Beats: Metricbeat fstat on Windows always shows zero values
I'm running metricbeat on a bunch of Windows servers as a test, and I am seeing ES records for each drive on the server, but the values are always zero.
"system": {
"diskio": {
"io": {
"time": 0
},
"name": "E:",
"read": {
"bytes": 0,
"count": 0,
"time": 0
},
"write": {
"bytes": 0,
"count": 0,
"time": 0
}
}
}
I am using metricbeat version 5.0.0-rc1 (amd64), libbeat 5.0.0-rc1.
Cylindric
All 16 comments
Is this for all drives? Or is it only for E:\? Is E:\ a CD-ROM? Are there any errors/warnings in Metricbeat log? What version of Windows are you running?
andrewkroh
on 25 Oct 2016
Can confirm this behavior on all drives. I get the bytes (_system.diskio.write.bytes_ and _system.diskio.read.bytes_) but no times, ever.
Beats are running on several Windows Server 2008 SP1 and 2012 R2 machines. Same behavior with both version 5.3.0 and 5.4.0. No errors in the metricbeat log, and nothing obvious in the elasticsearch log either.
stefanes
on 9 May 2017
@ruflin any status on this? we have a case where write.bytes is always > 0 but read.bytes is always = 0.
Appreciate your input on this, thanks in advance
consulthys
on 21 Sep 2018
@consulthys I don't think any changes happened here. Any errors in the logs? Which Metricbeat version?
ruflin
on 24 Sep 2018
@ruflin no errors in the logs, read.bytes is simply always 0, which is weird. I'm using Metricbeat 6.4.0
consulthys
on 24 Sep 2018
Same issue here
wheelq
on 15 Oct 2018
@wheelq with what version of metricbeat and windows?
jsoriano
on 29 Oct 2018
latest :)
wheelq
on 29 Oct 2018
We take these values directly from Win32_PerfFormattedData_PerfDisk_LogicalDisk class. I have found some reports of people with the same problem, zero values when querying this class. We'd need to investigate it further to see if we can find some workaround.
jsoriano
on 30 Oct 2018
Ok. What would you like me to provide you in order to investigate
wheelq
on 30 Oct 2018
I also facing this issue, currently I using metricbeat latest 6 version with ES 5.6
bebeo92
on 29 Mar 2019
@andrewkroh Is there any progress, this bug seem to be report so longggggggggggggggggggggggggggggggggggggggggggggggg
bebeo92
on 29 Mar 2019
@bebeo92, I suspect you might be hitting the file system cache in this case (https://docs.microsoft.com/en-us/windows/desktop/fileio/file-caching).
To rule this out (as I have encountered the same situation while reproducing), I suggest running any benchmark/performance monitoring tool (ex CrystalDiskMark) which will read/write directly on disk while you are collecting these metrics.
Keen to hear if the read/write values have increased and any additional details on your environment are more than welcome (os, type of disks, etc.)
narph
on 1 Apr 2019
Replaced the current WMI query to get the system/diskio metrics for Windows
(SELECT * FROM Win32_PerfFormattedData_PerfDisk_LogicalDisk)
with DeviceIOControl Win32 API method using IOCTL_DISK_PERFORMANCE control code.
PR https://github.com/elastic/beats/pull/11635
Should reflect the rawinstead of the precalculatedperformance data from the counters that monitor logical partitions of a hard or fixed disk drive.
narph
on 26 Apr 2019
@andrewkroh sorry for late reply. I'm busy with other works
Currently I have 3 machine
1 have 16 core 32gb ram 1 ssd for os , 1 hdd
1 have 16 core 8gb ram 1 ssd for os
1 have 4 core 8gb ram 1 ssd for os , 1 hdd
All running on win 10
bebeo92
on 29 Apr 2019
I saw there is a bug fix for it
One thing I forget to mention currently I using ES 5.x. I will try to test new package if it compatible with ES 5.x
bebeo92
on 29 Apr 2019
Related issues
ycombinator
路
3Comments
nicpenning
路
3Comments
TomaszKlosinski
路
3Comments
geekpete
路
3Comments
exekias
路
3Comments
Most helpful comment
We take these values directly from
Win32_PerfFormattedData_PerfDisk_LogicalDiskclass. I have found some reports of people with the same problem, zero values when querying this class. We'd need to investigate it further to see if we can find some workaround.