Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DOCS] Add Kibana alerts to Stack Monitoring #73762

Merged
merged 10 commits into from
Aug 5, 2020
Merged

[DOCS] Add Kibana alerts to Stack Monitoring #73762

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
ec5bda2
[DOCS] Add Kibana alerts to Stack Monitoring
lcawl Jul 30, 2020
4119a40
[DOCS] Adds shared attributes
lcawl Jul 30, 2020
c22f3cf
[DOCS] Fixes typos
lcawl Jul 30, 2020
c77ac40
[DOCS] Adds screenshot
lcawl Jul 31, 2020
e6ea7fd
[DOCS] Adds screenshot role
lcawl Jul 31, 2020
b5de9ee
Update docs/user/monitoring/kibana-alerts.asciidoc
lcawl Aug 4, 2020
a30f422
Update docs/user/monitoring/kibana-alerts.asciidoc
lcawl Aug 4, 2020
81160ae
Update docs/user/monitoring/kibana-alerts.asciidoc
lcawl Aug 4, 2020
9cb9b3b
[DOCS] Addresses feedback
lcawl Aug 4, 2020
6123e39
[DOCS] Addresses more feedback
lcawl Aug 5, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added docs/user/monitoring/images/monitoring-kibana-alerts.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
1 change: 1 addition & 0 deletions docs/user/monitoring/index.asciidoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ include::xpack-monitoring.asciidoc[]
include::beats-details.asciidoc[leveloffset=+1]
include::cluster-alerts.asciidoc[leveloffset=+1]
include::elasticsearch-details.asciidoc[leveloffset=+1]
include::kibana-alerts.asciidoc[leveloffset=+1]
include::kibana-details.asciidoc[leveloffset=+1]
include::logstash-details.asciidoc[leveloffset=+1]
include::monitoring-troubleshooting.asciidoc[leveloffset=+1]
37 changes: 37 additions & 0 deletions docs/user/monitoring/kibana-alerts.asciidoc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
[role="xpack"]
[[kibana-alerts]]
= {kib} Alerts

The {stack} {monitor-features} provide
<<alerting-getting-started,{kib} alerts>> out-of-the box to notify you of
potential issues in the {stack}. These alerts are preconfigured based on the
best practices recommended by Elastic. However, you can tailor them to meet your
specific needs.

When you open the *{stack-monitor-app}* app, the preconfigured {kib} alerts are
created automatically. If you collect monitoring data from multiple clusters,
these alerts can search, detect, and alert on various conditions across the
clusters. The alerts are visible alongside your existing {watcher} cluster
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggest changing the second use of alert in "these alerts can search, detect, and alert on various conditions"

Add a link to Watcher?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@chrisronline Would it be technically accurate to change it to "..search, detect, and trigger actions on various conditions.."?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yea that's accurate, but sounds strange to stay "trigger actions". What if we just said "notify"?

alerts. You can view details about the alerts that are active and view health
and performance data for {es}, {ls}, and Beats in real time, as well as
analyze past performance. You can also modify active alerts in the
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggest removing "in the Stack Monitoring app" from this sentence.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done, thanks!

*{stack-monitor-app}* app.

[role="screenshot"]
image::user/monitoring/images/monitoring-kibana-alerts.png["Kibana alerts in the Stack Monitoring app"]

To review and modify all the available alerts, use the *{alerts-ui}* UI
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggest linking "Alerts and Actions" to https://www.elastic.co/guide/en/kibana/current/managing-alerts-and-actions.html

in the *{stack-manage-app}* app.

[discrete]
[[kibana-alerts-cpu-threshold]]
== CPU threshold

This alert is triggered when a node runs a consistently high CPU load. By
default, the trigger condition is set at 85% or more averaged over the last 5
minutes. The alert is grouped across all the nodes of the cluster by running
checks on a schedule time of 1 minute with a re-notify internal of 1 day.

NOTE: Some action types are subscription features, while others are free.
For a comparison of the Elastic subscription levels, see the alerting section of
the {subscriptions}[Subscriptions page].