[ResponseOps][Alerting] Index threshold alert can't use unsigned long data type (#138452)

* Adding unsigned_long * Reverting comment change Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
2025-04-24 17:59:23 -04:00 · 2022-08-10 10:06:39 -04:00 · 2022-08-10 10:06:39 -04:00 · 05da4a3965
commit 05da4a3965
parent e2401c97e4
4 changed files with 44 additions and 0 deletions
--- a/x-pack/plugins/triggers_actions_ui/server/data/routes/fields.ts
+++ b/x-pack/plugins/triggers_actions_ui/server/data/routes/fields.ts
@ -138,4 +138,5 @@ const normalizedFieldTypes: Record<string, string> = {
  float: 'number',
  half_float: 'number',
  scaled_float: 'number',
+  unsigned_long: 'number',
 };
--- a/x-pack/test/alerting_api_integration/common/lib/es_test_index_tool.ts
+++ b/x-pack/test/alerting_api_integration/common/lib/es_test_index_tool.ts
@ -50,6 +50,9 @@ export class ESTestIndexTool {
              testedValue: {
                type: 'long',
              },
+              testedValueUnsigned: {
+                type: 'unsigned_long',
+              },
              group: {
                type: 'keyword',
              },
--- a/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/builtin_alert_types/index_threshold/alert.ts
+++ b/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/builtin_alert_types/index_threshold/alert.ts
@ -265,6 +265,45 @@ export default function ruleTests({ getService }: FtrProviderContext) {
      expect(inGroup2).to.be.greaterThan(0);
    });

+    it('runs correctly: max grouped on unsigned long', async () => {
+      await createRule({
+        name: 'never fire',
+        aggType: 'max',
+        aggField: 'testedValueUnsigned',
+        groupBy: 'top',
+        termField: 'group',
+        termSize: 2,
+        thresholdComparator: '<',
+        threshold: [Number.MAX_SAFE_INTEGER],
+      });
+
+      await createRule({
+        name: 'always fire',
+        aggType: 'max',
+        aggField: 'testedValueUnsigned',
+        groupBy: 'top',
+        termField: 'group',
+        termSize: 2, // two actions will fire each interval
+        thresholdComparator: '>=',
+        threshold: [Number.MAX_SAFE_INTEGER],
+      });
+
+      // create some more documents in the first group
+      await createEsDocumentsInGroups(1);
+
+      const docs = await waitForDocs(4);
+
+      for (const doc of docs) {
+        const { name, message } = doc._source.params;
+
+        expect(name).to.be('always fire');
+
+        const messagePattern =
+          /alert 'always fire' is active for group \'group-\d\':\n\n- Value: \d+\n- Conditions Met: max\(testedValueUnsigned\) is greater than or equal to \d+ over 15s\n- Timestamp: \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{3}Z/;
+        expect(message).to.match(messagePattern);
+      }
+    });
+
    it('runs correctly: min grouped', async () => {
      await createRule({
        name: 'never fire',
--- a/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/builtin_alert_types/index_threshold/create_test_data.ts
+++ b/x-pack/test/alerting_api_integration/spaces_only/tests/alerting/builtin_alert_types/index_threshold/create_test_data.ts
@ -65,6 +65,7 @@ async function createEsDocument(
    date: new Date(epochMillis).toISOString(),
    date_epoch_millis: epochMillis,
    testedValue,
+    testedValueUnsigned: '18446744073709551615',
    group,
    '@timestamp': new Date(epochMillis).toISOString(),
  };