This observ lib can be used to generate observ package for Windows.
jb init
jb install https://github.com/grafana/jsonnet-libs/windows-observ-lib
You can use lib to fill in monitoring-mixin structure:
// mixin.libsonnet file
local g = import './g.libsonnet';
local var = g.dashboard.variable;
local winlib = import 'github.com/grafana/jsonnet-libs/windows-observ-lib/main.libsonnet';
local config = (import 'config.libsonnet')._config;
{
local windows =
winlib.new(
dashboardNamePrefix=config.dashboardNamePrefix,
uid=config.uid,
filteringSelector=config.filteringSelector,
)
+
{
config+: config,
},
// get alerts from package:
prometheusAlerts+:: windows.alerts,
// get dashboards from package, buy modify datasource regex filters first using grafonnet:
grafanaDashboards+::
(windows {
variables+: {
datasources+: {
loki+: var.datasource.withRegex('Loki|.+logs'),
prometheus+: var.datasource.withRegex('Prometheus|Cortex|Mimir|grafanacloud-.+-prom'),
},
},
})
.dashboards,
}
// config.libsonnet file
{
_config+:: {
// labels to group windows hosts:
groupLabels: ['job'],
// labels to identify single windows host:
instanceLabels: ['instance'],
// selector to include in all queries(including alerts)
filteringSelector: 'job=~".*windows.*"',
// prefix all dashboards uids and alert groups
uid: 'windows',
// prefix dashboards titles
dashboardNamePrefix: '',
dashboardTags: ['windows'],
dashboardPeriod: 'now-1h',
dashboardTimezone: 'default',
dashboardRefresh: '1m',
alertsCPUThresholdWarning: '90',
alertMemoryUsageThresholdCritical: '90',
alertDiskUsageThresholdCritical: '90',
// set to false to disable logs dashboard and logs annotations
enableLokiLogs: true,
extraLogLabels: ['channel', 'source', 'keywords', 'level'],
logsVolumeGroupBy: 'level',
showLogsVolume: true,
logsExtraFilters:
|||
| label_format timestamp="{{__timestamp__}}"
| drop channel_extracted,source_extracted,computer_extracted,level_extracted,keywords_extracted
| line_format `{{ if eq "[[instance]]" ".*" }}{{ alignLeft 25 .instance}}|{{end}}{{alignLeft 12 .channel }}| {{ alignLeft 25 .source}}| {{ .message }}`
|||,
},
}
Examples: Fleet dashboard: Overview dashboard: Logs dashboard: Drill down disks dashboard:
Grafana Agent or combination of windows_exporter/promtail can be used in order to collect data required.
The following collectors should be enabled in windows_exporter/windows integration:
enabled_collectors: cpu,cs,logical_disk,net,os,service,system,textfile,time,diskdrive
Loki logs are used to populate logs dashboard and also for quering annotations.
To opt-out, you can set enableLokiLogs: false
in config. See example above.
The following scrape snippet can be used:
- job_name: integrations/windows-exporter-application
windows_events:
use_incoming_timestamp: true
bookmark_path: "C:\\Program Files\\Grafana Agent\\bookmarks-app.xml"
eventlog_name: "Application"
labels:
job: integrations/windows_exporter
instance: 'win-test' # must match instance used in windows_exporter
relabel_configs:
- source_labels: ['computer']
target_label: 'agent_hostname'
pipeline_stages:
- json:
expressions:
source: source
level: levelText
- labels:
source:
level:
# disable or enable depending on your requirements
- job_name: integrations/windows-exporter-security
windows_events:
use_incoming_timestamp: true
bookmark_path: "C:\\Program Files\\Grafana Agent\\secsys.xml"
eventlog_name: Security
labels:
job: integrations/windows_exporter
instance: 'win-test' # must match instance used in windows_exporter
relabel_configs:
- source_labels: ['computer']
target_label: 'agent_hostname'
pipeline_stages:
- json:
expressions:
source: source
level: levelText
- labels:
source:
level:
- job_name: integrations/windows-exporter-system
windows_events:
use_incoming_timestamp: true
bookmark_path: "C:\\Program Files\\Grafana Agent\\bookmarks-sys.xml"
eventlog_name: "System"
labels:
job: integrations/windows_exporter
instance: 'win-test' # must match instance used in windows_exporter
relabel_configs:
- source_labels: ['computer']
target_label: 'agent_hostname'
pipeline_stages:
- json:
expressions:
source: source
level: levelText
keywords:
- labels:
source:
level:
keywords: