Managing rules

edit

The Rules tab provides a cross-app view of alerting. Different Kibana apps like Observability, Security, Maps and Machine Learning can offer their own rules. The Rules tab provides a central place to:

Example rule listing in the Rules and Connectors UI

For more information on alerting concepts and the types of rules and connectors available, see Alerting.

Finding rules

edit

The Rules tab lists all rules in the current space, including summary information about their execution frequency, tags, and type.

The search bar can be used to quickly find rules by name or tag.

Filtering the rules list using the search bar

The type dropdown lets you filter to a subset of rule types.

Filtering the rules list by types of rule

The Action type dropdown lets you filter by the type of action used in the rule.

Filtering the rule list by type of action

Creating and editing rules

edit

Many rules must be created within the context of a Kibana app like Metrics, APM, or Uptime, but others are generic. Generic rule types can be created in the Rules management UI by clicking the Create button. This will launch a flyout that guides you through selecting a rule type and configuring its properties. Refer to Stack rule types for details on what types of rules are available and how to configure them.

After a rule is created, you can re-open the flyout and change a rule’s properties by clicking the Edit button shown on each row of the rule listing.

Controlling rules

edit

The rule listing allows you to quickly mute/unmute, disable/enable, and delete individual rules by clicking the action button.

The actions button allows an individual rule to be muted

These operations can also be performed in bulk by multi-selecting rules and clicking the Manage rules button:

The Manage rules button lets you mute/unmute

Required permissions

edit

Access to rules is granted based on your privileges to alerting-enabled features. See Alerting Security for more information.