System OpenTelemetry Dashboards¶
Host monitoring dashboards for OpenTelemetry Host Metrics Receiver.
Overview¶
These dashboards provide monitoring for infrastructure with OpenTelemetry, covering CPU, memory, disk, network, and host metadata.
Note: Based on the Elastic integrations repository dashboards. Licensed under Elastic License 2.0.
Dashboards¶
| Dashboard | File | Description |
|---|---|---|
| Hosts Overview | 01-hosts-overview.yaml |
Overview of all hosts with key performance metrics |
| Host Details - Overview | 02-host-details-overview.yaml |
Detailed single host overview with CPU, memory, and disk metrics |
| Host Details - Metrics | 03-host-details-metrics.yaml |
In-depth metrics charts for CPU, memory, disk, and load |
| Host Details - Metadata | 04-host-details-metadata.yaml |
Host resource attributes and metadata |
| Host Details - Logs | 05-host-details-logs.yaml |
Host log messages |
All dashboards include navigation links for easy switching between views.
Dashboard Definitions¶
Hosts Overview (01-hosts-overview.yaml)
---
# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
# or more contributor license agreements. Licensed under the Elastic License 2.0;
# you may not use this file except in compliance with the Elastic License 2.0.
# See ../../licenses/ELASTIC-LICENSE-2.0.txt for the full license text.
#
# This file is derived from the Elastic integrations repository:
# https://github.com/elastic/integrations/tree/main/packages/system_otel
#
# Modified by kb-yaml-to-lens contributors to convert from Kibana JSON format
# to YAML format for use as documentation examples.
dashboards:
- id: otel-hosts-overview
name: '[OTel System] Hosts Overview'
description: Overview of all OpenTelemetry-monitored hosts with key performance metrics
filters:
- exists: resource.attributes.host.name
- field: data_stream.dataset
equals: hostmetricsreceiver.otel
panels:
# ═══════════════════════════════════════════════════════════════════════
# NAVIGATION
# ═══════════════════════════════════════════════════════════════════════
- title: Navigation
size: {w: 48, h: 3}
links:
layout: horizontal
items:
- label: Hosts Overview
dashboard: otel-hosts-overview
- label: Host Overview
dashboard: otel-host-details-overview
- label: Host Metrics
dashboard: otel-host-details-metrics
- label: Host Metadata
dashboard: otel-host-details-metadata
- label: Host Logs
dashboard: otel-host-details-logs
# ═══════════════════════════════════════════════════════════════════════
# FLEET HEALTH SUMMARY
# ═══════════════════════════════════════════════════════════════════════
- title: Fleet Health
size: {w: 48, h: 3}
markdown:
content: '## Fleet Health'
- title: Total Hosts
hide_title: true
size: {w: 12, h: 4}
lens:
type: metric
data_view: metrics-*
primary:
aggregation: unique_count
field: resource.attributes.host.name
label: Total Hosts
format:
type: number
decimals: 0
- title: Hosts by OS Type
hide_title: true
size: {w: 12, h: 4}
lens:
type: metric
data_view: metrics-*
breakdown:
field: resource.attributes.os.type
label: OS Type
size: 5
primary:
aggregation: unique_count
field: resource.attributes.host.name
label: Hosts
format:
type: number
decimals: 0
- title: CPU Utilization Fleet
description: >-
100% minus idle and wait time. Wait time is CPU waiting for I/O, not
active work.
