Connect Geneos to Obcerv
Overview Copied
Obcerv is an observability platform for data storage and analytics. You can configure Gateways and Netprobes to publish data to Obcerv so you can store and analyse metrics, logs and events in Obcerv.
Obcerv concepts Copied
Obcerv adopts a data model that includes many features that may sound familiar to Geneos users. However, it is important to recognise that these concepts are fundamentally different.
Entities Copied
Unlike the user-defined Managed Entities in Geneos, in Obcerv an Entity is automatically created based on the dimensions that describe the data points. See the Data model for more information.
Entities can also have associated attributes but this does not affect the definition of an Entity. Obcerv allows users to search for Entities metrics using both dimensions and attributes.
Geneos structures are mapped to Obcerv entities, attributes, and metrics.
Consider an example:
Entity dimensions | Attributes | Metrics | |
---|---|---|---|
Managed Entity | probe=itrspc101 | ConState=Up | |
Managed Entity | managedEntity=pc101 | HostName=itrspc101.itsgroup.com | |
Managed Entity | COUNTRY=UK | ||
Managed Entity | OS=Linux | ||
Managed Entity | DEPT=SALES | ||
Sampler | probe=itrspc101 | Plugin Name=CPU | |
Sampler | managedEntity=pc101 | Group Name=Infra | |
Sampler | sampler=CPU | ||
Sampler | type=LinuxInfra | ||
Dataview | probe=itrspc101 | numCpuCores | |
Dataview | managedEntity=pc101 | numOnlineCpus | |
Dataview | sampler=CPU | loadAverage1Min | |
Dataview | type=LinuxInfra | loadAverage5Min | |
Dataview | dataview=CPU | ||
Row | probe=itrspc101 | type | |
Row | managedEntity=pc101 | clockSpeed | |
Row | sampler=CPU | percentUtilisation | |
Row | type=LinuxInfra | percentUserTime | |
Row | dataview=CPU | percentIdle | |
Row | row=cpu_0 | ||
In general, traditional data generates the following entities:
- An entity to represent each Geneos Managed Entity.
- An entity to represent each Geneos sampler.
- An entity to represent each dataview (where headline metrics exist).
- An entity to represent each row in a dataview (or column if the dataview is pivoted).
Cells in dataview rows (and headlines) are mapped to metrics that exist on these Obcerv entities according to the following rules:
- If the cell is marked as having a numeric data type in its schema then its contents will be published to Obcerv as a
GAUGE
metric. - If the cell is marked as having a non-numeric data type in its schema then its contents will be published to Obcerv as a
STATUS_METRIC
. - If no schema has been defined, the Gateway will attempt to convert the cell to a
GAUGE
metric. If this succeeds the value will be published as aGAUGE
, otherwise, it will be published as aSTATUS_METRIC
.
For data that is sent to Geneos by a Collection Agent, the type of the metric will be preserved. As Collection Agent v2 does not use STATUS_METRIC
, non-numeric data from Collection Agent will be sent and published as ATTRIBUTES
.
Obcerv closely follows the data model used by the Collection Agent. For more information, see Data collection in an orchestrated environment.
Data labels Copied
Gateway sends two types of labels that allow you to search through Obcerv entities:
- Dimensions: these are the name-value pairs used to uniquely identify an Obcerv Entity.
- Attributes: these are observed pieces of information about an Obcerv entity, such as the
osType
of a Geneos Managed Entity.
Every metric has a set of dimensions that uniquely identify it. These are derived from the Geneos hierarchy of gateway
, managedEntity
, sampler, type
, dataview
, and row
.
Geneos Managed Entity attributes set in the Gateway Setup Editor are sent as ENTITY_ATTRIBUTE
metrics on the corresponding Obcerv entities in the itrsgroup.com/geneos/gse
namespace. Gateway also sends each sampler’s Group and PluginName as ENTITY_ATTRIBUTE
metrics on the Obcerv entity representing that sampler.
Netprobe parameters, such as HostName
, Port
, ConState
, OS
, or Version
, are sent as ENTITY_ATTRIBUTE
metrics on each Obcerv entity representing a Geneos Managed Entity running on that Netprobe. The Netprobe also sends a sanitised version of OS
called osType
.
Signals Copied
Gateway sends severity changes to Obcerv as signals, and a signal stream is provided for every metric. Gateway sends the severity and the value on the cell at the time that the severity changed, and snooze events to Obcerv.
Audit Copied
Gateway sends audit events to Obcerv when a connection is established. Audit events originating from a Gateway will have a dimension of gateway
. Audit events originating from a Netprobe (like running a command on a Netprobe) will have dimensions of both gateway
and probe
.
Publish from Gateway to Obcerv Copied
You can publish data from Gateway to Obcerv via the Ingestion service. This service is installed as part of your Obcerv installation.
By default, Gateway will publish all metrics, severity events, and audit events to Obcerv. You can configure filtering strategies to control what data is published to Obcerv. This can help minimise downstream data processing requirements in Obcerv. To configure include and exclude filters, see Strategies.
To start the connection between Gateway and Obcerv, you must configure the Obcerv connection in the Publishing settings in the Gateway Setup Editor. For more information, see Obcerv connection configuration.
Gateway self-monitoring, which is enabled by default, creates a dataview called Obcerv Connection that shows the current state of Obcerv publishing if the Obcerv Connection has been configured. For more information, see Self-monitoring.
Publish from Netprobes to Obcerv Copied
You can publish log data from a Netprobe to Obcerv via the Obcerv Ingestion service. Currently, the log data collected by the FKM plugin can be published to Obcerv. To do this, you must:
- Configure the Obcerv connection in your Gateway.
- Enable publishing for each FKM file in the Gateway Setup Editor. See FKM Obcerv publishing.
Obcerv publishing is enabled:
Obcerv publishing is not enabled:
View Obcerv data in Active Console Copied
If the Gateways connected to your Active Console publish data to Obcerv, then those Gateways will share the Obcerv connection details with Active Console so you can create history charts by querying data in Obcerv.
To allow a connected Active Console to access Obcerv data, you must configure the Obcerv connection in the Data access settings in the Gateway Setup Editor.
In Active Console, you must also ensure that Tools > Settings > Geneos > Default data source is set to Obcerv
.
Self-monitoring Copied
When Obcerv publishing is configured on a Gateway, self-monitoring statistics are reported in two dataviews under Gateway Info > Obcerv.
Detail dataview Copied
Name | Description |
---|---|
name | Name of the data type. |
sendState | Either SENDING or BUFFERING . |
deliveryStatus | Delivery status of the last message. This can be either NONE , SUCCEEDED , RETRYING or FAILED . |
byteRate | Transfer rate in bytes per second. |
messagingRate | Total transfer rate in messages per second across all three queues. |
maxBufferSize | Maximum number of buffered messages. |
messagesInBuffer | Current number of messages in the buffer. |
messagesDroppedPerSample | Number of messages dropped in the last sampler. |
Summary dataview Copied
Name | Description |
---|---|
enabled | The Obcerv connection can be either Enabled or Disabled |
connectionStatus | Shows the connection status. This can be either Statistics only , Idle , Ready , Connecting , Transient Failure , or Shutdown . |
messageRate | Transfer rate per queue in messages per second. |
byteRate | Transfer rate in bytes per second. |
messagesDroppedPerSample | Average number of messages dropped per sampler. |
dataviewsPublished | Number of dataviews published. |
dataviewsUnpublished | Number of dataviews unpublished. |
dataviewsWithErrors | Number of dataview with errors. |
accessTokenUser |
Obcerv user associated with the access token used to connect to Obcerv. Note, this is not an application key. Access tokens are short lived tokens used to secure connections. |
accessTokenAvailable | Status of access tokens. |
Obcerv connection configuration Copied
Basic configuration Copied
The Obcerv connection section of the GSE provides the following options:
If the Mode is set to connection
, then you can set up:
- Publishing — configure publishing from this Gateway to Obcerv.
- Data Access — allow an Active Console connected to this Gateway to access Obcerv data.
Section | Setting | Description |
---|---|---|
Connection | Verify server certificate | Enables or disables the server certificate verification. If this parameter is set to Default: True
|
Connection | Root certificates | Specify the root CA certificate used to sign the ingestion service certificate. You can provide:
|
Connection > Publishing | Service address | Specify the Obcerv ingestion service hostname with the http:// prefix. For example: https://ingestion.my-obcerv.com .
