-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Metrics UI] Add support for severity levels to threshold alerts #88591
Comments
Pinging @elastic/logs-metrics-ui (Team:logs-metrics-ui) |
The design mockups don't easily translate to Metrics alerts since they're using the full-width layout: And we're still debating how to incorporate that layout into the multi-conditional alert types that we use in Observability, seems like we're targeting 7.13 for it: #69233 I can throw something together that works with the way we do multiple conditions right now, probably by including a Critical/Warning/Minor/etc. threshold component within each conditional expression. I don't expect it to look pretty, though. Is that a blocker, or do we just want to get this feature out even if the UI looks kind of janky? |
Here's what I've got implemented so far: @katefarrar Thoughts? Not sure I like the look of the |
Is there any reason why we should make it possible to select a different Comparator for the Critical vs. Warning threshold? Or should we have a single Comparator value and lock it to both of them? It's currently a bit of a hassle to get the |
If we're going to be switching to using action groups to differentiate between threshold states, we might want to remove the and instead handle No Data states with action groups. This change would break backwards compatibility with existing No Data alerts so I'm not sure how we should approach releasing it? I think Alerting is out of beta now, but I really don't think we should wait for a Breaking release to make this kind of change. Especially if Warning thresholds are going to use their own separate action group. |
I feel like I want to call it the "Critical" threshold if the Warning threshold is present, but this would create a weird discrepancy with action group naming. Assuming we want to change the name of the So maybe |
Oof hmm I don't like "Run when Alert" Currently the action group is called "Fired" so it says "Run when Fired" and "Run when Recovered," but I don't think we want to do: "Run when Critical" sounds fine, but see above for why I don't think it's a good idea to do that either. I'm checking with the Alerting team to see if it's possible to dynamically change the contents of the EDIT: We do not have that option yet. Tracking it here: #89898 |
I remember we did a lot of work figuring out the correct language for alert previews, but now I'm not sure what to do about multiple severity thresholds.
Seems closest to the current language but it feels off. "Satisfied the conditions of this alert" feels redundant when you enumerate the severity thresholds.
Feels better but also needlessly verbose. |
With the current logic, this Warning threshold would never fire, because ALL conditions need to have their thresholds met. Should we even support this use case, in which one condition can have a Warning but not others, or should we force all conditions to have a Warning threshold if you enable it on one of them? |
we're going to add |
For the alerting language, I think this works well...
I'd rather err on the side of verbose than unclear 🙂 |
For Group By alerts we currently say:
What do we think of switching this to:
I feel like that'd be less of a headache than continuing to put the number of hosts afterward EDIT: Actually this would be a huge i18n burden to correctly handle the conditional capital letter at the beginning, so I think we should stick with the host number in the middle |
User story
As a DevOps engineer I want to be able to set multiple threshold values based on severity levels, so that I could channel notifications based on the severity levels.
Describe the feature:
Today our threshold alerts support only one default severity level. Customers are asking to introduce multiple severity levels, e.g.
warning
,critical
. The Kibana alerting team has been working on some design mockups for multi-level notifications, which can be found here.In 7.11 the alerting team will has added generic UI for the definition of conditions for Action Groups. We will need to incorporate multiple severity levels in our alerts. Note, this can (and probably will) be applicable to other observability alert types.
Currently the following thresholds are interesting from the Inventory/Metric alerting perspective:
warning threshold
,alert/critical threshold
. However other solutions have different assumptions. This needs to be aligned.cc @cyrille-leclerc, @mukeshelastic.
The text was updated successfully, but these errors were encountered: