search

elastic / kibana

Your window into the Elastic Stack
https://www.elastic.co/products/kibana
Other
19.57k stars 8.09k forks source link

[RCA] [POC] Create Events API to find related events #187787

Open benakansara opened 1 month ago

benakansara commented 1 month ago

Create an API to find related events from underlying dataview or index pattern. For the POC, the API should detect events described as here.

Common events

  1. Log rate ⬆️ / ⬇️ (based on all log documents)
  2. Error rate ⬆️ / ⬇️ (based on documents with log.level: error)
  3. Related alerts ([3] annotation in event timeline)
  4. SLO burn rate alert

Use case specific events

  1. Use case: Log (Custom threshold / Log threshold) alert on kubernetes.pod.uid
  2. Use case: Log (Error count / Custom threshold) alert on service.name
  3. Use case: Log (Custom threshold / Log threshold) alert on container.id
  4. Use case: Log (Custom threshold / Log threshold) alert on host.name
elasticmachine commented 1 month ago

Pinging @elastic/obs-ux-management-team (Team:obs-ux-management)