github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 09:19:04 -04:00
Code Issues Projects Releases Packages Wiki Activity

[8.x] Consolidate Rule schemas (#195613) (#198048)

Browse source 
# Backport

This will backport the following commits from `main` to `8.x`:
- [Consolidate Rule schemas
(#195613)](https://github.com/elastic/kibana/pull/195613)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Ersin
Erdal","email":"92688503+ersin-erdal@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-28T16:07:35Z","message":"Consolidate
Rule schemas (#195613)\n\nTowards: #172513\r\n\r\nThis PR removes
`RawRule` type from `alerting/server/type` and\r\n`RuleAttributes`
schema/types.\r\nAnd uses the `RawRule` that is used for ModelVersions
instead of them.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"babb0feb8e10928b9585765fbce9ca69b5168550","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:ResponseOps","v9.0.0","backport:prev-minor"],"title":"Consolidate
Rule
schemas","number":195613,"url":"https://github.com/elastic/kibana/pull/195613","mergeCommit":{"message":"Consolidate
Rule schemas (#195613)\n\nTowards: #172513\r\n\r\nThis PR removes
`RawRule` type from `alerting/server/type` and\r\n`RuleAttributes`
schema/types.\r\nAnd uses the `RawRule` that is used for ModelVersions
instead of them.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"babb0feb8e10928b9585765fbce9ca69b5168550"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195613","number":195613,"mergeCommit":{"message":"Consolidate
Rule schemas (#195613)\n\nTowards: #172513\r\n\r\nThis PR removes
`RawRule` type from `alerting/server/type` and\r\n`RuleAttributes`
schema/types.\r\nAnd uses the `RawRule` that is used for ModelVersions
instead of them.\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"babb0feb8e10928b9585765fbce9ca69b5168550"}}]}]
BACKPORT-->

Co-authored-by: Ersin Erdal <92688503+ersin-erdal@users.noreply.github.com>
This commit is contained in:
Kibana Machine 2024-10-29 04:51:59 +11:00 committed by GitHub
parent a01ce27674
commit 0db9aee0be
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
73 changed files with 900 additions and 1745 deletions
Download patch file Download diff file Expand all files Collapse all files

