OBSDOCS-1972 migrate old content - add in log_alerts folder

Author: gabriel-rh

_topic_maps/_topic_map.yml

@@ -90,3 +90,11 @@ Topics:
   File: cluster-logging-dashboards
 - Name: Log visualization with Kibana
   File: logging-kibana
+---
+Name: Logging alerts
+Dir: logging_alerts
+Topics:
+- Name: Default logging alerts
+  File: default-logging-alerts
+- Name: Custom logging alerts
+  File: custom-logging-alerts

logging_alerts/_attributes

@@ -0,0 +1 @@
+../_attributes/

logging_alerts/custom-logging-alerts.adoc

@@ -0,0 +1,39 @@
+:_mod-docs-content-type: ASSEMBLY
+[id="custom-logging-alerts"]
+include::_attributes/common-attributes.adoc[]
+= Custom logging alerts
+:context: custom-logging-alerts
+
+toc::[]
+
+In logging 5.7 and later versions, users can configure the LokiStack deployment to produce customized alerts and recorded metrics. If you want to use customized link:https://grafana.com/docs/loki/latest/alert/[alerting and recording rules], you must enable the LokiStack ruler component.
+
+LokiStack log-based alerts and recorded metrics are triggered by providing link:https://grafana.com/docs/loki/latest/query/[LogQL] expressions to the ruler component. The {loki-op} manages a ruler that is optimized for the selected LokiStack size, which can be `1x.extra-small`, `1x.small`, or `1x.medium`.
+
+To provide these expressions, you must create an `AlertingRule` custom resource (CR) containing Prometheus-compatible link:https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/[alerting rules], or a `RecordingRule` CR containing Prometheus-compatible link:https://prometheus.io/docs/prometheus/latest/configuration/recording_rules/[recording rules].
+
+Administrators can configure log-based alerts or recorded metrics for `application`, `audit`, or `infrastructure` tenants. Users without administrator permissions can configure log-based alerts or recorded metrics for `application` tenants of the applications that they have access to.
+
+Application, audit, and infrastructure alerts are sent by default to the {ocp-product-title} monitoring stack Alertmanager in the `openshift-monitoring` namespace, unless you have disabled the local Alertmanager instance. If the Alertmanager that is used to monitor user-defined projects in the `openshift-user-workload-monitoring` namespace is enabled, application alerts are sent to the Alertmanager in this namespace by default.
+
+include::modules/configuring-logging-loki-ruler.adoc[leveloffset=+1]
+include::modules/loki-rbac-rules-permissions.adoc[leveloffset=+1]
+
+
+[role="_additional-resources"]
+.Additional resources
+* link:https://docs.openshift.com/container-platform/latest/authentication/using-rbac.adoc#using-rbac[Using RBAC to define and apply permissions]
+
+include::modules/logging-enabling-loki-alerts.adoc[leveloffset=+1]
+
+[role="_additional-resources"]
+[id="additional-resources_custom-logging-alerts"]
+== Additional resources
+//TODO ROSA
+ifdef::openshift-dedicated,openshift-rosa[]
+* xref:../../../observability/monitoring/monitoring-overview.adoc#about-openshift-monitoring[About {product-title} monitoring]
+endif::openshift-dedicated,openshift-rosa[]
+
+* link:https://docs.openshift.com/container-platform/latest/observability/monitoring/about-ocp-monitoring/about-ocp-monitoring.adoc#about-ocp-monitoring[About {ocp-product-title} monitoring]
+* link:https://docs.openshift.com/container-platform/latest/post_installation_configuration/configuring-alert-notifications.adoc#configuring-alert-notifications[Configuring alert notifications]
+// maybe need an update to https://docs.openshift.com/container-platform/4.13/observability/monitoring/monitoring-overview.html#default-monitoring-targets_monitoring-overview to talk about Loki and Vector now? Are these part of default monitoring?

logging_alerts/default-logging-alerts.adoc

@@ -0,0 +1,29 @@
+:_mod-docs-content-type: ASSEMBLY
+[id="default-logging-alerts"]
+include::_attributes/common-attributes.adoc[]
+= Default logging alerts
+:context: default-logging-alerts
+
+toc::[]
+
+Logging alerts are installed as part of the {clo} installation. Alerts depend on metrics exported by the log collection and log storage backends. These metrics are enabled if you selected the option to *Enable Operator recommended cluster monitoring on this namespace* when installing the {clo}.
+
+Default logging alerts are sent to the {ocp-product-title} monitoring stack Alertmanager in the `openshift-monitoring` namespace, unless you have disabled the local Alertmanager instance.
+
+// TODO MONITORING REMOVE DEPENDENCY
+include::modules/monitoring-accessing-the-alerting-ui.adoc[leveloffset=+1]
+include::modules/logging-collector-alerts.adoc[leveloffset=+1]
+include::modules/logging-vector-collector-alerts.adoc[leveloffset=+1]
+include::modules/logging-fluentd-collector-alerts.adoc[leveloffset=+1]
+include::modules/cluster-logging-elasticsearch-rules.adoc[leveloffset=+1]
+
+[role="_additional-resources"]
+[id="additional-resources_default-logging-alerts"]
+== Additional resources
+// TODO ROSA
+ifdef::openshift-dedicated,openshift-rosa[]
+* xref:../../../observability/monitoring/managing-alerts.adoc#modifying-core-platform-alerting-rules_managing-alerts[Modifying core platform alerting rules]
+endif::openshift-dedicated,openshift-rosa[]
+
+* link:https://docs.openshift.com/container-platform/latest/observability/monitoring/managing-alerts/managing-alerts-as-an-administrator.adoc#modifying-core-platform-alerting-rules_managing-alerts-as-an-administrator[Modifying core platform alerting rules]
+

logging_alerts/images

@@ -0,0 +1 @@
+../images/

logging_alerts/modules

@@ -0,0 +1 @@
+../modules/

logging_alerts/snippets

@@ -0,0 +1 @@
+../snippets/