|
Connection > Publishing | Credentials | Specify the credentials used to access the Obcerv ingestion service. You should provide a username and password in the Gateway Setup Editor. For more information about password configuration, see Secure Passwords. |
Connection > Data access | Service address | Specify the Obcerv Web Console hostname. For example: https://my-obcerv.com . |
Connection > Data access | Credentials | Specify the Obcerv user credentials to access data from Obcerv. The Obcerv username must have or should be part of a user role. You should provide a username and password in the Gateway Setup Editor. For more information about password configuration, see Secure Passwords. |
Advanced configuration Copied
The Additional settings allow you to specify the following additional publishing settings that you may set individually:
Settings | Description |
---|---|
grpc.rpc.timeout |
The time the Gateway waits for a gRPC response. Default: Unit: milliseconds Mandatory: No |
grpc.batch.timeout |
The time the Gateway waits before sending a batch of datapoints to Obcerv. Default: Unit: milliseconds Mandatory: No |
grpc.batch.size |
The maximum size a datapoint batch can have. Once the batch reaches the given size, it will be sent to Obcerv. Default: Unit: datapoints Mandatory: No |
grpc.queue.size |
The number of messages the Gateway can hold before it starts dropping message. This queue holds messages before being sent to Obcerv. The Gateway will attempt to keep this queue as small a possible. Default: Mandatory: No |
Strategies Copied
Strategy Group Copied
Strategies may be grouped for organisational purposes. This has no effect on their application but is useful for grouping categories and making them easier to find in the navigation tree.
You must specify a name when creating a strategy group.
Obcerv Ingestion Proxy Copied
Ingestion proxy can be used to funnel data from locally running Gateways and Netprobes to remote Obcerv ingestion services.
By implementing a proxy server, Netprobes and Gateways can connect internally to the proxy, which facilitates a secure outbound connection to hosted Obcerv instances. It can be used for your instance or to connect to the SaaS instance. This method improves security by reducing the risk involved in directly connecting the network to external connections.
The ingestion proxy consists of the Collection Agent and gRPC plugin which receive data from Gateways and Netprobes, and report it to one or more Obcerv instances.
Set up the Collection Agent as a proxy server Copied
Configure the gRPC plugin Copied
Configure your gRPC plugin using the following reference configuration. For the proxy server to work, provide values on the collectors
and reporters
parameters. Ensure values for the following are provided:
collectors
>port
reporters
>tcp
>hostname
andport
reporters
>ingestion-reporter
>hostname
,port
,username
, andpassword
plugin-directory: ${env:COLLECTION_AGENT_DIR}/plugins
monitoring:
# Optional. Defaults to true.
enabled: true
# Agent self metrics.
self-metrics:
# Whether to enable self metric collection (optional, defaults to true).
enabled: true
# Dimensions to add to all self metrics from this agent (optional).
dimensions:
app: ingestion-proxy
collectors:
- name: internal-grpc
type: plugin
class-name: GrpcInternalIngestionServiceCollector
port: ${env:GRPC_PORT}
# Optional. Settings to allow password authentication of Gateway
# Remove the authentication section if you do not require gateways to authenticate with the proxy
authentication:
iam:
scheme: https
hostname: ${env:IAM_HOST}
# port: ${env:IAM_PORT}
client-id: ingestion
client-secret: ${env:IAM_CLIENT_SECRET}
# the following setting is required, even though it will not be used
admin-realm: master
client-realm: obcerv
allowed-users: [ ingestion-api ]
thread-pool-size: 2
# Optional. Use to enable TLS.
# Remove the tls-config section if you do not require TLS connections between the gateway and the proxy
tls-config:
cert-file: ${env:PROXY_CERTIFICATE}
key-file: ${env:PROXY_KEY}
reporters:
- type: tcp
name: tcp
hostname: ${env:TCP_REPORTER_HOST}
port: ${env:TCP_REPORTER_PORT}
- type: plugin
class-name: GrpcInternalIngestionServiceReporter
name: ingestion-reporter
hostname: ${env:INGESTION_HOST}
port: ${env:INGESTION_PORT}
username: ${env:INGESTION_USER}
password: ${env:INGESTION_PWD}
# Optional. Switch compression on/off. Defaults to true.
use-compression: true
# Optional. gRPC call deadline in milliseconds. Defaults to 3000ms.
call-deadline: 3000
# use-plain-text: true
# Optional. Used only when use-plain-text is false (the default) and mTLS is desired,
# else the client trusts whatever public key it receives from the server during the
# TLS handshake.
tls-config:
# # Optional. Used for mTLS and trusted server TLS (i.e. contains trusted server keys).
trust-chain-file: ${env:OBCERV_CA_CERTIFICATE}
# # Optional. List of TLS protocols to enable. Defaults to TLSv1.3 and TLSv1.2 only.
# protocols: [ TLSv1.3, TLSv1.2 ]
# Optional. Explicitly switch on/off grpc level retries. Defaults to no explicit setting and therefore grpc default.
# Unable to find property 'grpcRetries' on class: com.itrsgroup.collection.plugins.grpc.reporters.ingestion.GrpcInternalIngestionServiceReporterConfig$Batch
# grpc-retries: true
# Optional. Set a grpc idle timeout. Default is to not explicit set an idle timeout which means the channel
# inherits the default, which is currently 30 minutes.
# grpc-idle-timeout: 100000000
#
# Batch configuration per endpoint type.
#
# It is not necessary to configure any batching at all (including the common-batch block)
# in which case the defaults are as specified in the common-batch block.
#
# Endpoint specific batch configuration can be used to override the default and common-block
# attributes.
#
# Optional. Common batch configuration for all endpoints unless overridden below.
common-batch:
# Optional. In memory buffer capacity. Defaults to 2 * the batch size. Must be greater than the batch size.
# A larger in memory buffer gives some level of protection against a receiver that is either generally slow, or
# is slow to recover after a transient outage AND the producer is not producing at a significantly higher rate than
# can be handled by the receiver.
# buffer-capacity: 2048
# Optional. Switch on asynchronous reporting. Defaults to false.
# In asynchronous mode batches are sent without awaiting completion of the previous batch which allows for
# interleaved reporting. This results in higher throughput at the cost of batches potentially being received out
# of order.
# async-mode: false
# Optional. Retry interval in milliseconds when in synchronous reporting mode. Defaults to 500 ms.
# retry-interval: 500
# Optional. Override metrics batch configuration.
# If present then any common configuration is ignored (i.e. individual attributes are not inherited).
metrics-batch:
size: 500
timeout: 200
max-retries: 0
# Optional. Override logs batch configuration.
# If present then any common configuration is ignored (i.e. individual attributes are not inherited).
logs-batch:
size: 100
timeout: 1000
max-retries: 10
# Optional. Override events batch configuration.
# If present then any common configuration is ignored (i.e. individual attributes are not inherited).
events-batch:
size: 100
timeout: 1000
max-retries: 10
# Optional. Override attributes batch configuration.
entity-attributes-batch:
size: 500
timeout: 1000
max-retries: 10
- type: routing
name: routing-table
route-eviction-timeout: 2000
route-restoration-timeout: 60000
route-type: all
ignore-no-matching-route: true
routes:
- reporter: ingestion-reporter
do-not-evict: true
match: any
matchers:
- type: property
key: gateway
pattern: .*
- reporter: tcp
do-not-evict: true
match: all
matchers:
- type: dimension
key: app
pattern: ingestion-proxy
- type: property
key: gateway
pattern: .*
exclude: true
workflow:
metrics:
reporter: routing-table
max-retries: 0
pass-through:
enabled: true
concurrency: parallel
fire-and-forget: true
logs:
reporter: routing-table
max-retries: 0
pass-through:
enabled: true
concurrency: parallel
fire-and-forget: true
events:
reporter: routing-table
max-retries: 0
pass-through:
enabled: true
concurrency: parallel
fire-and-forget: true
attributes:
reporter: routing-table
max-retries: 0
pass-through:
enabled: true
concurrency: parallel
fire-and-forget: true
traces:
enabled: false
Start the ingestion proxy Copied
- Use the include file ingestion-proxy.sh to start the proxy.
Note
Ensure thatingestion-proxy.sh
andingestion-proxy.yaml
are in the same directory. Additionally, ensure that there is a Collection Agent directory that contains the Collection Agent and the Collection Agent plugin directory. This can be done by copying the collection-agent directory from the Netprobe package.
