BigPanda Smart Search

Accelerate incident triage and remediation by quickly finding the information you need, without the need to translate your query into a strict format.

Smart Search uses natural language processing AI to quickly surface incidents from across BigPanda: in both the BigPanda console and directly in Slack.

🚧

Beta Functionality

This feature is available in a limited release for select customers only. Contact your account team if you'd like this feature enabled for your organization.

Key Features

• Find the information you need to triage incidents, no coding or platform expertise required.
• Search where you’re already working, whether in Slack or the BigPanda console.
• Query incidents based on any of their characteristics without needing to learn BigPanda Query Language.

Smart Search Queries

Smart Search looks for incidents based on their incident and alert tags. To ensure accurate results, please include these parameters in your search query, as well as incident’s status, severity, etc. You can use natural language to search for incidents based on these parameters. 

Example queries: 

• Show all active incidents
• Give me all incidents with host that contains prod
• Find all resolved incidents with service snooze-api
• Search for all the active incidents where region is us-west-1 and impacted service is snooze-api

Smart Search in the BigPanda Console

Smart Search can be used in the BigPanda Console to search for all incidents or incidents in a specific environment.

To use the search builder:

1. Navigate to the incident feed for the environment you wish to search.
2. Click the purple star icon next to the search bar at the top of the feed.
3. Write your search query, then click the magnifying glass icon or press the enter key. This will translate your search into a BPQL query. You can either copy the query or click Search to run your search.
4. The search window will then automatically close and your results will populate in the incident feed.

📘

Provide Feedback

Select either the Yes or No button on the bottom right of the window to send BigPanda feedback about the search generation. We use this feedback to improve our LLM to continually provide you with better experiences.

Smart Search Slack App

You can also search for incidents via the BigPanda Smart Search Slack app. You can add this app to any public or private Slack channel and use it to search all incidents in BigPanda. 

If the Smart Search app finds any matches, you’ll see the number of matching incidents, a link to the BPQL query that was generated based on your search, and a link to each of the matching incidents. Ten incidents are displayed at a time. You can click Show More Incidents to load the next ten in the list.

Each incident that matches the search will display the following information in Slack:

• The name of the incident.
• The incident ID, with a direct hyperlink to that incident.
• The incident status.
• The number of alerts correlated to that incident.

If you click the BPQL query link, you’ll be taken to the Unified Search screen where you’ll see that query performed. Clicking any of the matching incidents will take you directly to that incident in the feed. If you’re not logged in to BigPanda, you’ll first be prompted to sign in.

📘

Search by Timeframe

With the Slack app, you can also search for incidents within a certain timeframe by specifying the time in the free text search. (Example: "find all resolved incidents from the past 24 hours with service snooze-api”)

🚧

Search Results Visibility

When a search is run in a Slack channel, the results will be visible to everyone in that channel, regardless of whether or not they have access to the app itself.

Add the BigPanda Smart Search App to Slack

A slack administrator can add the bp-smart-search app to your Slack workspace.

Choose from the links below based on your region:

• US: https://api.bigpanda.io/nlp/incidents/slack/install
• EU: https://eu-api.bigpanda.io/nlp/incidents/slack/install

Create API Keys

The Smart Search Slack app connects to BigPanda using an API key. Each user needs their own key to interact with the app. You’ll only need the API key during the app's initial setup.

See the Create a New Key documentation for instructions on how to create an API key. 

Add the Smart Search App to a Channel

Follow these steps to add the app to a channel and enable smart search for your individual slack user account.

1. Go to the Slack channel where you would like to add BigPanda Smart Search.
2. Enter @BigPanda-Smart-Search to add it to a channel.
3. Enter /bp-smart-search-connect [API KEY] and select it from the drop-down menu. Paste in your API key and press Enter. (For organizations in the EU, the command will appear as /bp-smart-search-eu-connect). Each user must make this step to query BigPanda Smart Search.
4. If the connection succeeded, you will see the message: Successfully connected to <your organization name>. You can start running search commands.
5. (Optional) Repeat steps 2 - 4 for each additional Slack channel where you would like to add the app.

🚧

Multiple User Connections

Even if the app has been enabled for a channel you are part of, you will still need to follow step three to connect with your own API key. API connections to the Smart Search app work on a per-user basis, not per-channel.

🚧

Connection Errors

If you see an error message when you attempt to connect, generate a new API key and try connecting again.

📘

Single-Organization Only

The Slack app only supports Smart Search for one organization at a time. In order to use the feature for another organization, you'll need to create an API key in that organization and then reconnect the app with the new API key using the steps above.

Search for BigPanda Incidents in Slack

Once Smart Search has been added to a Slack channel, you can begin searching for incidents.

To search for incidents:

1. In your Slack channel, type /bigpanda-smart-search [free text query] and select it from the drop-down menu. (For organizations in the EU, it will be /bp-smart-search-eu [free text query])
2. Enter your query in the query field.