Improving the Elastic/Kibana workflow page
tl;dr: the Kibana/Elastic workflow has a pretty limited selection of query examples, which results in inefficiencies (such as people looking back through ZD tickets to find previous queries) and makes it difficult to onboard SEs into querying SaaS logs.
Quick Links
Context
It's taken me quite a while to get comfortable with querying Elastic as there's pretty limited resources to consult. I raised this in the APAC support team call this week and several other SEs raised that they would also like to see the provided examples expanded into a 'library' of queries that SEs can consult.
The approach I'm suggesting is to improve the existing workflow by soliciting feedback here before integrating provided queries into the workflow.
I've added a thread for Sentry queries below - I'm not very confident with Sentry so I don't have much input on it's usage
Alternative options
- An interactive tool similar to the tool @bcarranza provides here for generating
cli
commands - An interactive tool that provides a form that generates a query string based on the form inputs