When configuring a KPI in ITSI, it's important to understand the difference between the Entity Split Field and the Entity Filter Field.
The Entity Split Field determines how your KPI data is grouped. For example, you might calculate CPU utilization per host or per VM. Whatever field you choose becomes the entity that the KPI is measured against.
The Entity Filter Field serves a different purpose: it's how ITSI matches KPI results to the entities attached to a service. This is where many configurations fail.
The key rule is simple: The Entity Split Field can be anything, but the Entity Filter Field must contain the same field values under the same field name in both your KPI search results and your defined entities.
If they don't match, ITSI can't connect the KPI data to the service entities. The KPI may return data, but it won't be able to associate that data with your service entities.
You can even split a KPI by a field that isn't a defined ITSI entity, such as vm_name, while filtering by a host field that matches your service entities. In that case, ITSI creates pseudo-entities for the VMs while still limiting results to entities that belong to the service.
If you're ever unsure whether the matching is configured correctly, use Generate Search. “I encourage you to use the Generate Search option to see exactly what ITSI is running in order to populate you KPI. It can tell you instantly whether you’ve set this up correctly. (You may have noticed ITSI can take a few minutes to present you with pretty colours in the Service Analyzer, even when you’ve done everything right.)”