hide_title: true
size: {w: 12, h: 4}
lens:
type: metric
data_view: metrics-*
primary:
formula: >-
1 - (average(metrics.system.cpu.utilization, kql='attributes.state: idle') + average(metrics.system.cpu.utilization, kql='attributes.state:
wait'))
label: Avg CPU
format:
type: percent
- title: Memory Utilization Fleet
hide_title: true
size: {w: 12, h: 4}
lens:
type: metric
data_view: metrics-*
primary:
formula: "average(metrics.system.memory.utilization, kql='attributes.state : \"used\"')"
label: Avg Memory
format:
type: percent
# ═══════════════════════════════════════════════════════════════════════
# FLEET TRENDS
# ═══════════════════════════════════════════════════════════════════════
- title: Fleet Trends
size: {w: 48, h: 3}
markdown:
content: '## Fleet Trends'
- title: CPU Utilization Over Time
size: {w: 24, h: 12}
lens:
type: line
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: resource.attributes.host.name
size: 10
metrics:
- formula: >-
1 - (average(metrics.system.cpu.utilization, kql='attributes.state: idle') + average(metrics.system.cpu.utilization, kql='attributes.state:
wait'))
label: CPU Utilization
format:
type: percent
- title: Memory Utilization Over Time
size: {w: 24, h: 12}
lens:
type: area
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: resource.attributes.host.name
size: 10
metrics:
- formula: "average(metrics.system.memory.utilization, kql='attributes.state : \"used\"')"
label: Memory Utilization
format:
type: percent
# ═══════════════════════════════════════════════════════════════════════
# HOST DETAILS TABLE
# ═══════════════════════════════════════════════════════════════════════
- title: Host Details
size: {w: 48, h: 3}
markdown:
content: '## Host Details'
- title: Host Performance Summary
size: {w: 48, h: 20}
lens:
type: datatable
data_view: metrics-*
breakdowns:
- id: hostname
type: values
field: resource.attributes.host.name
label: Host
size: 100
- id: os
type: values
field: resource.attributes.os.type
label: OS
size: 1
metrics:
- id: cpu-util
formula: >-
1 - (average(metrics.system.cpu.utilization, kql='attributes.state: idle') + average(metrics.system.cpu.utilization, kql='attributes.state:
wait'))
label: CPU %
format:
type: percent
- id: mem-util
formula: "average(metrics.system.memory.utilization, kql='attributes.state : \"used\"')"
label: Memory %
format:
type: percent
- id: norm-load
formula: average(metrics.system.cpu.load_average.1m) / max(metrics.system.cpu.logical.count)
# Normalized Load: 1-min load average / CPU count. >1 = overloaded.
label: Normalized Load
format:
type: percent
- id: disk-util
aggregation: average
field: metrics.system.filesystem.utilization
label: Disk %
format:
type: percent
paging:
enabled: true
page_size: 10
Host Details - Overview (02-host-details-overview.yaml)
---
# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
# or more contributor license agreements. Licensed under the Elastic License 2.0;
# you may not use this file except in compliance with the Elastic License 2.0.
# See ../../licenses/ELASTIC-LICENSE-2.0.txt for the full license text.
#
# This file is derived from the Elastic integrations repository:
# https://github.com/elastic/integrations/tree/main/packages/system_otel
#
# Modified by kb-yaml-to-lens contributors to convert from Kibana JSON format
# to YAML format for use as documentation examples.
dashboards:
- id: otel-host-details-overview
name: '[OTel System] Host Details - Overview'
description: Detailed overview of host resource utilization and performance metrics
filters:
- exists: resource.attributes.host.name
- field: data_stream.dataset
equals: hostmetricsreceiver.otel
controls:
- type: options
label: Host Name
data_view: metrics-*
field: resource.attributes.host.name
panels:
# ═══════════════════════════════════════════════════════════════════════
# NAVIGATION
# ═══════════════════════════════════════════════════════════════════════
- title: Navigation
size: {w: 48, h: 3}
links:
layout: horizontal
items:
- label: Hosts Overview
dashboard: otel-hosts-overview
- label: Host Overview
dashboard: otel-host-details-overview
- label: Host Metrics
dashboard: otel-host-details-metrics
- label: Host Metadata
dashboard: otel-host-details-metadata
- label: Host Logs
dashboard: otel-host-details-logs
# ═══════════════════════════════════════════════════════════════════════
# KEY METRICS
# ═══════════════════════════════════════════════════════════════════════
- title: Key Metrics
size: {w: 48, h: 3}
markdown:
content: '## Key Metrics'
- title: CPU Utilization
hide_title: true
size: {w: 12, h: 4}
lens:
type: metric
data_view: metrics-*
primary:
formula: >-
1 - (average(metrics.system.cpu.utilization, kql='attributes.state: idle') + average(metrics.system.cpu.utilization, kql='attributes.state:
wait'))
label: CPU %
format:
type: percent
- title: Normalized Load
description: >-
1-min load average / CPU count. >100% = overloaded. Useful for
comparing hosts with different CPU counts.
