diff --git a/docs/user/monitoring/images/monitoring-kibana-alerts.png b/docs/user/monitoring/images/monitoring-kibana-alerts.png new file mode 100644 index 000000000000..43edcb450414 Binary files /dev/null and b/docs/user/monitoring/images/monitoring-kibana-alerts.png differ diff --git a/docs/user/monitoring/index.asciidoc b/docs/user/monitoring/index.asciidoc index ab773657073b..514988792d21 100644 --- a/docs/user/monitoring/index.asciidoc +++ b/docs/user/monitoring/index.asciidoc @@ -2,6 +2,7 @@ include::xpack-monitoring.asciidoc[] include::beats-details.asciidoc[leveloffset=+1] include::cluster-alerts.asciidoc[leveloffset=+1] include::elasticsearch-details.asciidoc[leveloffset=+1] +include::kibana-alerts.asciidoc[leveloffset=+1] include::kibana-details.asciidoc[leveloffset=+1] include::logstash-details.asciidoc[leveloffset=+1] include::monitoring-troubleshooting.asciidoc[leveloffset=+1] diff --git a/docs/user/monitoring/kibana-alerts.asciidoc b/docs/user/monitoring/kibana-alerts.asciidoc new file mode 100644 index 000000000000..1ac5c385f8ed --- /dev/null +++ b/docs/user/monitoring/kibana-alerts.asciidoc @@ -0,0 +1,36 @@ +[role="xpack"] +[[kibana-alerts]] += {kib} Alerts + +The {stack} {monitor-features} provide +<> out-of-the box to notify you of +potential issues in the {stack}. These alerts are preconfigured based on the +best practices recommended by Elastic. However, you can tailor them to meet your +specific needs. + +When you open *{stack-monitor-app}*, the preconfigured {kib} alerts are +created automatically. If you collect monitoring data from multiple clusters, +these alerts can search, detect, and notify on various conditions across the +clusters. The alerts are visible alongside your existing {watcher} cluster +alerts. You can view details about the alerts that are active and view health +and performance data for {es}, {ls}, and Beats in real time, as well as +analyze past performance. You can also modify active alerts. + +[role="screenshot"] +image::user/monitoring/images/monitoring-kibana-alerts.png["Kibana alerts in the Stack Monitoring app"] + +To review and modify all the available alerts, use +<> in *{stack-manage-app}*. + +[discrete] +[[kibana-alerts-cpu-threshold]] +== CPU threshold + +This alert is triggered when a node runs a consistently high CPU load. By +default, the trigger condition is set at 85% or more averaged over the last 5 +minutes. The alert is grouped across all the nodes of the cluster by running +checks on a schedule time of 1 minute with a re-notify internal of 1 day. + +NOTE: Some action types are subscription features, while others are free. +For a comparison of the Elastic subscription levels, see the alerting section of +the {subscriptions}[Subscriptions page].