Ratio alerting
Closed this issue · 1 comments
mukeshelastic commented
Here are few common use cases for ratio alerting:
- Ratio between error code 504 to the overall number of response codes is higher than a threshold
- Ratio of requests with requests status = error compared to all the requests
Potential user experience in Logs Alerting could be:
When ratio of the count of log entries with alert condition1 AND alert condition2 to the count of log entries with alert condition3 AND alert condition4 is threshold within the last 5 minutes then action
Above formatting may require some change in the way and order in which alert is defined at the moment. I created another design issue for tracking those changes.
elasticmachine commented
Pinging @elastic/observability-design (design)