github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-27 18:51:07 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Response Ops][Alerting] Using refresh=true instead of refresh='wait_for' when writing alerts (#166296)

Browse source 
Resolves https://github.com/elastic/kibana/issues/163953

## Summary

Changes `refresh='wait_for'` to `refresh=true` when bulk indexing alerts
from the alerting framework and the rule registry. For persistence
alerts, `refresh=false` is used when the rule execution is a preview.

## Notes

I deployed this image to the serverless QA environment and compared
execution times between this branch and the default QA version with an
index threshold rule that creates and active alert each run.

Default QA version:
* avg 8.16 seconds
* P99 15.5 seconds

QA using this image:
* avg: 0.6 seconds
* P99 1.7 seconds

---------

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Ryland Herrick <ryalnd@gmail.com>
This commit is contained in:
Ying Mao 2023-09-27 17:32:26 -04:00 committed by GitHub
parent ac2d3db3ff
commit 02b7c96247
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 15 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

18
x-pack/plugins/alerting/server/alerts_client/alerts_client.test.ts
View file

@ -376,7 +376,7 @@ describe('Alerts Client', () => {
expect(clusterClient.bulk).toHaveBeenCalledWith({
index: '.alerts-test.alerts-default',
refresh: 'wait_for',
refresh: true,
require_alias: !useDataStreamForAlerts,
body: [
{
@ -588,7 +588,7 @@ describe('Alerts Client', () => {
expect(clusterClient.bulk).toHaveBeenCalledWith({
index: '.alerts-test.alerts-default',
refresh: 'wait_for',
refresh: true,
require_alias: !useDataStreamForAlerts,
body: [
{
@ -821,7 +821,7 @@ describe('Alerts Client', () => {
expect(clusterClient.bulk).toHaveBeenCalledWith({
index: '.alerts-test.alerts-default',
refresh: 'wait_for',
refresh: true,
require_alias: !useDataStreamForAlerts,
body: [
{
@ -1047,7 +1047,7 @@ describe('Alerts Client', () => {
expect(clusterClient.bulk).toHaveBeenCalledWith({
index: '.alerts-test.alerts-default',
refresh: 'wait_for',
refresh: true,
require_alias: !useDataStreamForAlerts,
body: [
{
@ -1465,7 +1465,7 @@ describe('Alerts Client', () => {
expect(clusterClient.bulk).toHaveBeenCalledWith({
index: '.alerts-test.alerts-default',
refresh: 'wait_for',
refresh: true,
require_alias: !useDataStreamForAlerts,
body: [
{
@ -2128,7 +2128,7 @@ describe('Alerts Client', () => {
expect(clusterClient.bulk).toHaveBeenCalledWith({
index: '.alerts-test.alerts-default',
refresh: 'wait_for',
refresh: true,
require_alias: !useDataStreamForAlerts,
body: [
{
@ -2395,7 +2395,7 @@ describe('Alerts Client', () => {
expect(clusterClient.bulk).toHaveBeenCalledWith({
index: '.alerts-test.alerts-default',
refresh: 'wait_for',
refresh: true,
require_alias: !useDataStreamForAlerts,
body: [
{
@ -2571,7 +2571,7 @@ describe('Alerts Client', () => {
expect(clusterClient.bulk).toHaveBeenCalledWith({
index: '.alerts-test.alerts-default',
refresh: 'wait_for',
refresh: true,
require_alias: !useDataStreamForAlerts,
body: [
{
@ -2743,7 +2743,7 @@ describe('Alerts Client', () => {
expect(clusterClient.bulk).toHaveBeenCalledWith({
index: '.alerts-test.alerts-default',
refresh: 'wait_for',
refresh: true,
require_alias: !useDataStreamForAlerts,
body: [
{

2
x-pack/plugins/alerting/server/alerts_client/alerts_client.ts
View file

@ -408,7 +408,7 @@ export class AlertsClient<
try {
const response = await esClient.bulk({
refresh: 'wait_for',
refresh: true,
index: this.indexTemplateAndPattern.alias,
require_alias: !this.isUsingDataStreams(),
body: bulkBody,

2
x-pack/plugins/alerting/server/task_runner/task_runner_alerts_client.test.ts
View file

@ -483,7 +483,7 @@ describe('Task Runner', () => {
expect(clusterClient.bulk).toHaveBeenCalledWith({
index: '.alerts-test.alerts-default',
refresh: 'wait_for',
refresh: true,
require_alias: !useDataStreamForAlerts,
body: [
{

2
x-pack/plugins/rule_registry/server/utils/create_lifecycle_executor.ts
View file

@ -383,7 +383,7 @@ export const createLifecycleExecutor =
},
event,
]),
refresh: 'wait_for',
refresh: true,
});
} else {
logger.debug(

2
x-pack/plugins/rule_registry/server/utils/create_persistence_rule_type_wrapper.ts
View file

@ -354,7 +354,7 @@ export const createPersistenceRuleTypeWrapper: CreatePersistenceRuleTypeWrapper
const bulkResponse = await ruleDataClientWriter.bulk({
body: [...duplicateAlertUpdates, ...mapAlertsToBulkCreate(augmentedAlerts)],
refresh: 'wait_for',
refresh: true,
});
if (bulkResponse == null) {

3
x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/create_security_rule_type_wrapper.ts
View file

@ -169,11 +169,10 @@ export const createSecurityRuleTypeWrapper: CreateSecurityRuleTypeWrapper =
};
const {
actions,
schedule: { interval },
} = completeRule.ruleConfig;
const refresh = actions.length ? 'wait_for' : false;
const refresh = isPreview ? false : true;
ruleExecutionLogger.debug(`Starting Security Rule execution (interval: ${interval})`);

2
x-pack/plugins/security_solution/server/lib/detection_engine/types.ts
View file

@ -9,4 +9,4 @@ import type { Filter } from '@kbn/es-query';
export type PartialFilter = Partial<Filter>;
export type RefreshTypes = false | 'wait_for';
export type RefreshTypes = boolean;