Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Response Ops] Allow _source field for ES DSL query rules #142223

Merged
merged 5 commits into from
Oct 5, 2022
Merged

[Response Ops] Allow _source field for ES DSL query rules #142223

merged 5 commits into from
Oct 5, 2022

Conversation

ymao1
Copy link
Contributor

@ymao1 ymao1 commented Sep 29, 2022
edited
Loading

Resolves #124749

Summary

Allows users to specify _source field in their ES DSL query in order to filter the fields that are returned.

To Verify

Create an ES query rule type using the different _source options available: https://www.elastic.co/guide/en/elasticsearch/reference/current/search-fields.html#source-filtering. Ensure that the source returned in the context.hits variable is as expected. I used a server log action to log the context.hits array

Checklist

@github-actions
Copy link

Documentation preview:

@ymao1 ymao1 changed the title Alerting/es query rule source [Response Ops] Allow _source field for ES DSL query rules Sep 29, 2022
@ymao1 ymao1 self-assigned this Sep 29, 2022
@ymao1 ymao1 added release_note:enhancement Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Feature:Alerting/RuleTypes Issues related to specific Alerting Rules Types v8.6.0 labels Sep 29, 2022
@ymao1 ymao1 marked this pull request as ready for review September 29, 2022 14:48
@ymao1 ymao1 requested review from a team as code owners September 29, 2022 14:48
@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops (Team:ResponseOps)

@ymao1
Copy link
Contributor Author

ymao1 commented Oct 3, 2022

@elasticmachine merge upstream

doakalexi
doakalexi approved these changes Oct 4, 2022
View reviewed changes
Copy link
Contributor

@doakalexi doakalexi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! I was able to see _source returned in the context hits.

@ymao1
Copy link
Contributor Author

ymao1 commented Oct 5, 2022

@elasticmachine merge upstream

@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
stackAlerts 101.1KB 101.1KB +36.0B

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @ymao1

ersin-erdal
ersin-erdal approved these changes Oct 5, 2022
View reviewed changes
Copy link
Contributor

@ersin-erdal ersin-erdal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.
Tested locally and observed the expected result.

@ymao1 ymao1 merged commit 4f649c0 into elastic:main Oct 5, 2022
@ymao1 ymao1 deleted the alerting/es-query-rule-source branch October 5, 2022 23:19
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Oct 5, 2022
WafaaNasr pushed a commit to WafaaNasr/kibana that referenced this pull request Oct 11, 2022
@ymao1 @kibanamachine @WafaaNasr
[Response Ops] Allow _source field for ES DSL query rules (elastic#…
8d1e904 
…142223)

* Allowing _source in ES query DSL

* Adding functional test

* Adding to doc

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
WafaaNasr pushed a commit to WafaaNasr/kibana that referenced this pull request Oct 14, 2022
@ymao1 @kibanamachine @WafaaNasr
[Response Ops] Allow _source field for ES DSL query rules (elastic#…
46ed5cb 
…142223)

* Allowing _source in ES query DSL

* Adding functional test

* Adding to doc

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ersin-erdal ersin-erdal ersin-erdal approved these changes

@doakalexi doakalexi doakalexi approved these changes

Assignees

@ymao1 ymao1

Labels
backport:skip This commit does not require backporting Feature:Alerting/RuleTypes Issues related to specific Alerting Rules Types release_note:enhancement Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) v8.6.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add filter_path option to Elasticsearch query alert rules
6 participants
@ymao1 @elasticmachine @kibana-ci @ersin-erdal @doakalexi @kibanamachine