From a1ad746cf1eb3d5f6bc707f3b010e3d48aef6408 Mon Sep 17 00:00:00 2001 From: Karen Metts Date: Wed, 26 Feb 2025 11:00:26 -0500 Subject: [PATCH 1/4] [obs] Fix formatting issues --- .../observability/cloud/gcp-dataflow-templates.md | 2 +- .../cloud/monitor-amazon-kinesis-data-streams.md | 4 ++-- .../cloud/monitor-amazon-simple-queue-service-sqs.md | 4 ++-- .../cloud/monitor-amazon-simple-storage-service-s3.md | 4 ++-- ...itor-amazon-web-services-aws-with-elastic-agent.md | 4 ++-- .../cloud/monitor-microsoft-azure-openai.md | 2 +- ...r-microsoft-azure-with-azure-native-isv-service.md | 2 +- .../cloud/monitor-microsoft-azure-with-beats.md | 2 +- .../monitor-microsoft-azure-with-elastic-agent.md | 4 ++-- .../get-started/create-an-observability-project.md | 3 +-- .../quickstart-monitor-hosts-with-elastic-agent.md | 3 +-- .../create-an-anomaly-detection-rule.md | 6 ++---- .../incident-management/create-an-apm-anomaly-rule.md | 7 +++---- .../create-an-elasticsearch-query-rule.md | 3 +-- .../create-an-error-count-threshold-rule.md | 9 ++++----- .../incident-management/create-an-inventory-rule.md | 3 +-- .../create-custom-threshold-rule.md | 6 ++---- .../create-failed-transaction-rate-threshold-rule.md | 7 +++---- .../create-latency-threshold-rule.md | 3 +-- .../incident-management/create-manage-cases.md | 6 ++---- .../incident-management/create-manage-rules.md | 7 +++---- .../observability/incident-management/view-alerts.md | 6 ++---- .../infra-and-hosts/analyze-compare-hosts.md | 11 ++++------- .../infra-and-hosts/configure-settings.md | 5 ++--- .../infra-and-hosts/detect-metric-anomalies.md | 3 +-- .../get-started-with-system-metrics.md | 3 +-- .../tutorial-observe-nginx-instances.md | 2 +- .../view-infrastructure-metrics-by-resource-type.md | 9 +++------ 28 files changed, 52 insertions(+), 78 deletions(-) diff --git a/solutions/observability/cloud/gcp-dataflow-templates.md b/solutions/observability/cloud/gcp-dataflow-templates.md index 26238b5084..ef3c2b13c1 100644 --- a/solutions/observability/cloud/gcp-dataflow-templates.md +++ b/solutions/observability/cloud/gcp-dataflow-templates.md @@ -40,7 +40,7 @@ You’ll start with installing the Elastic GCP integration to add pre-built dash 4. Click **Save integration**. -:::::{admonition} +:::::{note} This tutorial assumes the Elastic cluster is already running. To continue, you’ll need your **Cloud ID** and an **API Key**. To find the Cloud ID of your [deployment](https://cloud.elastic.co/deployments), go to the deployment’s **Overview** page. diff --git a/solutions/observability/cloud/monitor-amazon-kinesis-data-streams.md b/solutions/observability/cloud/monitor-amazon-kinesis-data-streams.md index 01cba0fca3..46a304951a 100644 --- a/solutions/observability/cloud/monitor-amazon-kinesis-data-streams.md +++ b/solutions/observability/cloud/monitor-amazon-kinesis-data-streams.md @@ -29,7 +29,7 @@ To collect Kinesis data stream metrics from Amazon CloudWatch, you typically nee Expand the **quick guide** to learn how, or skip to the next section if your data is already in {{es}}. :::::{dropdown} **Quick guide: Add data** -::::{admonition} +::::{note} 1. In the Observability UI, find **Integrations** in the main menu or use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md). 2. In the query bar, search for and select the **Amazon Kinesis Data Stream** integration. 3. Read the overview to make sure you understand integration requirements and other considerations. @@ -48,7 +48,7 @@ Expand the **quick guide** to learn how, or skip to the next section if your dat 7. Click **Save and continue**. This step takes a minute or two to complete. When it’s done, you’ll have an agent policy that contains an integration policy for the configuration you just specified. If an {{agent}} is already assigned to the policy, you’re done. Otherwise, you need to deploy an {{agent}}. 8. To deploy an {{agent}}: - 1. In the popup, click **Add {{agent}} to your hosts** to open the **Add agent*** flyout. If you accidentally close the popup or the flyout doesn’t open, go to ***{{fleet}} → Agents**, then click **Add agent** to access the flyout. + 1. In the popup, click **Add {{agent}} to your hosts** to open the **Add agent** flyout. If you accidentally close the popup or the flyout doesn’t open, go to **{{fleet}} → Agents**, then click **Add agent** to access the flyout. 2. Follow the steps in the **Add agent** flyout to download, install, and enroll the {{agent}}. 9. When incoming data is confirmed—​after a minute or two—​click **View assets** to access the dashboards. diff --git a/solutions/observability/cloud/monitor-amazon-simple-queue-service-sqs.md b/solutions/observability/cloud/monitor-amazon-simple-queue-service-sqs.md index d3e6b6ccc7..fe58c0424a 100644 --- a/solutions/observability/cloud/monitor-amazon-simple-queue-service-sqs.md +++ b/solutions/observability/cloud/monitor-amazon-simple-queue-service-sqs.md @@ -25,7 +25,7 @@ To collect SQS metrics, you typically need to install the Elastic [Amazon SQS in Expand the **quick guide** to learn how, or skip to the next section if your data is already in {{es}}. :::::{dropdown} **Quick guide: Add data** -::::{admonition} +::::{note} 1. In the Observability UI, find **Integrations** in the main menu or use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md). 2. In the query bar, search for and select the **Amazon SQS** integration. 3. Read the overview to make sure you understand integration requirements and other considerations. @@ -44,7 +44,7 @@ Expand the **quick guide** to learn how, or skip to the next section if your dat 7. Click **Save and continue**. This step takes a minute or two to complete. When it’s done, you’ll have an agent policy that contains an integration policy for the configuration you just specified. If an {{agent}} is already assigned to the policy, you’re done. Otherwise, you need to deploy an {{agent}}. 8. To deploy an {{agent}}: - 1. In the popup, click **Add {{agent}} to your hosts** to open the **Add agent*** flyout. If you accidentally close the popup or the flyout doesn’t open, go to ***{{fleet}} → Agents**, then click **Add agent** to access the flyout. + 1. In the popup, click **Add {{agent}} to your hosts** to open the **Add agent** flyout. If you accidentally close the popup or the flyout doesn’t open, go to **{{fleet}} → Agents**, then click **Add agent** to access the flyout. 2. Follow the steps in the **Add agent** flyout to download, install, and enroll the {{agent}}. 9. When incoming data is confirmed—​after a minute or two—​click **View assets** to access the dashboards. diff --git a/solutions/observability/cloud/monitor-amazon-simple-storage-service-s3.md b/solutions/observability/cloud/monitor-amazon-simple-storage-service-s3.md index 6ac2aa0d69..5f49bdd5f9 100644 --- a/solutions/observability/cloud/monitor-amazon-simple-storage-service-s3.md +++ b/solutions/observability/cloud/monitor-amazon-simple-storage-service-s3.md @@ -28,7 +28,7 @@ To collect S3 metrics, you typically need to install the Elastic [Amazon S3 inte Expand the **quick guide** to learn how, or skip to the next section if your data is already in {{es}}. :::::{dropdown} **Quick guide: Add data** -::::{admonition} +::::{note} 1. In the Observability UI, find **Integrations** in the main menu or use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md). 2. In the query bar, search for and select the **Amazon S3** integration. 3. Read the overview to make sure you understand integration requirements and other considerations. @@ -47,7 +47,7 @@ Expand the **quick guide** to learn how, or skip to the next section if your dat 7. Click **Save and continue**. This step takes a minute or two to complete. When it’s done, you’ll have an agent policy that contains an integration policy for the configuration you just specified. If an {{agent}} is already assigned to the policy, you’re done. Otherwise, you need to deploy an {{agent}}. 8. To deploy an {{agent}}: - 1. In the popup, click **Add {{agent}} to your hosts** to open the **Add agent*** flyout. If you accidentally close the popup or the flyout doesn’t open, go to ***{{fleet}} → Agents**, then click **Add agent** to access the flyout. + 1. In the popup, click **Add {{agent}} to your hosts** to open the **Add agent** flyout. If you accidentally close the popup or the flyout doesn’t open, go to **{{fleet}} → Agents**, then click **Add agent** to access the flyout. 2. Follow the steps in the **Add agent** flyout to download, install, and enroll the {{agent}}. 9. When incoming data is confirmed—​after a minute or two—​click **View assets** to access the dashboards. diff --git a/solutions/observability/cloud/monitor-amazon-web-services-aws-with-elastic-agent.md b/solutions/observability/cloud/monitor-amazon-web-services-aws-with-elastic-agent.md index 9545c0c6c0..beeb407f12 100644 --- a/solutions/observability/cloud/monitor-amazon-web-services-aws-with-elastic-agent.md +++ b/solutions/observability/cloud/monitor-amazon-web-services-aws-with-elastic-agent.md @@ -45,7 +45,7 @@ In this step, you create an Amazon Simple Queue Service (SQS) queue and configur You should already have an S3 bucket that contains exported VPC flow logs. If you don’t, create one now. To learn how, refer to [publishing flow logs to an S3 bucket](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-s3.md). -::::{admonition} +::::{note} **Why is an SQS queue needed?** Creating an SQS queue helps avoid significant lagging caused by polling all log files from each S3 bucket. Instead of polling each bucket, you configure the S3 buckets to send a notification to the SQS queue whenever a new object is created. The {{agent}} monitors the SQS queue for new object creation messages and uses information in the messages to retrieve logs from the S3 buckets. With this setup, periodic polling from each S3 bucket is not needed. Instead, the {{agent}} S3 input guarantees near real-time data collection from S3 buckets with both speed and reliability. @@ -188,7 +188,7 @@ VPC flow logs are sent to an S3 bucket, which sends a notification to the SQS qu ## Step 4: Collect S3 access logs [aws-elastic-agent-collect-s3-access-logs] -::::{admonition} +::::{note} S3 access logs contain detailed records for the requests that are made to a bucket. Server access logs are useful for many applications. For example, access log information can be useful in security and access audits. It can also help you learn about your customer base and understand your Amazon S3 bill. :::: diff --git a/solutions/observability/cloud/monitor-microsoft-azure-openai.md b/solutions/observability/cloud/monitor-microsoft-azure-openai.md index ee10a3eb74..39ac17831f 100644 --- a/solutions/observability/cloud/monitor-microsoft-azure-openai.md +++ b/solutions/observability/cloud/monitor-microsoft-azure-openai.md @@ -5,7 +5,7 @@ mapped_pages: # Monitor Microsoft Azure OpenAI [monitor-azure-openai] -::::{admonition} +::::{note} **New to Elastic?** Follow the steps in our [getting started guide](https://www.elastic.co/guide/en/starting-with-the-elasticsearch-platform-and-its-solutions/current/getting-started-observability.html) instead of the steps described here. Return to this tutorial after you’ve learned the basics. :::: diff --git a/solutions/observability/cloud/monitor-microsoft-azure-with-azure-native-isv-service.md b/solutions/observability/cloud/monitor-microsoft-azure-with-azure-native-isv-service.md index f110b7b0c9..a957e632fa 100644 --- a/solutions/observability/cloud/monitor-microsoft-azure-with-azure-native-isv-service.md +++ b/solutions/observability/cloud/monitor-microsoft-azure-with-azure-native-isv-service.md @@ -5,7 +5,7 @@ mapped_pages: # Monitor Microsoft Azure with the Azure Native ISV Service [monitor-azure-native] -::::{admonition} +::::{note} The {{ecloud}} Azure Native ISV Service allows you to deploy managed instances of the {{stack}} directly in Azure, through the Azure integrated marketplace. The service includes native capabilities for consolidating Azure logs and metrics in Elastic. For more information, refer to [Azure Native ISV Service](../../../deploy-manage/deploy/elastic-cloud/azure-native-isv-service.md). **Using {{agent}} to monitor Azure?** Refer to [Monitor Microsoft Azure with {{agent}}](monitor-microsoft-azure-with-elastic-agent.md). diff --git a/solutions/observability/cloud/monitor-microsoft-azure-with-beats.md b/solutions/observability/cloud/monitor-microsoft-azure-with-beats.md index c1df48f592..d1eadf88d9 100644 --- a/solutions/observability/cloud/monitor-microsoft-azure-with-beats.md +++ b/solutions/observability/cloud/monitor-microsoft-azure-with-beats.md @@ -5,7 +5,7 @@ mapped_pages: # Monitor Microsoft Azure with Beats [monitor-azure] -::::{admonition} +::::{note} **Are you sure you want to use {{beats}}?** {{agent}} is the recommended way to monitor Azure if you want to manage your agents centrally in {{fleet}}. To learn how to use {{agent}}, refer to [Monitor Microsoft Azure with {{agent}}](monitor-microsoft-azure-with-elastic-agent.md). diff --git a/solutions/observability/cloud/monitor-microsoft-azure-with-elastic-agent.md b/solutions/observability/cloud/monitor-microsoft-azure-with-elastic-agent.md index b6d0e1f6bc..632959bc3b 100644 --- a/solutions/observability/cloud/monitor-microsoft-azure-with-elastic-agent.md +++ b/solutions/observability/cloud/monitor-microsoft-azure-with-elastic-agent.md @@ -5,7 +5,7 @@ mapped_pages: # Monitor Microsoft Azure with Elastic Agent [monitor-azure-elastic-agent] -::::{admonition} +::::{note} **New to Elastic?** Follow the steps in our [getting started guide](https://www.elastic.co/guide/en/starting-with-the-elasticsearch-platform-and-its-solutions/current/getting-started-observability.html) instead of the steps described here. Return to this tutorial after you’ve learned the basics. **Using the native Azure integration from the marketplace?** Refer to [Monitor Microsoft Azure with the Azure Native ISV Service](monitor-microsoft-azure-with-azure-native-isv-service.md). @@ -195,7 +195,7 @@ To create an Azure event hub: 7. Click **Review + create**, and then click **Create** to deploy the resource. 8. Make a note of the namespace and event hub name because you will need them later. -:::::{admonition} +:::::{note} **When do I need more than one event hub?** Typically you create an event hub for each service you want to monitor. For example, imagine that you want to collect activity logs from the Azure Monitor service plus signin and audit logs from the Active Directory service. Rather than sending all logs to a single event hub, you create an event hub for each service: diff --git a/solutions/observability/get-started/create-an-observability-project.md b/solutions/observability/get-started/create-an-observability-project.md index d9bdf07426..34f3090ff4 100644 --- a/solutions/observability/get-started/create-an-observability-project.md +++ b/solutions/observability/get-started/create-an-observability-project.md @@ -9,8 +9,7 @@ mapped_pages: # Create an observability project [observability-create-an-observability-project] -::::{admonition} Required role -:class: note +::::{note} Required role The **Admin** role or higher is required to create projects. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/manage-users.md#general-assign-user-roles). diff --git a/solutions/observability/get-started/quickstart-monitor-hosts-with-elastic-agent.md b/solutions/observability/get-started/quickstart-monitor-hosts-with-elastic-agent.md index feb40482dd..2fa62bbb10 100644 --- a/solutions/observability/get-started/quickstart-monitor-hosts-with-elastic-agent.md +++ b/solutions/observability/get-started/quickstart-monitor-hosts-with-elastic-agent.md @@ -113,8 +113,7 @@ When the script is done, you’ll see a message like "{{agent}} is configured an There might be a slight delay before logs and other data are ingested. -::::{admonition} Need to scan your host again? -:class: note +::::{note} Need to scan your host again? The auto-detection script (`auto_detect.sh`) is downloaded to the directory where you ran the installation command. You can re-run the script on the same host to detect additional logs. The script will scan the host and reconfigure {{agent}} with any additional logs that are found. If the script misses any custom logs, you can add them manually by entering `n` after the script has finished scanning the host. diff --git a/solutions/observability/incident-management/create-an-anomaly-detection-rule.md b/solutions/observability/incident-management/create-an-anomaly-detection-rule.md index a7c1acb450..c8749f3a38 100644 --- a/solutions/observability/incident-management/create-an-anomaly-detection-rule.md +++ b/solutions/observability/incident-management/create-an-anomaly-detection-rule.md @@ -9,16 +9,14 @@ mapped_pages: # Create an anomaly detection rule [observability-aiops-generate-anomaly-alerts] -::::{admonition} Required role -:class: note +::::{note} Required role The **Editor** role or higher is required to create anomaly detection rules. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/manage-users.md#general-assign-user-roles). :::: -::::{admonition} Anomaly detection alerting is in beta -:class: important +::::{important} Anomaly detection alerting is in beta The Anomaly detection alerting functionality is in beta and is subject to change. The design and code is less mature than official generally available features and is being provided as-is with no warranties. diff --git a/solutions/observability/incident-management/create-an-apm-anomaly-rule.md b/solutions/observability/incident-management/create-an-apm-anomaly-rule.md index 68e00a2793..a1836c7b15 100644 --- a/solutions/observability/incident-management/create-an-apm-anomaly-rule.md +++ b/solutions/observability/incident-management/create-an-apm-anomaly-rule.md @@ -13,8 +13,7 @@ To use the APM Anomaly rule, you have to enable [machine learning](../../../solu :::: -::::{admonition} Required role -:class: note +::::{note} Required role For Observability serverless projects, the **Editor** role or higher is required to create anomaly rules. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). @@ -29,7 +28,7 @@ You can create an anomaly rule to alert you when either the latency, throughput, ::: ::::{tip} -These steps show how to use the **Alerts** UI. You can also create an anomaly rule directly from any page within **Applications***. Click the ***Alerts and rules*** button, and select ***Create anomaly rule***. When you create a rule this way, the ***Name** and **Tags** fields will be prepopulated but you can still change these. +These steps show how to use the **Alerts** UI. You can also create an anomaly rule directly from any page within **Applications**. Click the **Alerts and rules** button, and select **Create anomaly rule**. When you create a rule this way, the **Name** and **Tags** fields will be prepopulated but you can still change these. :::: @@ -40,7 +39,7 @@ To create your anomaly rule: 2. Select **Manage Rules** from the **Alerts** page, and select **Create rule**. 3. Enter a **Name** for your rule, and any optional **Tags** for more granular reporting (leave blank if unsure). 4. Select the **APM Anomaly** rule type. -5. Select the appropriate **Service**, **Type***, and ***Environment** (or leave **ALL** to include all options). +5. Select the appropriate **Service**, **Type**, and **Environment** (or leave **ALL** to include all options). 6. Select the desired severity (critical, major, minor, warning) from **Has anomaly with severity**. 7. Define the interval to check the rule (for example, check every 1 minute). 8. (Optional) Set up **Actions**. diff --git a/solutions/observability/incident-management/create-an-elasticsearch-query-rule.md b/solutions/observability/incident-management/create-an-elasticsearch-query-rule.md index ba7dad9bf2..d5c34e2f5d 100644 --- a/solutions/observability/incident-management/create-an-elasticsearch-query-rule.md +++ b/solutions/observability/incident-management/create-an-elasticsearch-query-rule.md @@ -9,8 +9,7 @@ mapped_pages: # Create an Elasticsearch query rule [observability-create-elasticsearch-query-rule] -::::{admonition} Required role -:class: note +::::{note} Required role The **Editor** role or higher is required to create Elasticsearch query rules. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/manage-users.md#general-assign-user-roles). diff --git a/solutions/observability/incident-management/create-an-error-count-threshold-rule.md b/solutions/observability/incident-management/create-an-error-count-threshold-rule.md index 5a6d7020f6..d1f86e86b2 100644 --- a/solutions/observability/incident-management/create-an-error-count-threshold-rule.md +++ b/solutions/observability/incident-management/create-an-error-count-threshold-rule.md @@ -9,8 +9,7 @@ navigation_title: "Error count threshold" # Create an error count threshold rule [observability-create-error-count-threshold-alert-rule] -::::{admonition} Required role -:class: note +::::{note} Required role For Observability serverless projects, the **Editor** role or higher is required to create error count threshold rules. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). @@ -25,7 +24,7 @@ Create an error count threshold rule to alert you when the number of errors in a ::: ::::{tip} -These steps show how to use the **Alerts** UI. You can also create an error count threshold rule directly from any page within **Applications***. Click the ***Alerts and rules*** button, and select ***Create error count rule***. When you create a rule this way, the ***Name** and **Tags** fields will be prepopulated but you can still change these. +These steps show how to use the **Alerts** UI. You can also create an error count threshold rule directly from any page within **Applications**. Click the **Alerts and rules** button, and select **Create error count rule**. When you create a rule this way, the **Name** and **Tags** fields will be prepopulated but you can still change these. :::: @@ -36,7 +35,7 @@ To create your error count threshold rule: 2. Select **Manage Rules** from the **Alerts** page, and select **Create rule**. 3. Enter a **Name** for your rule, and any optional **Tags** for more granular reporting (leave blank if unsure). 4. Select the **Error count threshold** rule type from the APM use case. -5. Select the appropriate **Service**, **Environment***, and ***Error Grouping Key*** (or leave ***ALL** to include all options). Alternatively, you can select **Use KQL Filter** and enter a KQL expression to limit the scope of your rule. +5. Select the appropriate **Service**, **Environment**, and **Error Grouping Key** (or leave **ALL** to include all options). Alternatively, you can select **Use KQL Filter** and enter a KQL expression to limit the scope of your rule. 6. Enter the error threshold in **Is Above** (defaults to 25 errors). 7. Define the period to be assessed in **For the last** (defaults to last 5 minutes). 8. Choose how to **Group alerts by**. Every unique value will create an alert. @@ -168,7 +167,7 @@ This guide will create an alert for an error group ID based on the following cri * Check every 1 minute * Send the alert via email to the site reliability team -From any page in **Applications**, select **Alerts and rules*** → ***Create threshold rule** → **Error count rule**. Change the name of the alert (if you wish), but do not edit the tags. +From any page in **Applications**, select **Alerts and rules** → **Create threshold rule** → **Error count rule**. Change the name of the alert (if you wish), but do not edit the tags. Based on the criteria above, define the following rule details: diff --git a/solutions/observability/incident-management/create-an-inventory-rule.md b/solutions/observability/incident-management/create-an-inventory-rule.md index 682dda5da3..fb03241ff6 100644 --- a/solutions/observability/incident-management/create-an-inventory-rule.md +++ b/solutions/observability/incident-management/create-an-inventory-rule.md @@ -9,8 +9,7 @@ navigation_title: "Inventory" # Create an inventory rule [observability-create-inventory-threshold-alert-rule] -::::{admonition} Required role -:class: note +::::{note} Required role For Observability serverless projects, the **Editor** role or higher is required to create inventory threshold rules. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/incident-management/create-custom-threshold-rule.md b/solutions/observability/incident-management/create-custom-threshold-rule.md index 64a12ec96e..109afca693 100644 --- a/solutions/observability/incident-management/create-custom-threshold-rule.md +++ b/solutions/observability/incident-management/create-custom-threshold-rule.md @@ -9,8 +9,7 @@ navigation_title: "Custom threshold" # Create a custom threshold rule [observability-create-custom-threshold-alert-rule] -::::{admonition} Required role -:class: note +::::{note} Required role **For Observability serverless projects**, the **Editor** role or higher is required to create a custom threshold rule. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). @@ -128,8 +127,7 @@ The behavior of the alert depends on whether any **group alerts by** fields are * If `host-1` reports CPU usage below the threshold of 80%, the alert status is changed to recovered. -::::{admonition} How to untrack decommissioned hosts -:class: note +::::{note} How to untrack decommissioned hosts If a host (for example, `host-1`) is decommissioned, you probably no longer want to see "no data" alerts about it. To mark an alert as untracked: Go to the Alerts table, click the ![More actions](../../../images/serverless-boxesHorizontal.svg "") icon to expand the "More actions" menu, and click *Mark as untracked*. diff --git a/solutions/observability/incident-management/create-failed-transaction-rate-threshold-rule.md b/solutions/observability/incident-management/create-failed-transaction-rate-threshold-rule.md index a8ae54f8c9..1812877ae4 100644 --- a/solutions/observability/incident-management/create-failed-transaction-rate-threshold-rule.md +++ b/solutions/observability/incident-management/create-failed-transaction-rate-threshold-rule.md @@ -9,8 +9,7 @@ navigation_title: "Failed transaction rate threshold" # Create a failed transaction rate threshold rule [observability-create-failed-transaction-rate-threshold-alert-rule] -::::{admonition} Required role -:class: note +::::{note} Required role **For Observability serverless projects**, the **Editor** role or higher is required to create failed transaction rate threshold rules. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). @@ -36,7 +35,7 @@ To create your failed transaction rate threshold rule: 2. Select **Manage Rules** from the **Alerts** page, and select **Create rule**. 3. Enter a **Name** for your rule, and any optional **Tags** for more granular reporting (leave blank if unsure). 4. Select the **Failed transaction rate threshold** rule type from the APM use case. -5. Select the appropriate **Service**, **Type***, **Environment** and **Name** (or leave **ALL** to include all options). Alternatively, you can select **Use KQL Filter** and enter a KQL expression to limit the scope of your rule. +5. Select the appropriate **Service**, **Type**, **Environment** and **Name** (or leave **ALL** to include all options). Alternatively, you can select **Use KQL Filter** and enter a KQL expression to limit the scope of your rule. 6. Enter a fail rate in the **Is Above** (defaults to 30%). 7. Define the period to be assessed in **For the last** (defaults to last 5 minutes). 8. Choose how to **Group alerts by**. Every unique value will create an alert. @@ -165,7 +164,7 @@ This guide will create an alert for an error group ID based on the following cri * Check every 1 minute * Send the alert via email to the site reliability team -From any page in **Applications**, select **Alerts and rules*** → ***Create threshold rule** → **Failed transaction rate**. Change the name of the alert (if you wish), but do not edit the tags. +From any page in **Applications**, select **Alerts and rules** → **Create threshold rule** → **Failed transaction rate**. Change the name of the alert (if you wish), but do not edit the tags. Based on the criteria above, define the following rule details: diff --git a/solutions/observability/incident-management/create-latency-threshold-rule.md b/solutions/observability/incident-management/create-latency-threshold-rule.md index 5e18c120e0..72432f3cd8 100644 --- a/solutions/observability/incident-management/create-latency-threshold-rule.md +++ b/solutions/observability/incident-management/create-latency-threshold-rule.md @@ -9,8 +9,7 @@ navigation_title: "Latency threshold" # Create a latency threshold rule [observability-create-latency-threshold-alert-rule] -::::{admonition} Required role -:class: note +::::{note} Required role **For Observability serverless projects**, the **Editor** role or higher is required to create latency threshold rules. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/incident-management/create-manage-cases.md b/solutions/observability/incident-management/create-manage-cases.md index 973eb5429f..5a9e3975ef 100644 --- a/solutions/observability/incident-management/create-manage-cases.md +++ b/solutions/observability/incident-management/create-manage-cases.md @@ -6,8 +6,7 @@ mapped_urls: # Create and manage cases [observability-create-a-new-case] -::::{admonition} Required role -:class: note +::::{note} Required role **For Observability serverless projects**, the **Editor** role or higher is required to create and manage cases. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). @@ -64,8 +63,7 @@ Uploaded files are also accessible under **Project settings** → **Management** You can add images and text, CSV, JSON, PDF, or ZIP files. For the complete list, check [`mime_types.ts`](https://github.com/elastic/kibana/blob/main/x-pack/plugins/cases/common/constants/mime_types.ts). -::::{admonition} File size limits -:class: note +::::{note} File size limits There is a 10 MiB size limit for images. For all other MIME types, the limit is 100 MiB. diff --git a/solutions/observability/incident-management/create-manage-rules.md b/solutions/observability/incident-management/create-manage-rules.md index 04092f200e..f8f76b5cc5 100644 --- a/solutions/observability/incident-management/create-manage-rules.md +++ b/solutions/observability/incident-management/create-manage-rules.md @@ -6,8 +6,7 @@ mapped_urls: # Create and manage rules [observability-create-manage-rules] -::::{admonition} Required role -:class: note +::::{note} Required role **For Observability serverless projects**, the **Editor** role or higher is required to create and manage rules for alerting. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). @@ -42,8 +41,8 @@ Learn more about Observability rules and how to create them: You start by defining the rule and how often it should be evaluated. You can extend these rules by adding an appropriate action (for example, send an email or create an issue) to be triggered when the rule conditions are met. These actions are defined within each rule and implemented by the appropriate connector for that action e.g. Slack, Jira. You can create any rules from scratch using the **Manage Rules** page, or you can create specific rule types from their respective UIs and benefit from some of the details being pre-filled (for example, Name and Tags). -* For APM alert types, you can select **Alerts and rules** and create rules directly from the **Services***, ***Traces**, and **Dependencies** UIs. -* For SLO alert types, from the **SLOs** page open the **More actions*** menu ![action menu](../../../images/serverless-boxesHorizontal.svg "") for an SLO and select ***Create new alert rule**. Alternatively, when you create a new SLO, the **Create new SLO burn rate alert rule** checkbox is enabled by default and will prompt you to [Create SLO burn rate rule](../../../solutions/observability/incident-management/create-an-slo-burn-rate-rule.md) upon saving the SLO. +* For APM alert types, you can select **Alerts and rules** and create rules directly from the **Services**, **Traces**, and **Dependencies** UIs. +* For SLO alert types, from the **SLOs** page open the **More actions** menu ![action menu](../../../images/serverless-boxesHorizontal.svg "") for an SLO and select **Create new alert rule**. Alternatively, when you create a new SLO, the **Create new SLO burn rate alert rule** checkbox is enabled by default and will prompt you to [Create SLO burn rate rule](../../../solutions/observability/incident-management/create-an-slo-burn-rate-rule.md) upon saving the SLO. After a rule is created, you can open the **More actions** menu ![More actions](../../../images/serverless-boxesHorizontal.svg "") and select **Edit rule** to check or change the definition, and/or add or modify actions. diff --git a/solutions/observability/incident-management/view-alerts.md b/solutions/observability/incident-management/view-alerts.md index 76cb321ef2..306a336121 100644 --- a/solutions/observability/incident-management/view-alerts.md +++ b/solutions/observability/incident-management/view-alerts.md @@ -6,8 +6,7 @@ mapped_urls: # View alerts [observability-view-alerts] -::::{admonition} Required role -:class: note +::::{note} Required role **For Observability serverless projects**, the **Editor** role or higher is required to perform this task. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). @@ -62,8 +61,7 @@ There are three common alert statuses: `untracked` : The corresponding rule is disabled or you’ve marked the alert as untracked. To mark the alert as untracked, go to the **Alerts** table, click the ![More actions](../../../images/serverless-boxesHorizontal.svg "") icon to expand the *More actions* menu, and click **Mark as untracked**. When an alert is marked as untracked, actions are no longer generated. You can choose to move active alerts to this state when you disable or delete rules. -::::{admonition} Flapping alerts -:class: note +::::{note} Flapping alerts The flapping state is possible only if you have enabled alert flapping detection. Go to the **Alerts** page and click **Manage Rules** to navigate to the {{obs-serverless}} **{{rules-app}}** page. Click **Settings** then set the look back window and threshold that are used to determine whether alerts are flapping. For example, you can specify that the alert must change status at least 6 times in the last 10 runs. If the rule has actions that run when the alert status changes, those actions are suppressed while the alert is flapping. diff --git a/solutions/observability/infra-and-hosts/analyze-compare-hosts.md b/solutions/observability/infra-and-hosts/analyze-compare-hosts.md index 05defa331e..5bdcc802c0 100644 --- a/solutions/observability/infra-and-hosts/analyze-compare-hosts.md +++ b/solutions/observability/infra-and-hosts/analyze-compare-hosts.md @@ -25,8 +25,7 @@ To open **Hosts**, find **Infrastructure** in the main menu or use the [global s To learn more about the metrics shown on this page, refer to the [Metrics reference](https://www.elastic.co/guide/en/serverless/current/observability-metrics-reference.html) documentation. -::::{admonition} Don’t see any metrics? -:class: note +::::{note} Don’t see any metrics? If you haven’t added data yet, click **Add data** to search for and install an Elastic integration. @@ -125,8 +124,7 @@ From the **Actions** menu, you can choose to: To see alerts for a specific host, refer to [View host details](../../../solutions/observability/infra-and-hosts/analyze-compare-hosts.md#view-host-details). -::::{admonition} Why are alerts missing from the Hosts page? -:class: note +::::{note} Why are alerts missing from the Hosts page? If your rules are triggering alerts that don’t appear on the **Hosts** page, edit the rules and make sure they are correctly configured to associate the host name with the alert: @@ -267,7 +265,7 @@ The **Anomalies** tab displays a list of each single metric {{anomaly-detect}} j Along with the name of each anomaly job, detected anomalies with a severity score equal to 50 or higher are listed. These scores represent a severity of "warning" or higher in the selected time period. The **summary** value represents the increase between the actual value and the expected ("typical") value of the host metric in the anomaly record result. -To drill down and analyze the metric anomaly, select **Actions** → **Open in Anomaly Explorer***. You can also select ***Actions** → **Show in Inventory** to view the host Inventory page, filtered by the specific metric. +To drill down and analyze the metric anomaly, select **Actions** → **Open in Anomaly Explorer**. You can also select **Actions** → **Show in Inventory** to view the host Inventory page, filtered by the specific metric. :::{image} ../../../images/serverless-anomalies-overlay.png :alt: Anomalies @@ -278,8 +276,7 @@ To drill down and analyze the metric anomaly, select **Actions** → **Open in A :::::{dropdown} Osquery -::::{admonition} Required role -:class: note +::::{note} Required role **For Observability serverless projects**, one of the following roles is required to use Osquery. diff --git a/solutions/observability/infra-and-hosts/configure-settings.md b/solutions/observability/infra-and-hosts/configure-settings.md index c3064b5ef0..49c0983a4a 100644 --- a/solutions/observability/infra-and-hosts/configure-settings.md +++ b/solutions/observability/infra-and-hosts/configure-settings.md @@ -6,15 +6,14 @@ mapped_urls: # Configure settings [observability-configure-intra-settings] -::::{admonition} Required role -:class: note +::::{note} Required role The **Editor** role or higher is required to configure settings. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). :::: -From the main menu, go to **Infrastructure** → **Infrastructure inventory*** or ***Hosts**, and click the **Settings** link at the top of the page. The following settings are available: +From the main menu, go to **Infrastructure** → **Infrastructure inventory** or **Hosts**, and click the **Settings** link at the top of the page. The following settings are available: | Setting | Description | | --- | --- | diff --git a/solutions/observability/infra-and-hosts/detect-metric-anomalies.md b/solutions/observability/infra-and-hosts/detect-metric-anomalies.md index e63ce0f9ab..98ad9b2ccf 100644 --- a/solutions/observability/infra-and-hosts/detect-metric-anomalies.md +++ b/solutions/observability/infra-and-hosts/detect-metric-anomalies.md @@ -6,8 +6,7 @@ mapped_urls: # Detect metric anomalies [observability-detect-metric-anomalies] -::::{admonition} Required role -:class: note +::::{note} Required role **For Observability serverless projects**, the **Editor** role or higher is required to create {{ml}} jobs. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/infra-and-hosts/get-started-with-system-metrics.md b/solutions/observability/infra-and-hosts/get-started-with-system-metrics.md index 05638e1841..b3b425677d 100644 --- a/solutions/observability/infra-and-hosts/get-started-with-system-metrics.md +++ b/solutions/observability/infra-and-hosts/get-started-with-system-metrics.md @@ -113,8 +113,7 @@ The **Add agent** flyout has two options: **Enroll in {{fleet}}** and **Run stan Notice that you can also configure the integration to collect logs. -::::{admonition} What if {{agent}} is already running on my host? -:class: note +::::{note} What if {{agent}} is already running on my host? Do not try to deploy a second {{agent}} to the same system. You have a couple options: diff --git a/solutions/observability/infra-and-hosts/tutorial-observe-nginx-instances.md b/solutions/observability/infra-and-hosts/tutorial-observe-nginx-instances.md index d8d51b4281..28a47dc8ba 100644 --- a/solutions/observability/infra-and-hosts/tutorial-observe-nginx-instances.md +++ b/solutions/observability/infra-and-hosts/tutorial-observe-nginx-instances.md @@ -5,7 +5,7 @@ mapped_pages: # Tutorial: Observe your nginx instances [monitor-nginx] -::::{admonition} +::::{note} **New to Elastic?