In the issue feed, you can find an overview of all your issues, along with helpful information about them. You can also click any individual issue for more detail, including its analysis summary, event log, and details about correlated issues.
This screenshot shows an example issue feed, which describes your issues' statuses, correlations, and more.
What's the difference between an issue, incident, and event? In short, these terms are like building blocks. Events are raw data from your sources. Incidents are made up of one or more events. Issues are composed of one or more incidents.
In more detail:
- Issues are groups of incidents that describe the underlying problem of your symptoms. When a new incident is created, an issue is created. Additional incidents may be merged into this same issue depending on your alert policy's "issue creation preferences". If you have enabled 'decisions', other issues will be evaluated to see if they can be correlated with the newly created issue. If so, the correlated issues will be merged together to reduce noise, and facilitate root cause analysis.
- Incidents are groups of events that describe the "symptoms" of your system over time. These symptoms are detected by your New Relic alert conditions, or your external monitoring tools.
- Events indicate a state change or trigger defined by your New Relic alerts conditions or external monitoring systems. An event contains information about the affected entity.
The Issue page provides you with bottom line insights so you can first understand the problem, and then minimize the time to resolve.
We've created a quick demo here to walk you through the issue page user interface:
The Issue page includes the following sections:
- Issue Payload: This provides you the issue payload details and lets you copy the payload with a click of a button
- Issue Destinations: Under the issue name, you’ll see a category called Notified, which will showcase your destinations. Hover over the destinations and you’ll see a detailed presentation of the destinations and a link to the ticket that has been opened
- Issue Duration: At the top of the Issue name, you’ll see the duration that the issue lasted
- Incident Number: At the top of the incident activity section, you’ll see the total number of incidents within the issue
- Incident Activity List: On the left side of the incident activity section, you’ll see the incident activity list, which displays the most relevant information of each incident such as the priority, state, name of the incident, the date it was created, and the duration. You can also sort the list by duration, incidents that are muted, newest to oldest and critical to low incidents. Finally, you can filter by only open incidents by enabling the Show Open Only button.
- Incident Activity Chosen: Clicking on an incident from the incident activity list will open the incident on the right in a full view mode, which will include information like the source, alert policy, the alert condition, and the alert type. You can also edit the policy and condition name by clicking on the pencil icon.
- Incident Graph: Clicking on an incident from the incident activity list will also open up the incident chart in full scope, which will allow you to better visualize the degradation, violation, and recovery periods.
- Incident Entity List: Clicking on an incident from the incident activity list will also include the list of entities of the incident, the list of tags and their values, the incident payload, and the runbook link all at the bottom of the chart. You can also click on the show all button under tags to see all the items displayed.
Root cause analysis automatically finds potential causes for an issue and its impacted entities. It shows you why open issues occurred, which deployments contributed, and relevant error logs and attributes. With this, you can investigate the problem and reduce your mean time to resolution (MTTR).
Note that root cause analysis is dependent on other New Relic data sources and features. This is why root cause analysis information may not always be present for every issue.
When you select an issue, you may see Root cause analysis information.
Root cause analysis includes three main UI sections:
- Deployment events: When you set up deployments, we provide the deployment nearest to the issue creation. Changes, such as deployments, account for a high percentage of the root causes of incidents and having that information at hand can help diagnose and resolve issues.
- Error logs: You can explore millions of log messages with a single click and use manual querying to help you find anomalous patterns and hard-to-find problems.
- Attributes to investigate: We scan the distribution of attributes and surface possible causes by finding significant changes in the distribution. This section also shows changes in database and external metrics. You can also query interesting attributes.
Mouse over an entity to see more information about it.
In the Impacted entities section, an issue map is available for any issue involving two or more entities. The map shows not only the affected entities, but also the services and resources directly related to those entities.
Impacted entities: An entity is anything that has data you can monitor. Specifically, these are focused on incidents from New Relic sources, extracting the entities and providing a summary. Each entity is unique. You can see your entities in a list or on a map.
Depending on the data in an issue, all four of these sections can show up together for each issue or separately. All you have to do is click on the 3 dots next to the entity to open the dropdown menu with options as follow:
- See dashboards helps users in your account look at and interact with dashboards you've created that are related to an entity. The queries you've run to power the various widgets are automatically mapped to entities whenever possible and are presented back to you here for quick access and discovery.
- Entity View will open the application's anomalies page. This is only available for applications that are set up for proactive detection.
- There are two types of deployment events: deployments and related deployments. Click Show all deployments to see all your deployment events when they arrive, or click a specific deployment to see its APM deployments page. The APM deployment page lists recent deployments and their impact on your end user and app server's Apdex scores, response times, throughput, and errors. This section will only show up if New Relic has identified applications under the impacted entities that have deployments.
The issue timeline, as presented below, shows you a breakdown of:
- The trends taking place
- What incidents are active
- What incidents are resolved
- What is correlated to each other
- Various milestones at different issue levels
If you are interested in viewing the issue logs, you can simply toggle to the issue log button where you'll be able to view the timestamp and notification details. You can also click on "show more" to see the full issue log.
In addition, you’ll see a grey line at the top of the timeline. In comparison to the visual timeline that shows the changes to each incident, the grey line represents changes to the issue.
Mouse over the grey line to see details of the event.
Finally, mouse over the incident to see information on the location, timing, and level of importance of a specific incident.
This figure shows a particular incident populated on January 11th with a level of Critical.
To view the issues in a text format, in the right hand corner, click Switch to issue log view.
To further reduce noise or get improved incident correlation, you can change or customize your decisions. Decisions determine how incidents are grouped together.
To get started, see Decisions.