Skip to content

Adds note on anomaly detection alert behaviour #126102

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Apr 8, 2025
Merged

Adds note on anomaly detection alert behaviour #126102

merged 6 commits into from
Apr 8, 2025

Conversation

kosabogi
Copy link
Contributor

@kosabogi kosabogi commented Apr 2, 2025

This PR updates the anomaly detection alerting documentation to clarify that email alerts include only the top three anomalous records or influencers.

Related issue: https://github.com/elastic/search-docs-team/issues/277

@kosabogi kosabogi added >docs General docs changes Team:Docs Meta label for docs team auto-backport Automatically create backport pull requests when merged v8.16.0 v8.17.0 v8.18.0 labels Apr 2, 2025
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Apr 2, 2025

Documentation preview:

@kosabogi kosabogi requested a review from szabosteve April 2, 2025 09:13
@kosabogi kosabogi marked this pull request as ready for review April 2, 2025 09:15
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-docs (Team:Docs)

@kosabogi kosabogi requested a review from darnautov April 3, 2025 10:14
darnautov
darnautov reviewed Apr 3, 2025
View reviewed changes
docs/reference/ml/anomaly-detection/ml-configuring-alerts.asciidoc Outdated
alert status changes, or at a custom action interval). For {anomaly-detect}
alert status changes, or at a custom action interval).

When you use an email action with an {anomaly-detect} rule, the alert includes only the top three anomalous records or influencers detected during the check interval. This behavior ensures that the alert remains concise by highlighting the most significant anomalies based on their scores.
Copy link
Contributor

@darnautov darnautov Apr 3, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is not specifically about email actions but rather about the overall alert context sent to any connector, as well as the document stored in the alert-as-data index.

I believe we should simply mention that topRecords and topInfluencers are limited to 3 documents.

image

@kosabogi kosabogi requested a review from darnautov April 4, 2025 05:56
szabosteve
szabosteve approved these changes Apr 7, 2025
View reviewed changes
Copy link
Contributor

@szabosteve szabosteve left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM unless @darnautov thinks otherwise. :)

darnautov
darnautov approved these changes Apr 7, 2025
View reviewed changes
Copy link
Contributor

@darnautov darnautov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@kosabogi kosabogi merged commit c4e9f0b into elastic:8.x Apr 8, 2025
5 checks passed
This was referenced Apr 8, 2025
Merged
Merged
Merged
kosabogi added a commit to kosabogi/elasticsearch that referenced this pull request Apr 8, 2025
@kosabogi
Adds note on anomaly detection alert behaviour (elastic#126102)
da69ccd 
* Adds note on anomaly detection alert behaviour

* Fixes attribute

* Relocating the addition

* Fixes based on feedback
kosabogi added a commit to kosabogi/elasticsearch that referenced this pull request Apr 8, 2025
@kosabogi
Adds note on anomaly detection alert behaviour (elastic#126102)
4aa6ee5 
* Adds note on anomaly detection alert behaviour

* Fixes attribute

* Relocating the addition

* Fixes based on feedback
@elasticsearchmachine
Copy link
Collaborator

💚 Backport successful

Status Branch Result
8.16
8.17
8.18

kosabogi added a commit to kosabogi/elasticsearch that referenced this pull request Apr 8, 2025
@kosabogi
Adds note on anomaly detection alert behaviour (elastic#126102)
3eac460 
* Adds note on anomaly detection alert behaviour

* Fixes attribute

* Relocating the addition

* Fixes based on feedback
elasticsearchmachine pushed a commit that referenced this pull request Apr 8, 2025
@kosabogi
Adds note on anomaly detection alert behaviour (#126102) (#126443)
309d169 
* Adds note on anomaly detection alert behaviour

* Fixes attribute

* Relocating the addition

* Fixes based on feedback
elasticsearchmachine pushed a commit that referenced this pull request Apr 8, 2025
@kosabogi
Adds note on anomaly detection alert behaviour (#126102) (#126442)
8ddd604 
* Adds note on anomaly detection alert behaviour

* Fixes attribute

* Relocating the addition

* Fixes based on feedback
elasticsearchmachine pushed a commit that referenced this pull request Apr 8, 2025
@kosabogi
Adds note on anomaly detection alert behaviour (#126102) (#126444)
dd68d3d 
* Adds note on anomaly detection alert behaviour

* Fixes attribute

* Relocating the addition

* Fixes based on feedback
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@darnautov darnautov darnautov approved these changes

@szabosteve szabosteve szabosteve approved these changes

Assignees

No one assigned

Labels

auto-backport Automatically create backport pull requests when merged >docs General docs changes Team:Docs Meta label for docs team v8.16.0 v8.17.0 v8.18.0 v8.19.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@kosabogi @elasticsearchmachine @darnautov @szabosteve