BigPanda & Selector AI

Hello Team,

Can you help to understand how we can integrate BigPanda (acting as Event correlation Engine) & Selector AI (acting as Network Telemetry aggregator) with Grafana Cloud as we are doing a testing in trial version and didnt saw any native plugins available though Infinity Data Source plugin is there for API endpoints. If that’s the option can you share any KB link here if not then what’s the best possible method available to solve this integration for onboarding these Tools for Data visualization aspects over Grafana cloud.

Thank you.

Please share a sample json data from each and how they might be related if they are related?

Are you trying to merge these 2 disparate data points into one dashboard?

Hello @yosiasz Thank you for writing us back !

We are not merging but planning to build a unified dashboard from these 2 tools for correlation aspects like if Network Anomaly is there at selector AI end does BigPanda created an INC for that so and so forth. Hope that clears a bit here. We dont have sample JSON but both the tools

Sample JSON for BigPanda INC API v2

{
“data”: [
{
“id”: “60a7e841f3e7a32c253b2f5c”,
“created_at”: 1621644353,
“updated_at”: 1621644358,
“summary”: “Multiple ‘CPU overloaded’ alerts on ‘production-database-1’”,
“status”: “critical”,
“severity”: “critical”,
“active”: true,
“flapping”: false,
“shared”: false,
“environment_id”: “60a7e841f3e7a32c253b2f5a”,
“tags”: {
“priority”: “P1”,
“service”: “Billing”
},
“alerts”: \[
“60a7e841f3e7a32c253b2f5d”,
“60a7e841f3e7a32c253b2f5e”
\],
“alerts_count”: 2,
“latest_comment”: {
“text”: “Investigating high CPU load.”,
“user”: {
“id”: “user-123”,
“username”: “john.doe”
},
“timestamp”: 1621644358
},
“snooze”: {
“snoozed”: false
}
}
\],
“metadata”: {
“page”: 1,
“per_page”: 20,
“total_count”: 1
}
}

Sample JSON for Selector AI from its respective API endpoint:

{
“query_metadata”: {
“s2ql_query”: “device where device_role contains ‘Uplink’ and device_name contains ‘router one’”,
“execution_time_ms”: 150
},
“results”: \[
{
“device_id”: “rtr-001”,
“device_name”: “router one”,
“device_role”: “Uplink”,
“status”: “Online”,
“interface_count”: 48
},
{
“device_id”: “rtr-002”,
“device_name”: “router one”,
“device_role”: “Uplink”,
“status”: “Online”,
“interface_count”: 32
},
{
“device_id”: “rtr-003”,
“device_name”: “router one”,
“device_role”: “Uplink”,
“status”: “Online”,
“interface_count”: 64
}
]
}

Which data points do you want to visualize and into what kind of visualization

These are sample but we are keenly looking for an key attribute naming servicenow_url to show INC link (Over a table along with correlated Problem data from Dynatrace and Stat panel to show how many active Problems and How many INC are there) and these keys too “created_at”:
“updated_at”:
“summary”:
“status”:
“severity”:

And from Selector AI side we are willing to show Network device health state and their perf data (Stat/Gauge & TimeSeries or Tabular Visulization rest can be explored fruther )

BigPanda offers ETL sync, so implement it - load that data into your favourite SQL database, which is also supported by Grafana Cloud. Then you can query that data with mature SQL and correlate it with other datasources eventually, e.g.:

SELECT 
  t.value AS service,
  COUNT(t.incident_id) AS alert_count
FROM entities e
  LEFT OUTER JOIN incidents i ON i.incident_id = e.incident_id
  LEFT OUTER JOIN tags t ON t.incident_id = e.incident_id
WHERE $__unixEpochFilter(i.maintime)
  AND e.source_system IN ('system1', 'system2')
  AND t.key = 'service'
GROUP BY t.value
ORDER BY alert_count DESC;

Thank you @jangaraj for the insights here.
But we don’t want to Build separate data store via ETL , we are looking to use Infinity or other parallel plugin which supports REST API responses and its transformations.

Thanks you !

your best option is infinity as you said, there are plenty of examples in the docu you can peruse. you can then use jsonata or jq to parse and extract what you need from the json payload coming back

for ex

https://try.jsonata.org/as4OZy1go

Sure @yosiasz will try it out and keep community posted what we achieved so far and how, indeed you guys are well in that space but just for reference and further improvisations.

Thanks again !