You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: modules/coo-incident-detection-using.adoc
+22-13Lines changed: 22 additions & 13 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -13,25 +13,43 @@
13
13
* You have installed the {coo-full}.
14
14
* You have installed the {coo-full} monitoring UI plugin with incident detection enabled.
15
15
16
+
[NOTE]
17
+
====
18
+
If you have installed the {coo-full} programmatically, make sure that the namespace (by default `openshift-cluster-observability-operator`) has the label `openshift.io/cluster-monitoring=true`. If not add it by running the comand:
. In the Administrator perspective of the web console, click on *Observe*->*Incidents*.
30
+
. In the Administrator perspective of the web console, click on *Observe*->*Alerting* and choose the **Incidents** tab.
20
31
21
32
. The Incidents Timeline UI shows the grouping of alerts into *incidents*. The color coding of the lines in the graph corresponds to the severity of the incident. By default, a seven day timeline is presented.
It will take at least 10 minutes to process the correlations and to see the timeline, after you enable incident detection.
38
+
It will take at least five minutes to process the correlations and to see the timeline, after you enable incident detection.
39
+
40
+
Status changes are recorded at five-minute intervals. You can see the last update time next to the timeline.
28
41
29
42
The analysis and grouping into incidents is performed only for alerts that are firing after you have enabled this feature. Alerts that have been resolved before feature enablement are not included.
30
43
====
31
44
32
45
. Zoom in to a 1-day view by clicking on the drop-down to specify the duration.
For performance reasons, the UI only loads the displayed data. The start time reflects the first data point rendered in the current timeline, not the absolute start time of the alert. For example, if you zoom to 1-day and an alert started two days ago, the start time will be shifted to twenty four hours before.
52
+
====
35
53
36
54
. By clicking on an incident, you can see the timeline of alerts that are part of that incident, in the Alerts Timeline UI.
. Click the link for a firing alert, to see detailed information about that alert.
49
-
50
-
51
-
52
-
[NOTE]
53
-
====
54
-
**Known issues**
55
-
56
-
* Depending on the order of the timeline bars, the tooltip might overlap and hide the underlying bar. You can still click the bar and select the incident or alert.
66
+
. Click the link for an alert, to see detailed information about the associated alert rule.
* **Incident detection:** The incident detection feature groups related alerts into incidents, to help you identify the root causes of alert bursts, instead of being overwhelmed by individual alerts. It presents a timeline of incidents, color-coded by severity, and you can drill down into the individual alerts within an incident. The system also categorizes alerts by affected component, grouped by severity. This helps you focus on the most critical areas first.
19
16
+
20
-
The incident detection feature is available in the {ocp-product-title} web console at **Observe**->**Incidents**.
17
+
The incident detection feature is available in the {ocp-product-title} web console by clicking on **Observe**->**Alerting** and choosing the **Incidents** tab.
0 commit comments