skywalking es查询整理
索引介绍
sw_records-all
这个索引用于存储所有的采样记录,包括但不限于慢SQL查询、Agent分析得到的数据等。这些记录数据包括Traces、Logs、TopN采样语句和告警信息。它们被用于性能分析和故障排查,帮助开发者和运维团队理解服务的行为和性能特点。
mapping
{
"sw_records-all": {
"aliases": {
"sw_records-all": {}
},
"mappings": {
"_source": {
"excludes": [
"tags"
]
},
"properties": {
"alarm_message": {
"type": "keyword",
"copy_to": [
"alarm_message_match"
},
"alarm_message_match": {
"type": "text",
"analyzer": "oap_analyzer"
},
"continuous_profiling_json": {
"type": "keyword",
"index": false
},
"create_time": {
"type": "long"
},
"data_binary": {
"type": "binary"
},
"dump_binary": {
"type": "binary"
},
"dump_period": {
"type": "integer"
},
"dump_time": {
"type": "long"
},
"duration": {
"type": "integer"
},
"end_time_nanos": {
"type": "integer"
},
"end_time_second": {
"type": "long"
},
"endpoint_name": {
"type": "keyword"
},
"entity_id": {
"type": "keyword"
},
"event": {
"type": "keyword"
},
"extension_config_json": {
"type": "keyword",
"index": false
},
"fixed_trigger_duration": {
"type": "long"
},
"id0": {
"type": "keyword",
"index": false
},
"id1": {
"type": "keyword",
"index": false
},
"instance_id": {
"type": "keyword"
},
"last_update_time": {
"type": "long"
},
"latency": {
"type": "long"
},
"logical_id": {
"type": "keyword"
},
"max_sampling_count": {
"type": "integer"
},
"min_duration_threshold": {
"type": "integer"
},
"name": {
"type": "keyword",
"index": false
},
"operation_time": {
"type": "long"
},
"operation_type": {
"type": "integer",
"index": false
},
"process_labels_json": {
"type": "keyword"
},
"record_table": {
"type": "keyword"
},
"related_trace_id": {
"type": "keyword"
},
"rule_name": {
"type": "keyword"
},
"schedule_id": {
"type": "keyword"
},
"scope": {
"type": "integer"
},
"segment_id": {
"type": "keyword"
},
"sequence": {
"type": "integer"
},
"service_id": {
"type": "keyword"
},
"stack_binary": {
"type": "binary"
},
"stack_id": {
"type": "keyword"
},
"start_time": {
"type": "long"
},
"start_time_nanos": {
"type": "integer"
},
"start_time_second": {
"type": "long"
},
"statement": {
"type": "keyword",
"index": false
},
"tags": {
"type": "keyword"
},
"tags_raw_data": {
"type": "binary"
},
"target_type": {
"type": "integer"
},
"task_id": {
"type": "keyword"
},
"time_bucket": {
"type": "long"
},
"timestamp": {
"type": "long"
},
"trace_id": {
"type": "keyword",
"index": false
},
"trace_ref_type": {
"type": "integer"
},
"trace_segment_id": {
"type": "keyword"
},
"trace_span_id": {
"type": "keyword"
},
"trigger_type": {
"type": "integer"
},
"upload_time": {
"type": "long"
}
}
},
"settings": {
"index": {
"routing": {
"allocation": {
"include": {
"_tier_preference": "data_content"
}
}
},
"refresh_interval": "30s",
"number_of_shards": "1",
"provided_name": "sw_records-all-20241125",
"creation_date": "1732464023751",
"analysis": {
"analyzer": {
"oap_analyzer": {
"type": "stop"
}
}
},
"number_of_replicas": "1",
"uuid": "qrRVCMSNSnO90iz9hHWD0Q",
"version": {
"created": "7170799"
}
}
}
}
} |
sw_metrics-all
这个索引存储服务、服务实例及端点的元数据,即指标信息。这些指标数据包括服务的响应时间、吞吐量、错误率等关键性能指标,以分钟级别存储。这些数据对于监控服务性能至关重要,因为它们提供了实时的性能反馈,使得团队能够快速识别和解决性能问题。
metric_table枚举值
1、endpoint_cpm:端点的每分钟调用次数(CPM)
2、endpoint_percentile:端点的响应时间百分位数
3、endpoint_resp_time:端点的平均响应时间
4、endpoint_sla:服务等级协议(SLA)指标
5、endpoint_sidecar_internal_req_latency_nanos 和 endpoint_sidecar_internal_resp_latency_nanos:端点Sidecar内部请求和响应延迟的纳秒数
6、instance_jvm_xxx:服务实例的JVM相关指标,如类加载数量、CPU使用率、内存使用情况、垃圾回收次数和线程状态等
