Replace alert workflow status filter with status filter (#1723)

* update screenshot, remove references to changing workflow status * mention using buttons to filter by alert status * add definitions of active and recovered
elastic · Mar 30, 2022 · 71779aa · 71779aa
1 parent 87b4fd7
commit 71779aa
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 17 deletions.
diff --git a/docs/en/observability/images/alerts-page.png b/docs/en/observability/images/alerts-page.png
diff --git a/docs/en/observability/view-observability-alerts.asciidoc b/docs/en/observability/view-observability-alerts.asciidoc
@@ -28,8 +28,7 @@ The Alerts page lists all the alerts that have met a condition defined by a rule
 Metrics, Uptime, or APM apps.
 
 After alerts have been triggered, you can monitor their activity to verify they are functioning correctly.
-In addition, you can filter alerts, update their workflow status, and troubleshoot each alert in their
-respective app.
+In addition, you can filter alerts and troubleshoot each alert in their respective app.
 
 You can also add alerts to <<create-cases,Cases>> to open and track potential infrastructure issues.
 
@@ -46,37 +45,29 @@ image::images/alerts-page.png[Alerts page]
 == Filter alerts
 
 To help you get started with your analysis faster, use the KQL bar to create structured queries using
-{kibana-ref}/kuery-query.html[Kibana Query Language]. For example, `kibana.alert.status: "recovered"`.
+{kibana-ref}/kuery-query.html[Kibana Query Language]. For example, `kibana.alert.rule.name : <>`.
 
-You can also use the time filter to define a specific date and time range. By default, this filter is set to search
+You can use the time filter to define a specific date and time range. By default, this filter is set to search
 for the last 15 minutes.
 
-To view alerts that you have already taken action on, select either the *Acknowledged* or *Closed* tabs.
+You can also filter by alert status using the buttons below the KQL bar.
+By default, this filter is set to *Show all* alerts, but you can filter to show only *Active* or *Recovered* alerts.
+An alert is "Active" when the condition defined in the rule currently matches,
+and an alert has "Recovered" when that condition, which previously matched, is currently no longer matching.
 
 [discrete]
 [[view--alert-details]]
 == View alert details
 
 When you have searched and filtered for a specific alert, you may want to inspect the alert details.
-From the Alerts table, select image:images/flyout-icon.png[View details] to view additional information summarising the alert.
+From the Alerts table, select image:images/flyout-icon.png[View details] to view additional information summarizing the alert.
 
 You can find the current status of the alert, along with its duration, and when it was last
 updated. To help you determine what caused the alert, you can view the expected and actual
 threshold values, and the rule that produced the alert.
 
 To view the alert in the specific app it was initially created from, select image:images/app-link-icon.png[Link to app icon]. 
 
-[discrete]
-[[action-observability-alerts]]
-== Take action on alerts
-
-From the Alerts table, you can set the current workflow status of each alert or multiple alerts. By default,
-the Alerts table displays open alerts.
-
-Under Actions, select image:images/action-dropdown.png[Action dropdown menu] to change the
-status to *Acknowledged*, indicate that the alert is under active investigation or *Closed*, and show it has now
-been resolved.
-
 [discrete]
 [[cases-observability-alerts]]
 == Add alerts to cases