{ "name": "Fastly Logs Monitoring", "description": "For Logentries account subscribers", "searches": [ { "name": "Device Detection", "description": "Detection of different devices used for requests", "query": "where(devicetype) groupby(devicetype)" }, { "name": "Unique IP count", "description": "Count of unique IPs", "query": "where(client_ip) calculate(UNIQUE:client_ip)" }, { "name": "Requests by country", "description": "Requests sorted by country", "query": "where(country) groupby(country) calculate(COUNT)" }, { "name": "Fastly Datacenters", "description": "Requests by Fastly datacenters", "query": "where(POP) groupby(POP) calculate(COUNT)" }, { "name": "Requests by region", "description": "Requests by regions of the world", "query": "where(region) groupby(region) calculate(COUNT)" }, { "name": "Requests by country code", "description": "Requests by country code", "query": "where(country_code) groupby(country_code) calculate(COUNT)" }, { "name": "Requests by country name", "description": "Requests by country name", "query": "where(country_name) groupby(country_name) calculate(COUNT)" }, { "name": "Status codes", "description": "Status codes received", "query": "where(status) groupby(status)" }, { "name": "Hits over time", "description": "Number of hits over time", "query": "where(numberOfHits) calculate(SUM:numberOfHits)" }, { "name": "Average Request Size", "description": "Average Request Size", "query": "where(size>=0 AND size) calculate(AVERAGE:size)" }, { "name": "Total Downloaded", "description": "Total Data Downloaded", "query": "where(size) calculate(SUM:size)" } ], "tags": [ { "type": "Alert", "name": "404 - Not Found", "description": "404 Error", "labels": [ { "name": "404 - Not Found", "color": "FF0000" } ], "patterns": [ "status=404" ], "actions": [{ "type": "Alert", "min_matches_count": 5, "min_matches_period": "Day", "min_report_count": 1, "min_report_period": "Day" } ]}, { "type": "Alert", "name": "Desktop Device", "description": "Desktop Device Recognized", "labels": [ { "name": "Desktop Device", "color": "3366FF" } ], "patterns": [ "desktop" ], "actions": [{ "type": "Alert", "min_matches_count": 0, "min_matches_period": "Day", "min_report_count": 0, "min_report_period": "Day" } ]}, { "type": "Alert", "name": "Mobile Device", "description": "Mobile Device Recognized", "labels": [ { "name": "Mobile Device", "color": "00CC99" } ], "patterns": [ "iPad","iPhone","Android" ], "actions": [{ "type": "Alert", "min_matches_count": 0, "min_matches_period": "Day", "min_report_count": 0, "min_report_period": "Day" } ]}, { "type": "Alert", "name": "OK Pass", "description": "Correct Pass", "labels": [ { "name": "200-OK", "color": "33CC33" } ], "patterns": [ "status=200" ], "actions": [{ "type": "Alert", "min_matches_count": 0, "min_matches_period": "Day", "min_report_count": 0, "min_report_period": "Day" } ]}, { "type": "AlertNotify", "sub_type": "InactivityAlert", "name": "24h inactivity", "description": "Application Not Accessed for 24h", "patterns": [ "status=200" ], "timeframe_value": 24, "timeframe_period": "Hour", "actions": [{ "type": "Alert", "min_report_count": 1, "min_report_period": "Day" } ]} ], "widgets": [ { "name": "Device Detection", "description": "Detection of different devices used for requests", "search_name":"Device Detection", "show_tooltip": true, "type": "PieChart" }, { "name": "Unique IP count", "description": "Count of unique IPs", "search_name":"Unique IP count", "show_tooltip": true, "type": "Count" }, { "name": "Requests by country", "description": "Requests sorted by country", "search_name":"Requests by country", "show_tooltip": true, "type": "PieChart" }, { "name": "Status codes received", "description": "Status codes received", "search_name":"Status codes", "show_tooltip": true, "type": "BarChart" }, { "name": "Requests by Fastly datacenters", "description": "Requests by Fastly datacenters", "search_name":"Fastly Datacenters", "show_tooltip": true, "type": "BarChart" }, { "name": "Number of hits over time", "description": "Number of hits over time", "search_name":"Hits over time", "show_tooltip": true, "type": "TimelineLineChart" }, { "name": "Average Request Size", "description": "Average Request Size", "search_name":"Average Request Size", "show_tooltip": true, "type": "TimelineLineChart" }, { "name": "Total Downloaded", "description": "Total Data Downloaded", "search_name":"Total Downloaded", "show_tooltip": true, "type": "TimelineLineChart" } ], "cards": [ { "name": "Device Detection", "description": "Detection of different devices used for requests", "queries": [{ "leql" : { "statement": "where(devicetype) groupby(devicetype)"}}], "visualization": "PIE" }, { "name": "Unique IP count", "description": "Count of unique IPs", "queries": [{ "leql" : { "statement": "where(client_ip) calculate(UNIQUE:client_ip)"}}], "visualization": "COUNT" }, { "name": "Requests by country", "description": "Requests sorted by country", "queries": [{ "leql" : { "statement": "where(country) groupby(country) calculate(COUNT)"}}], "visualization": "PIE" }, { "name": "Status codes received", "description": "Status codes received", "queries": [{ "leql" : { "statement": "where(status) groupby(status)"}}], "visualization": "BAR" }, { "name": "Requests by Fastly datacenters", "description": "Requests by Fastly datacenters", "queries": [{ "leql" : { "statement": "where(POP) groupby(POP) calculate(COUNT)"}}], "visualization": "BAR" }, { "name": "Number of hits over time", "description": "Number of hits over time", "queries": [{ "leql" : { "statement": "where(numberOfHits) calculate(SUM:numberOfHits)"}}], "visualization": "LINE" }, { "name": "Average Request Size", "description": "Average Request Size", "queries": [{ "leql" : { "statement": "where(size>=0 AND size) calculate(AVERAGE:size)"}}], "visualization": "LINE" }, { "name": "Total Downloaded", "description": "Total Data Downloaded", "queries": [{ "leql" : { "statement": "where(size) calculate(SUM:size)"}}], "visualization": "LINE" } ] }