7、meter_thread_pool:线程池相关的度量
8、service_instance_cpm、service_instance_resp_time、service_instance_sla:服务实例级别的CPM、响应时间和SLA指标
9、service_instance_sidecar_internal_req_latency_nanos 和 service_instance_sidecar_internal_resp_latency_nanos:服务实例级别的Sidecar内部请求和响应延迟的纳秒数
result
{
"key": "endpoint_cpm",
"doc_count": 5763
},
{
"key": "endpoint_percentile",
"doc_count": 5763
},
{
"key": "endpoint_resp_time",
"doc_count": 5763
},
{
"key": "endpoint_sla",
"doc_count": 5763
},
{
"key": "endpoint_sidecar_internal_req_latency_nanos",
"doc_count": 5754
},
{
"key": "endpoint_sidecar_internal_resp_latency_nanos",
"doc_count": 5754
},
{
"key": "instance_jvm_class_loaded_class_count",
"doc_count": 2811
},
{
"key": "instance_jvm_class_total_loaded_class_count",
"doc_count": 2811
},
{
"key": "instance_jvm_class_total_unloaded_class_count",
"doc_count": 2811
},
{
"key": "instance_jvm_cpu",
"doc_count": 2811
},
{
"key": "instance_jvm_memory_heap",
"doc_count": 2811
},
{
"key": "instance_jvm_memory_heap_max",
"doc_count": 2811
},
{
"key": "instance_jvm_memory_noheap",
"doc_count": 2811
},
{
"key": "instance_jvm_memory_noheap_max",
"doc_count": 2811
},
{
"key": "instance_jvm_old_gc_count",
"doc_count": 2811
},
{
"key": "instance_jvm_old_gc_time",
"doc_count": 2811
},
{
"key": "instance_jvm_thread_blocked_state_thread_count",
"doc_count": 2811
},
{
"key": "instance_jvm_thread_daemon_count",
"doc_count": 2811
},
{
"key": "instance_jvm_thread_live_count",
"doc_count": 2811
},
{
"key": "instance_jvm_thread_peak_count",
"doc_count": 2811
},
{
"key": "instance_jvm_thread_runnable_state_thread_count",
"doc_count": 2811
},
{
"key": "instance_jvm_thread_timed_waiting_state_thread_count",
"doc_count": 2811
},
{
"key": "instance_jvm_thread_waiting_state_thread_count",
"doc_count": 2811
},
{
"key": "instance_jvm_young_gc_count",
"doc_count": 2811
},
{
"key": "instance_jvm_young_gc_time",
"doc_count": 2811
},
{
"key": "meter_thread_pool",
"doc_count": 2811
},
{
"key": "service_instance_cpm",
"doc_count": 1661
},
{
"key": "service_instance_resp_time",
"doc_count": 1661
},
{
"key": "service_instance_sla",
"doc_count": 1661
},
{
"key": "service_instance_sidecar_internal_req_latency_nanos",
"doc_count": 1659
},
{
"key": "service_instance_sidecar_internal_resp_latency_nanos",
"doc_count": 1659
} |
mapping
{
"sw_metrics-all-20241125": {
"aliases": {
"sw_metrics-all": {}
},
"mappings": {
"properties": {
"address": {
"type": "keyword"
},
"agent_id": {
"type": "keyword"
},
"component_id": {
"type": "integer",
"index": false
},
"component_ids": {
"type": "keyword",
"index": false
},
"count": {
"type": "long",
"index": false
},
"dataset": {
"type": "text",
"index": false
},
"datatable_count": {
"type": "text",
"index": false
},
"datatable_summation": {
"type": "text",
"index": false
},
"datatable_value": {
"type": "text",
"index": false
},
"denominator": {
"type": "long"
},
"dest_endpoint": {
"type": "keyword"
},
"dest_process_id": {
"type": "keyword"
},
"dest_service_id": {
"type": "keyword"
},
"dest_service_instance_id": {
"type": "keyword"
},
"detect_type": {
"type": "integer"
},
"double_summation": {
"type": "double",
"index": false
},
"double_value": {
"type": "double"
},
"ebpf_profiling_schedule_id": {
"type": "keyword"
},
"end_time": {
"type": "long"
},
"endpoint": {
"type": "keyword"
},
"endpoint_traffic_name": {
"type": "keyword",
"copy_to": [
"endpoint_traffic_name_match"
]
},
"endpoint_traffic_name_match": {
"type": "text",
