Creating Playbook

How do Playbooks work?

Playbooks is a sequence of investigation steps defined to enable accelerated diagnosis incase the same strategy needs to be executed again.

Every playbook has the following fields:

  1. Playbook Title: Name of the playbook.
  2. Global Variables: Variables that can be defined for usage across the playbook.
  3. Time Range: A global time range for usage across all queries in your playbook.
  4. Investigation steps: An investigation step is a component that defines what is to be checked.

A step can further be broken down into the following fields:

  1. Title: Name of the Step
  2. Query: Definition of a metric/log/db query that needs to be run on a specific integration. The permitted outputs currently include:
    1. Line graph with one or multiple series.
    2. Tabular information.
    3. Strings.
  3. Notes: Description of why that step is being taken, how to interpret data from that step or any additional information to assist the user.
  4. External Links: Any 3rd party links that can be relevant in context of the step.
  5. Output: The result of execution of "Query".
  6. Step Variables: In case you are using Grafana+Prometheus integration, any variable defined in your metric_query using $var_name will be accessible in the step with a dropdown.

A query can further be broken down into the following fields basis different tools:

  1. AWS Log Insights Query:
    1. source: Cloudwatch Logs Dropdown
    2. region: AWS region Dropdown
    3. log_group: Relevant log group to search Dropdown
    4. query: Log Insights syntax compatible query to be passed string
  2. AWS Cloudwatch Metrics Query:
    1. source: Cloudwatch Metrics Dropdown
    2. Namespace: AWS offering who's metric needs to be checked Dropdown
    3. Region: AWS region Dropdown
    4. Dimension: Combination of Dimension-Name: Dimension-Value that a user wants to check metric against Dropdown
    5. Metric: Metric to be queries for the dimensions within the namespace Dropdown
  3. Grafana + PromQL:
    1. source: Grafana Promql Dropdown
    2. Dashboard name: Name of Dashboard from Grafana Dropdown
    3. Panel name: Name of panel from Grafana Dropdown
    4. Query: Query from within the panel that is to be plotted Dropdown
    5. Variables: List of possible variable values for var_name in case $var_name exists within the Query. Dropdown [Optional]
    6. Custom Query: String access to the query in case user wants to make minor tweak (Cannot add $var_name) String
  4. ClickhouseDB:
    1. source: Database Clickhouse
    2. DB name: default
    3. Query: Define query to run on CH DatabaseString
  5. Datadog:
    1. source: Datadog Service
    2. Select a service in Datadog
    3. Select a group of metrics related to that service
    4. Select final metric to be run