Event Processing
The Event Processing Dashboard in Unified Analytics provides visibility into your configurations in BigPanda.
Limited Availability
This feature is available in a limited release. If you are interested in enabling this functionality for your organization, contact your BigPanda account team.
The Event Processing Dashboard provides early insight into the success of your BigPanda configurations, even if you just recently started using the platform. The dashboard shows metrics on your top source systems, and gives you visibility on how your integrations are performing.
The dashboard can be used as a tool to see the types of events that are currently being processed by BigPanda and determine ways to reduce the volume of events to help minimize costs. You can also see events that were not processed correctly, allowing you to fix issues in your integration settings and increase efficiency.
Unified Analytics Required
This feature is only available for organizations leveraging Unified Analytics. If you'd like to learn how to move to Unified Analytics, reach out to us at [email protected].
Key Features
- Obtain onboarding success metrics quickly after configuration.
- View details on integrations monitored by BigPanda.
- Follow the events to incident creation flow from end to end.
- Analyze the types of events processed by BigPanda, and find events that were not processed correctly.
Event Processing
The Event Processing dashboard displays information on how well BigPanda is performing.
Event Processing Dashboard
Data Update Delay
The data in the Event Processing Dashboard widgets has up to a 24 hour delay.
The following widgets are available in the Event Processing dashboard:
| Widget | Description |
|---|---|
| Deduplication | In BigPanda, events are grouped into alerts based on matching properties. This widget shows the percent of redundant events from monitoring tools that are deduplicated into alerts in BigPanda. |
| Compression | Displays the end-to-end noise reduction rate. This widget shows the percent of processed events formed into incidents. |
| Event to Incidents Creation | A sankey diagram displaying the flow of an event and the steps BigPanda takes to minimize noise. The diagram displays the following steps during the incident creation process: Ingestion - The number of events that were ingested from the top source systems. Deduplicated Events - Events that were removed as precise duplicates. Filtered-Out Events - Unactionable events that were filtered out using alert filtering. Post-Dedupe Events - The number of events that exist after deduplication and filtering have been taken into account. Alerts - The number of formed alerts. The number of alerts is generally lower than the number of post-dedupe events because the alert creation process includes the aggregation of update events into single alerts. Incidents - The number of formed incidents. Incident Classification - The number of incidents that were grouped into each environment. For more information about this process, see the Events to Incidents Lifecycle documentation. |
| Dedup Events by Top 5 Source Systems | The number of events deduplicated from the top 5 source systems, over time. |
| Filtered Events by Top 5 Source Systems | The number of events filtered from the top 5 source systems, over time. If you are not using Alert Filtering, this widget will show no results. |
Recommendations for Improvement
The following widgets display areas that may require troubleshooting:
| Widget | Description |
|---|---|
| # Validation Errors | The number and percent of events ingested into BigPanda that were not processed due to errors. |
| # Non-Correlated Incidents | The number and percent of incidents in BigPanda that did not have alerts correlated. These incidents only contain one alert. |
| Validation Errors by Source System | Displays the number of errored events, broken down by source system. |
| Non-Correlated Incidents by Source System | Displays the number of incidents in BigPanda that did not have alerts correlated, broken down by source system. These incidents contain only one alert. |
Filters
The Event Processing dashboard allows you to filter by Organization, Source System, Environments, or Dates.
When filtering by Environment, only events that were grouped into a specific environment will appear in the widgets, rather than all events that enter BigPanda.
Learn more about using filters and widget options in the Filter Dashboards documentation.
Updated 15 days ago