-
Notifications
You must be signed in to change notification settings - Fork 805
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: simple maintenance windows (#1776)
Signed-off-by: Tal <[email protected]> Co-authored-by: Matvey Kukuy <[email protected]>
- Loading branch information
1 parent
4168330
commit 54ca482
Showing
36 changed files
with
1,279 additions
and
75 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
--- | ||
title: "Maintenance Windows" | ||
--- | ||
|
||
# Alert Management: Maintenance Windows | ||
|
||
Keep's Maintenance Windows feature provides a critical mechanism for managing alert noise during scheduled maintenance periods or other planned events. By defining Maintenance Window rules, users can suppress alerts that are irrelevant during these times, ensuring that only actionable alerts reach the operations team. | ||
|
||
## Introduction | ||
|
||
In dynamic IT environments, it's common to have periods where certain alerts are expected and should not trigger incident responses. Keep's Maintenance Windows feature allows users to define specific rules that temporarily suppress alerts based on various conditions, such as time windows or alert attributes. This helps prevent unnecessary alert fatigue and ensures that teams can focus on critical issues. | ||
|
||
## How It Works | ||
|
||
1. **Maintenance Window Rule Definition**: Users define Maintenance Window rules specifying the conditions under which alerts should be suppressed. | ||
2. **Condition Specification**: A CEL (Common Expression Language) query is associated with each Maintenance Window rule to define the conditions for suppression. | ||
3. **Time Window Configuration**: Maintenance Window rules can be set for specific start and end times, or based on a relative duration. | ||
4. **Alert Suppression**: During the active period of a Maintenance Window rule, any alerts matching the defined conditions are suppressed and not forwarded to the alerting system. | ||
|
||
## Practical Example | ||
|
||
Suppose your team schedules a database upgrade that could trigger numerous non-critical alerts. You can create a Maintenance Window rule that suppresses alerts from the database service during the upgrade window. This ensures that your operations team isn't overwhelmed by non-actionable alerts, allowing them to focus on more critical issues. | ||
|
||
## Core Concepts | ||
|
||
- **Maintenance Window Rules**: Configurations that define when and which alerts should be suppressed based on time windows and conditions. | ||
- **CEL Query**: A query language used to specify the conditions under which alerts should be suppressed. For example, a CEL query might suppress alerts where the source is a specific service during a maintenance window. | ||
- **Time Window**: The specific start and end times or relative duration during which the Maintenance Window rule is active. | ||
- **Alert Suppression**: The process of ignoring alerts that match the Maintenance Window rule's conditions during the specified time window. | ||
|
||
## Status-Based Filtering in Maintenance Windows | ||
|
||
In Keep, certain alert statuses are automatically ignored by Maintenance Window rules. Specifically, alerts with the statuses RESOLVED and ACKNOWLEDGED are not suppressed by Maintenance Window rules. This is intentional to ensure that resolving alerts can still be processed and appropriately close or update active incidents. | ||
|
||
### Why Are Some Statuses Ignored? | ||
|
||
• RESOLVED Alerts: These alerts indicate that an issue has been resolved. By allowing these alerts to bypass Maintenance Window rules, Keep ensures that any active incidents related to the alert can be properly closed, maintaining the integrity of the alert lifecycle. | ||
• ACKNOWLEDGED Alerts: These alerts have been acknowledged by an operator, signaling that they are being addressed. Ignoring these alerts in Maintenance Windows ensures that operators can track the progress of incidents and take necessary actions without interference. | ||
|
||
By excluding these statuses from Maintenance Window suppression, Keep allows for the continuous and accurate management of alerts, even during Maintenance Window periods, ensuring that resolution processes are not disrupted. | ||
|
||
## Creating a Maintenance Window Rule | ||
|
||
To create a Maintenance Window rule: | ||
|
||
<Frame width="100" height="200"> | ||
<img height="10" src="/images/maintenance-window-creation.png" /> | ||
</Frame> | ||
|
||
1. **Define the Maintenance Window Name and Description**: Provide a name and optional description for the Maintenance Window rule to easily identify its purpose. | ||
2. **Specify the CEL Query**: Use CEL to define the conditions under which alerts should be suppressed (e.g., `source == "database"`). | ||
3. **Set the Time Window**: Choose a specific start and end time, or define a relative duration for the Maintenance Window. | ||
4. **Enable the Rule**: Decide whether the rule should be active immediately or scheduled for future use. | ||
|
||
## Best Practices | ||
|
||
- **Plan Maintenance Windows in Advance**: Schedule Maintenance Window periods in advance for known maintenance windows to prevent unnecessary alerts. | ||
- **Use Specific Conditions**: Define precise CEL queries to ensure only the intended alerts are suppressed. | ||
- **Review and Update Maintenance Windows**: Regularly review active Maintenance Window rules to ensure they are still relevant and adjust them as necessary. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,12 @@ | ||
import { Title, Subtitle } from "@tremor/react"; | ||
|
||
export default function Layout({ children }: { children: any }) { | ||
return <main>{children}</main>; | ||
return ( | ||
<main className="p-4 md:p-10 mx-auto max-w-full"> | ||
<Title>Extractions</Title> | ||
<Subtitle>Easily extract more attributes from your alerts using Regex</Subtitle> | ||
|
||
{children} | ||
</main> | ||
); | ||
} |
Oops, something went wrong.