On the Alerts & Applied Intelligence Overview page, you’ll find a consolidated view of your current alerts violations. The Issues & activity page has views of your active issues, recent incidents, and anomalies.
Why it matters
The Overview and Issues and activity pages provide analytics on how your system is (or isn't) performing. You can quickly switch between the Overview, Issues, Incidents, and Anomalies to scan for critical problems affecting your systems.
Overview page
The overview page shows a high-level view of recent and current alerts violations. With this page, you'll get quick insight into how many critical violations you have, how many have been closed, and which policies are creating the most violations. This page also shows the top sources of your muted violations.
Dashboard title | What it is |
|---|---|
Opened violations by priority (time series) | A time series view that counts the number of violations opened during a time period. This chart only tracks open events. It doesn't track the open or closed state of the violation. |
Opened violations by priority (pie) | This chart uses the same data as the time series chart of the same name. It quickly shows you the breakdown between warning and critical violations. Click the pie chart to filter the whole page by warning or critical violations. |
Closed violation durations | A distribution of how long each violation was open (duration), before being closed. Generally, it's better to have shorter durations for your violations. If you're seeing a lot of long duration violations, you may want to write a custom filter to investigate those more deeply. |
Muted violations | If you've written some muting rules, you'll see them here. If you're not using any muting rules, you'll see 100% “Not muted” violations. Click this chart to filter by muted violations to quickly see where they're coming from. |
Top policies creating violations | A chart of the top five policies generating the most violations. Click a policy name to filter the whole page by that policy's violations. |
Top conditions creating violations | A chart of the top five conditions generating the most violations. Click a policy name to filter the whole page by that condition's violations. |
Top sources of violations | A chart of the entities generating the most violations. If available, it uses the entity name. Otherwise, it will use the event type. Click an entity to filter the whole page by that entity's violations. |
Issues
On the Issues and activity page, issues are groups of incidents that describe the underlying problem of your symptoms. When a new incident is created, Incident Intelligence opens an issue and evaluates other open issues for correlations.
The issues feed includes all of your environment's issues and can be searched and filtered using the top of page component.
By default, the issues feed is filtered to only show the active issues. You can also filter by issue priority and source.
By default, issues are sorted by most recently created issue.
Click an issue to open its issue page.
Issue feed columns
Column name | Values |
|---|---|
State | Created, active, acknowledged, closed |
Priority | Low, medium, high, critical |
Issue name | The issue's name |
Created | When the issue was created (in absolute or relative time) |
Duration | How much time has passed since the issue was created |
Entities | A list of the impacted entities. If the list is too long to be shown, mouseover the value to see the list. |
Analysis summary | The machine learning module's output for the issue |
Path | The Sources -> Destination path |
Incidents | The number of related incidents |
Incidents
On the Issues and activity page, incidents are groups of events that describe the symptoms affecting your system over time. These symptoms are detected by your monitoring tools, which evaluate your data streams and events.
The incident feed includes all of your environment’s issues. These include incidents coming from New Relic, PagerDuty, and all of our other supported sources.
You can filter the feed by source, incident state, and priority.
Default behavior
By default, the feed is sorted by last updated at the top.
Click an incident's row to see the incident's details.
Incident feed columns
Column name | Values |
|---|---|
State | Open, Closed |
Priority | Low, Medium, High, Critical |
Incident name | The incident's name |
Created | When the incident was created (in absolute or relative time) |
Duration | How much time has passed since the incident was created |
Entities | A list of the entities impacted by the incident. If the list is too long to be displayed, mouseover the value to see the list. |
Analysis summary | The machine learning module's output for the incident |
Source | The source system of the incident |
Events | The number of events aggregated in the incident |
Anomalies
On the Issues and activity page, anomalies are outliers in your system's performance and operation that might be the sign of a problem. See every anomaly for the last seven days in one place. You can filter your anomalies by anomaly state, application, configuration, configuation type, and category.
By default, this page shows a list of all your recent anomalies from every configuration in the selected account. Select an anomaly to view a detailed analysis and more context.
Anomaly feed columns
Column name | Explanation |
|---|---|
State of anomaly | Values: open or closed. |
Anomaly category | Values: error rate, web throughput, non-web throughput. |
(no column name) | A graph to illustrate the anomaly. |
Start time | How long ago the anomaly started. |
Duration | How long the anomaly lasted. |
Entity | Name of the entity. |