description
account_id	account id of license.
expiration	license expiration date.
level	license level.
riskiq_disabled	is riskiq disabled for license.

Flow UDP Server

The following statistics are provided for the UDP Server input.

udp_server_packet_queue_util

udp_server_packet_queue_util provides the utilization of the packet queue, which stores received packets waiting to be processed.

udp_server_packet_queue_util{application="flowcoll"} 0

The udp_server_packet_queue_util record provides the following labels:

Label	Description
application	The name of the application.

udp_server_packets_received_total

udp_server_packets_received_total provides the total count of packets received by the UDP Server.

udp_server_packets_received_total{application="flowcoll",port="9995"} 0

The udp_server_packets_received_total record provides the following labels:

Label	Description
application	The name of the application.
port	The port on which the UDP server listens.

udp_server_bytes_received_total

udp_server_bytes_received_total provides the total count of bytes received by the UDP Server.

udp_server_bytes_received_total{application="flowcoll",port="9995"} 0

The udp_server_bytes_received_total record provides the following labels:

Label	Description
application	The name of the application.
port	The port on which the UDP server listens.

Processor

record_queue_util

Ratio of the record queue size divided by its capacity.

record_queue_util{application="flowcoll"} 0

The record_queue_util record provides the following labels:

Label	Description
application	The name of the application.

Elasticsearch Output

outputs_records_received_total

outputs_records_received_total provides the total count of records received by the output.

outputs_records_received_total{application="flowcoll",namespace="default",output="elasticsearch"} 0

The outputs_records_received_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_records_sent_total

outputs_records_sent_total provides the total count of records sent by the output.

outputs_records_sent_total{application="flowcoll",namespace="default",output="elasticsearch"} 0

The outputs_records_sent_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_bulk_requests_total

outputs_bulk_requests_total provides the total count of bulk requests sent by the output.

outputs_bulk_requests_total{application="flowcoll",namespace="default",output="elasticsearch"} 0

The outputs_bulk_requests_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_bulk_requests_errored_total

outputs_bulk_requests_errored_total provides the total count of errored bulk requests.

outputs_bulk_requests_errored_total{application="flowcoll",namespace="default",output="elasticsearch"} 0

The outputs_bulk_requests_errored_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_records_errored_total

outputs_records_errored_total provides the total count of errored records.

outputs_records_errored_total{application="flowcoll",namespace="default",output="elasticsearch"} 0

The outputs_records_errored_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

OpenSearch Output

outputs_records_received_total

outputs_records_received_total provides the total count of records received by the output.

outputs_records_received_total{application="flowcoll",namespace="default",output="opensearch"} 0

The outputs_records_received_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_records_sent_total

outputs_records_sent_total provides the total count of records sent by the output.

outputs_records_sent_total{application="flowcoll",namespace="default",output="opensearch"} 0

The outputs_records_sent_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_bulk_requests_total

outputs_bulk_requests_total provides the total count of bulk requests sent by the output.

outputs_bulk_requests_total{application="flowcoll",namespace="default",output="opensearch"} 0

The outputs_bulk_requests_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_bulk_requests_errored_total

outputs_bulk_requests_errored_total provides the total count of errored bulk requests.

outputs_bulk_requests_errored_total{application="flowcoll",namespace="default",output="opensearch"} 0

The outputs_bulk_requests_errored_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_records_errored_total

outputs_records_errored_total provides the total count of errored records.

outputs_records_errored_total{application="flowcoll",namespace="default",output="opensearch"} 0

The outputs_records_errored_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

Cribl Output

outputs_records_received_total

outputs_records_received_total provides the total count of records received by the output.

outputs_records_received_total{application="flowcoll",namespace="default",output="cribl"} 0

The outputs_records_received_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_records_sent_total

outputs_records_sent_total provides the total count of records sent by the output.

outputs_records_sent_total{application="flowcoll",namespace="default",output="cribl"} 0

The outputs_records_sent_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_bulk_requests_total

outputs_bulk_requests_total provides the total count of bulk requests sent by the output.

outputs_bulk_requests_total{application="flowcoll",namespace="default",output="cribl"} 0

The outputs_bulk_requests_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_bulk_requests_errored_total

outputs_bulk_requests_errored_total provides the total count of errored bulk requests.

outputs_bulk_requests_errored_total{application="flowcoll",namespace="default",output="cribl"} 0

The outputs_bulk_requests_errored_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_records_errored_total

outputs_records_errored_total provides the total count of errored records.

outputs_records_errored_total{application="flowcoll",namespace="default",output="cribl"} 0

The outputs_records_errored_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

Kafka Output

kafka_producer_messages_errored_total

kafka_producer_messages_errored_total provides the total count of errored messages.

kafka_producer_messages_errored_total{application="flowcoll",client_id="elastiflow-flowcoll",message_type="record",namespace="default",topic="elastiflow-flow-codex-1.0"} 0

The kafka_producer_messages_errored_total record provides the following labels:

Label	Description
application	The name of the application.
topic	The name of the kafka topic.
client_id	The Kafka producer client ID.
message_type	The type of message produced.
namespace	The name of the namespace.

kafka_producer_messages_sent_total

kafka_producer_messages_sent_total provides the total count of messages produced by the output.

kafka_producer_messages_sent_total{application="flowcoll",client_id="elastiflow-flowcoll",message_type="record",namespace="default",topic="elastiflow-flow-codex-1.0"} 0

The kafka_producer_messages_sent_total record provides the following labels:

Label	Description
application	The name of the application.
topic	The name of the kafka topic.
client_id	The Kafka producer client ID.
message_type	The type of message produced.
namespace	The name of the namespace.

Splunk Output

outputs_records_received_total

outputs_records_received_total provides the total count of records received by the output.

outputs_records_received_total{application="flowcoll",namespace="default",output="splunk"} 0

The outputs_records_received_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_records_sent_total

outputs_records_sent_total provides the total count of records sent by the output.

outputs_records_sent_total{application="flowcoll",namespace="default",output="splunk"} 0

The outputs_records_sent_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_bulk_requests_total

outputs_bulk_requests_total provides the total count of bulk requests sent by the output.

outputs_bulk_requests_total{application="flowcoll",namespace="default",output="splunk"} 0

The outputs_bulk_requests_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_bulk_requests_errored_total

outputs_bulk_requests_errored_total provides the total count of errored bulk requests.

outputs_bulk_requests_errored_total{application="flowcoll",namespace="default",output="splunk"} 0

The outputs_bulk_requests_errored_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.

outputs_records_errored_total

outputs_records_errored_total provides the total count of errored records.

outputs_records_errored_total{application="flowcoll",namespace="default",output="splunk"} 0

The outputs_records_errored_total record provides the following labels:

Label	Description
application	The name of the application.
namespace	The name of the namespace.
output	The name of the output.