hide_title: true
size: {w: 12, h: 4}
lens:
type: metric
data_view: metrics-*
primary:
formula: average(metrics.system.cpu.load_average.1m) / max(metrics.system.cpu.logical.count)
label: Load
format:
type: percent
- title: Memory Utilization
hide_title: true
size: {w: 12, h: 4}
lens:
type: metric
data_view: metrics-*
primary:
formula: "average(metrics.system.memory.utilization, kql='attributes.state : \"used\"')"
label: Memory %
format:
type: percent
- title: Disk Usage
hide_title: true
size: {w: 12, h: 4}
lens:
type: metric
data_view: metrics-*
primary:
aggregation: average
field: metrics.system.filesystem.utilization
label: Disk %
format:
type: percent
# ═══════════════════════════════════════════════════════════════════════
# RESOURCE TRENDS
# ═══════════════════════════════════════════════════════════════════════
- title: Resource Trends
size: {w: 48, h: 3}
markdown:
content: '## Resource Trends'
- title: CPU Utilization Over Time
size: {w: 24, h: 12}
lens:
type: line
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
metrics:
- formula: >-
1 - (average(metrics.system.cpu.utilization, kql='attributes.state: idle') + average(metrics.system.cpu.utilization, kql='attributes.state:
wait'))
label: CPU Utilization
format:
type: percent
- title: Memory Utilization Over Time
size: {w: 24, h: 12}
lens:
type: area
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
metrics:
- formula: "average(metrics.system.memory.utilization, kql='attributes.state : \"used\"')"
label: Memory Utilization
format:
type: percent
- title: Normalized Load Over Time
size: {w: 24, h: 12}
lens:
type: line
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
metrics:
- formula: average(metrics.system.cpu.load_average.1m) / max(metrics.system.cpu.logical.count)
label: Normalized Load
format:
type: percent
- title: Disk Usage by Mount Point
size: {w: 24, h: 12}
lens:
type: line
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: attributes.mountpoint
size: 10
metrics:
- aggregation: average
field: metrics.system.filesystem.utilization
label: Disk Usage
format:
type: percent
Host Details - Metrics (03-host-details-metrics.yaml)
---
# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
# or more contributor license agreements. Licensed under the Elastic License 2.0;
# you may not use this file except in compliance with the Elastic License 2.0.
# See ../../licenses/ELASTIC-LICENSE-2.0.txt for the full license text.
#
# This file is derived from the Elastic integrations repository:
# https://github.com/elastic/integrations/tree/main/packages/system_otel
#
# Modified by kb-yaml-to-lens contributors to convert from Kibana JSON format
# to YAML format for use as documentation examples.
dashboards:
- id: otel-host-details-metrics
name: '[OTel System] Host Details - Metrics'
description: Detailed system metrics for OpenTelemetry hosts
filters:
- exists: resource.attributes.host.name
- field: data_stream.dataset
equals: hostmetricsreceiver.otel
controls:
- type: options
label: Host Name
data_view: metrics-*
field: resource.attributes.host.name
panels:
# ═══════════════════════════════════════════════════════════════════════
# NAVIGATION
# ═══════════════════════════════════════════════════════════════════════
- title: Navigation
size: {w: 48, h: 3}
links:
layout: horizontal
items:
- label: Hosts Overview
dashboard: otel-hosts-overview
- label: Host Overview
dashboard: otel-host-details-overview
- label: Host Metrics
dashboard: otel-host-details-metrics
- label: Host Metadata
dashboard: otel-host-details-metadata
- label: Host Logs
dashboard: otel-host-details-logs
# ═══════════════════════════════════════════════════════════════════════
# CPU SECTION
# ═══════════════════════════════════════════════════════════════════════
- title: CPU Section
size: {w: 48, h: 3}
markdown:
content: '## CPU'
- title: CPU Utilization
size: {w: 24, h: 12}
lens:
type: line
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
metrics:
- formula: >-
1 - (average(metrics.system.cpu.utilization, kql='attributes.state: idle') + average(metrics.system.cpu.utilization, kql='attributes.state:
wait'))
label: CPU Utilization
format:
type: percent
- title: CPU Utilization by State
size: {w: 24, h: 12}
lens:
type: area
mode: stacked
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: attributes.state
size: 10
metrics:
- aggregation: average
field: metrics.system.cpu.utilization
label: CPU %
format:
type: percent
- title: Load Average
size: {w: 24, h: 12}
lens:
type: line
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
metrics:
- aggregation: average
field: metrics.system.cpu.load_average.1m
label: 1m
- aggregation: average
