On the Alerts & applied intelligence Overview page, you’ll find a consolidated view of your current alerts violations. The Issues & activity page has views of your active issues, recent incidents, and anomalies.
Why it matters
The Overview and Issues and activity pages provide analytics on how your system is (or isn't) performing. You can quickly switch between the Overview, Issues, Incidents, and Anomalies to scan for critical problems affecting your systems.
The overview page shows a high-level view of recent and current alerts violations. With this page, you'll get quick insight into how many critical violations you have, how many have been closed, and which policies are creating the most violations. This page also shows the top sources of your muted violations.
What it is
Opened violations by priority (time series)
A time series view that counts the number of violations opened during a time period. This chart only tracks open events. It doesn't track the open or closed state of the violation.
Opened violations by priority (pie)
This chart uses the same data as the time series chart of the same name. It quickly shows you the breakdown between warning and critical violations. Click the pie chart to filter the whole page by warning or critical violations.
Closed violation durations
A distribution of how long each violation was open (duration), before being closed. Generally, it's better to have shorter durations for your violations. If you're seeing a lot of long duration violations, you may want to write a custom filter to investigate those more deeply.
If you've written some muting rules, you'll see them here. If you're not using any muting rules, you'll see 100% “Not muted” violations. Click this chart to filter by muted violations to quickly see where they're coming from.
Top policies creating violations
A chart of the top five policies generating the most violations. Click a policy name to filter the whole page by that policy's violations.
Top conditions creating violations
A chart of the top five conditions generating the most violations. Click a policy name to filter the whole page by that condition's violations.
Top sources of violations
A chart of the entities generating the most violations. If available, it uses the entity name. Otherwise, it will use the event type. Click an entity to filter the whole page by that entity's violations.
On the Issues and activity page, issues are groups of incidents that describe the underlying problem of your symptoms. When a new incident is created, incident intelligence opens an issue and evaluates other open issues for correlations. An issue will contain arrays of all the tags (metadata) from all the incidents it contains.
The issues feed includes all of your issues and can be searched and filtered using the top of page component.
By default, the issues feed is filtered to only show the active issues. You can also filter by issue priority, source, alert condition, alert policiy, entity, or issue ID.
By default, issues are sorted by most recently created issue.
Click an issue to open its issue page.
Issues feed columns
Created, active, acknowledged, closed
Low, medium, high, critical
The issue's name
When the issue was created (in absolute or relative time)
How much time has passed since the issue was created
A list of the impacted entities. If the list is too long to be shown, mouseover the value to see the list.
The machine learning module's output for the issue
The Sources -> Destination path
The number of related incidents
On the Issues and activity page, incidents are groups of events that describe the symptoms affecting your system over time. These symptoms are detected by your monitoring tools, which evaluate your data streams and events.
New Relic incident metadata comes from any of the following sources:
- Inheriting all the tags from the alert condition that triggered it
- All the facets, values, and where conditions are added as tags if the NRQL alert condition contains a facet or where condition
- All the tags from an entity are added if the result of the NRQL alert condition can be mapped to that single entity
External incident medadata is what was received as tag.*.
The incidents feed includes all of your incidents: New Relic incident and external incidents.
You can filter the feed by source, incident state, and priority.
By default, the feed is sorted by last updated at the top.
Click an incident's row to see the incident's details.
Incidents feed columns
Low, Medium, High, Critical
The incident's name
When the incident was created (in absolute or relative time)
How much time has passed since the incident was created
A list of the entities impacted by the incident. If the list is too long to be displayed, mouseover the value to see the list.
The machine learning module's output for the incident
The source system of the incident
The number of events aggregated in the incident
On the Issues and activity page, anomalies are outliers in your system's performance and operation that might be the sign of a problem. See every anomaly in one place. You can filter your anomalies by anomaly state, entity, configuration and configuration type.
By default, this page shows a list of all your recent anomalies in the selected account. Select an anomaly to view a detailed analysis and more context.
Anomalies feed columns
State of anomaly
Values: open or closed.
Values: error rate, web throughput, non-web throughput.
(no column name)
A graph to illustrate the anomaly.
How long ago the anomaly started.
How long the anomaly lasted.
Name of the entity.