docs(ad): add Managing anomalies guide, expand Operational settings #11180
Conversation
…add diagrams
- Add new page _observing-your-data/ad/managing-anomalies.md covering how
to alert on anomalies with Alerting monitors, including a JSON example,
rationale table, and sample alert.
- Expand _observing-your-data/ad/index.md:
- Separate timestamp selection from operational settings.
- Add guidance on detector interval, frequency, window delay, and history,
with trade-off explanations.
- Cross-link Step 6 to the Managing anomalies page.
- Include a frequency vs. window delay timeline diagram.
- Add assets:
- images/anomaly-detection/window-delay-vs-frequency.png
- images/anomaly-detection/alerting_editor.png
Signed-off-by: kaituo <kaituo@amazon.com>
kaituo
requested review from
kolchfa-aws,
AMoo-Miki,
natebower,
dlvenable,
epugh and
sumobrian
as code owners
|
Thank you for submitting your PR. The PR states are In progress (or Draft) -> Tech review -> Doc review -> Editorial review -> Merged. Before you submit your PR for doc review, make sure the content is technically accurate. If you need help finding a tech reviewer, tag a maintainer. When you're ready for doc review, tag the assignee of this PR. The doc reviewer may push edits to the PR directly or leave comments and editorial suggestions for you to address (let us know in a comment if you have a preference). The doc reviewer will arrange for an editorial review. |
kolchfa-aws
added
v3.3.0
Tech review
|
@kolchfa-aws The PR is ready for doc review. |
kolchfa-aws
added
Doc review
|
|
||
| ## Alert on anomalies | ||
|
|
||
| You can create an [Alerting monitor]({{site.url}}{{site.baseurl}}/monitoring-plugins/alerting/) using either the Anomaly detector editor or the Extraction query editor. When you want to monitor an individual anomaly detector's results and notification condition thresholds on anomaly grade and confidence, use the Anomaly detector editor. Otherwise, use the Extraction query editor to monitor multiple detectors' results or write complex queries/trigger conditions. |
There was a problem hiding this comment.
@kaituo Can you use any of the 5 Monitor types to create an alerting monitor for anomalies or does it have to be a per query monitor?
|
|
||
| You can create an [Alerting monitor]({{site.url}}{{site.baseurl}}/monitoring-plugins/alerting/) using either the Anomaly detector editor or the Extraction query editor. When you want to monitor an individual anomaly detector's results and notification condition thresholds on anomaly grade and confidence, use the Anomaly detector editor. Otherwise, use the Extraction query editor to monitor multiple detectors' results or write complex queries/trigger conditions. | ||
|
|
||
| <img src="{{site.url}}{{site.baseurl}}/images/anomaly-detection/alerting_editor.png" alt="Alerting editor" width="800" height="800"> |
There was a problem hiding this comment.
This shows an "Edit monitor" page but on line 11 we're saying "create an alerting monitor". Should this image show the "Create monitor" page?
Signed-off-by: Fanit Kolchina <kolchfa@amazon.com>
Description
This PR:
Issues Resolved
Closes #11145
Version
3.3+
Frontend features
If you're submitting documentation for an OpenSearch Dashboards feature, add a video that shows how a user will interact with the UI step by step. A voiceover is optional.
frequency.mov
Checklist
For more information on following Developer Certificate of Origin and signing off your commits, please check here.