SlideShare a Scribd company logo

A new framework for alerts and actions in Kibana

Elasticsearch, profile picture
Elasticsearch

The presentation discusses the future of alerts and actions within the Elastic Stack, emphasizing the development of a new alerting framework aimed at enhancing observability and security features. It highlights the importance of customer acceptance, potential risks, and the impact of external factors like the COVID-19 pandemic on business operations. Key features include automation, integration with external workflows, and contextual analysis to improve user experience and incident management.

Technology
1 of 32
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
1 Alerts and actions in the Elastic Stack and Elastic Solutions Alex Francoeur, Principal Product Manager Aris Papadopoulos, Senior Product Manager October 13  15, 2020
2 This presentation and the accompanying oral presentation contain forward-looking statements, including statements concerning plans for future offerings; the expected strength, performance or benefits of our offerings; and our future operations and expected performance. These forward-looking statements are subject to the safe harbor provisions under the Private Securities Litigation Reform Act of 1995. Our expectations and beliefs in light of currently available information regarding these matters may not materialize. Actual outcomes and results may differ materially from those contemplated by these forward-looking statements due to uncertainties, risks, and changes in circumstances, including, but not limited to those related to: the impact of the COVID-19 pandemic on our business and our customers and partners; our ability to continue to deliver and improve our offerings and successfully develop new offerings, including security-related product offerings and SaaS offerings; customer acceptance and purchase of our existing offerings and new offerings, including the expansion and adoption of our SaaS offerings; our ability to realize value from investments in the business, including R&D investments; our ability to maintain and expand our user and customer base; our international expansion strategy; our ability to successfully execute our go-to-market strategy and expand in our existing markets and into new markets, and our ability to forecast customer retention and expansion; and general market, political, economic and business conditions. Additional risks and uncertainties that could cause actual outcomes and results to differ materially are included in our filings with the Securities and Exchange Commission (the “SEC”), including our Annual Report on Form 10-K for the most recent fiscal year, our quarterly report on Form 10-Q for the most recent fiscal quarter, and any subsequent reports filed with the SEC. SEC filings are available on the Investor Relations section of Elastic’s website at ir.elastic.co and the SEC’s website at www.sec.gov. Any features or functions of services or products referenced in this presentation, or in any presentations, press releases or public statements, which are not currently available or not currently available as a general availability release, may not be delivered on time or at all. The development, release, and timing of any features or functionality described for our products remains at our sole discretion. Customers who purchase our products and services should make the purchase decisions based upon services and product features and functions that are currently available. All statements are made only as of the date of the presentation, and Elastic assumes no obligation to, and does not currently intend to, update any forward-looking statements or statements relating to features or functions of services or products, except as required by law. Forward-Looking Statements
3 Alex Francoeur Principal Product Manager Aris Papadopoulos Senior Product Manager
Agenda Vision and overview1 Integrations and actions3 Demo4 Roadmap5 Use cases2
5 Vision and overview
6 Making Kibana actionable
7 Automate and take action Create or follow a reproducible workflow Contextual analysis and collaboration
8 Automate and take action Create or follow a reproducible workflow Contextual analysis and collaboration
9 Alerting everywhere Making sense of alerts Detection and action
10 Alerting everywhere The New Alerting Framework for the Elastic Stack
11 Alerting everywhere The New Alerting Framework for the Elastic Stack Making sense of alerts
12 Alerting everywhere The New Alerting Framework for the Elastic Stack Making sense of alerts Detection and action
13 Watcher New alerting framework ✗ Contextual integration ✔ ✗ 1 alert to multiple instances ✔ ✗ Space aware (multi-tenancy) ✔ ✗ Free ability to write alerts to index or server logs ✔ What are the differences between Watcher and the new alerting framework?
14 Use cases
Observability Metrics UptimeAPM Logs
CasesDetection Rules Security
Custom alerts for any indexOut of the box cluster health alerts And more
18 Integrations and actions
19
Set up once in a few seconds -no technical knowledge required1 Pass the alert’s context to your external workflows3 Use multiple times across your alerts2 Integrations features
• Create observability and security incidents • Manage incidents within your workflows • Pass the structured context to your workflow objects outside Kibana Incident management
• Notify your team members on Slack or via email • Surface your alerts and their context to the right channels and contacts • Format your notifications for an improved experience Collaboration em@il
Elastic internal • Index your alerts in Elasticsearch • Use them as annotations in TSVB • Show your alerts as Kibana logs
• Integrate with your system until we offer a native connector • Execute different actions according to your workflow requirements • Parameterize each integration Programmatic
25 Demo
26 Roadmap
Alerting everywhere For every use case • Search alerts in Discover • Threshold alerts from a Dashboard • Tracking alerts in Maps • More solution alerts • Machine Learning alerts everywhere Alerting everywhere
Making sense of alerts With more context and better UX • Multi-level alerts (e.g. warning, severe) • Alert simulation • More context in actions (link back, visualizations) • Alert details and activity log views Making sense of alerts
A new framework for alerts and actions in Kibana
Detection and Action More, in depth ways to take action • More actions (Microsoft teams, OpsGenie, etc.) • Pre-configured alerts • On-demand actions • Alert on resolution • Alert on state change Detection and action
31 elastic.co/cloud
32 Thank you!

