- Observability: other versions:
- What is Elastic Observability?
- What’s new in 8.7
- Send data to Elasticsearch
- Spin up the Elastic Stack
- Deploy Elastic Agent to send data
- Deploy Beats to send data
- Elastic Serverless Forwarder for AWS
- Deploy serverless forwarder
- Configuration options
- Troubleshooting
- Observability overview page
- Application performance monitoring (APM)
- Application logs
- Log monitoring
- Infrastructure monitoring
- Uptime
- Synthetics (beta)
- Get started
- Scripting browser monitors
- Configure lightweight monitors
- Manage monitors
- Analyze monitor data
- Monitor resources on private networks
- Use the CLI
- Configure projects
- Configure Synthetics settings
- Grant users access to secured resources
- Manage data retention
- Use Synthetics with traffic filters
- Migrate from the Elastic Synthetics integration
- User Experience
- Universal Profiling
- Alerting
- Cases
- CI/CD observability
- Troubleshooting
- Fields reference
- Tutorials
- Monitor Amazon Web Services (AWS) with Elastic Agent
- Monitor Amazon Web Services (AWS) with Beats
- Monitor Google Cloud Platform
- Monitor a Java application
- Monitor Kubernetes
- Monitor Microsoft Azure with Elastic Agent
- Monitor Microsoft Azure with the native Azure integration
- Monitor Microsoft Azure with Beats
Open and manage new cases
editOpen and manage new cases
editOpen a new case
editOpen a new case to keep track of issues and share the details with colleagues.
- Go to Cases → Create new case.
-
Give the case a name, severity, and description.
In the
Descriptionarea, you can use Markdown syntax to create formatted text. - Optionally, add assignees and tags. You can add users only if they meet the necessary prerequisites.
-
Under External incident management system, select a connector. If
you’ve previously added one, that connector displays as the default selection. Otherwise, the
default setting is
No connector selected. - After you’ve completed all of the required fields, click Create case.
Add email notifications
editYou can configure email notifications that occur when users are assigned to cases.
For hosted Kibana on Elasticsearch Service:
-
Add the email addresses to the monitoring email allowlist. Follow the steps in Send alerts by email.
You do not need to take any more steps to configure an email connector or update Kibana user settings, since the preconfigured Elastic-Cloud-SMTP connector is used by default.
For self-managed Kibana:
-
Create a preconfigured email connector.
At this time, email notifications support only preconfigured email connectors, which are defined in the
kibana.ymlfile. -
Set the
notifications.connectors.default.emailKibana setting to the name of your email connector. - If you want the email notifications to contain links back to the case, you must configure the server.publicBaseUrl setting.
When you subsequently add assignees to cases, they receive an email.
Manage existing cases
editYou can search existing cases and filter them by attributes such as assignees, severity, status, and tags. You can also select multiple cases and use bulk actions to delete cases or change their attributes.
To view a case, click on its name. You can then:
- Add a new comment.
- Edit existing comments and the description.
- Add or remove assignees.
- Add a connector (if you did not select one while creating the case).
- Send updates to external systems (if external connections are configured).
- Edit tags.
- Change the status.
- Change the severity.
- Remove an alert.
- Refresh the case to retrieve the latest updates.
- Close the case.
- Reopen a closed case.