Sysdig Documentation

Explore Workflows

While every user has unique needs from Sysdig Monitor, there are three main workflows that you can follow when building out the interface and monitoring your infrastructure.

Workflow One

This workflow assumes that an alert has not been triggered yet.

Start with Explore , identify a problem area, then drill-down into the data. This workflow is the most basic approach, as it begins with a user monitoring the overall infrastructure, rather than with a specific alert notification. The workflow tends to follow the following steps:

  1. Organize the infrastructure with groupings.

  2. Define key signals with alerts and dashboards to detect a problem.

  3. Identify a problem area, and drill down into the data using dashboards, metrics, and by adjusting groupings and scope as necessary.

Workflow Two

Start with an event notification, and begin troubleshooting. This workflow begins with an already configured alert and event being triggered. Unlike workflow one, this workflow assumes that pre-determined data boundaries have already been set:

  1. Explore the event by adjusting time windows, scope, and segmentation.

  2. Identify the exact area of concern within the infrastructure.

  3. Drill down into the data to troubleshoot the issue.

Workflow Three

Customize default dashboard panels to troubleshoot a potential issue. This workflow assumes that an issue has been identified within one of the default dashboards, but alerts have not been set up for the problem area.

  1. Copy the displayed panel to a new dashboard.

  2. Create an alert based on the dashboard panel.

  3. Configure a Sysdig Capture on demand.