"analyzer": "oap_analyzer"
},
"entity_id": {
"type": "keyword"
},
"instance_id": {
"type": "keyword"
},
"instance_traffic_name": {
"type": "keyword",
"index": false
},
"int_value": {
"type": "integer"
},
"label": {
"type": "keyword"
},
"labels_json": {
"type": "keyword",
"index": false
},
"last_ping": {
"type": "long"
},
"last_update_time_bucket": {
"type": "long"
},
"layer": {
"type": "integer"
},
"match": {
"type": "long",
"index": false
},
"message": {
"type": "keyword"
},
"metric_table": {
"type": "keyword"
},
"name": {
"type": "keyword"
},
"numerator": {
"type": "long"
},
"parameters": {
"type": "keyword",
"index": false
},
"percentage": {
"type": "integer"
},
"precision": {
"type": "integer",
"index": false
},
"process_id": {
"type": "keyword"
},
"profiling_support_status": {
"type": "integer"
},
"properties": {
"type": "text",
"index": false
},
"ranks": {
"type": "text",
"index": false
},
"remote_service_name": {
"type": "keyword"
},
"represent_service_id": {
"type": "keyword"
},
"represent_service_instance_id": {
"type": "keyword"
},
"s_num": {
"type": "long",
"index": false
},
"service": {
"type": "keyword"
},
"service_group": {
"type": "keyword"
},
"service_id": {
"type": "keyword"
},
"service_instance": {
"type": "keyword"
},
"service_instance_id": {
"type": "keyword"
},
"service_name": {
"type": "keyword"
},
"service_traffic_name": {
"type": "keyword",
"copy_to": [
"service_traffic_name_match"
]
},
"service_traffic_name_match": {
"type": "text",
"analyzer": "oap_analyzer"
},
"short_name": {
"type": "keyword"
},
"source_endpoint": {
"type": "keyword"
},
"source_process_id": {
"type": "keyword"
},
"source_service_id": {
"type": "keyword"
},
"source_service_instance_id": {
"type": "keyword"
},
"span_name": {
"type": "keyword"
},
"start_time": {
"type": "long"
},
"summation": {
"type": "long",
"index": false
},
"t_num": {
"type": "long",
"index": false
},
"tag_key": {
"type": "keyword"
},
"tag_type": {
"type": "keyword"
},
"tag_value": {
"type": "keyword"
},
"task_id": {
"type": "keyword"
},
"time_bucket": {
"type": "long"
},
"total": {
"type": "long",
"index": false
},
"total_num": {
"type": "long",
"index": false
},
"type": {
"type": "keyword"
},
"uuid": {
"type": "keyword"
},
"value": {
"type": "long"
}
}
},
"settings": {
"index": {
"routing": {
"allocation": {
"include": {
"_tier_preference": "data_content"
}
}
},
"refresh_interval": "30s",
"number_of_shards": "1",
"provided_name": "sw_metrics-all-20241125",
"creation_date": "1732464018472",
"analysis": {
"analyzer": {
"oap_analyzer": {
"type": "stop"
}
}
},
"number_of_replicas": "1",
"uuid": "WzZSWrHRSKaHFFwbm5D75A",
"version": {
"created": "7170799"
}
}
}
}
} |
字段解释
address:服务实例的网络地址
agent_id:SkyWalking Agent的唯一标识符
component_id:组件的唯一标识符
component_ids:一个包含多个组件ID的列表,用于标识服务中使用的所有组件
count:计数器,记录调用次数等
dataset:数据集的标识符,用于区分不同类型的监控数据
datatable_count、datatable_summation、datatable_value:与数据表相关的字段,用于存储汇总数据
denominator:用于计算比率的分母值
dest_endpoint:目标端点的名称,用于标识服务调用的目标
dest_process_id、dest_service_id、dest_service_instance_id:目标进程、服务和实例的唯一标识符
detect_type:检测类型的标识符
double_summation:双精度浮点数的总和
double_value:双精度浮点数值
ebpf_profiling_schedule_id:eBPF性能分析任务的标识符
end_time:事件或记录的结束时间戳
endpoint:端点的名称,用于标识服务中的特定操作
endpoint_traffic_name:端点流量的名称,用于标识端点的流量
entity_id:实体的唯一标识符,用于标识服务、端点或实例
instance_id:服务实例的唯一标识符
instance_traffic_name:服务实例流量的名称
int_value:整数值
label:用于分类或标记数据的标签
labels_json:包含多个标签的JSON字符串
last_ping:服务实例最后一次发送心跳的时间戳