More Related Content

What's hot (20)

PDF
Elasticsearch: Introducing the wildcard field
Elasticsearch
 
PDF
Elastic Security: Unified protection for everyone
Elasticsearch
 
PDF
Free and open cloud security posture monitoring
Elasticsearch
 
PDF
Finding relevant results faster with Elasticsearch
Elasticsearch
 
PDF
Observability at scale: Hear from the Elastic Cloud SRE team
Elasticsearch
 
PDF
Enterprise Search だけじゃもったいない! Elastic ソリューションをまたいだ相乗効果
Elasticsearch
 
PDF
Better together: How the Elastic solutions work in tandem
Elasticsearch
 
PDF
Creating stellar customer support experiences using search
Elasticsearch
 
PDF
Machine learning and the Elastic Stack: Everywhere you need it
Elasticsearch
 
PDF
Next-level integration with Spring Data Elasticsearch
Elasticsearch
 
PDF
Opening keynote | Americas
Elasticsearch
 
PDF
どこにいてもWorkplace Searchで何でも検索
Elasticsearch
 
PDF
Cost-effective data storage with data tiers
Elasticsearch
 
PDF
Elastic Security keynote
Elasticsearch
 
PDF
Faster business decisions and collaboration with Elastic Workplace Search
Elasticsearch
 
PDF
One agent, one click, and the future of data ingest with Elastic
Elasticsearch
 
PDF
How we built this: Data tiering, snapshots, and asynchronous search
Elasticsearch
 
PDF
The best way to run Elastic on Kubernetes
Elasticsearch
 
PDF
Why you should use Elastic for infrastructure metrics
Elasticsearch
 
PDF
The Elastic clients: Recent developments
Elasticsearch
 
Elasticsearch: Introducing the wildcard field
Elasticsearch
 
Elastic Security: Unified protection for everyone
Elasticsearch
 
Free and open cloud security posture monitoring
Elasticsearch
 
Finding relevant results faster with Elasticsearch
Elasticsearch
 
Observability at scale: Hear from the Elastic Cloud SRE team
Elasticsearch
 
Enterprise Search だけじゃもったいない! Elastic ソリューションをまたいだ相乗効果
Elasticsearch
 
Better together: How the Elastic solutions work in tandem
Elasticsearch
 
Creating stellar customer support experiences using search
Elasticsearch
 
Machine learning and the Elastic Stack: Everywhere you need it
Elasticsearch
 
Next-level integration with Spring Data Elasticsearch
Elasticsearch
 
Opening keynote | Americas
Elasticsearch
 
どこにいてもWorkplace Searchで何でも検索
Elasticsearch
 
Cost-effective data storage with data tiers
Elasticsearch
 
Elastic Security keynote
Elasticsearch
 
Faster business decisions and collaboration with Elastic Workplace Search
Elasticsearch
 
One agent, one click, and the future of data ingest with Elastic
Elasticsearch
 
How we built this: Data tiering, snapshots, and asynchronous search
Elasticsearch
 
The best way to run Elastic on Kubernetes
Elasticsearch
 
Why you should use Elastic for infrastructure metrics
Elasticsearch
 
The Elastic clients: Recent developments
Elasticsearch
 

Similar to A new framework for alerts and actions in Kibana (20)

PDF
Monitor multi-cloud deployments with Elastic Observability
Elasticsearch
 
PDF
Migrating to Elasticsearch Service on Elastic Cloud
Elasticsearch
 
PDF
Cybersecurity: Intelligence, innovation, and information warfare
Elasticsearch
 
PDF
Elastic Security under the hood
Elasticsearch
 
PDF
How South Dakota's BIT defends against cyber threats
Elasticsearch
 
PDF
Using Elastic @ Elastic: InfoSec and Elastic Security
Elasticsearch
 
PDF
Autoscaling: From zero to production seamlessly
Elasticsearch
 
PDF
How CACI and Elastic support the Department of Defense
Elasticsearch
 
PDF
Modernizing deployment in any environment with Elastic
Elasticsearch
 
PDF
Public sector keynote
Elasticsearch
 
PDF
Elastic Observability keynote
Elasticsearch
 
PDF
Searching anything, anywhere with Workplace Search
Elasticsearch
 
PDF
Streamline search with Elasticsearch Service on Microsoft Azure
Elasticsearch
 
PDF
What's new at Elastic: Update on major initiatives and releases
Elasticsearch
 
PDF
Streamline search with Elasticsearch Service on Microsoft Azure
Elasticsearch
 
PDF
From secure VPC links to SSO with Elastic Cloud
Elasticsearch
 
PDF
Managing the Elastic Stack at Scale
Elasticsearch
 
PDF
Using Elastic @ Elastic: Fast-tracking support search
Elasticsearch
 
PDF
MISFITS: The challenge of building mission-focused IT systems
Elasticsearch
 
PDF
Elastic Cloud: The best way to experience everything Elastic
Elasticsearch
 
Monitor multi-cloud deployments with Elastic Observability
Elasticsearch
 
Migrating to Elasticsearch Service on Elastic Cloud
Elasticsearch
 
Cybersecurity: Intelligence, innovation, and information warfare
Elasticsearch
 
Elastic Security under the hood
Elasticsearch
 
How South Dakota's BIT defends against cyber threats
Elasticsearch
 
Using Elastic @ Elastic: InfoSec and Elastic Security
Elasticsearch
 
Autoscaling: From zero to production seamlessly
Elasticsearch
 
How CACI and Elastic support the Department of Defense
Elasticsearch
 
Modernizing deployment in any environment with Elastic
Elasticsearch
 
Public sector keynote
Elasticsearch
 
Elastic Observability keynote
Elasticsearch
 
Searching anything, anywhere with Workplace Search
Elasticsearch
 
Streamline search with Elasticsearch Service on Microsoft Azure
Elasticsearch
 
What's new at Elastic: Update on major initiatives and releases
Elasticsearch
 
Streamline search with Elasticsearch Service on Microsoft Azure
Elasticsearch
 
From secure VPC links to SSO with Elastic Cloud
Elasticsearch
 
Managing the Elastic Stack at Scale
Elasticsearch
 
Using Elastic @ Elastic: Fast-tracking support search
Elasticsearch
 
MISFITS: The challenge of building mission-focused IT systems
Elasticsearch
 
Elastic Cloud: The best way to experience everything Elastic
Elasticsearch
 
Ad

More from Elasticsearch (20)

PDF
An introduction to Elasticsearch's advanced relevance ranking toolbox
Elasticsearch
 
PDF
From MSP to MSSP using Elastic
Elasticsearch
 
PDF
Cómo crear excelentes experiencias de búsqueda en sitios web
Elasticsearch
 
PDF
Te damos la bienvenida a una nueva forma de realizar búsquedas
Elasticsearch
 
PDF
Tirez pleinement parti d'Elastic grâce à Elastic Cloud
Elasticsearch
 
PDF
Comment transformer vos données en informations exploitables
Elasticsearch
 
PDF
Plongez au cœur de la recherche dans tous ses états.
Elasticsearch
 
PDF
Modernising One Legal Se@rch with Elastic Enterprise Search [Customer Story]
Elasticsearch
 
PDF
An introduction to Elasticsearch's advanced relevance ranking toolbox
Elasticsearch
 
PDF
Welcome to a new state of find
Elasticsearch
 
PDF
Building great website search experiences
Elasticsearch
 
PDF
Keynote: Harnessing the power of Elasticsearch for simplified search
Elasticsearch
 
PDF
Cómo transformar los datos en análisis con los que tomar decisiones
Elasticsearch
 
PDF
Explore relève les défis Big Data avec Elastic Cloud
Elasticsearch
 
PDF
Comment transformer vos données en informations exploitables
Elasticsearch
 
PDF
Transforming data into actionable insights
Elasticsearch
 
PDF
Opening Keynote: Why Elastic?
Elasticsearch
 
PDF
Empowering agencies using Elastic as a Service inside Government
Elasticsearch
 
PDF
The opportunities and challenges of data for public good
Elasticsearch
 
PDF
Enterprise search and unstructured data with CGI and Elastic
Elasticsearch
 
An introduction to Elasticsearch's advanced relevance ranking toolbox
Elasticsearch
 