field: metrics.system.cpu.load_average.5m
label: 5m
- aggregation: average
field: metrics.system.cpu.load_average.15m
label: 15m
- title: Normalized Load
size: {w: 24, h: 12}
lens:
type: line
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
metrics:
- formula: average(metrics.system.cpu.load_average.1m) / max(metrics.system.cpu.logical.count)
label: Normalized Load
format:
type: percent
# ═══════════════════════════════════════════════════════════════════════
# MEMORY SECTION
# ═══════════════════════════════════════════════════════════════════════
- title: Memory Section
size: {w: 48, h: 3}
markdown:
content: '## Memory'
- title: Memory Utilization
size: {w: 24, h: 12}
lens:
type: area
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
metrics:
- formula: "average(metrics.system.memory.utilization, kql='attributes.state : \"used\"')"
label: Memory Utilization
format:
type: percent
- title: Memory Utilization by State
size: {w: 24, h: 12}
lens:
type: area
mode: stacked
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: attributes.state
size: 10
metrics:
- aggregation: average
field: metrics.system.memory.utilization
label: Memory %
format:
type: percent
# ═══════════════════════════════════════════════════════════════════════
# DISK SECTION
# ═══════════════════════════════════════════════════════════════════════
- title: Disk Section
size: {w: 48, h: 3}
markdown:
content: '## Disk'
- title: Disk Usage by Mount Point
size: {w: 24, h: 12}
lens:
type: line
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: attributes.mountpoint
size: 10
metrics:
- aggregation: average
field: metrics.system.filesystem.utilization
label: Disk Usage
format:
type: percent
- title: Disk Operations by Device
size: {w: 24, h: 12}
lens:
type: area
mode: stacked
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: attributes.device
size: 10
metrics:
- formula: counter_rate(metrics.system.disk.operations)
label: Operations/sec
format:
type: number
decimals: 0
- title: Disk I/O by Device
size: {w: 24, h: 12}
lens:
type: area
mode: stacked
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: attributes.device
size: 10
metrics:
- formula: counter_rate(metrics.system.disk.io)
label: Bytes/sec
format:
type: bytes
- title: Disk I/O Time by Device
size: {w: 24, h: 12}
lens:
type: line
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: attributes.device
size: 10
metrics:
- aggregation: average
field: metrics.system.disk.io_time
label: I/O Time
# ═══════════════════════════════════════════════════════════════════════
# NETWORK SECTION
# ═══════════════════════════════════════════════════════════════════════
- title: Network Section
size: {w: 48, h: 3}
markdown:
content: '## Network'
- title: Network I/O by Interface
size: {w: 24, h: 12}
lens:
type: area
mode: stacked
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: attributes.device
size: 10
metrics:
- aggregation: average
field: metrics.system.network.io
label: Bytes
format:
type: bytes
- title: Network Packets by Interface
size: {w: 24, h: 12}
lens:
type: area
mode: stacked
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: attributes.device
size: 10
metrics:
- aggregation: average
field: metrics.system.network.packets
label: Packets
format:
type: number
decimals: 0
- title: Network Errors by Interface
size: {w: 24, h: 12}
lens:
type: line
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: attributes.device
size: 10
metrics:
- aggregation: sum
field: metrics.system.network.errors
label: Errors
format:
type: number
decimals: 0
- title: Network Dropped Packets by Interface
size: {w: 24, h: 12}
lens:
type: line
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: attributes.device
size: 10
metrics:
- aggregation: sum
field: metrics.system.network.dropped
label: Dropped
format:
type: number
decimals: 0
# ═══════════════════════════════════════════════════════════════════════
# PAGING SECTION
# ═══════════════════════════════════════════════════════════════════════
- title: Paging Section
size: {w: 48, h: 3}
markdown:
content: '## Paging / Swap'
- title: Paging Utilization
size: {w: 24, h: 12}
lens:
type: area
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
metrics:
- aggregation: average
field: metrics.system.paging.utilization
label: Paging Utilization
format:
type: percent
- title: Paging Operations
size: {w: 24, h: 12}
lens:
type: area
mode: stacked
data_view: metrics-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: attributes.direction
size: 5
metrics:
- aggregation: average
field: metrics.system.paging.operations
label: Operations
format:
type: number
decimals: 0
Host Details - Metadata (04-host-details-metadata.yaml)
