SlideShare a Scribd company logo

Intro to Kapacitor for Alerting and Anomaly Detection

InfluxData
InfluxData

In this session you’ll get detailed overview of Kapacitor, InfluxDB’s native data processing engine. The session will cover how to install, configure and build custom TICKscripts enable alerting and anomaly detection.

Internet
1 of 28
Download to read offline
Noah Crowley, Developer Advocate Getting Started Series Introduction to Kapacitor
© 2017 InfluxData. All rights reserved.2 © 2018 InfluxData. All rights reserved.2 ✓ What is Kapacitor ✓ How to Install Kapacitor ✓ Understand TICKscript • Quoting rules ✓ Create Stream Tasks • Trigger alerts ✓ Create Batch Tasks ✓ Understand Batch vs Stream ✓ Use Kapacitor as a Downsampling engine • Instead of Continuous queries What we will be covering
© 2018 InfluxData. All rights reserved.3 © 2018 InfluxData. All rights reserved.3 InfluxData Products and Offerings
© 2017 InfluxData. All rights reserved.4 © 2017 InfluxData. All rights reserved.4 Key Kapacitor Capabilities 1 2 Alerting Processing ETL jobs
© 2018 InfluxData. All rights reserved.5 Kapacitor: Real-time Streaming Data Processing Engine • Native data processing engine • Processes both stream and batch data from InfluxDB • Plug in custom logic or user defined functions to – process alerts with dynamic thresholds – match metrics for patterns – compute statistical anomalies – perform specific actions based on these alerts like dynamic load rebalancing • Downsample data • Integrates with HipChat, OpsGenie, Alerta, Sensu, PagerDuty, Slack, and more
© 2018 InfluxData. All rights reserved.6 Install & Start Kapacitor Download (All builds available at https://portal.influxdata.com/downloads) Install Start wget https://dl.influxdata.com/kapacitor/releases/kapacitor_1.5.1_amd64.deb sudo dpkg -i kapacitor_1.5.1_amd64.deb sudo systemctl start kapacitor
© 2018 InfluxData. All rights reserved.7 Install with apt Configure InfluxData Repository Install & Start Kapacitor curl -sL https://repos.influxdata.com/influxdb.key | sudo apt-key add - source /etc/lsb-release echo "deb https://repos.influxdata.com/${DISTRIB_ID,,} ${DISTRIB_CODENAME} stable" | sudo tee /etc/apt/sources.list.d/influxdb.list sudo apt-get update && sudo apt-get install kapacitor sudo service telegraf start
© 2018 InfluxData. All rights reserved.8 © 2018 InfluxData. All rights reserved.8 Defining Tasks
© 2017 InfluxData. All rights reserved.9 Batch Stream ● Queries InfluxDB periodically ● Does not buffer as much of data in RAM ● Places additional query load on InfluxDB ● Writes are mirrored onto the InfluxDB instance ● Buffers all data in RAM ● Places additional write load on Kapacitor
© 2018 InfluxData. All rights reserved.10 TICK Script • Chain invocation language – | chains together different nodes – . refers to specific attributes on a node • Variables refer to values – Strings – Ints, Floats – Durations – Pipelines var measurement = 'requests' var data = stream |from() .measurement(measurement) |where(lambda: "is_up" == TRUE) |where(lambda: "my_field" > 10) |window() .period(5m) .every(5m) // Count number of points in window data |count('value') .as('the_count') // Compute mean of data window data |mean('value') .as('the_average')
© 2018 InfluxData. All rights reserved.11 TICKScript Syntax - Quoting Rules • Double Quotes – References data in lambda expression • Single Quotes – Literal String value // ' means the use the literal string value var measurement = 'requests' var data = stream |from() .measurement(measurement) // " means use the reference value |where(lambda: "is_up" == TRUE) |where(lambda: "my_field" > 10) |window() .period(5m) .every(5m) // ' means to use the literal string value data |count('value') .as('the_count')
© 2018 InfluxData. All rights reserved.12 Create a Stream TICKscript • Logs all data from the measurement cpu // cpu.tick stream |from() .measurement('cpu') |log()
© 2018 InfluxData. All rights reserved.13 Create a Stream Task $ kapacitor define cpu -tick cpu.tick -type stream -dbrp telegraf.autogen // cpu.tick stream |from() .measurement('cpu') |log()
© 2018 InfluxData. All rights reserved.14 Show a Stream Task $ kapacitor show cpu ID: cpu Error: Template: Type: stream Status: enabled Executing: true Created: 10 Oct 17 16:05 EDT Modified: 10 Oct 17 16:05 EDT LastEnabled: 01 Jan 01 00:00 UTC Databases Retention Policies: ["telegraf"."autogen"] TICKscript: // cpu.tick stream |from() .measurement('cpu') |log() DOT: digraph cpu { stream0 -> from1; from1 -> log2; } $ kapacitor define cpu -tick cpu.tick -type stream -dbrp telegraf.autogen $ kapacitor enable cpu
© 2018 InfluxData. All rights reserved.15 Create a More Interesting Stream TICKscript • Create 5m windows of data that emit every 1m • Compute the average of the field usage_user • Log the result // cpu.tick stream |from() .measurement('cpu') |window() .period(5m) .every(1m) |mean('usage_user') .as('mean_usage_user') |log()
© 2018 InfluxData. All rights reserved.16 An even more interesting TICKscript • Filter on the tag cpu=cpu-total • Create 5m windows of data that emit every 1m • Compute the average of the field usage_user • Log the result // cpu.tick stream |from() .measurement('cpu') |where(lambda: "cpu" == 'cpu-total') |window() .period(5m) .every(1m) |mean('usage_user') .as('mean_usage_user') |log()
© 2018 InfluxData. All rights reserved.17 Adding Alerts • Filter on the tag cpu=cpu-total • Create 5m windows of data that emit every 1m • Compute the average of the field usage_user • Alert when mean_usage_user > 80 • Send alert to – Slack channel alerts – Email oncall@example.com // cpu.tick stream |from() .measurement('cpu') |where(lambda: "cpu" == 'cpu-total') |window() .period(5m) .every(1m) |mean('usage_user') .as('mean_usage_user') |alert() .crit(lambda: "mean_usage_user" > 80) .message('cpu usage high!') .slack() .channel('alerts') .email('oncall@example.com')
© 2018 InfluxData. All rights reserved.18 Create a Batch TICKscript • Query 5m windows of data every 1m • Compute the average of the field usage_user • Log the result // batch_cpu.tick batch |query(''' SELECT mean("usage_user") AS mean_usage_user FROM "telegraf"."autogen"."cpu" ''') .period(5m) .every(1m) |log()
© 2018 InfluxData. All rights reserved.19 Create a Batch Task $ kapacitor define batch_cpu -tick batch_cpu.tick -type batch -dbrp telegraf.autogen // batch_cpu.tick batch |query(''' SELECT mean("usage_user") AS mean_usage_user FROM "telegraf"."autogen"."cpu" ''') .period(5m) .every(1m) |log()
© 2018 InfluxData. All rights reserved.20 Create a Batch TICKscript • Query 5m windows of data every 1m • Compute the average of the field usage_user • Alert when mean_usage_user > 80 • Send alert to – Slack channel alerts – Email oncall@example.com // batch_cpu.tick batch |query(''' SELECT mean("usage_user") AS mean_usage_user FROM "telegraf"."autogen"."cpu" ''') .period(5m) .every(1m) |alert() .crit(lambda: "mean_usage_user" > 80) .message('cpu usage high!') .slack() .channel('alerts') .email('oncall@example.com')
© 2017 InfluxData. All rights reserved.21 Batching Streaming ● Queries InfluxDB periodically ● Does not buffer as much of data in RAM ● Places additional query load on InfluxDB ● Writes are mirrored onto the InfluxDB instance ● Buffers all data in RAM ● Places additional write load on Kapacitor
© 2018 InfluxData. All rights reserved.22 © 2018 InfluxData. All rights reserved.22 Using Kapacitor for Downsampling
© 2018 InfluxData. All rights reserved.23 What is Downsampling? Downsampling is the process of reducing a sequence of points in a series to a single data point • Computing the average, max, min, etc of a window of data for a particular series
© 2018 InfluxData. All rights reserved.24 Why Downsample? • Faster queries • Store less data
© 2018 InfluxData. All rights reserved.25 Why Downsample using Kapacitor? Offload computation to a separate host • Create a task that aggregates your data – Can be stream or batch depending on your use-case • Writes data back into InfluxDB – Typically back into another retention policy Expanded capabilities beyond InfluxQL • Math across measurements • User-defined Functions
© 2018 InfluxData. All rights reserved.26 Example • Downsample the data into 5m windows • Store that data back into the 5m retention policy in the telegraf database // batch_cpu.tick batch |query(''' SELECT mean("usage_user") AS usage_user FROM "telegraf"."autogen"."cpu" ''') .period(5m) .every(5m) |influxDBOut() .database('telegraf') .retentionPolicy('5m') .tag('source', 'kapacitor')
© 2017 InfluxData. All rights reserved.27 Batching Streaming ● Queries InfluxDB periodically ● Does not buffer as much of data in RAM ● Places additional query load on InfluxDB ● Writes are mirrored onto the InfluxDB instance ● Buffers all data in RAM ● Places additional write load on Kapacitor
noah@influxdata.com @noahcrowley

