Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Response Ops] Adds recovery context for ES query rule type #132839

Merged
merged 15 commits into from Jun 4, 2022
Merged

[Response Ops] Adds recovery context for ES query rule type #132839

merged 15 commits into from Jun 4, 2022

Conversation

ymao1
Copy link
Contributor

@ymao1 ymao1 commented May 24, 2022
edited

Resolves #126626

Summary

Adds recovery context for ES query rule type. Also renamed alert to rule for the ES query rule type files so that is responsible for a lot of the changes in this PR.

To Verify

  • Create an ES query rule from stack management page and add a recovered action. Make sure you can access the context variables in the action variable menu when the Run when is recovered and ensure that those context variables are populated when the recovery action runs
  • Do the same thing with a search threshold rule created from Discover.

Checklist

@ymao1 ymao1 changed the title Renaming alert to rule for es query rule type [Response Ops] Adds recovery context for ES query rule type May 27, 2022
@ymao1
Copy link
Contributor Author

ymao1 commented May 27, 2022

@elasticmachine merge upstream

@ymao1
Copy link
Contributor Author

ymao1 commented May 31, 2022

@elasticmachine merge upstream

ymao1
ymao1 commented Jun 2, 2022
View reviewed changes
x-pack/plugins/stack_alerts/server/alert_types/es_query/executor.ts
const conditionMet = compareFn(numMatches, params.threshold);

const base = publicBaseUrl;
const spacePrefix = spaceId !== 'default' ? `/s/${spaceId}` : '';
const link = esQueryRule
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kertal @dimaanj I added a space prefix to the generated link when the rule is not in a default space. Can you verify that this is correct for the discover link?

@ymao1 ymao1 self-assigned this Jun 2, 2022
@ymao1 ymao1 added release_note:enhancement Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Feature:Alerting/RuleTypes Issues related to specific Alerting Rules Types v8.4.0 labels Jun 2, 2022
@ymao1 ymao1 marked this pull request as ready for review June 2, 2022 13:58
@ymao1 ymao1 requested a review from a team as a code owner June 2, 2022 13:58
@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops (Team:ResponseOps)

@ymao1 ymao1 requested review from kertal and dimaanj June 2, 2022 13:58
mikecote
mikecote approved these changes Jun 2, 2022
View reviewed changes
Copy link
Contributor

@mikecote mikecote left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested locally from stack management and from discover. Saw the variables display in the UI and populate in the action. LGTM 👍

pmuellr
pmuellr approved these changes Jun 3, 2022
View reviewed changes
Copy link
Member

@pmuellr pmuellr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM; worked as expected

@ymao1
Copy link
Contributor Author

ymao1 commented Jun 4, 2022

@elasticmachine merge upstream

@ymao1 ymao1 removed request for kertal and dimaanj June 4, 2022 12:48
@ymao1 ymao1 enabled auto-merge (squash) June 4, 2022 12:48
@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @ymao1

@ymao1 ymao1 merged commit a5a287b into elastic:main Jun 4, 2022
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Jun 4, 2022
@ymao1 ymao1 deleted the alerting/es-recovery-context branch June 4, 2022 20:54
mibragimov pushed a commit to mibragimov/kibana that referenced this pull request Jun 7, 2022
@ymao1 @kibanamachine
[Response Ops] Adds recovery context for ES query rule type (elastic#…
3c2023c 
…132839)

* Renaming alert to rule for es query rule type

* adding recovery context

* Updating unit tests

* Fixing i18n

* Adding functional test

* Adding functional test

* Fixing functional test

* Adding space id to link

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pmuellr pmuellr pmuellr approved these changes

@mikecote mikecote mikecote approved these changes

Assignees

@ymao1 ymao1

Labels
backport:skip This commit does not require backporting Feature:Alerting/RuleTypes Issues related to specific Alerting Rules Types release_note:enhancement Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) v8.4.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Reponse Ops] Context on recovered alerts for Elasticsearch query rule type
6 participants
@ymao1 @elasticmachine @kibana-ci @pmuellr @mikecote @kibanamachine