- Edit the bash script:
Variable | Description |
---|---|
INGESTION_HOST | DNS name of the Obcerv ingestion server (for example,ingestion-obcerv.example.com ). |
INGESTION_USER | User the proxy will use when connecting to Obcerv. |
INGESTION_PWD | Password the proxy will use when connecting to Obcerv. |
OBCERV_CA_CERTIFICATE | Certificate used to validate the connection to Obcerv. Leave this blank if the certificate is trusted by the machine. |
PROXY_CERTIFICATE | Name of the file that contains the proxy server certificate (required to establish a TLS connection between gateways and the proxy). |
PROXY_KEY | Name of the file that contains the proxy server private key in pkcs8 format (required to establish a TLS connection between gateways and the proxy). |
GRPC_PORT | Port that the Ingestion proxy will listen on for gRPC connections. |
IAM_HOST | Hostname of Obcerv used to allow the proxy server to validate the username and password supplied by a gateway when it connects (for example, obcerv.example.com ). |
IAM_CLIENT_SECRET | Client secret of the ingestion client in Obcerv. |
TCP_REPORTER_HOST | Hostname of the server that the monitoring Netprobe resides upon. |
TCP_REPORTER_PORT | Port that the monitoring Netprobe is using to listen for a Collection Agent TCP connection. |
COLLECTION_AGENT_DIR | Directory where the Collection Agent and the Collection Agent plugin directory reside. |
OPTIONAL: Disable gateway authentication
Remove IAM_HOST and IAM_CLIENT_SECRET fromingestion-proxy.sh
and remove the iam-config block in the internal-grpc collector iningestion-proxy.yaml
.
OPTIONAL: Disable TLS connections between gateway and the proxy
Remove PROXY_CERTIFICATE and PROXY_KEY. Additionally, remove the tls-config block in the internal-grpc collector iningestion-proxy.yaml
.
Set up Gateway to establish a connection with Obcerv Copied
The include file obcerv-via-proxy.xml allows Gateways to connect to Obcerv via the proxy. This file should be used by all Gateways that publish to Obcerv. Refer to Include files for guidance on setting up include files in the Gateway Setup Editor.
Change the following settings based on the location and changes to the Collection Agent proxy:
hostname
andport
of the ingestion service (Publishing > service address)location
of the proxy server certificate (if required) (Publishing > Root certificates)
Note
Data access is either direct or via a normal HTTP proxy that supports HTTP/2 and needs to be set in the file.
To start the connection between Gateway and Obcerv, configure the Publishing > Obcerv connection settings in the Gateway Setup Editor. Refer to the Obcerv connection configuration section.
You need to fill in the Data access section in order to use Gateway Commands, Adaptive Rules, or the Forecaster app in Obcerv. Your Obcerv connection settings should look like this:
Connect Netprobe to Collection Agent (Monitoring Proxy Service) Copied
The include file ingestion-proxy-monitoring.xml is for monitoring the Obcerv proxy service. Only one Gateway needs this file, which will be the sole Gateway that will monitor the Obcerv proxy. It also requires a Netprobe which will run on the server specified in ingestion-proxy.sh
.
Note
- The probe host of the Netprobe should be updated to match the server used (TCP_REPORTER_HOST).
- The port where the Gateway connects to the Netprobe should match the port that the Netprobe listens on (-port flag).
- The port that the Netprobe listens to for tcp connections from the Collection Agent should be changed to match the port defined in
ingestion-proxy.sh
(TCP_REPORTER_PORT).
The include file ingestion-proxy-monitoring.xml
contains the following sections:
-
Mapping — a Dynamic Entity mapping named
Ingestion-proxy
which processes the following custom mappings:-
Filters — determine which datapoints are processed by which mapping. Values set are:
- Label — app
- Options — equals
- Value — ingestion-proxy
Note
The values are similar to the TcpReporter you previously defined.
-
Geneos items — when a mapping is applied, the Geneos items fields determine how the labels of each datapoint are used to create Dynamic Entities and other items in the Geneos tree structure. Values set are:
- Labels — hostname, app
- Options — entity, sampler
- Entity — when
entity
is set in options, value in this field is: Required: true, Use in display name: trueNote
The dimensions and properties of datapoints are both referred to aslabels
when creating custom mappings.
-
- Collection Agent parameters — an unmanaged Collection Agent parameter named
Ingestion Proxy
which defines how the Collection Agent should run. The value of the Reporter port is19137
, which is the port the Netprobe should listen on to communicate with the Collection Agent using the TcpReporter.
- Mapping type — a mapping type named
Ingestion proxy
, wherein the mappingIngestion-proxy
is specified.
Adding a new probe Copied
Set up a new probe following the steps below:
-
Create a new probe and provide the name, hostname, and port.
-
Select the Dynamic Entities tab. Specify the mapping type and Collection Agent parameters that the Netprobe must use.
You should now be able to check the data coming in from the Collection Agent Ingestion Proxy through your Active Console.