Managing rules
editManaging rules
editThe Rules tab provides a cross-app view of alerting. Different Kibana apps like Observability, Security, Maps and Machine Learning can offer their own rules. The Rules tab provides a central place to:
- Create and edit rules
- Control rules including enabling/disabling, muting/unmuting, and deleting
- Drill-down to rule details
For more information on alerting concepts and the types of rules and connectors available, see Alerting.
Finding rules
editThe Rules tab lists all rules in the current space, including summary information about their execution frequency, tags, and type.
The search bar can be used to quickly find rules by name or tag.
The type dropdown lets you filter to a subset of rule types.
The Action type dropdown lets you filter by the type of action used in the rule.
Creating and editing rules
editMany rules must be created within the context of a Kibana app like Metrics, APM, or Uptime, but others are generic. Generic rule types can be created in the Rules management UI by clicking the Create button. This will launch a flyout that guides you through selecting a rule type and configuring its properties. Refer to Stack rule types for details on what types of rules are available and how to configure them.
After a rule is created, you can re-open the flyout and change a rule’s properties by clicking the Edit button shown on each row of the rule listing.
Controlling rules
editThe rule listing allows you to quickly mute/unmute, disable/enable, and delete individual rules by clicking the action button.
These operations can also be performed in bulk by multi-selecting rules and clicking the Manage rules button:
Required permissions
editAccess to rules is granted based on your privileges to alerting-enabled features. See Alerting Security for more information.