-
Notifications
You must be signed in to change notification settings - Fork 144
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add enhanced alerting details to host monitoring docs #3879
Conversation
A documentation preview will be available soon. Request a new doc build by commenting
If your PR continues to fail for an unknown reason, the doc build pipeline may be broken. Elastic employees can check the pipeline status here. |
This pull request does not have a backport label. Could you fix it @dedemorton? 🙏
|
@roshan-elastic @crespocarlos Can you take a look when you have a chance and respond to my question here? Thanks! (Sorry didn't mean to add your names to the related issue. Just got my browser tabs messed up.) |
Hey @dedemorton
Yeah, that's right. There are pretty much two ways for alerts to show up against hosts: (1) They use the 'Inventory' rule and select the 'Host' (2) If they use a rule which is possible to 'group by' e.g. metric threshold rules, custom threshold rules [beta] Sample Metrics Threshold Rule Sample Custom Threshold Rule However, let me double-check with the engineers on this. @crespocarlos (cc @jennypavlova) - When I test the custom threshold and metric threshold rules:
Only one alert showing in the host view Here are the alerts set up: See alert rules Question
|
Hey @roshan-elastic
It was using After adjusting it to use
Yeah. We might need to adjust something in the custom threshold executor for it to show up in the alerts table. The actionable observability owns that, but I guess we can submit a PR. |
This pull request is now in conflict. Could you fix it @dedemorton? 🙏
|
@crespocarlos Is there something I can say in the docs to help users? Maybe something like, "To see alerts on the Hosts page, the rule triggering the alert must either select hosts in a condition or be configured to group by hostname." Is this statement correct? |
Hi @dedemorton , regarding Custom Threshold it's something we need to fix in the code first, but it will work the same way as The conditions for users to see alerts in the Hosts view are - Similar to what you wrote, but it might help to specify what needs to be done depending on the rule type? Metrics Threshold - When creating the alert, inform |
@roshan-elastic @crespocarlos I've updated the documentation. Can you confirm my changes and approve the topic if you think it's ready to merge? Thanks! |
@crespocarlos - 🤦 thanks! Even I can't use ECS haha |
@roshan-elastic Is this PR ready to merge? I still need SME approval. Thanks! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry @dedemorton - completely missed this.
Might be too late for this version but approving for whenever it can go in
* Add enhanced alerting details to host monitoring docs * Clarify config required to show alerts on Hosts page * Change the note to an informational box * Fix sentence (cherry picked from commit 625d303)
* Add enhanced alerting details to host monitoring docs * Clarify config required to show alerts on Hosts page * Change the note to an informational box * Fix sentence (cherry picked from commit 625d303) Co-authored-by: DeDe Morton <dede.morton@elastic.co>
Closes #3747 and #3627.
Newbie question: It's possible I don't understand this feature fully, but it seems like users need to group by hostname when they create the alert, or the alert will not appear in the Hosts view. Is this correct? If so, I think we should mention that somewhere. Since this setting is optional, users might not realize it's required if they want to view alerts for specific hosts. WDYT? Am I missing something here?
TODO (after merging):