Recommended

Kapacitor - Real Time Data Processing Engine
Kapacitor - Real Time Data Processing EngineKapacitor - Real Time Data Processing Engine
Kapacitor - Real Time Data Processing Engine
Prashant Vats
 
How Texas Instruments Uses InfluxDB to Uphold Product Standards and to Improv...
How Texas Instruments Uses InfluxDB to Uphold Product Standards and to Improv...How Texas Instruments Uses InfluxDB to Uphold Product Standards and to Improv...
How Texas Instruments Uses InfluxDB to Uphold Product Standards and to Improv...
InfluxData
 
Cisco OpenSOC
Cisco OpenSOCCisco OpenSOC
Cisco OpenSOC
James Sirota
 
Inside the InfluxDB storage engine
Inside the InfluxDB storage engineInside the InfluxDB storage engine
Inside the InfluxDB storage engine
InfluxData
 
How to Build a Telegraf Plugin by Noah Crowley
How to Build a Telegraf Plugin by Noah CrowleyHow to Build a Telegraf Plugin by Noah Crowley
How to Build a Telegraf Plugin by Noah Crowley
InfluxData
 
Intro to InfluxDB
Intro to InfluxDBIntro to InfluxDB
Intro to InfluxDB
InfluxData
 
Flink Streaming
Flink StreamingFlink Streaming
Flink Streaming
Gyula Fóra
 
Druid deep dive
Druid deep diveDruid deep dive
Druid deep dive
Kashif Khan
 

Recommended

Kapacitor - Real Time Data Processing Engine
Kapacitor - Real Time Data Processing EngineKapacitor - Real Time Data Processing Engine
Kapacitor - Real Time Data Processing Engine
Prashant Vats
 
How Texas Instruments Uses InfluxDB to Uphold Product Standards and to Improv...
How Texas Instruments Uses InfluxDB to Uphold Product Standards and to Improv...How Texas Instruments Uses InfluxDB to Uphold Product Standards and to Improv...
How Texas Instruments Uses InfluxDB to Uphold Product Standards and to Improv...
InfluxData
 
Cisco OpenSOC
Cisco OpenSOCCisco OpenSOC
Cisco OpenSOC
James Sirota
 
Inside the InfluxDB storage engine
Inside the InfluxDB storage engineInside the InfluxDB storage engine
Inside the InfluxDB storage engine
InfluxData
 
How to Build a Telegraf Plugin by Noah Crowley
How to Build a Telegraf Plugin by Noah CrowleyHow to Build a Telegraf Plugin by Noah Crowley
How to Build a Telegraf Plugin by Noah Crowley
InfluxData
 
Intro to InfluxDB
Intro to InfluxDBIntro to InfluxDB
Intro to InfluxDB
InfluxData
 
Flink Streaming
Flink StreamingFlink Streaming
Flink Streaming
Gyula Fóra
 
Druid deep dive
Druid deep diveDruid deep dive
Druid deep dive
Kashif Khan
 
Intro to Telegraf
Intro to TelegrafIntro to Telegraf
Intro to Telegraf
InfluxData
 
All about InfluxDB.
All about InfluxDB.All about InfluxDB.
All about InfluxDB.
mitesh_sharma
 
Managing multiple event types in a single topic with Schema Registry | Bill B...
Managing multiple event types in a single topic with Schema Registry | Bill B...Managing multiple event types in a single topic with Schema Registry | Bill B...
Managing multiple event types in a single topic with Schema Registry | Bill B...
HostedbyConfluent
 
Distributed applications using Hazelcast
Distributed applications using HazelcastDistributed applications using Hazelcast
Distributed applications using Hazelcast
Taras Matyashovsky
 
Impala presentation
Impala presentationImpala presentation
Impala presentation
trihug
 
Real-time analytics with Druid at Appsflyer
Real-time analytics with Druid at AppsflyerReal-time analytics with Druid at Appsflyer
Real-time analytics with Druid at Appsflyer
Michael Spector
 
A Thorough Comparison of Delta Lake, Iceberg and Hudi
A Thorough Comparison of Delta Lake, Iceberg and HudiA Thorough Comparison of Delta Lake, Iceberg and Hudi
A Thorough Comparison of Delta Lake, Iceberg and Hudi
Databricks
 
CockroachDB: Architecture of a Geo-Distributed SQL Database
CockroachDB: Architecture of a Geo-Distributed SQL DatabaseCockroachDB: Architecture of a Geo-Distributed SQL Database
CockroachDB: Architecture of a Geo-Distributed SQL Database
C4Media
 
New Directions for Apache Arrow
New Directions for Apache ArrowNew Directions for Apache Arrow
New Directions for Apache Arrow
Wes McKinney
 
Near Real-Time Data Warehousing with Apache Spark and Delta Lake
Near Real-Time Data Warehousing with Apache Spark and Delta LakeNear Real-Time Data Warehousing with Apache Spark and Delta Lake
Near Real-Time Data Warehousing with Apache Spark and Delta Lake
Databricks
 
Secret Management with Hashicorp Vault and Consul on Kubernetes
Secret Management with Hashicorp Vault and Consul on KubernetesSecret Management with Hashicorp Vault and Consul on Kubernetes
Secret Management with Hashicorp Vault and Consul on Kubernetes
An Nguyen
 
The Parquet Format and Performance Optimization Opportunities
The Parquet Format and Performance Optimization OpportunitiesThe Parquet Format and Performance Optimization Opportunities
The Parquet Format and Performance Optimization Opportunities
Databricks
 
Integrating NiFi and Flink
Integrating NiFi and FlinkIntegrating NiFi and Flink
Integrating NiFi and Flink
Bryan Bende
 
2020-02-20 - HashiCorpUserGroup Madring - Integrating HashiCorp Vault and Kub...
2020-02-20 - HashiCorpUserGroup Madring - Integrating HashiCorp Vault and Kub...2020-02-20 - HashiCorpUserGroup Madring - Integrating HashiCorp Vault and Kub...
2020-02-20 - HashiCorpUserGroup Madring - Integrating HashiCorp Vault and Kub...
Andrey Devyatkin
 
Spark overview
Spark overviewSpark overview
Spark overview
Lisa Hua
 
Streaming SQL with Apache Calcite
Streaming SQL with Apache CalciteStreaming SQL with Apache Calcite
Streaming SQL with Apache Calcite
Julian Hyde
 
QCon London.pdf
QCon London.pdfQCon London.pdf
QCon London.pdf
Monica Beckwith
 
Building large scale applications in yarn with apache twill
Building large scale applications in yarn with apache twillBuilding large scale applications in yarn with apache twill
Building large scale applications in yarn with apache twill
Henry Saputra
 
Best Practices: How to Analyze IoT Sensor Data with InfluxDB
Best Practices: How to Analyze IoT Sensor Data with InfluxDBBest Practices: How to Analyze IoT Sensor Data with InfluxDB
Best Practices: How to Analyze IoT Sensor Data with InfluxDB
InfluxData
 
Introduction to Spark with Python
Introduction to Spark with PythonIntroduction to Spark with Python
Introduction to Spark with Python
Gokhan Atil
 
Advanced kapacitor
Advanced kapacitorAdvanced kapacitor
Advanced kapacitor
InfluxData
 
Virtual training Intro to Kapacitor
Virtual training Intro to Kapacitor Virtual training Intro to Kapacitor
Virtual training Intro to Kapacitor
InfluxData
 

More Related Content

What's hot

Managing multiple event types in a single topic with Schema Registry | Bill B...
Managing multiple event types in a single topic with Schema Registry | Bill B...Managing multiple event types in a single topic with Schema Registry | Bill B...
Managing multiple event types in a single topic with Schema Registry | Bill B...
HostedbyConfluent
 
CockroachDB: Architecture of a Geo-Distributed SQL Database
CockroachDB: Architecture of a Geo-Distributed SQL DatabaseCockroachDB: Architecture of a Geo-Distributed SQL Database
CockroachDB: Architecture of a Geo-Distributed SQL Database
C4Media
 
Near Real-Time Data Warehousing with Apache Spark and Delta Lake
Near Real-Time Data Warehousing with Apache Spark and Delta LakeNear Real-Time Data Warehousing with Apache Spark and Delta Lake
Near Real-Time Data Warehousing with Apache Spark and Delta Lake
Databricks
 
The Parquet Format and Performance Optimization Opportunities
The Parquet Format and Performance Optimization OpportunitiesThe Parquet Format and Performance Optimization Opportunities
The Parquet Format and Performance Optimization Opportunities
Databricks
 
Best Practices: How to Analyze IoT Sensor Data with InfluxDB
Best Practices: How to Analyze IoT Sensor Data with InfluxDBBest Practices: How to Analyze IoT Sensor Data with InfluxDB
Best Practices: How to Analyze IoT Sensor Data with InfluxDB
InfluxData
 

What's hot (20)

Intro to Telegraf
Intro to TelegrafIntro to Telegraf
Intro to Telegraf
 
All about InfluxDB.
All about InfluxDB.All about InfluxDB.
All about InfluxDB.
 
Managing multiple event types in a single topic with Schema Registry | Bill B...
Managing multiple event types in a single topic with Schema Registry | Bill B...Managing multiple event types in a single topic with Schema Registry | Bill B...
Managing multiple event types in a single topic with Schema Registry | Bill B...
 