** Follow the steps in our [getting started guide](https://www.elastic.co/guide/en/starting-with-the-elasticsearch-platform-and-its-solutions/current/getting-started-observability.html) instead of the steps described here. Return to this tutorial after you’ve learned the basics. :::: diff --git a/solutions/observability/infra-and-hosts/view-infrastructure-metrics-by-resource-type.md b/solutions/observability/infra-and-hosts/view-infrastructure-metrics-by-resource-type.md index ecec389947..53326cab3d 100644 --- a/solutions/observability/infra-and-hosts/view-infrastructure-metrics-by-resource-type.md +++ b/solutions/observability/infra-and-hosts/view-infrastructure-metrics-by-resource-type.md @@ -17,8 +17,7 @@ To open **Infrastructure inventory**, find **Infrastructure** in the main menu o To learn more about the metrics shown on this page, refer to the [Metrics reference](https://www.elastic.co/guide/en/serverless/current/observability-metrics-reference.html). -::::{admonition} Don’t see any metrics? -:class: note +::::{note} Don’t see any metrics? If you haven’t added data yet, click **Add data** to search for and install an Elastic integration. @@ -192,8 +191,7 @@ To drill down and analyze the metric anomaly, select **Actions** → **Open in A :::::{dropdown} Osquery -::::{admonition} Required role -:class: note +::::{note} Required role **For Observability serverless projects**, one of the following roles is required to use Osquery. @@ -245,8 +243,7 @@ When you select **Docker containers**, the **Infrastructure inventory** page dis Without leaving the **Infrastructure inventory** page, you can view enhanced metrics relating to each container running in your infrastructure. -::::{admonition} Why do some containers report 0% or null (-) values in the waffle map? -:class: note +::::{note} Why do some containers report 0% or null (-) values in the waffle map? The waffle map shows *all* monitored containers, including containerd, provided that the data collected from the container has the `container.id` field. However, the waffle map currently only displays metrics for Docker fields. This display problem will be resolved in a future release. From 6d5db754447f20d421065054f0c51a26caadb7d2 Mon Sep 17 00:00:00 2001 From: Karen Metts Date: Wed, 26 Feb 2025 11:32:31 -0500 Subject: [PATCH 2/4] More formatting fixes --- .../get-started/create-an-observability-project.md | 2 +- .../incident-management/configure-case-settings.md | 5 ++--- .../incident-management/create-an-anomaly-detection-rule.md | 2 +- .../incident-management/create-an-apm-anomaly-rule.md | 2 +- .../create-an-elasticsearch-query-rule.md | 2 +- .../create-an-error-count-threshold-rule.md | 2 +- .../incident-management/create-an-inventory-rule.md | 2 +- .../incident-management/create-custom-threshold-rule.md | 2 +- .../create-failed-transaction-rate-threshold-rule.md | 2 +- .../incident-management/create-latency-threshold-rule.md | 2 +- .../observability/incident-management/create-manage-cases.md | 2 +- .../observability/incident-management/create-manage-rules.md | 2 +- solutions/observability/incident-management/view-alerts.md | 2 +- .../observability/infra-and-hosts/analyze-compare-hosts.md | 2 +- .../observability/infra-and-hosts/configure-settings.md | 2 +- .../observability/infra-and-hosts/detect-metric-anomalies.md | 2 +- .../view-infrastructure-metrics-by-resource-type.md | 2 +- 17 files changed, 18 insertions(+), 19 deletions(-) diff --git a/solutions/observability/get-started/create-an-observability-project.md b/solutions/observability/get-started/create-an-observability-project.md index 34f3090ff4..7659927df6 100644 --- a/solutions/observability/get-started/create-an-observability-project.md +++ b/solutions/observability/get-started/create-an-observability-project.md @@ -9,7 +9,7 @@ mapped_pages: # Create an observability project [observability-create-an-observability-project] -::::{note} Required role +::::{note} The **Admin** role or higher is required to create projects. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/manage-users.md#general-assign-user-roles). diff --git a/solutions/observability/incident-management/configure-case-settings.md b/solutions/observability/incident-management/configure-case-settings.md index 227d1dcc50..f2f08218cc 100644 --- a/solutions/observability/incident-management/configure-case-settings.md +++ b/solutions/observability/incident-management/configure-case-settings.md @@ -8,8 +8,7 @@ mapped_urls: % Serverless only for the following role, does stateful require a special role? -::::{admonition} Required role -:class: note +::::{note} For Observability serverless projects, the **Editor** role or higher is required to create and edit connectors. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). @@ -54,7 +53,7 @@ After creating a connector, you can set your cases to [automatically close](../. ### Create a connector [new-connector-observability] 1. From the **Incident management system** list, select **Add new connector**. -2. Select the system to send cases to: **{{sn}}**, **{{jira}}***, ***{{ibm-r}}***, ***{{swimlane}}***, ***TheHive**, or **{{webhook-cm}}**. +2. Select the system to send cases to: **{{sn}}**, **{{jira}}**, **{{ibm-r}}**, **{{swimlane}}**, **TheHive**, or **{{webhook-cm}}**. :::{image} ../../../images/serverless-observability-cases-add-connector.png :alt: Add a connector to send cases to an external source diff --git a/solutions/observability/incident-management/create-an-anomaly-detection-rule.md b/solutions/observability/incident-management/create-an-anomaly-detection-rule.md index c8749f3a38..dd9dce9643 100644 --- a/solutions/observability/incident-management/create-an-anomaly-detection-rule.md +++ b/solutions/observability/incident-management/create-an-anomaly-detection-rule.md @@ -9,7 +9,7 @@ mapped_pages: # Create an anomaly detection rule [observability-aiops-generate-anomaly-alerts] -::::{note} Required role +::::{note} The **Editor** role or higher is required to create anomaly detection rules. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/manage-users.md#general-assign-user-roles). diff --git a/solutions/observability/incident-management/create-an-apm-anomaly-rule.md b/solutions/observability/incident-management/create-an-apm-anomaly-rule.md index a1836c7b15..cebc5f8098 100644 --- a/solutions/observability/incident-management/create-an-apm-anomaly-rule.md +++ b/solutions/observability/incident-management/create-an-apm-anomaly-rule.md @@ -13,7 +13,7 @@ To use the APM Anomaly rule, you have to enable [machine learning](../../../solu :::: -::::{note} Required role +::::{note} For Observability serverless projects, the **Editor** role or higher is required to create anomaly rules. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/incident-management/create-an-elasticsearch-query-rule.md b/solutions/observability/incident-management/create-an-elasticsearch-query-rule.md index d5c34e2f5d..33040a6316 100644 --- a/solutions/observability/incident-management/create-an-elasticsearch-query-rule.md +++ b/solutions/observability/incident-management/create-an-elasticsearch-query-rule.md @@ -9,7 +9,7 @@ mapped_pages: # Create an Elasticsearch query rule [observability-create-elasticsearch-query-rule] -::::{note} Required role +::::{note} The **Editor** role or higher is required to create Elasticsearch query rules. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/manage-users.md#general-assign-user-roles). diff --git a/solutions/observability/incident-management/create-an-error-count-threshold-rule.md b/solutions/observability/incident-management/create-an-error-count-threshold-rule.md index d1f86e86b2..de85d551fd 100644 --- a/solutions/observability/incident-management/create-an-error-count-threshold-rule.md +++ b/solutions/observability/incident-management/create-an-error-count-threshold-rule.md @@ -9,7 +9,7 @@ navigation_title: "Error count threshold" # Create an error count threshold rule [observability-create-error-count-threshold-alert-rule] -::::{note} Required role +::::{note} For Observability serverless projects, the **Editor** role or higher is required to create error count threshold rules. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/incident-management/create-an-inventory-rule.md b/solutions/observability/incident-management/create-an-inventory-rule.md index fb03241ff6..2b98956e84 100644 --- a/solutions/observability/incident-management/create-an-inventory-rule.md +++ b/solutions/observability/incident-management/create-an-inventory-rule.md @@ -9,7 +9,7 @@ navigation_title: "Inventory" # Create an inventory rule [observability-create-inventory-threshold-alert-rule] -::::{note} Required role +::::{note} For Observability serverless projects, the **Editor** role or higher is required to create inventory threshold rules. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/incident-management/create-custom-threshold-rule.md b/solutions/observability/incident-management/create-custom-threshold-rule.md index 109afca693..4af077a626 100644 --- a/solutions/observability/incident-management/create-custom-threshold-rule.md +++ b/solutions/observability/incident-management/create-custom-threshold-rule.md @@ -9,7 +9,7 @@ navigation_title: "Custom threshold" # Create a custom threshold rule [observability-create-custom-threshold-alert-rule] -::::{note} Required role +::::{note} **For Observability serverless projects**, the **Editor** role or higher is required to create a custom threshold rule. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/incident-management/create-failed-transaction-rate-threshold-rule.md b/solutions/observability/incident-management/create-failed-transaction-rate-threshold-rule.md index 1812877ae4..55994b9e37 100644 --- a/solutions/observability/incident-management/create-failed-transaction-rate-threshold-rule.md +++ b/solutions/observability/incident-management/create-failed-transaction-rate-threshold-rule.md @@ -9,7 +9,7 @@ navigation_title: "Failed transaction rate threshold" # Create a failed transaction rate threshold rule [observability-create-failed-transaction-rate-threshold-alert-rule] -::::{note} Required role +::::{note} **For Observability serverless projects**, the **Editor** role or higher is required to create failed transaction rate threshold rules. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/incident-management/create-latency-threshold-rule.md b/solutions/observability/incident-management/create-latency-threshold-rule.md index 72432f3cd8..51accd0809 100644 --- a/solutions/observability/incident-management/create-latency-threshold-rule.md +++ b/solutions/observability/incident-management/create-latency-threshold-rule.md @@ -9,7 +9,7 @@ navigation_title: "Latency threshold" # Create a latency threshold rule [observability-create-latency-threshold-alert-rule] -::::{note} Required role +::::{note} **For Observability serverless projects**, the **Editor** role or higher is required to create latency threshold rules. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/incident-management/create-manage-cases.md b/solutions/observability/incident-management/create-manage-cases.md index 5a9e3975ef..0971112e18 100644 --- a/solutions/observability/incident-management/create-manage-cases.md +++ b/solutions/observability/incident-management/create-manage-cases.md @@ -6,7 +6,7 @@ mapped_urls: # Create and manage cases [observability-create-a-new-case] -::::{note} Required role +::::{note} **For Observability serverless projects**, the **Editor** role or higher is required to create and manage cases. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/incident-management/create-manage-rules.md b/solutions/observability/incident-management/create-manage-rules.md index f8f76b5cc5..88c2d043ce 100644 --- a/solutions/observability/incident-management/create-manage-rules.md +++ b/solutions/observability/incident-management/create-manage-rules.md @@ -6,7 +6,7 @@ mapped_urls: # Create and manage rules [observability-create-manage-rules] -::::{note} Required role +::::{note} **For Observability serverless projects**, the **Editor** role or higher is required to create and manage rules for alerting. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/incident-management/view-alerts.md b/solutions/observability/incident-management/view-alerts.md index 306a336121..9bd63d94a6 100644 --- a/solutions/observability/incident-management/view-alerts.md +++ b/solutions/observability/incident-management/view-alerts.md @@ -6,7 +6,7 @@ mapped_urls: # View alerts [observability-view-alerts] -::::{note} Required role +::::{note} **For Observability serverless projects**, the **Editor** role or higher is required to perform this task. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/infra-and-hosts/analyze-compare-hosts.md b/solutions/observability/infra-and-hosts/analyze-compare-hosts.md index 5bdcc802c0..c329844101 100644 --- a/solutions/observability/infra-and-hosts/analyze-compare-hosts.md +++ b/solutions/observability/infra-and-hosts/analyze-compare-hosts.md @@ -276,7 +276,7 @@ To drill down and analyze the metric anomaly, select **Actions** → **Open in A :::::{dropdown} Osquery -::::{note} Required role +::::{note} **For Observability serverless projects**, one of the following roles is required to use Osquery. diff --git a/solutions/observability/infra-and-hosts/configure-settings.md b/solutions/observability/infra-and-hosts/configure-settings.md index 49c0983a4a..84efe64fd9 100644 --- a/solutions/observability/infra-and-hosts/configure-settings.md +++ b/solutions/observability/infra-and-hosts/configure-settings.md @@ -6,7 +6,7 @@ mapped_urls: # Configure settings [observability-configure-intra-settings] -::::{note} Required role +::::{note} The **Editor** role or higher is required to configure settings. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/infra-and-hosts/detect-metric-anomalies.md b/solutions/observability/infra-and-hosts/detect-metric-anomalies.md index 98ad9b2ccf..23a895601a 100644 --- a/solutions/observability/infra-and-hosts/detect-metric-anomalies.md +++ b/solutions/observability/infra-and-hosts/detect-metric-anomalies.md @@ -6,7 +6,7 @@ mapped_urls: # Detect metric anomalies [observability-detect-metric-anomalies] -::::{note} Required role +::::{note} **For Observability serverless projects**, the **Editor** role or higher is required to create {{ml}} jobs. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/infra-and-hosts/view-infrastructure-metrics-by-resource-type.md b/solutions/observability/infra-and-hosts/view-infrastructure-metrics-by-resource-type.md index 53326cab3d..64d0fc81f8 100644 --- a/solutions/observability/infra-and-hosts/view-infrastructure-metrics-by-resource-type.md +++ b/solutions/observability/infra-and-hosts/view-infrastructure-metrics-by-resource-type.md @@ -191,7 +191,7 @@ To drill down and analyze the metric anomaly, select **Actions** → **Open in A :::::{dropdown} Osquery -::::{note} Required role +::::{note} **For Observability serverless projects**, one of the following roles is required to use Osquery. From f64ffe72716dbcb01aff304b276463bee3637945 Mon Sep 17 00:00:00 2001 From: Karen Metts Date: Wed, 26 Feb 2025 11:55:03 -0500 Subject: [PATCH 3/4] Even more formatting fixes --- .../incident-management/create-an-anomaly-detection-rule.md | 3 ++- .../incident-management/create-custom-threshold-rule.md | 3 ++- .../incident-management/create-manage-cases.md | 3 ++- solutions/observability/incident-management/view-alerts.md | 3 ++- .../observability/infra-and-hosts/analyze-compare-hosts.md | 6 ++++-- .../infra-and-hosts/get-started-with-system-metrics.md | 3 ++- .../view-infrastructure-metrics-by-resource-type.md | 6 ++++-- 7 files changed, 18 insertions(+), 9 deletions(-) diff --git a/solutions/observability/incident-management/create-an-anomaly-detection-rule.md b/solutions/observability/incident-management/create-an-anomaly-detection-rule.md index dd9dce9643..e109650529 100644 --- a/solutions/observability/incident-management/create-an-anomaly-detection-rule.md +++ b/solutions/observability/incident-management/create-an-anomaly-detection-rule.md @@ -16,7 +16,8 @@ The **Editor** role or higher is required to create anomaly detection rules. To :::: -::::{important} Anomaly detection alerting is in beta +::::{important} +**Anomaly detection alerting is in beta** The Anomaly detection alerting functionality is in beta and is subject to change. The design and code is less mature than official generally available features and is being provided as-is with no warranties. diff --git a/solutions/observability/incident-management/create-custom-threshold-rule.md