---
# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
# or more contributor license agreements. Licensed under the Elastic License 2.0;
# you may not use this file except in compliance with the Elastic License 2.0.
# See ../../licenses/ELASTIC-LICENSE-2.0.txt for the full license text.
#
# This file is derived from the Elastic integrations repository:
# https://github.com/elastic/integrations/tree/main/packages/system_otel
#
# Modified by kb-yaml-to-lens contributors to convert from Kibana JSON format
# to YAML format for use as documentation examples.
dashboards:
- id: otel-host-details-metadata
name: '[OTel System] Host Details - Metadata'
description: Host resource attributes and metadata from OpenTelemetry hostmetricsreceiver
filters:
- exists: resource.attributes.host.name
- field: data_stream.dataset
equals: hostmetricsreceiver.otel
controls:
- type: options
label: Host Name
data_view: metrics-*
field: resource.attributes.host.name
panels:
# ═══════════════════════════════════════════════════════════════════════
# NAVIGATION
# ═══════════════════════════════════════════════════════════════════════
- title: Navigation
size: {w: 48, h: 3}
links:
layout: horizontal
items:
- label: Hosts Overview
dashboard: otel-hosts-overview
- label: Host Overview
dashboard: otel-host-details-overview
- label: Host Metrics
dashboard: otel-host-details-metrics
- label: Host Metadata
dashboard: otel-host-details-metadata
- label: Host Logs
dashboard: otel-host-details-logs
# ═══════════════════════════════════════════════════════════════════════
# HOST & OS METADATA
# ═══════════════════════════════════════════════════════════════════════
- title: Host & OS Section
size: {w: 48, h: 3}
markdown:
content: '## Host & Operating System'
- title: Host Metadata
size: {w: 24, h: 12}
esql:
type: datatable
query:
- FROM metrics-*
- WHERE resource.attributes.host.name IS NOT NULL
- WHERE data_stream.dataset == "hostmetricsreceiver.otel"
- LIMIT 1
- STATS BY arch = resource.attributes.host.arch, ip = resource.attributes.host.ip, mac = resource.attributes.host.mac, name = resource.attributes.host.name
- EVAL ip_str = TO_STRING(ip)
- EVAL str = CONCAT("host.arch$",arch, "|", "host.ip$", ip_str, "|", "host.mac$",mac, "|", "host.name$", name)
- EVAL arr = SPLIT(str, "|")
- MV_EXPAND arr
- EVAL pairs = SPLIT(arr, "$")
- EVAL `Resource Attribute` = MV_FIRST(pairs), value = MV_LAST(pairs)
- KEEP `Resource Attribute`, value
- STATS `Value` = MV_DEDUPE(TOP(value, 400, "asc")) BY `Resource Attribute`
breakdowns:
- field: Resource Attribute
label: Resource Attribute
- field: Value
label: Value
- title: Operating System Metadata
size: {w: 24, h: 12}
esql:
type: datatable
query:
- FROM metrics-*
- WHERE resource.attributes.host.name IS NOT NULL
- WHERE data_stream.dataset == "hostmetricsreceiver.otel"
- LIMIT 1
- STATS BY description = resource.attributes.os.description, type = resource.attributes.os.type
- EVAL str = CONCAT("os.description$", description, "|", "os.type$",type)
- EVAL arr = SPLIT(str, "|")
- MV_EXPAND arr
- EVAL pairs = SPLIT(arr, "$")
- EVAL `Resource Attribute` = MV_FIRST(pairs), `Value` = MV_LAST(pairs)
- KEEP `Resource Attribute`, `Value`
breakdowns:
- field: Resource Attribute
label: Resource Attribute
- field: Value
label: Value