last_update_time_bucket:数据最后一次更新的时间桶
layer:服务的层次或层级
match:用于匹配规则的标识符
message:与事件或日志相关的信息
metric_table:度量表的名称,用于标识特定的度量数据
name:实体、服务或端点的名称
numerator:用于计算比率的分子值
parameters:与事件或操作相关的参数
percentage:百分比值
precision:数据的精度
process_id:进程的唯一标识符
profiling_support_status:性能分析支持的状态
properties:实体的属性
ranks:排名或等级
remote_service_name:远程服务的名称
represent_service_id、represent_service_instance_id:表示服务或实例的唯一标识符
s_num:用于统计的数值
service:服务的名称
service_group:服务组的名称
service_id:服务的唯一标识符
service_instance:服务实例的名称
service_instance_id:服务实例的唯一标识符
service_name:服务的名称
service_traffic_name:服务流量的名称
short_name:实体的简称或缩写
source_endpoint:源端点的名称
source_process_id、source_service_id、source_service_instance_id:源进程、服务和实例的唯一标识符
span_name:跨度(Span)的名称,用于分布式追踪
start_time:事件或记录的开始时间戳
summation:数值的总和
t_num:用于统计的数值
tag_key、tag_type、tag_value:标签的键、类型和值
task_id:任务的唯一标识符
time_bucket:时间桶,用于数据的时序聚合
total、total_num:总数和数量
type:数据的类型
uuid:全局唯一标识符
value:度量值
sw_segment
sw_segment索引用于收集链路信息日志。在SkyWalking中,一个Segment代表一个分布式追踪的路径,它由多个Span组成,记录了一次完整的请求处理过程。这些数据对于理解服务之间的调用关系和性能特性非常重要,它们是实现分布式追踪和性能监控的基础。
sw_zipkin_span
sw_zipkin_span索引用于存储Zipkin跟踪的Span数据。SkyWalking可以作为Zipkin的替代服务器,提供高级功能,这个索引就是用来兼容Zipkin格式的追踪数据。
sw_browser_error_log
sw_browser_error_log索引用于收集浏览器日志,特别是错误日志。这些日志对于前端监控和错误分析非常有用,可以帮助开发者了解用户在使用应用时遇到的前端问题。
sw_log
sw_log索引用于收集除浏览器外的日志。这些日志可能来自于后端服务、中间件或其他系统组件,对于整体的系统监控和日志分析非常重要。
sw_continuous_profiling_policy
这个索引用于存储连续性能分析(Continuous Profiling)的策略配置。连续性能分析是SkyWalking的一个特性,它允许基于预设的策略自动触发性能分析任务。这些策略可以定义何时以及如何对特定的目标(如进程或服务)进行性能分析,以便及时发现和诊断性能问题。例如,当eBPF Agent检测到某个进程的指标符合策略规则时,它会立即触发对该进程的性能分析任务,从而减少中间步骤,加快定位性能问题的能力
sw_ui_template
sw_ui_template索引用于存储SkyWalking UI的模板配置。这些模板定义了SkyWalking UI中的仪表板和视图,包括官方提供的默认仪表板以及用户自定义的仪表板。用户可以通过这些模板来创建新的仪表板,添加新的标签/页面/小部件,并根据自己的偏好重新配置仪表板。模板支持层(Layer)和实体类型(Entity Type)的概念,这对于理解和自定义SkyWalking UI中的仪表板至关重要
查询语句整理
查询sw_metrics-all索引
1、查找特定时间范围内,与特定服务相关的服务关系指标
{
"size": 0,
"query": {
"bool": {
"must": [
{
"range": {
"time_bucket": {
"from": 202411221112,
"to": 202411221142,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
},
{
"bool": {
"should": [
{
"term": {
"source_service_id": {
"value": "c2VydmljZTo6dGVuZGF0YS1jb250YWN0LXNlcnZpY2U=.1",
"boost": 1.0
}
}
},
{
"term": {
"dest_service_id": {
"value": "c2VydmljZTo6dGVuZGF0YS1jb250YWN0LXNlcnZpY2U=.1",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
{
"term": {
"metric_table": {
"value": "service_relation_server_side",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"aggregations": {
"entity_id": {
"terms": {
"field": "entity_id",
"size": 1000,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"execution_hint": "map",
"order": [
{
"_count": "desc"
},
{
"_key": "asc"
}
],
"collect_mode": "breadth_first"
},
"aggregations": {
"component_ids": {
"terms": {
"field": "component_ids",
"size": 10,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"execution_hint": "map",
"order": [
{
"_count": "desc"
},
{
"_key": "asc"
}
],
"collect_mode": "breadth_first"
}
}
}
}
}
} |
2、对特定时间范围内的服务间关系数据进行聚合分析
{
"size": 0,
"query": {
"bool": {
"must": [
{
"range": {
"time_bucket": {
"from": 202411221112,
"to": 202411221142,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
},
{
"bool": {
"should": [
{
"term": {
"source_service_id": {
"value": "c2VydmljZTo6dGVuZGF0YS1jb250YWN0LXNlcnZpY2U=.1",
"boost": 1.0
}
}
},
{
"term": {
"dest_service_id": {
"value": "c2VydmljZTo6dGVuZGF0YS1jb250YWN0LXNlcnZpY2U=.1",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
{
"term": {
