On the Alerts & Applied Intelligence Overview page, you’ll find a consolidated view of your current alerts violations, active issues, and recent incidents.
Why it matters
On the Overview page, at a glance you'll be able to get a handle on the analytics describing how your system is (or isn't) performing. You can quickly switch between the Summary, Issues, Incidents, and Anomalies tabs to scan for critical problems affecting your systems.
Summary dashboards
The overview summary dashboards show a high-level view of recent and current alerts violations. With this page, you'll get quick insight into how many critical violations you have, how many have been closed, and which policies are creating the most violations.
Dashboard title | What it is |
---|---|
Opened violations by priority (time series) | A time series view that counts the number of violations opened during a time period. This chart only tracks open events. It doesn't track the open or closed state of the violation. |
Opened violations by priority (pie) | This chart uses the same data as the time series chart of the same name. It quickly shows you the breakdown between warning and critical violations. Click the pie chart to filter the whole page by warning or critical violations. |
Closed violation durations | A distribution of how long each violation was open (duration), before being closed. Generally, it's better to have shorter durations for your violations. If you're seeing a lot of long duration violations, you may want to write a custom filter to investigate those more deeply. |
Muted violations | If you've written some muting rules, you'll see them here. If you're not using any muting rules, you'll see 100% “Not muted” violations. Click this chart to filter by muted violations to quickly see where they're coming from. |
Top policies creating violations | A chart of the top five policies generating the most violations. Click a policy name to filter the whole page by that policy's violations. |
Top conditions creating violations | A chart of the top five conditions generating the most violations. Click a policy name to filter the whole page by that condition's violations. |
Top sources of violations | A chart of the entities generating the most violations. If available, it uses the entity name. Otherwise, it will use the event type. Click an entity to filter the whole page by that entity's violations. |
Issues
Issues are groups of incidents that describe the underlying problem of your symptoms. When a new incident is created, Incident Intelligence opens an issue and evaluates other open issues for correlations.
The issues feed includes all of your environment's issues and can be searched and filtered using the top of page component.
By default, the issues feed is filtered to only show the active issues. It's also sorted so the last updated issues are at the top.
Click an issue to open its issue page.
Issue feed columns
Column name | Values |
---|---|
State | Created, active, acknowledged, closed |
Priority | Low, medium, high, critical |
Issue name | The issue's name |
Created | When the issue was created (in absolute or relative time) |
Duration | How much time has passed since the issue was created |
Entities | A list of the impacted entities. If the list is too long to be shown, mouseover the value to see the list. |
Analysis summary | The machine learning module's output for the issue |
Path | The Sources -> Destination path |
Incidents | The number of related incidents |
Anomalies
See every anomaly for the last seven days in one place, and scope it by the configuration name, app name, or category. This provides a list of all the recent anomalies from every configuration in the selected account. You can also select each anomaly to view a detailed analysis.
Anomaly feed columns
Column name | Explanation |
---|---|
State of anomaly | Values: open or closed. |
Anomaly category | Values: error rate, web throughput, non-web throughput. |
(no column name) | A graph to illustrate the anomaly. |
Start time | How long ago the anomaly started. |
Duration | How long the anomaly lasted. |
Entity | Name of the entity. |
Incidents
Incidents are groups of events that describe the symptoms affecting your system over time. These symptoms are detected by your monitoring tools, which evaluate your data streams and events.
The incident feed includes all of your environment’s issues. These include incidents coming from New Relic, PagerDuty, and all of our other supported sources.
Default behavior
By default, the feed is sorted by last updated at the top.
Click an incident's row to see the incident's details.
Incident feed columns
Column name | Values |
---|---|
State | Open, Closed |
Priority | Low, Medium, High, Critical |
Incident name | The incident's name |
Created | When the incident was created (in absolute or relative time) |
Duration | How much time has passed since the incident was created |
Entities | A list of the entities impacted by the incident. If the list is too long to be displayed, mouseover the value to see the list. |
Analysis summary | The machine learning module's output for the incident |
Source | The source system of the incident |
Events | The number of events aggregated in the incident |