Distributed applications using Hazelcast
Distributed applications using HazelcastDistributed applications using Hazelcast
Distributed applications using Hazelcast
 
Impala presentation
Impala presentationImpala presentation
Impala presentation
 
Real-time analytics with Druid at Appsflyer
Real-time analytics with Druid at AppsflyerReal-time analytics with Druid at Appsflyer
Real-time analytics with Druid at Appsflyer
 
A Thorough Comparison of Delta Lake, Iceberg and Hudi
A Thorough Comparison of Delta Lake, Iceberg and HudiA Thorough Comparison of Delta Lake, Iceberg and Hudi
A Thorough Comparison of Delta Lake, Iceberg and Hudi
 
CockroachDB: Architecture of a Geo-Distributed SQL Database
CockroachDB: Architecture of a Geo-Distributed SQL DatabaseCockroachDB: Architecture of a Geo-Distributed SQL Database
CockroachDB: Architecture of a Geo-Distributed SQL Database
 
New Directions for Apache Arrow
New Directions for Apache ArrowNew Directions for Apache Arrow
New Directions for Apache Arrow
 
Near Real-Time Data Warehousing with Apache Spark and Delta Lake
Near Real-Time Data Warehousing with Apache Spark and Delta LakeNear Real-Time Data Warehousing with Apache Spark and Delta Lake
Near Real-Time Data Warehousing with Apache Spark and Delta Lake
 
Secret Management with Hashicorp Vault and Consul on Kubernetes
Secret Management with Hashicorp Vault and Consul on KubernetesSecret Management with Hashicorp Vault and Consul on Kubernetes
Secret Management with Hashicorp Vault and Consul on Kubernetes
 
The Parquet Format and Performance Optimization Opportunities
The Parquet Format and Performance Optimization OpportunitiesThe Parquet Format and Performance Optimization Opportunities
The Parquet Format and Performance Optimization Opportunities
 
Integrating NiFi and Flink
Integrating NiFi and FlinkIntegrating NiFi and Flink
Integrating NiFi and Flink
 
2020-02-20 - HashiCorpUserGroup Madring - Integrating HashiCorp Vault and Kub...
2020-02-20 - HashiCorpUserGroup Madring - Integrating HashiCorp Vault and Kub...2020-02-20 - HashiCorpUserGroup Madring - Integrating HashiCorp Vault and Kub...
2020-02-20 - HashiCorpUserGroup Madring - Integrating HashiCorp Vault and Kub...
 
Spark overview
Spark overviewSpark overview
Spark overview
 
Streaming SQL with Apache Calcite
Streaming SQL with Apache CalciteStreaming SQL with Apache Calcite
Streaming SQL with Apache Calcite
 
QCon London.pdf
QCon London.pdfQCon London.pdf
QCon London.pdf
 
Building large scale applications in yarn with apache twill
Building large scale applications in yarn with apache twillBuilding large scale applications in yarn with apache twill
Building large scale applications in yarn with apache twill
 
Best Practices: How to Analyze IoT Sensor Data with InfluxDB
Best Practices: How to Analyze IoT Sensor Data with InfluxDBBest Practices: How to Analyze IoT Sensor Data with InfluxDB
Best Practices: How to Analyze IoT Sensor Data with InfluxDB
 
Introduction to Spark with Python
Introduction to Spark with PythonIntroduction to Spark with Python
Introduction to Spark with Python
 

Similar to Intro to Kapacitor for Alerting and Anomaly Detection

Why You Should NOT Be Using an RDBMS for Time-stamped Data
Why You Should NOT Be Using an RDBMS for Time-stamped DataWhy You Should NOT Be Using an RDBMS for Time-stamped Data
Why You Should NOT Be Using an RDBMS for Time-stamped Data
DevOps.com
 
Why You Should NOT Be Using an RDBS for Time-stamped Data
Why You Should NOT Be Using an RDBS for Time-stamped Data Why You Should NOT Be Using an RDBS for Time-stamped Data
Why You Should NOT Be Using an RDBS for Time-stamped Data
DevOps.com
 
"Introduction to Kx Technology", James Corcoran, Head of Engineering EMEA at ...
"Introduction to Kx Technology", James Corcoran, Head of Engineering EMEA at ..."Introduction to Kx Technology", James Corcoran, Head of Engineering EMEA at ...
"Introduction to Kx Technology", James Corcoran, Head of Engineering EMEA at ...
Dataconomy Media
 
Webinar: Dyn + DataStax - helping companies deliver exceptional end-user expe...
Webinar: Dyn + DataStax - helping companies deliver exceptional end-user expe...Webinar: Dyn + DataStax - helping companies deliver exceptional end-user expe...
Webinar: Dyn + DataStax - helping companies deliver exceptional end-user expe...
DataStax
 
Maximizing Real-Time Data Processing with Apache Kafka and InfluxDB: A Compre...
Maximizing Real-Time Data Processing with Apache Kafka and InfluxDB: A Compre...Maximizing Real-Time Data Processing with Apache Kafka and InfluxDB: A Compre...
Maximizing Real-Time Data Processing with Apache Kafka and InfluxDB: A Compre...
HostedbyConfluent
 

Similar to Intro to Kapacitor for Alerting and Anomaly Detection (20)

Advanced kapacitor
Advanced kapacitorAdvanced kapacitor
Advanced kapacitor
 
Virtual training Intro to Kapacitor
Virtual training Intro to Kapacitor Virtual training Intro to Kapacitor
Virtual training Intro to Kapacitor
 
WRITING QUERIES (INFLUXQL AND TICK)
WRITING QUERIES (INFLUXQL AND TICK)WRITING QUERIES (INFLUXQL AND TICK)
WRITING QUERIES (INFLUXQL AND TICK)
 
Best Practices for Scaling an InfluxEnterprise Cluster
Best Practices for Scaling an InfluxEnterprise ClusterBest Practices for Scaling an InfluxEnterprise Cluster
Best Practices for Scaling an InfluxEnterprise Cluster
 
InfluxDB 101 – Concepts and Architecture by Michael DeSa, Software Engineer |...
InfluxDB 101 – Concepts and Architecture by Michael DeSa, Software Engineer |...InfluxDB 101 – Concepts and Architecture by Michael DeSa, Software Engineer |...
InfluxDB 101 – Concepts and Architecture by Michael DeSa, Software Engineer |...
 
DOWNSAMPLING DATA
DOWNSAMPLING DATADOWNSAMPLING DATA
DOWNSAMPLING DATA
 
Why You Should NOT Be Using an RDBMS for Time-stamped Data
Why You Should NOT Be Using an RDBMS for Time-stamped DataWhy You Should NOT Be Using an RDBMS for Time-stamped Data
Why You Should NOT Be Using an RDBMS for Time-stamped Data
 
Installing your influx enterprise cluster
Installing your influx enterprise clusterInstalling your influx enterprise cluster
Installing your influx enterprise cluster
 
Why You Should NOT Be Using an RDBS for Time-stamped Data
Why You Should NOT Be Using an RDBS for Time-stamped Data Why You Should NOT Be Using an RDBS for Time-stamped Data
Why You Should NOT Be Using an RDBS for Time-stamped Data
 
DataStax Enterprise & Apache Cassandra – Essentials for Financial Services – ...
DataStax Enterprise & Apache Cassandra – Essentials for Financial Services – ...DataStax Enterprise & Apache Cassandra – Essentials for Financial Services – ...
DataStax Enterprise & Apache Cassandra – Essentials for Financial Services – ...
 
"Introduction to Kx Technology", James Corcoran, Head of Engineering EMEA at ...
"Introduction to Kx Technology", James Corcoran, Head of Engineering EMEA at ..."Introduction to Kx Technology", James Corcoran, Head of Engineering EMEA at ...
"Introduction to Kx Technology", James Corcoran, Head of Engineering EMEA at ...
 
InfluxEnterprise Architecture Patterns by Tim Hall & Sam Dillard
InfluxEnterprise Architecture Patterns by Tim Hall & Sam DillardInfluxEnterprise Architecture Patterns by Tim Hall & Sam Dillard
InfluxEnterprise Architecture Patterns by Tim Hall & Sam Dillard
 
Webinar: Dyn + DataStax - helping companies deliver exceptional end-user expe...
Webinar: Dyn + DataStax - helping companies deliver exceptional end-user expe...Webinar: Dyn + DataStax - helping companies deliver exceptional end-user expe...
Webinar: Dyn + DataStax - helping companies deliver exceptional end-user expe...
 
Using Databases and Containers From Development to Deployment
Using Databases and Containers From Development to DeploymentUsing Databases and Containers From Development to Deployment
Using Databases and Containers From Development to Deployment
 
Maximizing Real-Time Data Processing with Apache Kafka and InfluxDB: A Compre...
Maximizing Real-Time Data Processing with Apache Kafka and InfluxDB: A Compre...Maximizing Real-Time Data Processing with Apache Kafka and InfluxDB: A Compre...
Maximizing Real-Time Data Processing with Apache Kafka and InfluxDB: A Compre...
 
SD Times - Docker v2
SD Times - Docker v2SD Times - Docker v2
SD Times - Docker v2
 
Optimizing InfluxDB Performance in the Real World | Sam Dillard | InfluxData
Optimizing InfluxDB Performance in the Real World | Sam Dillard | InfluxDataOptimizing InfluxDB Performance in the Real World | Sam Dillard | InfluxData
Optimizing InfluxDB Performance in the Real World | Sam Dillard | InfluxData
 
Big Data Berlin v8.0 Stream Processing with Apache Apex
Big Data Berlin v8.0 Stream Processing with Apache Apex Big Data Berlin v8.0 Stream Processing with Apache Apex
Big Data Berlin v8.0 Stream Processing with Apache Apex
 
Thomas Weise, Apache Apex PMC Member and Architect/Co-Founder, DataTorrent - ...
Thomas Weise, Apache Apex PMC Member and Architect/Co-Founder, DataTorrent - ...Thomas Weise, Apache Apex PMC Member and Architect/Co-Founder, DataTorrent - ...
Thomas Weise, Apache Apex PMC Member and Architect/Co-Founder, DataTorrent - ...
 
InfluxEnterprise Architectural Patterns by Dean Sheehan, Senior Director, Pre...
InfluxEnterprise Architectural Patterns by Dean Sheehan, Senior Director, Pre...InfluxEnterprise Architectural Patterns by Dean Sheehan, Senior Director, Pre...
InfluxEnterprise Architectural Patterns by Dean Sheehan, Senior Director, Pre...
 

More from InfluxData

Announcing InfluxDB Clustered
Announcing InfluxDB ClusteredAnnouncing InfluxDB Clustered
Announcing InfluxDB Clustered
InfluxData
 
Best Practices for Leveraging the Apache Arrow Ecosystem
Best Practices for Leveraging the Apache Arrow EcosystemBest Practices for Leveraging the Apache Arrow Ecosystem
Best Practices for Leveraging the Apache Arrow Ecosystem
InfluxData
 
How Bevi Uses InfluxDB and Grafana to Improve Predictive Maintenance and Redu...
How Bevi Uses InfluxDB and Grafana to Improve Predictive Maintenance and Redu...How Bevi Uses InfluxDB and Grafana to Improve Predictive Maintenance and Redu...
How Bevi Uses InfluxDB and Grafana to Improve Predictive Maintenance and Redu...
InfluxData
 
Power Your Predictive Analytics with InfluxDB
Power Your Predictive Analytics with InfluxDBPower Your Predictive Analytics with InfluxDB
Power Your Predictive Analytics with InfluxDB
InfluxData
 
How Teréga Replaces Legacy Data Historians with InfluxDB, AWS and IO-Base
How Teréga Replaces Legacy Data Historians with InfluxDB, AWS and IO-Base How Teréga Replaces Legacy Data Historians with InfluxDB, AWS and IO-Base
How Teréga Replaces Legacy Data Historians with InfluxDB, AWS and IO-Base
InfluxData
 
Build an Edge-to-Cloud Solution with the MING Stack
Build an Edge-to-Cloud Solution with the MING StackBuild an Edge-to-Cloud Solution with the MING Stack
Build an Edge-to-Cloud Solution with the MING Stack
InfluxData
 
Meet the Founders: An Open Discussion About Rewriting Using Rust
Meet the Founders: An Open Discussion About Rewriting Using RustMeet the Founders: An Open Discussion About Rewriting Using Rust
Meet the Founders: An Open Discussion About Rewriting Using Rust
InfluxData
 
Introducing InfluxDB Cloud Dedicated
Introducing InfluxDB Cloud DedicatedIntroducing InfluxDB Cloud Dedicated
Introducing InfluxDB Cloud Dedicated
InfluxData
 
Gain Better Observability with OpenTelemetry and InfluxDB
Gain Better Observability with OpenTelemetry and InfluxDB Gain Better Observability with OpenTelemetry and InfluxDB
Gain Better Observability with OpenTelemetry and InfluxDB
InfluxData
 
How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...
How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...
How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...
InfluxData
 
How Delft University's Engineering Students Make Their EV Formula-Style Race ...
How Delft University's Engineering Students Make Their EV Formula-Style Race ...How Delft University's Engineering Students Make Their EV Formula-Style Race ...
How Delft University's Engineering Students Make Their EV Formula-Style Race ...
InfluxData
 
