You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: blog-service/2016/12-31.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -178,7 +178,7 @@ Downloading the configuration allows you to create scripts to configure multiple
178
178
179
179
### September 1, 2016
180
180
181
-
**Scheduled Search Email Alert Template Improvements. **The Scheduled Search Email Alert template is now easier to read and includes more pertinent information, including the title of the saved search, description, search query string, time range, run frequency, notification threshold, time that the scheduled search was run, and the name and email of the person who scheduled the search. For complete details, see [Receive Email Alerts from Scheduled Searches](/docs/alerts/scheduled-searches/receive-email-alerts).
181
+
**Scheduled Search Email Alert Template Improvements. **The Scheduled Search Email Alert template is now easier to read and includes more pertinent information, including the title of the saved search, description, search query string, time range, run frequency, notification threshold, time that the scheduled search was run, and the name and email of the person who scheduled the search. For complete details, see [Receive Email Alerts from Scheduled Searches](/docs/alerts/scheduled-searches/create-email-alert/#scheduled-search-email-alert-template).
-[Re-vamped Metrics Explorer](/docs/metrics/metrics-queries/metrics-explorer) that decreases the complexity of finding and visualizing your metrics data with a new structured query builder, and an extended range of visualizations for ad-hoc analysis. Mimicking the Dashboard workflow, you now have the same unified experience in the main metrics tab.
275
+
-[Re-vamped Metrics Explorer](/docs/metrics/metrics-queries/metrics-explorer) that decreases the complexity of finding and visualizing your metrics data with a new structured query builder, and an extended range of visualizations for adhoc analysis. Mimicking the Dashboard workflow, you now have the same unified experience in the main metrics tab.
276
276
-[Global Intelligence for AWS CloudTrail DevOps](/docs/integrations/amazon-aws/global-intelligence-cloudtrail-devops) that helps on-call staff isolate or eliminate AWS errors (availability, throttling, out of stock) as probable cause for their incidents. Available for Enterprise accounts.
277
277
278
278
**Troubleshooting** incidents can now be streamlined thanks to:
Copy file name to clipboardExpand all lines: docs/alerts/monitors/create-monitor.md
+14-9Lines changed: 14 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -65,12 +65,17 @@ The first step when you create a new monitor is to set the trigger conditions.
65
65
### Select monitor type and detection method
66
66
67
67
1. Select a **Monitor Type**: <br/><img src={useBaseUrl('img/monitors/trigger-conditions-monitor.png')} alt="Monitor types" width="250"/>
68
-
***Logs**. Creates alerts based on a [log search](/docs/search/).
68
+
***Logs**. Creates alerts based on a [log search](/docs/search/).
69
69
***Metrics**. Creates alerts based on [metrics queries](/docs/metrics/metrics-queries/).
70
70
***SLO**. Creates alerts based on a [Service Level Objectives (SLO)](/docs/observability/reliability-management-slo/).
71
-
1. Select a **Detection Method**. The methods available depend on whether you choose **Logs** or **Metrics** as the monitor type (there is no detection type for **SLO**): <br/><img src={useBaseUrl('img/monitors/monitor-detection-methods-for-logs.png')} alt="Logs detection methods" width="425"/> <br/><img src={useBaseUrl('img/monitors/monitor-detection-methods-for-metrics.png')} alt="Logs detection methods" width="425"/>
71
+
1. Select a **Detection Method**. The methods available depend on whether you choose **Logs** or **Metrics** as the monitor type (there is no detection type for **SLO**): <br/><img src={useBaseUrl('img/monitors/monitor-detection-methods-for-logs.png')} alt="Logs detection methods" width="425"/> <br/><img src={useBaseUrl('img/monitors/monitor-detection-methods-for-metrics.png')} alt="Logs detection methods" width="425"/>
72
72
***Static** allows you to set specific threshold conditions. Use this detection method when you are alerting on KPIs that have well defined and constant thresholds for what's good and bad. For example, infrastructure metrics like CPU utilization, and memory.
73
-
***Anomaly** lets you uncover unusual behavior identified by anomaly detection. Sumo Logic applies machine learning techniques to detect anomalies and identify suspicious patterns of activity. It establishes baselines for normal behavior so you can receive alerts when deviations or unusual activities are detected. To automatically respond when an anomaly alert is triggered, see [Create an anomaly monitor that runs an automated playbook](/docs/alerts/monitors/use-playbooks-with-monitors/#create-an-anomaly-monitor-that-runs-an-automated-playbook).
73
+
***Anomaly** lets you uncover unusual behavior identified by anomaly detection, which applies machine learning techniques to detect anomalies and identifies suspicious patterns of activity. It works by establishing baselines for normal behavior so you can receive alerts when deviations or unusual activities are detected. When you create a monitor using this method, it establishes a baseline for normal signal behavior, leveraging historical data to minimize false positives. AI-driven alerting overcomes monitoring limitations through:
74
+
***Model-driven anomaly detection**. Utilizing historical data, ML models establish accurate baselines, eliminating guesswork and noise in alerts.
75
+
***AutoML**. The system self-tunes, including seasonality detection, minimizing user intervention for a simpler experience.
76
+
***User context**. Users set alert sensitivity and incident thresholds, adding context to anomaly detection to mitigate noise.
77
+
***One-click playbook assignment**. Monitors seamlessly [link to Automation Service playbooks](/docs/alerts/monitors/use-playbooks-with-monitors/#create-an-anomaly-monitor-that-runs-an-automated-playbook), expediting response without manual intervention.
78
+
***Auto-diagnosis and recovery**. Sumo Logic Automation Service automates diagnosis and resolution, closing the loop from alert to recovery.
74
79
***Outlier** lets you detect an unusual change or a spike in a time series of a key indicator. Use this detection method when you are alerting on KPIs that don't have well-defined constant thresholds for what's good and bad. You want the Monitor to automatically detect and alert on unusual changes or spikes on the alerting query. For example, application KPIs like page request, throughput, and latency.
75
80
1. If you chose the **Anomaly** detection method, choose **Use Outlier** if you want to trigger alerts on outlier direction rather than anomaly direction: <br/><img src={useBaseUrl('img/monitors/monitor-detector-types-for-anamoly.png')} alt="Use Outlier" width="600"/>
76
81
@@ -95,7 +100,7 @@ Specify the **Trigger Type**. A Monitor can have one critical, warning, and mis
| Alert when anomaly count is at least ___ (max. ##) at any time within ___| Enter the minimum number of anomalies to detect during the detection window before triggering an alert, and the duration of time to watch for anomalies (from 5 minutes to 24 hours). Ensure that the time period window is 5-10 times longer than the timeslice used in the log query. This setting helps you add context to anomaly detection. For example, if you know a particular signal is noisy, you may want to wait for a number of anomalous data points in the detection window before triggering an alert. If the time period is set to 5 minutes, and the minimum anomaly count is set to 1, then an alert is triggered if 1 anomaly appears within a 5-minute time period. |
155
-
| Show me fewer alerts --- more alerts | Tune the number of anomalous data points detected per day compared to the predicted baseline for the detection window. Select more alerts if you do not want to miss out on most anomalies. |
160
+
| Show me fewer alerts --- more alerts | Tune the number of anomalous data points detected per day compared to the predicted baseline for the detection window. Select more alerts if you do not want to miss out on most anomalies. |
156
161
157
162
##### Use Outlier with Anomaly detection
158
163
@@ -324,12 +329,12 @@ The fourth step when you create a new monitor is to add playbooks.
In this step, you can add a **Playbook** to run in response to an alert.
332
+
In this step, you can add a **Playbook** to run in response to an alert.
328
333
329
334
1.**Text Playbook**. Enter instructions for how to handle the alerts resulting from the monitor. This allows admins to codify tribal knowledge for an on-call so that they know what to do upon receiving an alert. Markdown is supported. For an example, see [Alert details](/docs/alerts/monitors/alert-response/#alert-details).
330
335
1.**Automated Playbooks**. Select an existing playbook from the Automation Service to run when an alert is fired. For more information, see [Automated Playbooks in Monitors](/docs/alerts/monitors/use-playbooks-with-monitors/).
331
336
1.**Add Playbook**. If desired, you can add more automated playbooks to run sequentially.
332
-
1. Click **Manage Playbooks** to manage the automated playbooks in the Automation Service.
337
+
1. Click **Manage Playbooks** to manage the automated playbooks in the Automation Service.
0 commit comments