"metric_table": {
"value": "service_relation_client_side",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"aggregations": {
"entity_id": {
"terms": {
"field": "entity_id",
"size": 1000,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"execution_hint": "map",
"order": [
{
"_count": "desc"
},
{
"_key": "asc"
}
],
"collect_mode": "breadth_first"
},
"aggregations": {
"component_ids": {
"terms": {
"field": "component_ids",
"size": 10,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"execution_hint": "map",
"order": [
{
"_count": "desc"
},
{
"_key": "asc"
}
],
"collect_mode": "breadth_first"
}
}
}
}
}
} |
3、统计服务下的实例流量
{
"size": 5000,
"query": {
"bool": {
"must": [
{
"range": {
"last_ping": {
"from": 202411221112,
"to": null,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
},
{
"term": {
"service_id": {
"value": "c2VydmljZTo6dGVuZGF0YS1tZXNzYWdlLXNlcnZpY2U=.1",
"boost": 1.0
}
}
},
{
"term": {
"metric_table": {
"value": "instance_traffic",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
}
} |
4、统计服务下的端点流量
{
"size": 20,
"query": {
"bool": {
"must": [
{
"term": {
"service_id": {
"value": "c2VydmljZTo6dGVuZGF0YS1tZXNzYWdlLXNlcnZpY2U=.1",
"boost": 1.0
}
}
},
{
"term": {
"metric_table": {
"value": "endpoint_traffic",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
}
} |
5、查询标签数据
{
"query": {
"bool": {
"must": [
{
"term": {
"tag_type": {
"value": "TRACE",
"boost": 1.0
}
}
},
{
"term": {
"metric_table": {
"value": "tag_autocomplete",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"aggregations": {
"tag_key": {
"terms": {
"field": "tag_key",
"size": 100,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"order": [
{
"_count": "desc"
},
{
"_key": "asc"
}
]
}
}
}
} |
6、统计服务流量
{
"size": 5000,
"query": {
"bool": {
"must": [
{
"term": {
"layer": {
"value": 2,
"boost": 1.0
}
}
},
{
"term": {
"metric_table": {
"value": "service_traffic",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
}
} |
7、计算服务间的服务每分钟调用次数
{
"size": 0,
"query": {
"bool": {
"must": [
{
"range": {
"time_bucket": {
"from": 202411221112,
"to": 202411221142,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
},
{
"terms": {
"entity_id": [
"MTkyLjE2OC4zMC4xOjkwOTI7MTkyLjE2OC4zMC4zOjkwOTI=.1-c2VydmljZTo6dGVuZGF0YS1jb3JwLXNlcnZpY2U=.1"
],
"boost": 1.0
}
},
{
"term": {
"metric_table": {
"value": "service_relation_server_cpm",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"aggregations": {
"entity_id": {
"terms": {
"field": "entity_id",
"size": 1,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"execution_hint": "map",
"order": [
{
"_count": "desc"
},
{
"_key": "asc"
}
],
"collect_mode": "breadth_first"
},
"aggregations": {
"value": {
"avg": {
"field": "value"
}
}
}
}
}
} |
8、计算服务间的服务响应时间
{
"size": 0,
"query": {
"bool": {
"must": [
{
"range": {
"time_bucket": {
"from": 202411221112,
"to": 202411221142,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
},
{
"terms": {
"entity_id": [
"c2VydmljZTo6dGVuZGF0YS1iaXpyLXNlcnZpY2U=.1-c2VydmljZTo6dGVuZGF0YS1nbG9jby1zZXJ2aWNl.1"
],
"boost": 1.0
}
},
{
"term": {
"metric_table": {
"value": "service_relation_server_resp_time",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"aggregations": {
"entity_id": {
"terms": {
"field": "entity_id",
"size": 1,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"execution_hint": "map",
"order": [
{
"_count": "desc"
},
{
"_key": "asc"
}
],
"collect_mode": "breadth_first"
},
"aggregations": {
"value": {
"avg": {
"field": "value"
}
}
}
}
}
} |
9、计算服务间的服务客户端响应时间
{
"size": 0,
"query": {
"bool": {
"must": [
{
"range": {
"time_bucket": {
"from": 202411221112,
"to": 202411221142,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
},
{
"terms": {
"entity_id": [
"c2VydmljZTo6dGVuZGF0YS1tY3Mtc2VydmljZQ==.1-MTkyLjE2OC4zMC4xOjkwOTI7MTkyLjE2OC4zMC4zOjkwOTI=.0"
],
"boost": 1.0
}
},
{
"term": {
"metric_table": {
"value": "service_relation_client_resp_time",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"aggregations": {
"entity_id": {
"terms": {
"field": "entity_id",
"size": 1,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"execution_hint": "map",
"order": [
{
"_count": "desc"
},
{
"_key": "asc"
}
],
"collect_mode": "breadth_first"
},
"aggregations": {
"value": {
"avg": {
"field": "value"
}
}
}
}
}
} |
10、计算服务间的客户端每分钟调用次数
{
"size": 0,
"query": {
"bool": {
"must": [
{
"range": {
"time_bucket": {
"from": 202411221112,
"to": 202411221142,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
},
{
"terms": {
"entity_id": [
"c2VydmljZTo6dGVuZGF0YS10cmFuc2xhdGlvbi1zZXJ2aWNl.1-YXBpLnRyYW5zbGF0b3IuYXp1cmUuY246NDQz.1"
],
"boost": 1.0
}
},
{
"term": {
"metric_table": {
"value": "service_relation_client_cpm",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"aggregations": {
"entity_id": {
"terms": {
"field": "entity_id",
"size": 1,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"execution_hint": "map",
"order": [
{
"_count": "desc"
},
{
"_key": "asc"
}
],
"collect_mode": "breadth_first"
},
"aggregations": {
"value": {
"avg": {
"field": "value"
}
}
}
}
}
} |
11、计算服务响应时间service_resp_time
{
"size": 0,
"query": {
"bool": {
"must": [
{
"range": {
"time_bucket": {
"from": 202411221112,
"to": 202411221142,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
},
{
"terms": {
"entity_id": [
"c2VydmljZTo6dGVuZGF0YS1tY3Mtc2VydmljZQ==.1"
],
"boost": 1.0
}
},
{
"term": {
"metric_table": {
"value": "service_resp_time",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"aggregations": {
"entity_id": {
"terms": {
"field": "entity_id",
"size": 1,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"execution_hint": "map",
"order": [
{
"_count": "desc"
},
{
"_key": "asc"
}
],
"collect_mode": "breadth_first"
},
"aggregations": {
"value": {
"avg": {
"field": "value"
}
}
}
}
}
} |
12、计算服务级别协议的成功百分比service_sla
{
"size": 0,
"query": {
"bool": {
"must": [
{
"range": {
"time_bucket": {
"from": 202411221112,
"to": 202411221142,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
},
{
"terms": {
"entity_id": [
"c2VydmljZTo6dGVuZGF0YS1vcGVuYXBpLWdhdGV3YXktc2VydmljZQ==.1"
],
"boost": 1.0
}
},
{
"term": {
"metric_table": {
"value": "service_sla",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"aggregations": {
"entity_id": {
"terms": {
"field": "entity_id",
"size": 1,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"execution_hint": "map",
"order": [
{
"_count": "desc"
},
{
"_key": "asc"
}
],
"collect_mode": "breadth_first"
},
"aggregations": {
"percentage": {
"avg": {
"field": "percentage"
}
}
}
}
}
} |
13、计算服务每分钟请求数service_cpm
{
"size": 0,
"query": {
"bool": {
"must": [
{
"range": {
"time_bucket": {
"from": 202411221112,
"to": 202411221142,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
},
{
"terms": {
"entity_id": [
"c2VydmljZTo6dGVuZGF0YS1kZnMtc2VydmljZQ==.1"
],
"boost": 1.0
}
},
{
"term": {
"metric_table": {
"value": "service_cpm",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"aggregations": {
