Watcher UI walkthrough for creating alerts #29392
Comments
|
Pinging @elastic/kibana-platform |
legrego
added
Team:Core
|
@danielkasen We are currently working on component for an |
|
Cool, look forward to seeing this released. I'm sure our users will be very happy. |
|
In addition to creating alerts from a dedicated UI or Discover, it'd also be very nice to create alerts from Visualization too. Thanks! Original query for reference https://discuss.elastic.co/t/create-watcher-from-visualization-of-saved-search/165940 |
cjcenizal
added
the
Team:Kibana Management
|
Pinging @elastic/es-ui |
|
To add a little more context to my previous comment, I found this video extremely helpful in getting setup with visual builder https://www.youtube.com/watch?v=CNR-4kZ6v_E (blog: https://www.elastic.co/blog/master-time-with-kibanas-new-time-series-visual-builder). Thank you to the elastic team for pushing out content like this. Ideally, at the end of this video, there'd be a blurb about creating alerts from the queries already setup in the visualization. While the original metric is the total number of bytes in or out, this graph lets you easily see what general network traffic looks like as a rate, in easier to understand units. Creating a good threshold to alert on from this graph is significantly easier than looking at an example document that metricbeat pushes, and trying to generate the same aggregated query using watcher inputs and transforms. Best, Justin |
cjcenizal
added
Team:Stack Services
and removed
Team:Kibana Management
|
Pinging @elastic/kibana-stack-services |
|
CC @mikecote @bmcconaghy I relabeled this to fall under Stack Services since this seems like something which will be handled by Alerting before Watcher. |
bmcconaghy
added
Team:ResponseOps
|
@mikecote Is this issue still needed? |
|
@ymao1 It's not clear if the problem also relates to Kibana alerting, we can re-open if necessary. |
gmmorris
added
Feature:Watcher
and removed
Feature:Alerting
Team:ResponseOps
I'm not sure if I missed this request or not. But it strikes me as odd that there isn't an easy way to build a watch using the WebUI. The simple alert doesn't even let you add a query string. SHouldn't there be an easy way to go from a query (maybe on the discover page too) to generate an event and then fill out to information about where it gets sent to and additional conditions you would want around the query? It feels like the sentinl project has a much more feature rich environment as a free product over the licensed watcher service.
The text was updated successfully, but these errors were encountered: