Alerting user interface documentation and guide #60256
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
peterschretlen
changed the title
added 7 commits
March 19, 2020 15:14
peterschretlen
added
v7.7.0
v8.0.0
Team:ResponseOps
|
Pinging @elastic/kibana-alerting-services (Team:Alerting Services) |
peterschretlen
added
the
release_note:skip
mikecote
approved these changes
Mar 26, 2020
added 2 commits
March 26, 2020 09:49
|
@peterschretlen I can review the docs. |
KOTungseth
reviewed
Mar 26, 2020
| @@ -0,0 +1,34 @@ | |||
| [role="xpack"] | |||
| [[alert-details]] | |||
| === Alert Details | |||
| [role="screenshot"] | ||
| image::images/alerts-details-instances-active.png[Alert details page with three alert instances] | ||
|
|
||
| In the example above, an alert detects when a site serves more than a threshold number of bytes in a 24 hour period. The *alert details* view show that three sites are above the threshold. These are called *alert instances* - occurrences of the condition being detected - and the instance name, status, time of detection, and duration of the condition are shown in this view. |
There was a problem hiding this comment.
To meet accessibility standards, we are removing all instances of above from the docs. I would change this first sentence to:
Alerts detect when a site...
| [role="screenshot"] | ||
| image::images/alerts-details-instances-active.png[Alert details page with three alert instances] | ||
|
|
||
| In the example above, an alert detects when a site serves more than a threshold number of bytes in a 24 hour period. The *alert details* view show that three sites are above the threshold. These are called *alert instances* - occurrences of the condition being detected - and the instance name, status, time of detection, and duration of the condition are shown in this view. |
There was a problem hiding this comment.
Since users are already on the Alert details page, I would change the second sentence to:
In this example, three sites are above the threshold.
| [role="screenshot"] | ||
| image::images/alerts-details-instances-active.png[Alert details page with three alert instances] | ||
|
|
||
| In the example above, an alert detects when a site serves more than a threshold number of bytes in a 24 hour period. The *alert details* view show that three sites are above the threshold. These are called *alert instances* - occurrences of the condition being detected - and the instance name, status, time of detection, and duration of the condition are shown in this view. |
There was a problem hiding this comment.
*alert instances* > alert instances
| [role="screenshot"] | ||
| image::images/alerts-details-instance-muting.png[Muting an alert instance] | ||
|
|
||
| Alert instances will come and go from the list depending on whether they meet the alert conditions or not - unless they are muted. If a muted instance no longer meets the alert conditions, it will appear as "inactive" in the list. This prevents an instance from triggering actions if it reappears in the future. |
|
|
||
| {kib} alerting run both alert checks and actions as persistent background tasks. This has two major benefits: | ||
|
|
||
| * *Persistence*: all task state and scheduling is stored in elasticsearch, so if {kib} is restarted, alerts and actions will pick up where they left off. |
|
|
||
| {kib} background tasks are managed by: | ||
|
|
||
| . polling an {es} task index for overdue tasks at 3 second intervals. |
| [float] | ||
| === Running background alert checks and actions | ||
|
|
||
| {kib} background tasks are managed by: |
There was a problem hiding this comment.
This should be a bulleted list instead of a numbered list.
| {kib} background tasks are managed by: | ||
|
|
||
| . polling an {es} task index for overdue tasks at 3 second intervals. | ||
| . tasks are then claiming them by updating them in the {es} index, using optimistic concurrency control to prevent conflicts. Each {kib} instance can run a maximum of 10 concurrent tasks, so a maximum of 10 tasks are claimed each interval. |
|
|
||
| . polling an {es} task index for overdue tasks at 3 second intervals. | ||
| . tasks are then claiming them by updating them in the {es} index, using optimistic concurrency control to prevent conflicts. Each {kib} instance can run a maximum of 10 concurrent tasks, so a maximum of 10 tasks are claimed each interval. | ||
| . tasks are run on the {kib} server. |
|
@KOTungseth thank you for reviewing, I've made those updates. I think that should be good in terms of review, @mikecote has reviewed the content. I do expect there may be some follow-up work to update things like screenshots as there a few bugs being fixed, but I think we'll open separate PRs for those. |
This was referenced Mar 27, 2020
peterschretlen
pushed a commit
to peterschretlen/kibana
that referenced
this pull request
Mar 27, 2020
peterschretlen
pushed a commit
to peterschretlen/kibana
that referenced
this pull request
Mar 27, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Fixes #54986 adding the following sections to the Kibana guide:
Because we may change our API signatures in 7.8, I have left out API documentation for now.
Checklist