Documentation for alert variables/parameters

[arisonl]

As more variables and parameters variables are added by the various alert types, we need to provide documentation for them. Perhaps, a link from within the UI to the docs might be a good idea too in this case, e.g. we have such a link to the documentation of external tools (e.g. how to spin up a SN dev instance in the corresponding connector UI currently exists).

[elasticmachine]

Pinging @elastic/kibana-alerting-services (Team:Alerting Services)

[mikecote]

An example of how the variables can be documented: https://www.elastic.co/guide/en/kibana/current/url_templating.html

[mikecote]

Moving from 7.12 - Candidates to 7.x - Candidates.

[arisonl]

Known documentation:

Stack:

• Index threshold
• Geo containment

Observability:

• Log threshold
• Infrastructure threshold
• Metric threshold
• Monitor status
• TLS cert
• Uptime duration anomaly

Security:
Rule creation (Custom query, Threshold, ML, Correlation/EQL, Indicator match)

Is this conclusive?

Aim:
To have something similar to our action and connectors docs, where we have one page that links to all of the action types, and each one follows a similar pattern.

[mikecote]

@arisonl, that sounds like a separate issue than the context of this one. It may relate to #80632 or an item in #81532.

[arisonl]

Thanks Mike, copied it to the second issue you provided.

[mikecote]

Removing from the project, now part of #89999 meta issue in To-Do.

[ymao1]

@arisonl @mikecote Is this meant to be documentation for the context variables for each alert type available to the action?

[mikecote]

@arisonl

Perhaps, a link from within the UI to the docs might be a good idea too in this case

We've added this with #81526. Do we need to repeat the link and deep-link to the action variables?

If not, I think all there is left for this issue is to make sure we have the action variables documented for ES Query and Index Threshold then close the issue.