b/solutions/observability/incident-management/create-custom-threshold-rule.md index 4af077a626..537f5bcd25 100644 --- a/solutions/observability/incident-management/create-custom-threshold-rule.md +++ b/solutions/observability/incident-management/create-custom-threshold-rule.md @@ -127,7 +127,8 @@ The behavior of the alert depends on whether any **group alerts by** fields are * If `host-1` reports CPU usage below the threshold of 80%, the alert status is changed to recovered. -::::{note} How to untrack decommissioned hosts +::::{note} +**How to untrack decommissioned hosts** If a host (for example, `host-1`) is decommissioned, you probably no longer want to see "no data" alerts about it. To mark an alert as untracked: Go to the Alerts table, click the ![More actions](../../../images/serverless-boxesHorizontal.svg "") icon to expand the "More actions" menu, and click *Mark as untracked*. diff --git a/solutions/observability/incident-management/create-manage-cases.md b/solutions/observability/incident-management/create-manage-cases.md index 0971112e18..fb9d149de8 100644 --- a/solutions/observability/incident-management/create-manage-cases.md +++ b/solutions/observability/incident-management/create-manage-cases.md @@ -63,7 +63,8 @@ Uploaded files are also accessible under **Project settings** → **Management** You can add images and text, CSV, JSON, PDF, or ZIP files. For the complete list, check [`mime_types.ts`](https://github.com/elastic/kibana/blob/main/x-pack/plugins/cases/common/constants/mime_types.ts). -::::{note} File size limits +::::{note} +**File size limits** There is a 10 MiB size limit for images. For all other MIME types, the limit is 100 MiB. diff --git a/solutions/observability/incident-management/view-alerts.md b/solutions/observability/incident-management/view-alerts.md index 9bd63d94a6..fc9f6a1295 100644 --- a/solutions/observability/incident-management/view-alerts.md +++ b/solutions/observability/incident-management/view-alerts.md @@ -61,7 +61,8 @@ There are three common alert statuses: `untracked` : The corresponding rule is disabled or you’ve marked the alert as untracked. To mark the alert as untracked, go to the **Alerts** table, click the ![More actions](../../../images/serverless-boxesHorizontal.svg "") icon to expand the *More actions* menu, and click **Mark as untracked**. When an alert is marked as untracked, actions are no longer generated. You can choose to move active alerts to this state when you disable or delete rules. -::::{note} Flapping alerts +::::{note} +**Flapping alerts** The flapping state is possible only if you have enabled alert flapping detection. Go to the **Alerts** page and click **Manage Rules** to navigate to the {{obs-serverless}} **{{rules-app}}** page. Click **Settings** then set the look back window and threshold that are used to determine whether alerts are flapping. For example, you can specify that the alert must change status at least 6 times in the last 10 runs. If the rule has actions that run when the alert status changes, those actions are suppressed while the alert is flapping. diff --git a/solutions/observability/infra-and-hosts/analyze-compare-hosts.md b/solutions/observability/infra-and-hosts/analyze-compare-hosts.md index c329844101..8ddb9ef4e9 100644 --- a/solutions/observability/infra-and-hosts/analyze-compare-hosts.md +++ b/solutions/observability/infra-and-hosts/analyze-compare-hosts.md @@ -25,7 +25,8 @@ To open **Hosts**, find **Infrastructure** in the main menu or use the [global s To learn more about the metrics shown on this page, refer to the [Metrics reference](https://www.elastic.co/guide/en/serverless/current/observability-metrics-reference.html) documentation. -::::{note} Don’t see any metrics? +::::{note} +**Don’t see any metrics?** If you haven’t added data yet, click **Add data** to search for and install an Elastic integration. @@ -124,7 +125,8 @@ From the **Actions** menu, you can choose to: To see alerts for a specific host, refer to [View host details](../../../solutions/observability/infra-and-hosts/analyze-compare-hosts.md#view-host-details). -::::{note} Why are alerts missing from the Hosts page? +::::{note} +**Why are alerts missing from the Hosts page?** If your rules are triggering alerts that don’t appear on the **Hosts** page, edit the rules and make sure they are correctly configured to associate the host name with the alert: diff --git a/solutions/observability/infra-and-hosts/get-started-with-system-metrics.md b/solutions/observability/infra-and-hosts/get-started-with-system-metrics.md index b3b425677d..b783bf9e52 100644 --- a/solutions/observability/infra-and-hosts/get-started-with-system-metrics.md +++ b/solutions/observability/infra-and-hosts/get-started-with-system-metrics.md @@ -113,7 +113,8 @@ The **Add agent** flyout has two options: **Enroll in {{fleet}}** and **Run stan Notice that you can also configure the integration to collect logs. -::::{note} What if {{agent}} is already running on my host? +::::{note} +** What if {{agent}} is already running on my host?** Do not try to deploy a second {{agent}} to the same system. You have a couple options: diff --git a/solutions/observability/infra-and-hosts/view-infrastructure-metrics-by-resource-type.md b/solutions/observability/infra-and-hosts/view-infrastructure-metrics-by-resource-type.md index 64d0fc81f8..e1e861b8ce 100644 --- a/solutions/observability/infra-and-hosts/view-infrastructure-metrics-by-resource-type.md +++ b/solutions/observability/infra-and-hosts/view-infrastructure-metrics-by-resource-type.md @@ -17,7 +17,8 @@ To open **Infrastructure inventory**, find **Infrastructure** in the main menu o To learn more about the metrics shown on this page, refer to the [Metrics reference](https://www.elastic.co/guide/en/serverless/current/observability-metrics-reference.html). -::::{note} Don’t see any metrics? +::::{note} +**Don’t see any metrics?** If you haven’t added data yet, click **Add data** to search for and install an Elastic integration. @@ -243,7 +244,8 @@ When you select **Docker containers**, the **Infrastructure inventory** page dis Without leaving the **Infrastructure inventory** page, you can view enhanced metrics relating to each container running in your infrastructure. -::::{note} Why do some containers report 0% or null (-) values in the waffle map? +::::{note} +**Why do some containers report 0% or null (-) values in the waffle map?** The waffle map shows *all* monitored containers, including containerd, provided that the data collected from the container has the `container.id` field. However, the waffle map currently only displays metrics for Docker fields. This display problem will be resolved in a future release. From d9e6753b820ff6f2016184a33f0dbbc4d15bf477 Mon Sep 17 00:00:00 2001 From: Karen Metts <35154725+karenzone@users.noreply.github.com> Date: Wed, 26 Feb 2025 12:14:41 -0500 Subject: [PATCH 4/4] Missed one --- .../get-started/quickstart-monitor-hosts-with-elastic-agent.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/solutions/observability/get-started/quickstart-monitor-hosts-with-elastic-agent.md b/solutions/observability/get-started/quickstart-monitor-hosts-with-elastic-agent.md index 2fa62bbb10..ef2658570e 100644 --- a/solutions/observability/get-started/quickstart-monitor-hosts-with-elastic-agent.md +++ b/solutions/observability/get-started/quickstart-monitor-hosts-with-elastic-agent.md @@ -113,7 +113,8 @@ When the script is done, you’ll see a message like "{{agent}} is configured an There might be a slight delay before logs and other data are ingested. -::::{note} Need to scan your host again? +::::{note} +**Need to scan your host again?** The auto-detection script (`auto_detect.sh`) is downloaded to the directory where you ran the installation command. You can re-run the script on the same host to detect additional logs. The script will scan the host and reconfigure {{agent}} with any additional logs that are found. If the script misses any custom logs, you can add them manually by entering `n` after the script has finished scanning the host.