# ═══════════════════════════════════════════════════════════════════════
# CPU METADATA
# ═══════════════════════════════════════════════════════════════════════
- title: CPU Section
size: {w: 48, h: 3}
markdown:
content: '## CPU'
- title: Host CPU Metadata
size: {w: 48, h: 12}
esql:
type: datatable
query:
- FROM metrics-*
- WHERE resource.attributes.host.name IS NOT NULL
- WHERE data_stream.dataset == "hostmetricsreceiver.otel"
- LIMIT 1
- STATS BY cache_size = TO_STRING(resource.attributes.host.cpu.cache.l2.size), family = resource.attributes.host.cpu.family, model_id
= resource.attributes.host.cpu.model.id, model_name = resource.attributes.host.cpu.model.name, stepping = resource.attributes.host.cpu.stepping,
vendor_id = resource.attributes.host.cpu.vendor.id
- EVAL str = CONCAT("host.cpu.cache.l2.size$", cache_size, "|", "host.cpu.family$",family, "|", "host.cpu.model.id$",model_id, "|",
"host.cpu.model.name$",model_name, "|", "host.cpu.stepping$",stepping, "|", "host.cpu.vendor.id$",vendor_id)
- EVAL arr = SPLIT(str, "|")
- MV_EXPAND arr
- EVAL pairs = SPLIT(arr, "$")
- EVAL `Resource Attribute` = MV_FIRST(pairs), `Value` = MV_LAST(pairs)
- KEEP `Resource Attribute`, `Value`
breakdowns:
- field: Resource Attribute
label: Resource Attribute
- field: Value
label: Value
# ═══════════════════════════════════════════════════════════════════════
# CLOUD METADATA
# ═══════════════════════════════════════════════════════════════════════
- title: Cloud Section
size: {w: 48, h: 3}
markdown:
content: '## Cloud'
- title: Cloud Metadata
size: {w: 48, h: 12}
esql:
type: datatable
query:
- FROM metrics-*
- WHERE resource.attributes.host.name IS NOT NULL
- WHERE data_stream.dataset == "hostmetricsreceiver.otel"
- LIMIT 1
- STATS BY resource.attributes.cloud.account.id, resource.attributes.cloud.instance.id, resource.attributes.cloud.platform, resource.attributes.cloud.provider
- EVAL str = CONCAT("cloud.account.id$",COALESCE(resource.attributes.cloud.account.id, ""), "|", "cloud.instance.id$",COALESCE(resource.attributes.cloud.instance.id,
""), "|", "cloud.platform$",COALESCE(resource.attributes.cloud.platform, ""), "|", "cloud.provider$",COALESCE(resource.attributes.cloud.provider,
""))
- EVAL arr = SPLIT(str, "|")
- MV_EXPAND arr
- EVAL pairs = SPLIT(arr, "$")
- EVAL `Resource Attribute` = MV_FIRST(pairs), `Value` = MV_LAST(pairs)
- KEEP `Resource Attribute`, `Value`
breakdowns:
- field: Resource Attribute
label: Resource Attribute
- field: Value
label: Value
# ═══════════════════════════════════════════════════════════════════════
# KUBERNETES METADATA
# ═══════════════════════════════════════════════════════════════════════
- title: Kubernetes Section
size: {w: 48, h: 3}
markdown:
content: '## Kubernetes'
- title: Kubernetes Metadata
size: {w: 48, h: 8}
esql:
type: datatable
query:
- FROM metrics-*
- WHERE resource.attributes.host.name IS NOT NULL
- WHERE data_stream.dataset == "hostmetricsreceiver.otel"
- LIMIT 1
- STATS BY resource.attributes.k8s.cluster.name
- EVAL `Resource Attribute` = "k8s.cluster.name", `Value` = resource.attributes.k8s.cluster.name
- KEEP `Resource Attribute`, `Value`
breakdowns:
- field: Resource Attribute
label: Resource Attribute
- field: Value
label: Value
Host Details - Logs (05-host-details-logs.yaml)
---
# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
# or more contributor license agreements. Licensed under the Elastic License 2.0;
# you may not use this file except in compliance with the Elastic License 2.0.
# See ../../licenses/ELASTIC-LICENSE-2.0.txt for the full license text.
#
# This file is derived from the Elastic integrations repository:
# https://github.com/elastic/integrations/tree/main/packages/system_otel
#
# Modified by kb-yaml-to-lens contributors to convert from Kibana JSON format
# to YAML format for use as documentation examples.
dashboards:
- id: otel-host-details-logs
name: '[OTel System] Host Details - Logs'
description: Host log messages from OpenTelemetry logs collection
filters:
- exists: resource.attributes.host.name
controls:
- type: options
label: Host Name
data_view: logs-*
field: resource.attributes.host.name
- type: options
label: Log Level
data_view: logs-*
field: log.level
panels:
# ═══════════════════════════════════════════════════════════════════════
# NAVIGATION
# ═══════════════════════════════════════════════════════════════════════
- title: Navigation
size: {w: 48, h: 3}
links:
layout: horizontal
items:
- label: Hosts Overview
dashboard: otel-hosts-overview
- label: Host Overview
dashboard: otel-host-details-overview
- label: Host Metrics
dashboard: otel-host-details-metrics
- label: Host Metadata
dashboard: otel-host-details-metadata
- label: Host Logs
dashboard: otel-host-details-logs
# ═══════════════════════════════════════════════════════════════════════
# LOG SUMMARY
# ═══════════════════════════════════════════════════════════════════════
- title: Log Summary
size: {w: 48, h: 3}
markdown:
content: '## Log Summary'
- title: Log Events Over Time
size: {w: 32, h: 12}
lens:
type: area
mode: stacked
data_view: logs-*
dimension:
field: '@timestamp'
type: date_histogram
breakdown:
type: values
field: log.level
size: 10
metrics:
- aggregation: count
label: Events
format:
type: number
decimals: 0
- title: Log Level Distribution
size: {w: 16, h: 12}
lens:
type: pie
data_view: logs-*
breakdowns:
- field: log.level
type: values
label: Level
size: 10
metrics:
- aggregation: count
label: Events
format:
type: number
decimals: 0
# ═══════════════════════════════════════════════════════════════════════
# LOG DETAILS TABLE
# ═══════════════════════════════════════════════════════════════════════
- title: Log Details
size: {w: 48, h: 3}
markdown:
content: '## Log Details'
- title: Logs
size: {w: 48, h: 40}
esql:
type: datatable
query:
- FROM logs-*
- WHERE resource.attributes.host.name IS NOT NULL
- SORT @timestamp DESC
- LIMIT 1000
- KEEP @timestamp, log.level, log.logger, message
breakdowns:
- field: '@timestamp'
label: Timestamp
- field: log.level
label: Level
- field: log.logger
label: Logger
- field: message
label: Message
Prerequisites¶
- OpenTelemetry Collector: Collector with Host Metrics receiver configured
- Kibana: Version 8.x or later
Data Requirements¶
- Data stream dataset:
hostmetricsreceiver.otel - Data view:
metrics-*
OpenTelemetry Collector Configuration¶
receivers:
hostmetrics:
collection_interval: 10s
scrapers:
cpu:
memory:
disk:
filesystem:
network:
load:
exporters:
elasticsearch:
endpoints: ["https://your-elasticsearch-instance:9200"]
service:
pipelines:
metrics:
receivers: [hostmetrics]
exporters: [elasticsearch]
Metrics Reference¶
CPU Metrics¶
| Metric | Type | Unit | Description | Attributes |
|---|---|---|---|---|
system.cpu.time |
Sum | s |
Seconds each logical CPU spent on each mode | cpu, state |
system.cpu.utilization |
Gauge | 1 |
CPU usage difference per logical CPU (0-1) | cpu, state |
system.cpu.load_average.1m |
Gauge | {thread} |
Average CPU load over 1 minute | — |
system.cpu.load_average.5m |
Gauge | {thread} |
Average CPU load over 5 minutes | — |
system.cpu.load_average.15m |
Gauge | {thread} |
Average CPU load over 15 minutes | — |
system.cpu.logical.count |
Sum | {cpu} |
Number of available logical CPUs (optional) | — |
system.cpu.physical.count |
Sum | {cpu} |
Number of available physical CPUs (optional) | — |
system.cpu.frequency |
Gauge | Hz |
Current CPU frequency (optional) | cpu |
Memory Metrics¶
| Metric | Type | Unit | Description | Attributes |
|---|---|---|---|---|
system.memory.usage |
Sum | By |
Bytes of memory in use | state |
system.memory.utilization |
Gauge | 1 |
Percentage of memory in use (optional) | state |
system.memory.limit |
Sum | By |
