Add 1st draft of auto-detection quickstart

elastic · Jul 20, 2024 · eb6e91e · eb6e91e
1 parent feb2d6a
commit eb6e91e
Show file tree

Hide file tree

Showing 3 changed files with 55 additions and 4 deletions.
diff --git a/docs/en/serverless/images/quickstart-autodetection-command.png b/docs/en/serverless/images/quickstart-autodetection-command.png
diff --git a/docs/en/serverless/quickstarts/auto-detect-logs-metrics.mdx b/docs/en/serverless/quickstarts/auto-detect-logs-metrics.mdx
@@ -5,6 +5,59 @@ description: Learn how to scan your hosts to detect and collect logs and metrics
 tags: [ 'serverless', 'observability', 'how-to' ]
 ---
 
-{/* TODO: Make sure title matches the title used in the UI */}
+<p><DocBadge template="technical preview" /></p>
 
-Add intro here.
+<DocCallOut title="Before you begin">
+   This quickstart has the following requirements and limitations:
+
+   - The **Admin** role or higher is required to onboard system logs and metrics. To learn more, refer to <DocLink slug="/serverless/general/assign-user-roles" />.
+   - Root privileges on the host are required to run the auto-detection script used in this quickstart.
+   - The auto-detection script currently scans for metrics and logs from Apache, Docker, Nginx, and the host system.
+   It also scans for custom log files.
+   - The auto-detection script works on Linux and MacOS only and requires support for the `lsof` command.
+</DocCallOut>
+
+In this quickstart guide, you'll learn how to scan your host to detect and collect logs and metrics,
+then navigate to dashboards to further analyze and explore your observability data.
+You'll also learn how to get value out of your observability data.
+
+1. <DocLink slug="/serverless/observability/create-an-observability-project">Create a new ((observability)) project</DocLink>, or open an existing one.
+1. In your ((observability)) project, go to **Add Data**.
+1. Select **Collect and analyze logs**, and then select **Auto-detect logs and metrics**.
+1. Copy the command that's shown. For example:
+  ![Quick start showing command for running auto-detection](../images/quickstart-autodetection-command.png)
+  You'll run this command to download the auto-detection script and scan your system for observability data.
+1. Open a terminal on the host you want to scan, and run the command.
+1. Review the list of log files:
+    - Enter `Y` to ingest all the log files listed
+    - Enter `n` to either exclude log files or specify additional log paths. Enter `Y` to confirm your selections.
+
+  The script downloads and installs the software needed to collect observability data from the host and send it to Elastic.
+  When the script is done, you'll see a message like "((agent)) is configured and running."
+
+There might be a slight delay before logs and other data are ingested.
+Under **Visualize your data**, you'll see a list of dashboards that you can access to explore your ingested logs and metrics.
+
+## Get value out of your data
+
+After using the dashboards to examine your data and confirm you've ingested all the host logs and metrics you want to monitor,
+you can use Elastic ((observability)) to gain deeper insight into your data.
+
+For host monitoring, the following capabilities and features are recommended:
+
+- In the <DocLink slug="/serverless/observability/infrastructure-monitoring">Infrastructure UI</DocLink>, analyze and compare data collected from your hosts.
+You can also:
+  - <DocLink slug="/serverless/observability/detect-metric-anomalies">Detect anomalies</DocLink> for memory usage and network traffic on hosts.
+  - <DocLink slug="/serverless/observability/alerting">Create alerts</DocLink> that notify you when an anomaly is detected or a metric exceeds a given value.
+- In the <DocLink slug="/serverless/observability/discover-and-explore-logs">Logs Explorer</DocLink>, search and filter your log data,
+get information about the structure of log fields, and display your findings in a visualization.
+You can also:
+  - <DocLink slug="/serverless/observability/monitor-datasets">Monitor log data set quality</DocLink> to find degraded documents.
+  - <DocLink slug="/serverless/observability/run-log-pattern-analysis">Run a pattern analysis</DocLink> to find patterns in unstructured log messages.
+  - <DocLink slug="/serverless/observability/alerting">Create alerts</DocLink> that notify you when an Observability data type reaches or exceeds a given value.
+- Use <DocLink slug="/serverless/observability/aiops">AIOps features</DocLink> to apply predictive analytics and machine learning to your data:
+  - <DocLink slug="/serverless/observability/aiops-detect-anomalies">Detect anomalies</DocLink> by comparing real-time and historical data from different sources to look for unusual, problematic patterns.
+  - <DocLink slug="/serverless/observability/aiops-analyze-spikes">Analyze log spikes and drops</DocLink>.
+  - <DocLink slug="/serverless/observability/aiops-detect-change-points">Detect change points</DocLink> in your time series data.
+
+Refer to <DocLink slug="/serverless/observability/serverless-observability-overview"/> for a description of other useful features.
diff --git a/docs/en/serverless/quickstarts/overview.mdx b/docs/en/serverless/quickstarts/overview.mdx
@@ -5,8 +5,6 @@ description: Learn how to ingest your observability data and get immediate value
 tags: [ 'serverless', 'observability', 'how-to' ]
 ---
 
-{/* Is this to buzzwordy? Not sure TTV should be hyphenated, but it reads weird otherwise. */}
-
 Our quickstarts dramatically reduce your time-to-value by offering a fast path to ingest and visualize your Observability data.
 Each quickstart provides: