[Observability] Add docs on schema selection for host data #2707
Conversation
|
@roshan-elastic I've started a draft here for the schema selector docs so we can iterate on what we need. Previews are in the comment above titled Preview links for changed docs. Let me know what you think about the updates, and if we need to change anything or add additional information anywhere. I still need to update the metrics reference page, is there a PR or documentation I can look at that has the metric definitions that need to be added? |
| ## Inventory conditions [inventory-conditions] | ||
|
|
||
| Conditions for each rule can be applied to specific metrics relating to the inventory type you select. You can choose the aggregation type, the metric, and by including a warning threshold value, you can be alerted on multiple threshold values based on severity scores. When creating the rule, you can still get notified if no data is returned for the specific metric or if the rule fails to query {{es}}. | ||
|
|
||
| When creating a rule for `Hosts`, you also need to select a data collection schema in the **Schema** field. Select **Elastic System Integration** for host data collected using the Elastic System Integration or **OpenTelemetry** for host data collected using OpenTelemetry. | ||
|
|
||
| In this example, Kubernetes Pods is the selected inventory type. The conditions state that you will receive a critical alert for any pods within the `ingress-nginx` namespace with a memory usage of 95% or above and a warning alert if memory usage is 90% or above. The chart shows the results of applying the rule to the last 20 minutes of data. Note that the chart time range is 20 times the value of the look-back window specified in the `FOR THE LAST` field. |
There was a problem hiding this comment.
Hey @mdbirnstiehl,
I think it might be worth trying talking about how the inventory rules work more generically (as you have done with the pods example) but then maybe have some kind of a call out all that the entity types respect the default ingest mechanism (e.g. system integration) except for Hosts which have a 'schema' drop-down to allow users to target hosts using OTel explicitly?
I'm trying to think how the user can understand the feature first, understand what data it relies on and then call out the difference in hosts (which is the only thing to allow a schema selector).
solutions/observability/infra-and-hosts/detect-metric-anomalies.md
Outdated
Show resolved
Hide resolved
|
@mdbirnstiehl - One thing we're doing is rendering the host view based on it schema. For example, if it's an OTel host:
In short, I'm thinking we should update the docs to reflect this: Thoughts
*We'll need to be able to refer to an 'OpenTelemetry' #heading within the Hosts section of the metrics reference so that we can point users here directly from the UI (I have a short-link of https://ela.st/docs-infra-host-metrics-otel that I can point towards the docs) |
|
Hosts in Infra Inventory FYI it uses the same schema selector and behaves in the same way as hosts. We'll be adding a link from this selector to the docs to explain how it works (if we wanted to simplify the docs we could possibly just refer to the schema selector in the host docs from the inventory docs for more info?) FYI - there's a possibility we remove schema selection from the infra inventory in a follow up issue but we haven't decided yet. Any work we do in these infra inventory docs should probably be minimal. |
|
FYI - @mdbirnstiehl - I have a build available that you can test - I'll DM you |
|
@roshan-elastic I've added the following:
|
This PR closes #2084