From MSP to MSSP using Elastic
Elasticsearch
 
Cómo crear excelentes experiencias de búsqueda en sitios web
Elasticsearch
 
Te damos la bienvenida a una nueva forma de realizar búsquedas
Elasticsearch
 
Tirez pleinement parti d'Elastic grâce à Elastic Cloud
Elasticsearch
 
Comment transformer vos données en informations exploitables
Elasticsearch
 
Plongez au cœur de la recherche dans tous ses états.
Elasticsearch
 
Modernising One Legal Se@rch with Elastic Enterprise Search [Customer Story]
Elasticsearch
 
An introduction to Elasticsearch's advanced relevance ranking toolbox
Elasticsearch
 
Welcome to a new state of find
Elasticsearch
 
Building great website search experiences
Elasticsearch
 
Keynote: Harnessing the power of Elasticsearch for simplified search
Elasticsearch
 
Cómo transformar los datos en análisis con los que tomar decisiones
Elasticsearch
 
Explore relève les défis Big Data avec Elastic Cloud
Elasticsearch
 
Comment transformer vos données en informations exploitables
Elasticsearch
 
Transforming data into actionable insights
Elasticsearch
 
Opening Keynote: Why Elastic?
Elasticsearch
 
Empowering agencies using Elastic as a Service inside Government
Elasticsearch
 
The opportunities and challenges of data for public good
Elasticsearch
 
Enterprise search and unstructured data with CGI and Elastic
Elasticsearch
 
Ad

Recently uploaded (20)

PDF
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
PDF
How ETL Control Logic Keeps Your Pipelines Safe and Reliable.pdf
Stryv Solutions Pvt. Ltd.
 
PDF
Data_Analytics_vs_Data_Science_vs_BI_by_CA_Suvidha_Chaplot.pdf
CA Suvidha Chaplot
 
PDF
Market Insight : ETH Dominance Returns
CIFDAQ
 
PPTX
Agile Chennai 18-19 July 2025 Ideathon | AI Powered Microfinance Literacy Gui...
AgileNetwork
 
PPTX
Farrell_Programming Logic and Design slides_10e_ch02_PowerPoint.pptx
bashnahara11
 
PDF
The Future of Artificial Intelligence (AI)
Mukul
 
PDF
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
PPTX
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
PDF
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
PPTX
The Future of AI & Machine Learning.pptx
pritsen4700
 
PDF
Economic Impact of Data Centres to the Malaysian Economy
flintglobalapac
 
PDF
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
PDF
State-Dependent Conformal Perception Bounds for Neuro-Symbolic Verification
Ivan Ruchkin
 
PDF
Make GenAI investments go further with the Dell AI Factory
Principled Technologies
 
PPTX
Applied-Statistics-Mastering-Data-Driven-Decisions.pptx
parmaryashparmaryash
 
PDF
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
PDF
introduction to computer hardware and sofeware
chauhanshraddha2007
 
PDF
RAT Builders - How to Catch Them All [DeepSec 2024]
malmoeb
 
PDF
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
How ETL Control Logic Keeps Your Pipelines Safe and Reliable.pdf
Stryv Solutions Pvt. Ltd.
 
Data_Analytics_vs_Data_Science_vs_BI_by_CA_Suvidha_Chaplot.pdf
CA Suvidha Chaplot
 
Market Insight : ETH Dominance Returns
CIFDAQ
 
Agile Chennai 18-19 July 2025 Ideathon | AI Powered Microfinance Literacy Gui...
AgileNetwork
 
Farrell_Programming Logic and Design slides_10e_ch02_PowerPoint.pptx
bashnahara11
 
The Future of Artificial Intelligence (AI)
Mukul
 
GDG Cloud Munich - Intro - Luiz Carneiro - #BuildWithAI - July - Abdel.pdf
Luiz Carneiro
 
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
The Future of AI & Machine Learning.pptx
pritsen4700
 
Economic Impact of Data Centres to the Malaysian Economy
flintglobalapac
 
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
State-Dependent Conformal Perception Bounds for Neuro-Symbolic Verification
Ivan Ruchkin
 
Make GenAI investments go further with the Dell AI Factory
Principled Technologies
 
Applied-Statistics-Mastering-Data-Driven-Decisions.pptx
parmaryashparmaryash
 
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
introduction to computer hardware and sofeware
chauhanshraddha2007
 
