Don’t forget to select tags to help index your topic!
I’d like to create reports/dashboards on how great the log size is per timeframe, that is, any given device sends per month.
I understand there have been several attempts to do this, mostly using the _size field of Elasticsearch.
Is there a reason why the already existing field gl2_accounted_message_size shouldn’t be used for this?
I’d simply create a search device:MyDeviceName to search through the last month and a metric aggregating sum(gl2_accounted_message_size).
I don’t understand, however, why e.g. the following thread uses separate Python scripts instead of simply aggregating the messages. Anything I’m missing here?
What that member was trying to do was get the Outgoing traffic. So Python was easiest way to do that which grabbed the metrics from MongoDb. From there you can see in this members screen shot they were able to calculate GB per day, averages , etc…It depends on what you want to do.