"entity_id": {
"terms": {
"field": "entity_id",
"size": 1,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"execution_hint": "map",
"order": [
{
"_count": "desc"
},
{
"_key": "asc"
}
],
"collect_mode": "breadth_first"
},
"aggregations": {
"value": {
"avg": {
"field": "value"
}
}
}
}
}
} |
14、查询网络地址别名
{
"size": 5000,
"query": {
"bool": {
"must": [
{
"term": {
"metric_table": {
"value": "network_address_alias",
"boost": 1.0
}
}
},
{
"range": {
"last_update_time_bucket": {
"from": 202411221132,
"to": null,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
}
} |
15、检索 service为service::tendata-contact-service的事件列表
{
"from": 0,
"size": 20,
"query": {
"bool": {
"must": [
{
"term": {
"metric_table": {
"value": "events",
"boost": 1.0
}
}
},
{
"term": {
"service": {
"value": "service::tendata-contact-service",
"boost": 1.0
}
}
},
{
"range": {
"start_time": {
"from": 1732245120000,
"to": null,
"include_lower": false,
"include_upper": true,
"boost": 1.0
}
}
},
{
"range": {
"end_time": {
"from": null,
"to": 1732246980000,
"include_lower": true,
"include_upper": false,
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"sort": [
{
"start_time": {
"order": "desc"
}
}
]
} |
16、分页获取特定时间段内特定服务指标数据,并按时间戳排序
{
"from": 0,
"size": 15,
"query": {
"bool": {
"must": [
{
"range": {
"time_bucket": {
"from": 20241122111200,
"to": 20241122114259,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
},
{
"term": {
"service_id": {
"value": "c2VydmljZTo6dGVuZGF0YS1tZXNzYWdlLXNlcnZpY2U=.1",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"sort": [
{
"timestamp": {
"order": "desc"
}
}
]
} |
17、根据传递的id查询端点信息
{
"size": 156,
"query": {
"ids": {
"values": [
"endpoint_traffic_c2VydmljZTo6dGVuZGF0YS1nYXRld2F5LXNlcnZpY2U=.1_L2luc2lnaHQtc2VhcmNoL3YxL3Byb2dyYW1tZXMvMjkyNTcvbWFya2V0LWNvdW50ZXJwYXJ0eS1hcmVh",
"endpoint_traffic_c2VydmljZTo6dGVuZGF0YS1nYXRld2F5LXNlcnZpY2U=.1_L2NvcnAvdjIvY29tcGFuaWVzLzEwYzdkMWVjYTY4NTE0NDQ1NzQ5OWVkZTJkZTQxY2I1L3JlZnJlc2gvcmVzdWx0"
],
"boost": 1.0
}
}
} |
18、查询某个服务的每分钟请求次数最多的10个接口
{
"query": {
"bool": {
"must": [
{
"term": {
"metric_table": {
"value": "endpoint_cpm",
"boost": 1.0
}
}
},
{
"terms": {
"service_id": [
"c2VydmljZTo6dGVuZGF0YS1jb250YWN0LXNlcnZpY2U=.1"
],
"boost": 1.0
}
},
{
"range": {
"time_bucket": {
"from": 202411221112,
"to": 202411221142,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"aggregations": {
"entity_id": {
"terms": {
"field": "entity_id",
"size": 10,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"execution_hint": "map",
"order": [
{
"value": "desc"
},
{
"_key": "asc"
}
],
"collect_mode": "breadth_first"
},
"aggregations": {
"value": {
"avg": {
"field": "value"
}
}
}
}
}
} |
19、查询某个服务的响应时间最大的10个接口
{
"query": {
"bool": {
"must": [
{
"term": {
"metric_table": {
"value": "endpoint_resp_time",
"boost": 1.0
}
}
},
{
"terms": {
"service_id": [
"c2VydmljZTo6dGVuZGF0YS1jb250YWN0LXNlcnZpY2U=.1"
],
"boost": 1.0
}
},
{
"range": {
"time_bucket": {
"from": 202411221112,
"to": 202411221142,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"aggregations": {
"entity_id": {
"terms": {
"field": "entity_id",
"size": 10,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"execution_hint": "map",
"order": [
{
"value": "desc"
},
{
"_key": "asc"
}
],
"collect_mode": "breadth_first"
},
"aggregations": {
"value": {
"avg": {
"field": "value"
}
}
}
}
}
} |
20、查询某个服务的指定时间范围内成功率最小的10个接口
{
"query": {
"bool": {
