智能组Smart groups

处理警报时面临的一个常见难题是筛选噪音以找出真正重要的事项 - 智能组旨在解决该问题。A common challenge faced when dealing with alerts is sifting through the noise to find out what actually matters - smart groups are intended to be the solution to that problem.

智能组是使用机器学习算法自动创建的,用于将表示单个问题的相关警报组合在一起。Smart groups are automatically created by using machine learning algorithms to combine related alerts that represent a single issue. 创建某个警报时,算法会根据历史模式、相似属性和相似结构等信息,将其添加到新智能组或现有智能组。When an alert is created, the algorithm adds it to a new smart group or an existing smart group based on information such as historical patterns, similar properties, and similar structure. 例如,如果某个订阅中多个虚拟机上的 % CPU 同时达到峰值导致生成许多单独的警报,并且如果此类警报在过去的任何时间一起发生,则这些警报可能会被分组到一个智能组中,从而表明存在潜在的共同根本原因。For example, if % CPU on several virtual machines in a subscription simultaneously spikes leading to many individual alerts, and if such alerts have occurred together anytime in the past, these alerts will likely be grouped into a single Smart Group, suggesting a potential common root cause. 这意味着,对于对警报进行故障排除的人员来说,智能组不仅可以通过将相关警报作为单个聚合单元进行管理来降低噪音,还可以引导他们找到其警报的可能共同根本原因。This means that for someone troubleshooting alerts, smart groups not only allows them to reduce noise by managing related alerts as a single aggregated unit, it also guides them towards possible common root causes for their alerts.

目前,算法只考虑来自订阅中同一监视服务的警报。Currently, the algorithm only considers alerts from the same monitor service within a subscription. 通过这种合并,智能组最大可将警报干扰降低 99%。Smart groups can reduce up to 99% of alert noise through this consolidation. 可以在智能组详细信息页中查看将警报包含在该组中的原因。You can view the reason that alerts were included in a group in the smart group details page.

可以查看智能组的详细信息,并像设置警报状态一样设置智能组的状态。You can view the details of smart groups and set the state similarly to how you can with alerts. 每个警报是一个(且仅限一个)智能组的成员。Each alert is a member of one and only one smart group.

智能组状态Smart group state

智能组状态与警报状态的概念类似,允许你在智能组级别管理解决过程。Smart group state is a similar concept to the alert state, which allows you to manage the resolution process at the level of a smart group. 与警报状态类似,创建智能组时,它具有“新建”状态,可以将其更改为“已确认”或“已关闭”。Similar to the alert state, when a smart group is created, it has the New state, which can be changed to either Acknowledged or Closed.

支持以下智能组状态。The following smart group states are supported.

状态State 说明Description
新建New 只是检测到了问题,但尚未审查问题。The issue has just been detected and has not yet been reviewed.
已确认Acknowledged 管理员已审查智能组,并已开始进行处理。An administrator has reviewed the smart group and started working on it.
已关闭Closed 问题已解决。The issue has been resolved. 关闭某个智能组后,可通过将其更改为另一种状态来重新打开它。After a smart group has been closed, you can reopen it by changing it to another state.

了解如何更改智能组的状态。Learn how to change the state of your smart group.

备注

更改智能组状态不会更改各个成员警报的状态。Changing the state of a smart group does not change the state of the individual member alerts.

“智能组详细信息”页Smart group details page

选择某个智能组时,会显示“智能组详细信息”页。The Smart group detail page is displayed when you select a smart group. 该页提供智能组的详细信息(包括创建该组的原因),并可在其中更改智能组的状态。It provides details about the smart group, including the reasoning that was used to create the group, and enables you to change its state.

智能组详细信息

“智能组详细信息”页包括以下部分。The smart group detail page includes the following sections.

部分Section 说明Description
警报Alerts 列出智能组中包含的各个警报。Lists the individual alerts that are included in the smart group. 选择某个警报会打开它的“警报详细信息”页。Select an alert to open its alert detail page.
历史记录History 列出智能组执行的每个操作,以及对智能组进行的任何更改。Lists each action taken by the smart group and any changes that are made to it. 目前仅限状态更改和警报成员身份更改。This is currently limited to state changes and alert membership changes.

智能组分类Smart group taxonomy

智能组的名称是其第一个警报的名称。The name of a smart group is the name of its first alert. 无法创建或重命名智能组。You can't create or rename a smart group.

后续步骤Next steps