RAT Builders - How to Catch Them All [DeepSec 2024]
malmoeb
 
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 

A new framework for alerts and actions in Kibana

  • 1. 1 Alerts and actions in the Elastic Stack and Elastic Solutions Alex Francoeur, Principal Product Manager Aris Papadopoulos, Senior Product Manager October 13  15, 2020
  • 2. 2 This presentation and the accompanying oral presentation contain forward-looking statements, including statements concerning plans for future offerings; the expected strength, performance or benefits of our offerings; and our future operations and expected performance. These forward-looking statements are subject to the safe harbor provisions under the Private Securities Litigation Reform Act of 1995. Our expectations and beliefs in light of currently available information regarding these matters may not materialize. Actual outcomes and results may differ materially from those contemplated by these forward-looking statements due to uncertainties, risks, and changes in circumstances, including, but not limited to those related to: the impact of the COVID-19 pandemic on our business and our customers and partners; our ability to continue to deliver and improve our offerings and successfully develop new offerings, including security-related product offerings and SaaS offerings; customer acceptance and purchase of our existing offerings and new offerings, including the expansion and adoption of our SaaS offerings; our ability to realize value from investments in the business, including R&D investments; our ability to maintain and expand our user and customer base; our international expansion strategy; our ability to successfully execute our go-to-market strategy and expand in our existing markets and into new markets, and our ability to forecast customer retention and expansion; and general market, political, economic and business conditions. Additional risks and uncertainties that could cause actual outcomes and results to differ materially are included in our filings with the Securities and Exchange Commission (the “SEC”), including our Annual Report on Form 10-K for the most recent fiscal year, our quarterly report on Form 10-Q for the most recent fiscal quarter, and any subsequent reports filed with the SEC. SEC filings are available on the Investor Relations section of Elastic’s website at ir.elastic.co and the SEC’s website at www.sec.gov. Any features or functions of services or products referenced in this presentation, or in any presentations, press releases or public statements, which are not currently available or not currently available as a general availability release, may not be delivered on time or at all. The development, release, and timing of any features or functionality described for our products remains at our sole discretion. Customers who purchase our products and services should make the purchase decisions based upon services and product features and functions that are currently available. All statements are made only as of the date of the presentation, and Elastic assumes no obligation to, and does not currently intend to, update any forward-looking statements or statements relating to features or functions of services or products, except as required by law. Forward-Looking Statements
  • 3. 3 Alex Francoeur Principal Product Manager Aris Papadopoulos Senior Product Manager
  • 4. Agenda Vision and overview1 Integrations and actions3 Demo4 Roadmap5 Use cases2
  • 7. 7 Automate and take action Create or follow a reproducible workflow Contextual analysis and collaboration
  • 8. 8 Automate and take action Create or follow a reproducible workflow Contextual analysis and collaboration
  • 10. 10 Alerting everywhere The New Alerting Framework for the Elastic Stack
  • 11. 11 Alerting everywhere The New Alerting Framework for the Elastic Stack Making sense of alerts
  • 12. 12 Alerting everywhere The New Alerting Framework for the Elastic Stack Making sense of alerts Detection and action
  • 13. 13 Watcher New alerting framework ✗ Contextual integration ✔ ✗ 1 alert to multiple instances ✔ ✗ Space aware (multi-tenancy) ✔ ✗ Free ability to write alerts to index or server logs ✔ What are the differences between Watcher and the new alerting framework?
  • 17. Custom alerts for any indexOut of the box cluster health alerts And more
  • 19. 19
  • 20. Set up once in a few seconds -no technical knowledge required1 Pass the alert’s context to your external workflows3 Use multiple times across your alerts2 Integrations features
  • 21. • Create observability and security incidents • Manage incidents within your workflows • Pass the structured context to your workflow objects outside Kibana Incident management
  • 22. • Notify your team members on Slack or via email • Surface your alerts and their context to the right channels and contacts • Format your notifications for an improved experience Collaboration em@il
  • 23. Elastic internal • Index your alerts in Elasticsearch • Use them as annotations in TSVB • Show your alerts as Kibana logs
  • 24. • Integrate with your system until we offer a native connector • Execute different actions according to your workflow requirements • Parameterize each integration Programmatic
  • 27. Alerting everywhere For every use case • Search alerts in Discover • Threshold alerts from a Dashboard • Tracking alerts in Maps • More solution alerts • Machine Learning alerts everywhere Alerting everywhere
  • 28. Making sense of alerts With more context and better UX • Multi-level alerts (e.g. warning, severe) • Alert simulation • More context in actions (link back, visualizations) • Alert details and activity log views Making sense of alerts
  • 30. Detection and Action More, in depth ways to take action • More actions (Microsoft teams, OpsGenie, etc.) • Pre-configured alerts • On-demand actions • Alert on resolution • Alert on state change Detection and action