Incident Statuses
Updating the Status of an incident has three key benefits:
- Communication: the rest of your team will know that somebody has triaged the issue and if it still pending or not. Filtering just for incidents with no status is an easy way to ensure nothing has fallen through the cracks.
- Machine learning accuracy: Monte Carlo's ML will remove incidents with certain statuses from its training set, helping to keep thresholds accurate and sensitive.
- Reporting: key operational metrics, like Time to Response and Status Update Rate, are only calculated if the status is updated. These metrics are valuable for setting goals and communicating progress to leadership.
| Status | Intended purpose | Impacts ML Models? |
|---|---|---|
| No Status | The default for a newly created incident. | No |
| Investigating | Someone is actively investigating if this is a meaningful issue. | No |
| Work in progress | It was a meaningful issue that is currently being fixed. | No |
| Fixed | The issue was fixed and the data is now back to normal. | Yes |
| Expected | The detection was a valid anomaly from a statistical standpoint, but was the expected result of something like a pipeline change or planned maintenance. | No |
| No action needed | The detection was a valid anomaly from a statistical standpoint, but was not important enough to merit any further action. | No |
| False positive | The detection was not a valid statistical anomaly. Sometimes, this can be the result of a data collection issue from Monte Carlo. | Yes |
Marking an incident as Fixed results in the anomaly being removed from the training set for machine learning thresholds. This helps to keep thresholds accurate and sensitive.
Updated 3 months ago