Total bytes of memory (optional) | — |
system.linux.memory.available |
Sum | By |
Available memory estimate (Linux, optional) | — |
Disk Metrics¶
| Metric | Type | Unit | Description | Attributes |
|---|---|---|---|---|
system.disk.io |
Sum | By |
Disk bytes transferred | device, direction |
system.disk.operations |
Sum | {operations} |
Disk operations count | device, direction |
system.disk.io_time |
Sum | s |
Time disk spent activated | device |
system.disk.operation_time |
Sum | s |
Time spent in disk operations | device, direction |
system.disk.pending_operations |
Sum | {operations} |
Queue size of pending I/O operations | device |
system.disk.merged |
Sum | {operations} |
Merged disk operations | device, direction |
system.disk.weighted_io_time |
Sum | s |
Weighted I/O time | device |
Filesystem Metrics¶
| Metric | Type | Unit | Description | Attributes |
|---|---|---|---|---|
system.filesystem.usage |
Sum | By |
Filesystem bytes used | device, mode, mountpoint, type, state |
system.filesystem.utilization |
Gauge | 1 |
Fraction of filesystem used (optional) | device, mode, mountpoint, type |
system.filesystem.inodes.usage |
Sum | {inodes} |
Filesystem inodes used | device, mode, mountpoint, type, state |
Network Metrics¶
| Metric | Type | Unit | Description | Attributes |
|---|---|---|---|---|
system.network.io |
Sum | By |
Bytes transmitted and received | device, direction |
system.network.packets |
Sum | {packets} |
Packets transferred | device, direction |
system.network.dropped |
Sum | {packets} |
Packets dropped | device, direction |
system.network.errors |
Sum | {errors} |
Errors encountered | device, direction |
system.network.connections |
Sum | {connections} |
Number of connections | protocol, state |
system.network.conntrack.count |
Sum | {entries} |
Conntrack table entries (optional) | — |
system.network.conntrack.max |
Sum | {entries} |
Conntrack table limit (optional) | — |
Metric Attributes¶
| Attribute | Values | Description |
|---|---|---|
cpu |
0, 1, 2, ... |
Logical CPU number |
state (cpu) |
idle, interrupt, nice, softirq, steal, system, user, wait |
CPU state |
state (memory) |
buffered, cached, free, inactive, slab_reclaimable, slab_unreclaimable, used |
Memory state |
state (filesystem) |
free, reserved, used |
Filesystem state |
device |
Device name | Disk, filesystem, or network device |
direction |
read/write (disk), receive/transmit (network) |
I/O direction |
mountpoint |
Mount path | Filesystem mount point |
type |
ext4, xfs, ntfs, etc. |
Filesystem type |
mode |
rw, ro |
Filesystem mode |
protocol |
tcp, udp |
Network protocol |
state (connections) |
TCP connection states | Connection state |
Resource Attributes¶
| Attribute | Description |
|---|---|
host.name |
Host identifier |
os.type |
Operating system type |
Metrics Not Used in Dashboards¶
The following metrics are available from the Host Metrics receiver but are not currently visualized in the dashboards:
Default Metrics Not Used¶
| Metric | Type | Unit | Description | Attributes |
|---|---|---|---|---|
system.cpu.time |
Sum | s |
Seconds each logical CPU spent on each mode | cpu, state |
system.memory.usage |
Sum | By |
Bytes of memory in use | state |
system.disk.operation_time |
Sum | s |
Time spent in disk operations | device, direction |
system.disk.pending_operations |
Sum | {operations} |
Queue size of pending I/O operations | device |
system.disk.merged |
Sum | {operations} |
Merged disk operations | device, direction |
system.disk.weighted_io_time |
Sum | s |
Weighted I/O time | device |
system.filesystem.usage |
Sum | By |
Filesystem bytes used | device, mode, mountpoint, type, state |
system.filesystem.inodes.usage |
Sum | {inodes} |
Filesystem inodes used | device, mode, mountpoint, type, state |
system.network.connections |
Sum | {connections} |
Number of connections | protocol, state |
Optional Metrics Not Used¶
| Metric | Type | Unit | Description | Attributes |
|---|---|---|---|---|
system.cpu.physical.count |
Sum | {cpu} |
Number of available physical CPUs | — |
system.cpu.frequency |
Gauge | Hz |
Current CPU frequency | cpu |
system.memory.limit |
Sum | By |
Total bytes of memory | — |
system.linux.memory.available |
Sum | By |
Available memory estimate (Linux) | — |
system.network.conntrack.count |
Sum | {entries} |
Conntrack table entries | — |
system.network.conntrack.max |
Sum | {entries} |
Conntrack table limit | — |