Introducing InfluxDB’s New Time Series Database Storage Engine
Introducing InfluxDB’s New Time Series Database Storage EngineIntroducing InfluxDB’s New Time Series Database Storage Engine
Introducing InfluxDB’s New Time Series Database Storage Engine
InfluxData
 
Start Automating InfluxDB Deployments at the Edge with balena
Start Automating InfluxDB Deployments at the Edge with balena Start Automating InfluxDB Deployments at the Edge with balena
Start Automating InfluxDB Deployments at the Edge with balena
InfluxData
 
Understanding InfluxDB’s New Storage Engine
Understanding InfluxDB’s New Storage EngineUnderstanding InfluxDB’s New Storage Engine
Understanding InfluxDB’s New Storage Engine
InfluxData
 
Streamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDB
Streamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDBStreamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDB
Streamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDB
InfluxData
 
Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...
Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...
Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...
InfluxData
 
Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022
Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022
Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022
InfluxData
 

More from InfluxData (20)

Announcing InfluxDB Clustered
Announcing InfluxDB ClusteredAnnouncing InfluxDB Clustered
Announcing InfluxDB Clustered
 
Best Practices for Leveraging the Apache Arrow Ecosystem
Best Practices for Leveraging the Apache Arrow EcosystemBest Practices for Leveraging the Apache Arrow Ecosystem
Best Practices for Leveraging the Apache Arrow Ecosystem
 
How Bevi Uses InfluxDB and Grafana to Improve Predictive Maintenance and Redu...
How Bevi Uses InfluxDB and Grafana to Improve Predictive Maintenance and Redu...How Bevi Uses InfluxDB and Grafana to Improve Predictive Maintenance and Redu...
How Bevi Uses InfluxDB and Grafana to Improve Predictive Maintenance and Redu...
 
Power Your Predictive Analytics with InfluxDB
Power Your Predictive Analytics with InfluxDBPower Your Predictive Analytics with InfluxDB
Power Your Predictive Analytics with InfluxDB
 
How Teréga Replaces Legacy Data Historians with InfluxDB, AWS and IO-Base
How Teréga Replaces Legacy Data Historians with InfluxDB, AWS and IO-Base How Teréga Replaces Legacy Data Historians with InfluxDB, AWS and IO-Base
How Teréga Replaces Legacy Data Historians with InfluxDB, AWS and IO-Base
 
Build an Edge-to-Cloud Solution with the MING Stack
Build an Edge-to-Cloud Solution with the MING StackBuild an Edge-to-Cloud Solution with the MING Stack
Build an Edge-to-Cloud Solution with the MING Stack
 
Meet the Founders: An Open Discussion About Rewriting Using Rust
Meet the Founders: An Open Discussion About Rewriting Using RustMeet the Founders: An Open Discussion About Rewriting Using Rust
Meet the Founders: An Open Discussion About Rewriting Using Rust
 
Introducing InfluxDB Cloud Dedicated
Introducing InfluxDB Cloud DedicatedIntroducing InfluxDB Cloud Dedicated
Introducing InfluxDB Cloud Dedicated
 
Gain Better Observability with OpenTelemetry and InfluxDB
Gain Better Observability with OpenTelemetry and InfluxDB Gain Better Observability with OpenTelemetry and InfluxDB
Gain Better Observability with OpenTelemetry and InfluxDB
 
How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...
How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...
How a Heat Treating Plant Ensures Tight Process Control and Exceptional Quali...
 
How Delft University's Engineering Students Make Their EV Formula-Style Race ...
How Delft University's Engineering Students Make Their EV Formula-Style Race ...How Delft University's Engineering Students Make Their EV Formula-Style Race ...
How Delft University's Engineering Students Make Their EV Formula-Style Race ...
 
Introducing InfluxDB’s New Time Series Database Storage Engine
Introducing InfluxDB’s New Time Series Database Storage EngineIntroducing InfluxDB’s New Time Series Database Storage Engine
Introducing InfluxDB’s New Time Series Database Storage Engine
 
Start Automating InfluxDB Deployments at the Edge with balena
Start Automating InfluxDB Deployments at the Edge with balena Start Automating InfluxDB Deployments at the Edge with balena
Start Automating InfluxDB Deployments at the Edge with balena
 
Understanding InfluxDB’s New Storage Engine
Understanding InfluxDB’s New Storage EngineUnderstanding InfluxDB’s New Storage Engine
Understanding InfluxDB’s New Storage Engine
 
Streamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDB
Streamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDBStreamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDB
Streamline and Scale Out Data Pipelines with Kubernetes, Telegraf, and InfluxDB
 
Ward Bowman [PTC] | ThingWorx Long-Term Data Storage with InfluxDB | InfluxDa...
Ward Bowman [PTC] | ThingWorx Long-Term Data Storage with InfluxDB | InfluxDa...Ward Bowman [PTC] | ThingWorx Long-Term Data Storage with InfluxDB | InfluxDa...
Ward Bowman [PTC] | ThingWorx Long-Term Data Storage with InfluxDB | InfluxDa...
 
Scott Anderson [InfluxData] | New & Upcoming Flux Features | InfluxDays 2022
Scott Anderson [InfluxData] | New & Upcoming Flux Features | InfluxDays 2022Scott Anderson [InfluxData] | New & Upcoming Flux Features | InfluxDays 2022
Scott Anderson [InfluxData] | New & Upcoming Flux Features | InfluxDays 2022
 
Steinkamp, Clifford [InfluxData] | Closing Thoughts | InfluxDays 2022
Steinkamp, Clifford [InfluxData] | Closing Thoughts | InfluxDays 2022Steinkamp, Clifford [InfluxData] | Closing Thoughts | InfluxDays 2022
Steinkamp, Clifford [InfluxData] | Closing Thoughts | InfluxDays 2022
 
Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...
Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...
Steinkamp, Clifford [InfluxData] | Welcome to InfluxDays 2022 - Day 2 | Influ...
 
Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022
Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022
Steinkamp, Clifford [InfluxData] | Closing Thoughts Day 1 | InfluxDays 2022
 

Recently uploaded

Production 2024 sunderland culture final - Copy.pptx
Production 2024 sunderland culture final - Copy.pptxProduction 2024 sunderland culture final - Copy.pptx
Production 2024 sunderland culture final - Copy.pptx
ChloeMeadows1
 
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkkaudience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
lolsDocherty
 

Recently uploaded (16)

GOOGLE Io 2024 At takes center stage.pdf
GOOGLE Io 2024 At takes center stage.pdfGOOGLE Io 2024 At takes center stage.pdf
GOOGLE Io 2024 At takes center stage.pdf
 
Production 2024 sunderland culture final - Copy.pptx
Production 2024 sunderland culture final - Copy.pptxProduction 2024 sunderland culture final - Copy.pptx
Production 2024 sunderland culture final - Copy.pptx
 
The Use of AI in Indonesia Election 2024: A Case Study
The Use of AI in Indonesia Election 2024: A Case StudyThe Use of AI in Indonesia Election 2024: A Case Study
The Use of AI in Indonesia Election 2024: A Case Study
 
Statistical Analysis of DNS Latencies.pdf
Statistical Analysis of DNS Latencies.pdfStatistical Analysis of DNS Latencies.pdf
Statistical Analysis of DNS Latencies.pdf
 
I’ll See Y’All Motherfuckers In Game 7 Shirt
I’ll See Y’All Motherfuckers In Game 7 ShirtI’ll See Y’All Motherfuckers In Game 7 Shirt
I’ll See Y’All Motherfuckers In Game 7 Shirt
 
Reggie miller choke t shirtsReggie miller choke t shirts
Reggie miller choke t shirtsReggie miller choke t shirtsReggie miller choke t shirtsReggie miller choke t shirts
Reggie miller choke t shirtsReggie miller choke t shirts
 
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkkaudience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
audience research (emma) 1.pptxkkkkkkkkkkkkkkkkk
 
Thank You Luv I’ll Never Walk Alone Again T shirts
Thank You Luv I’ll Never Walk Alone Again T shirtsThank You Luv I’ll Never Walk Alone Again T shirts
Thank You Luv I’ll Never Walk Alone Again T shirts
 
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.
TORTOGEL TELAH MENJADI SALAH SATU PLATFORM PERMAINAN PALING FAVORIT.
 
Cyber Security Services Unveiled: Strategies to Secure Your Digital Presence
Cyber Security Services Unveiled: Strategies to Secure Your Digital PresenceCyber Security Services Unveiled: Strategies to Secure Your Digital Presence
Cyber Security Services Unveiled: Strategies to Secure Your Digital Presence
 
How Do I Begin the Linksys Velop Setup Process?
How Do I Begin the Linksys Velop Setup Process?How Do I Begin the Linksys Velop Setup Process?
How Do I Begin the Linksys Velop Setup Process?
 
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWebiThome_CYBERSEC2024_Drive_Into_the_DarkWeb
iThome_CYBERSEC2024_Drive_Into_the_DarkWeb
 
Bug Bounty Blueprint : A Beginner's Guide
Bug Bounty Blueprint : A Beginner's GuideBug Bounty Blueprint : A Beginner's Guide
Bug Bounty Blueprint : A Beginner's Guide
 
Pvtaan Social media marketing proposal.pdf
Pvtaan Social media marketing proposal.pdfPvtaan Social media marketing proposal.pdf
Pvtaan Social media marketing proposal.pdf
 
Development Lifecycle.pptx for the secure development of apps
Development Lifecycle.pptx for the secure development of appsDevelopment Lifecycle.pptx for the secure development of apps
Development Lifecycle.pptx for the secure development of apps
 
Premier Mobile App Development Agency in USA.pdf
Premier Mobile App Development Agency in USA.pdfPremier Mobile App Development Agency in USA.pdf
Premier Mobile App Development Agency in USA.pdf
 

Intro to Kapacitor for Alerting and Anomaly Detection

  • 1. Noah Crowley, Developer Advocate Getting Started Series Introduction to Kapacitor
  • 2. © 2017 InfluxData. All rights reserved.2 © 2018 InfluxData. All rights reserved.2 ✓ What is Kapacitor ✓ How to Install Kapacitor ✓ Understand TICKscript • Quoting rules ✓ Create Stream Tasks • Trigger alerts ✓ Create Batch Tasks ✓ Understand Batch vs Stream ✓ Use Kapacitor as a Downsampling engine • Instead of Continuous queries What we will be covering
  • 3. © 2018 InfluxData. All rights reserved.3 © 2018 InfluxData. All rights reserved.3 InfluxData Products and Offerings
  • 4. © 2017 InfluxData. All rights reserved.4 © 2017 InfluxData. All rights reserved.4 Key Kapacitor Capabilities 1 2 Alerting Processing ETL jobs
  • 5. © 2018 InfluxData. All rights reserved.5 Kapacitor: Real-time Streaming Data Processing Engine • Native data processing engine • Processes both stream and batch data from InfluxDB • Plug in custom logic or user defined functions to – process alerts with dynamic thresholds – match metrics for patterns – compute statistical anomalies – perform specific actions based on these alerts like dynamic load rebalancing • Downsample data • Integrates with HipChat, OpsGenie, Alerta, Sensu, PagerDuty, Slack, and more
  • 6. © 2018 InfluxData. All rights reserved.6 Install & Start Kapacitor Download (All builds available at https://portal.influxdata.com/downloads) Install Start wget https://dl.influxdata.com/kapacitor/releases/kapacitor_1.5.1_amd64.deb sudo dpkg -i kapacitor_1.5.1_amd64.deb sudo systemctl start kapacitor
  • 7. © 2018 InfluxData. All rights reserved.7 Install with apt Configure InfluxData Repository Install & Start Kapacitor curl -sL https://repos.influxdata.com/influxdb.key | sudo apt-key add - source /etc/lsb-release echo "deb https://repos.influxdata.com/${DISTRIB_ID,,} ${DISTRIB_CODENAME} stable" | sudo tee /etc/apt/sources.list.d/influxdb.list sudo apt-get update && sudo apt-get install kapacitor sudo service telegraf start
  • 8. © 2018 InfluxData. All rights reserved.8 © 2018 InfluxData. All rights reserved.8 Defining Tasks
  • 9. © 2017 InfluxData. All rights reserved.9 Batch Stream ● Queries InfluxDB periodically ● Does not buffer as much of data in RAM ● Places additional query load on InfluxDB ● Writes are mirrored onto the InfluxDB instance ● Buffers all data in RAM ● Places additional write load on Kapacitor
  • 10. © 2018 InfluxData. All rights reserved.10 TICK Script • Chain invocation language – | chains together different nodes – . refers to specific attributes on a node • Variables refer to values – Strings – Ints, Floats – Durations – Pipelines var measurement = 'requests' var data = stream |from() .measurement(measurement) |where(lambda: "is_up" == TRUE) |where(lambda: "my_field" > 10) |window() .period(5m) .every(5m) // Count number of points in window data |count('value') .as('the_count') // Compute mean of data window data |mean('value') .as('the_average')
  • 11. © 2018 InfluxData. All rights reserved.11 TICKScript Syntax - Quoting Rules • Double Quotes – References data in lambda expression • Single Quotes – Literal String value // ' means the use the literal string value var measurement = 'requests' var data = stream |from() .measurement(measurement) // " means use the reference value |where(lambda: "is_up" == TRUE) |where(lambda: "my_field" > 10) |window() .period(5m) .every(5m) // ' means to use the literal string value data |count('value') .as('the_count')
  • 12. © 2018 InfluxData. All rights reserved.12 Create a Stream TICKscript • Logs all data from the measurement cpu // cpu.tick stream |from() .measurement('cpu') |log()
  • 13. © 2018 InfluxData. All rights reserved.13 Create a Stream Task $ kapacitor define cpu -tick cpu.tick -type stream -dbrp telegraf.autogen // cpu.tick stream |from() .measurement('cpu') |log()
  • 14. © 2018 InfluxData. All rights reserved.14 Show a Stream Task $ kapacitor show cpu ID: cpu Error: Template: Type: stream Status: enabled Executing: true Created: 10 Oct 17 16:05 EDT Modified: 10 Oct 17 16:05 EDT LastEnabled: 01 Jan 01 00:00 UTC Databases Retention Policies: ["telegraf"."autogen"] TICKscript: // cpu.tick stream |from() .measurement('cpu') |log() DOT: digraph cpu { stream0 -> from1; from1 -> log2; } $ kapacitor define cpu -tick cpu.tick -type stream -dbrp telegraf.autogen $ kapacitor enable cpu
  • 15. © 2018 InfluxData. All rights reserved.15 Create a More Interesting Stream TICKscript • Create 5m windows of data that emit every 1m • Compute the average of the field usage_user • Log the result // cpu.tick stream |from() .measurement('cpu') |window() .period(5m) .every(1m) |mean('usage_user') .as('mean_usage_user') |log()
  • 16. © 2018 InfluxData. All rights reserved.16 An even more interesting TICKscript • Filter on the tag cpu=cpu-total • Create 5m windows of data that emit every 1m • Compute the average of the field usage_user • Log the result // cpu.tick stream |from() .measurement('cpu') |where(lambda: "cpu" == 'cpu-total') |window() .period(5m) .every(1m) |mean('usage_user') .as('mean_usage_user') |log()
  • 17. © 2018 InfluxData. All rights reserved.17 Adding Alerts • Filter on the tag cpu=cpu-total • Create 5m windows of data that emit every 1m • Compute the average of the field usage_user • Alert when mean_usage_user > 80 • Send alert to – Slack channel alerts – Email oncall@example.com // cpu.tick stream |from() .measurement('cpu') |where(lambda: "cpu" == 'cpu-total') |window() .period(5m) .every(1m) |mean('usage_user') .as('mean_usage_user') |alert() .crit(lambda: "mean_usage_user" > 80) .message('cpu usage high!') .slack() .channel('alerts') .email('oncall@example.com')
  • 18. © 2018 InfluxData. All rights reserved.18 Create a Batch TICKscript • Query 5m windows of data every 1m • Compute the average of the field usage_user • Log the result // batch_cpu.tick batch |query(''' SELECT mean("usage_user") AS mean_usage_user FROM "telegraf"."autogen"."cpu" ''') .period(5m) .every(1m) |log()
  • 19. © 2018 InfluxData. All rights reserved.19 Create a Batch Task $ kapacitor define batch_cpu -tick batch_cpu.tick -type batch -dbrp telegraf.autogen // batch_cpu.tick batch |query(''' SELECT mean("usage_user") AS mean_usage_user FROM "telegraf"."autogen"."cpu" ''') .period(5m) .every(1m) |log()
  • 20. © 2018 InfluxData. All rights reserved.20 Create a Batch TICKscript • Query 5m windows of data every 1m • Compute the average of the field usage_user • Alert when mean_usage_user > 80 • Send alert to – Slack channel alerts – Email oncall@example.com // batch_cpu.tick batch |query(''' SELECT mean("usage_user") AS mean_usage_user FROM "telegraf"."autogen"."cpu" ''') .period(5m) .every(1m) |alert() .crit(lambda: "mean_usage_user" > 80) .message('cpu usage high!') .slack() .channel('alerts') .email('oncall@example.com')
  • 21. © 2017 InfluxData. All rights reserved.21 Batching Streaming ● Queries InfluxDB periodically ● Does not buffer as much of data in RAM ● Places additional query load on InfluxDB ● Writes are mirrored onto the InfluxDB instance ● Buffers all data in RAM ● Places additional write load on Kapacitor
  • 22. © 2018 InfluxData. All rights reserved.22 © 2018 InfluxData. All rights reserved.22 Using Kapacitor for Downsampling
  • 23. © 2018 InfluxData. All rights reserved.23 What is Downsampling? Downsampling is the process of reducing a sequence of points in a series to a single data point • Computing the average, max, min, etc of a window of data for a particular series
  • 24. © 2018 InfluxData. All rights reserved.24 Why Downsample? • Faster queries • Store less data
  • 25. © 2018 InfluxData. All rights reserved.25 Why Downsample using Kapacitor? Offload computation to a separate host • Create a task that aggregates your data – Can be stream or batch depending on your use-case • Writes data back into InfluxDB – Typically back into another retention policy Expanded capabilities beyond InfluxQL • Math across measurements • User-defined Functions
  • 26. © 2018 InfluxData. All rights reserved.26 Example • Downsample the data into 5m windows • Store that data back into the 5m retention policy in the telegraf database // batch_cpu.tick batch |query(''' SELECT mean("usage_user") AS usage_user FROM "telegraf"."autogen"."cpu" ''') .period(5m) .every(5m) |influxDBOut() .database('telegraf') .retentionPolicy('5m') .tag('source', 'kapacitor')
  • 27. © 2017 InfluxData. All rights reserved.27 Batching Streaming ● Queries InfluxDB periodically ● Does not buffer as much of data in RAM ● Places additional query load on InfluxDB ● Writes are mirrored onto the InfluxDB instance ● Buffers all data in RAM ● Places additional write load on Kapacitor