"must": [
{
"term": {
"metric_table": {
"value": "endpoint_sla",
"boost": 1.0
}
}
},
{
"terms": {
"service_id": [
"c2VydmljZTo6dGVuZGF0YS1jb250YWN0LXNlcnZpY2U=.1"
],
"boost": 1.0
}
},
{
"range": {
"time_bucket": {
"from": 202411221112,
"to": 202411221142,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"aggregations": {
"entity_id": {
"terms": {
"field": "entity_id",
"size": 10,
"min_doc_count": 1,
"shard_min_doc_count": 0,
"show_term_doc_count_error": false,
"execution_hint": "map",
"order": [
{
"percentage": "asc"
},
{
"_key": "asc"
}
],
"collect_mode": "breadth_first"
},
"aggregations": {
"percentage": {
"avg": {
"field": "percentage"
}
}
}
}
}
} |
21、查询标签信息
{
"size": 12,
"query": {
"ids": {
"values": [
"tag_autocomplete_20241122_TRACE_db.instance_[im_moldova-2024, im_moldova-2022, im_moldova-2023, im_moldova-2021]",
"tag_autocomplete_20241122_TRACE_db.instance_[a04b2a53a6d946ad9fe525cd1ab2646a_alias]",
"tag_autocomplete_20241122_TRACE_db.instance_[im_maritime_silk_bol-2022, im_maritime_silk_bol-2023, im_maritime_silk_bol-2021, im_maritime_silk_bol-2024]"
],
"boost": 1.0
}
}
} |
查询sw_records-all索引
1、查询优化任务列表
{
"size": 200,
"query": {
"bool": {
"must": [
{
"term": {
"record_table": {
"value": "profile_task",
"boost": 1.0
}
}
},
{
"range": {
"time_bucket": {
"from": 202411221137,
"to": null,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
},
{
"range": {
"time_bucket": {
"from": null,
"to": 202411221147,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"sort": [
{
"start_time": {
"order": "desc"
}
}
]
} |
2、查询sw_records-all与特定跨度(Span)关联的事件记录
{
"size": 100,
"query": {
"bool": {
"must": [
{
"term": {
"record_table": {
"value": "span_attached_event_record",
"boost": 1.0
}
}
},
{
"terms": {
"related_trace_id": [
"ab80cf2b85fa4f3e9baabd114f3b909e.98.17322469467401053"
],
"boost": 1.0
}
},
{
"terms": {
"trace_ref_type": [
0
],
"boost": 1.0
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"sort": [
{
"start_time_second": {
"order": "asc"
}
},
{
"start_time_nanos": {
"order": "asc"
}
}
]
} |
3、检索ebpf优化任务
{
"size": 200,
"query": {
"bool": {
"must": [
{
"term": {
"record_table": {
"value": "ebpf_profiling_task",
"boost": 1.0
}
}
},
{
"term": {
"service_id": {
"value": "c2VydmljZTo6dGVuZGF0YS1jb250YWN0LXNlcnZpY2U=.1",
"boost": 1.0
}
}
},
{
"terms": {
"target_type": [
1,
2
],
"boost": 1.0
}
},
{
"term": {
"trigger_type": {
"value": 1,
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"sort": [
{
"create_time": {
"order": "desc"
}
}
]
} |
4、查询性能任务日志
{
"size": 10000,
"query": {
"bool": {
"must": [
{
"term": {
"record_table": {
"value": "profile_task_log",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"sort": [
{
"operation_time": {
"order": "desc"
}
}
]
} |
查询sw_segment索引
1、查询某个服务的流量
{
"size": 1,
"query": {
"ids": {
"values": [
"service_traffic_MTkyLjE2OC4xMS4xMDo1Njcy.15"
],
"boost": 1.0
}
}
} |
2、查询某个调用链信息
{
"size": 200,
"query": {
"term": {
"trace_id": {
"value": "ab80cf2b85fa4f3e9baabd114f3b909e.98.17322469467401053",
"boost": 1.0
}
}
}
} |
3、分页获取特定时间段内特定服务调用数据,并按开始时间排序
{
"from": 0,
"size": 20,
"query": {
"bool": {
"must": [
{
"range": {
"time_bucket": {
"from": 20241122111200,
"to": 20241122114259,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
},
{
"term": {
"service_id": {
"value": "c2VydmljZTo6dGVuZGF0YS1jb250YWN0LXNlcnZpY2U=.1",
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"sort": [
{
"start_time": {
"order": "desc"
}
}
]
}
|