diff --git a/docs/en/observability/apm-ui/index.asciidoc b/docs/en/observability/apm-ui/index.asciidoc index dfd233c3f6..5c3303acd7 100644 --- a/docs/en/observability/apm-ui/index.asciidoc +++ b/docs/en/observability/apm-ui/index.asciidoc @@ -45,6 +45,8 @@ Configure and troubleshoot the APM UI: include::services.asciidoc[leveloffset=-1] +include::new-experience-services.asciidoc[leveloffset=+2] + include::traces.asciidoc[leveloffset=-1] include::dependencies.asciidoc[leveloffset=-1] diff --git a/docs/en/observability/apm-ui/new-experience-services.asciidoc b/docs/en/observability/apm-ui/new-experience-services.asciidoc new file mode 100644 index 0000000000..bd9e8eff98 --- /dev/null +++ b/docs/en/observability/apm-ui/new-experience-services.asciidoc @@ -0,0 +1,51 @@ +[[new-experience-services]] += New services experience + +preview::[] + +With this technical preview, +Elastic expands the **Services** inventory to include services found in logs. +This means you can monitor the services you care about even if you only have logs +and aren't ready to instrument your services. + +The new **Services** inventory shows services instrumented with APM or OpenTelemetry, +plus any services declared using `service.name` in your logs: + +[role="screenshot"] +image::images/entity-centric-services-inventory.png[Services inventory that shows APM data and log data] + +For instrumented services that also have custom logs, the APM and log data are displayed in the same view. +For services that only have log data, +the log data is displayed, and you have the option of adding APM later. + +NOTE: The new **Services** inventory requires the Elastic Entity Model (EEM). To learn more, refer to <>. + +[discrete] +== Turn on the new experience + +The new services experience is turned off by default. To turn it on: + +. Go to **{observability}** → **APM** → **Services**. +. Click **Try out Elastic's new experience!** + +If you have the correct privileges, the EEM will be turned on automatically. +Otherwise, you need to ask your administrator to turn on this feature under **Stack Management**. + +To turn off the new experience, click **Restore classic view**. +You can switch back and forth between the new and classic views whenever you want. + +**** +**Does turning on the new experience affect other users?** + +No. The settings are applied at the browser level, +which means that other users need to turn on the new experience if they want to use it. +**** + +[discrete] +== Add services to the inventory + +To add services to the inventory, use one of the following approaches: + +* Instrument your services with APM or OpenTelemetry. +To learn how, refer to <>. +* Declare `service.name` in your logs. To learn how, <>. diff --git a/docs/en/observability/apm-ui/services.asciidoc b/docs/en/observability/apm-ui/services.asciidoc index 16a8fae1e7..8d1536bf6e 100644 --- a/docs/en/observability/apm-ui/services.asciidoc +++ b/docs/en/observability/apm-ui/services.asciidoc @@ -14,6 +14,8 @@ In addition to health status, active alerts for each service are prominently dis [role="screenshot"] image::./images/apm-services-overview.png[Example view of services table the APM UI in Kibana] +TIP: Want to monitor service logs without instrumenting all your services? Learn about our <>. + [float] [[service-groups]] ==== Service groups diff --git a/docs/en/observability/apm/images/entity-centric-services-inventory.png b/docs/en/observability/apm/images/entity-centric-services-inventory.png new file mode 100644 index 0000000000..9d07403f5d Binary files /dev/null and b/docs/en/observability/apm/images/entity-centric-services-inventory.png differ diff --git a/docs/en/observability/elastic-entity-model.asciidoc b/docs/en/observability/elastic-entity-model.asciidoc new file mode 100644 index 0000000000..f7b2ad438b --- /dev/null +++ b/docs/en/observability/elastic-entity-model.asciidoc @@ -0,0 +1,67 @@ +[[elastic-entity-model]] += Elastic Entity Model + +preview::[] + +The Elastic Entity Model consists of: + +* a data model and related entity indices +* an Entity Discovery Framework, which consists of {ref}/transforms.html[transforms] and {ref}/ingest.html[Ingest pipelines] that read from signal indices and write data to entity indices +* a set of management APIs that empower entity-centric Elastic solution features and workflows + +In the context of Elastic Observability, +an _entity_ is an object of interest that can be associated with produced telemetry and identified as unique. +Note that this definition is intentionally closely aligned to the work of the https://github.com/open-telemetry/oteps/blob/main/text/entities/0256-entities-data-model.md#data-model[OpenTelemetry Entities SIG]. +Examples of entities include (but are not limited to) services, hosts, and containers. + +The concept of an entity is important as a means to unify observability signals based on the underlying entity that the signals describe. + +[NOTE] +==== +* The Elastic Entity Model currently supports the <> limited to service-based entities (as identified by `service.name`) located in data identified by `logs-*` and `filebeat*` index patterns +* During Technical Preview, Entity Discovery Framework components are not enabled by default +==== + +[discrete] +== Enable the Elastic Entity Model + +During Technical Preview, +the Elastic Entity Model is enabled when you turn on the entity-centric service inventory described in <>. + +The following {es} privileges are required: + +[cols="1,1"] +|==== +|**Index privileges** +|names: [`.entities*`], privileges: [`create_index`, `index`, `create_doc`, `auto_configure`, `read`] + +names: [`logs-*`, `filebeat*`, `metrics-*`, `metricbeat*`, `traces-*`, `.entities*`], privileges: [`read`, `view_index_metadata`] + +|**Cluster privileges** +|`manage_transform`, `manage_ingest_pipelines`, `manage_index_templates` + +|**Application privileges** +|application: `kibana-.kibana`, privileges: [`saved_object:entity-definition/*`, `saved_object:entity-discovery-api-key/*`], resources: [*] +|==== + +For more information, refer to {ref}/security-privileges.html[Security privileges] in the {es} documentation. + +[discrete] +== Disable the Elastic Entity Model + +From the Dev Console, run the command: `DELETE kbn:/internal/entities/managed/enablement` + +The following {es} privileges are required to delete {es} resources: + +[cols="1,1"] +|==== +|**Index privileges** +|names: [`.entities*`], privileges: [`delete_index`] + +|**Cluster privileges** +|`manage_transform`, `manage_ingest_pipelines`, `manage_index_templates` + +|**Application privileges** +|application: `kibana-.kibana`, privileges: [`saved_object:entity-definition/delete`, `saved_object:entity-discovery-api-key/delete`], resources: [*] +|==== + diff --git a/docs/en/observability/index.asciidoc b/docs/en/observability/index.asciidoc index ab248fe921..6f349be94f 100644 --- a/docs/en/observability/index.asciidoc +++ b/docs/en/observability/index.asciidoc @@ -205,8 +205,15 @@ include::exploratory-data-visualizations.asciidoc[leveloffset=+2] include::inspect.asciidoc[leveloffset=+2] +// Reference +include::reference.asciidoc[leveloffset=+1] + // Fields -include::fields-reference.asciidoc[leveloffset=+1] +include::fields-reference.asciidoc[leveloffset=+2] + +// Elastic Entity Model + +include::elastic-entity-model.asciidoc[leveloffset=+2] // Tutorials include::tutorials.asciidoc[] diff --git a/docs/en/observability/reference.asciidoc b/docs/en/observability/reference.asciidoc new file mode 100644 index 0000000000..9e9791f29b --- /dev/null +++ b/docs/en/observability/reference.asciidoc @@ -0,0 +1,9 @@ +[[reference]] += Reference + +This section contains reference information related to using Elastic {observability}. + +* <> +* <> + +