You are viewing docs on Elastic's new documentation system, currently in technical preview. For all other Elastic docs, visit elastic.co/guide.

Services

The Services inventory provides a quick, high-level overview of the health and general performance of all instrumented services.

To help surface potential issues, services are sorted by their health status: critical → warning → healthy → unknown. Health status is powered by machine learning and requires anomaly detection to be enabled.

In addition to health status, active alerts for each service are prominently displayed in the service inventory table. Selecting an active alert badge brings you to the Alerts tab where you can learn more about the active alert and take action.

Service groups

Required role

The Editor role or higher is required to create and manage service groups. To learn more, refer to Assign user roles and privileges.

Service grouping is in beta

The Service grouping functionality is in beta and is subject to change. The design and code is less mature than official generally available features and is being provided as-is with no warranties.

Group services together to build meaningful views that remove noise, simplify investigations across services, and combine related alerts.

To create a service group:

  1. In your Observability project, go to Applications → Services.
  2. Switch to Service groups.
  3. Click Create group.
  4. Specify a name, color, and description.
  5. Click Select services.
  6. Specify a Kibana Query Language (KQL) query to select services for the group. Services that match the query within the last 24 hours will be assigned to the group.

Note

Once a service group has been saved, this list of services within it is static. If a newly added service matches the KQL query, it will not be automatically added to the service group. Similarly, if a service stops matching the KQL query, it will not be removed from the group.

To update the list of services within a group, edit the service group, click Refresh next to the KQL query, and click Save group.

Examples

Not sure where to get started? Here are some sample queries you can build from:

  • Group services by environment: To group "production" services, use service.environment : "production".
  • Group services by name: To group all services that end in "beat", use service.name : *beat. This will match services named "Auditbeat", "Heartbeat", "Filebeat", and so on.

On this page