352
oas_docs/bundle.json
View file

@ -2002,80 +2002,13 @@
"type": "number"
},
"outcome": {
"additionalProperties": false,
"properties": {
"alerts_count": {
"additionalProperties": false,
"properties": {
"active": {
"description": "Number of active alerts during last run.",
"nullable": true,
"type": "number"
},
"ignored": {
"description": "Number of ignored alerts during last run.",
"nullable": true,
"type": "number"
},
"new": {
"description": "Number of new alerts during last run.",
"nullable": true,
"type": "number"
},
"recovered": {
"description": "Number of recovered alerts during last run.",
"nullable": true,
"type": "number"
}
},
"type": "object"
},
"outcome": {
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "string"
},
"outcome_msg": {
"items": {
"description": "Outcome message generated during last rule run.",
"type": "string"
},
"nullable": true,
"type": "array"
},
"outcome_order": {
"description": "Order of the outcome.",
"type": "number"
},
"warning": {
"description": "Warning of last rule execution.",
"enum": [
"read",
"decrypt",
"execute",
"unknown",
"license",
"timeout",
"disabled",
"validate",
"maxExecutableActions",
"maxAlerts",
"maxQueuedActions",
"ruleExecution"
],
"nullable": true,
"type": "string"
}
},
"required": [
"outcome",
"alerts_count"
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "object"
"type": "string"
},
"success": {
"description": "Indicates whether the rule run was successful.",
@ -2242,6 +2175,7 @@
"description": "Indicates hours of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byminute": {
@ -2249,6 +2183,7 @@
"description": "Indicates minutes of the hour to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonth": {
@ -2256,6 +2191,7 @@
"description": "Indicates months of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonthday": {
@ -2263,6 +2199,7 @@
"description": "Indicates the days of the month to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysecond": {
@ -2270,6 +2207,7 @@
"description": "Indicates seconds of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysetpos": {
@ -2277,6 +2215,7 @@
"description": "A positive or negative integer affecting the nth day of the month. For example, -2 combined with `byweekday` of FR is 2nd to last Friday of the month. It is recommended to not set this manually and just use `byweekday`.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byweekday": {
@ -2291,6 +2230,7 @@
],
"description": "Indicates the days of the week to recur or else nth-day-of-month strings. For example, \"+2TU\" second Tuesday of month, \"-1FR\" last Friday of the month, which are internally converted to a `byweekday/bysetpos` combination."
},
"nullable": true,
"type": "array"
},
"byweekno": {
@ -2298,6 +2238,7 @@
"description": "Indicates number of the week hours to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byyearday": {
@ -2305,6 +2246,7 @@
"description": "Indicates the days of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"count": {
@ -3240,80 +3182,13 @@
"type": "number"
},
"outcome": {
"additionalProperties": false,
"properties": {
"alerts_count": {
"additionalProperties": false,
"properties": {
"active": {
"description": "Number of active alerts during last run.",
"nullable": true,
"type": "number"
},
"ignored": {
"description": "Number of ignored alerts during last run.",
"nullable": true,
"type": "number"
},
"new": {
"description": "Number of new alerts during last run.",
"nullable": true,
"type": "number"
},
"recovered": {
"description": "Number of recovered alerts during last run.",
"nullable": true,
"type": "number"
}
},
"type": "object"
},
"outcome": {
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "string"
},
"outcome_msg": {
"items": {
"description": "Outcome message generated during last rule run.",
"type": "string"
},
"nullable": true,
"type": "array"
},
"outcome_order": {
"description": "Order of the outcome.",
"type": "number"
},
"warning": {
"description": "Warning of last rule execution.",
"enum": [
"read",
"decrypt",
"execute",
"unknown",
"license",
"timeout",
"disabled",
"validate",
"maxExecutableActions",
"maxAlerts",
"maxQueuedActions",
"ruleExecution"
],
"nullable": true,
"type": "string"
}
},
"required": [
"outcome",
"alerts_count"
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "object"
"type": "string"
},
"success": {
"description": "Indicates whether the rule run was successful.",
@ -3480,6 +3355,7 @@
"description": "Indicates hours of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byminute": {
@ -3487,6 +3363,7 @@
"description": "Indicates minutes of the hour to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonth": {
@ -3494,6 +3371,7 @@
"description": "Indicates months of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonthday": {
@ -3501,6 +3379,7 @@
"description": "Indicates the days of the month to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysecond": {
@ -3508,6 +3387,7 @@
"description": "Indicates seconds of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysetpos": {
@ -3515,6 +3395,7 @@
"description": "A positive or negative integer affecting the nth day of the month. For example, -2 combined with `byweekday` of FR is 2nd to last Friday of the month. It is recommended to not set this manually and just use `byweekday`.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byweekday": {
@ -3529,6 +3410,7 @@
],
"description": "Indicates the days of the week to recur or else nth-day-of-month strings. For example, \"+2TU\" second Tuesday of month, \"-1FR\" last Friday of the month, which are internally converted to a `byweekday/bysetpos` combination."
},
"nullable": true,
"type": "array"
},
"byweekno": {
@ -3536,6 +3418,7 @@
"description": "Indicates number of the week hours to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byyearday": {
@ -3543,6 +3426,7 @@
"description": "Indicates the days of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"count": {
@ -4461,80 +4345,13 @@
"type": "number"
},
"outcome": {
"additionalProperties": false,
"properties": {
"alerts_count": {
"additionalProperties": false,
"properties": {
"active": {
"description": "Number of active alerts during last run.",
"nullable": true,
"type": "number"
},
"ignored": {
"description": "Number of ignored alerts during last run.",
"nullable": true,
"type": "number"
},
"new": {
"description": "Number of new alerts during last run.",
"nullable": true,
"type": "number"
},
"recovered": {
"description": "Number of recovered alerts during last run.",
"nullable": true,
"type": "number"
}
},
"type": "object"
},
"outcome": {
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "string"
},
"outcome_msg": {
"items": {
"description": "Outcome message generated during last rule run.",
"type": "string"
},
"nullable": true,
"type": "array"
},
"outcome_order": {
"description": "Order of the outcome.",
"type": "number"
},
"warning": {
"description": "Warning of last rule execution.",
"enum": [
"read",
"decrypt",
"execute",
"unknown",
"license",
"timeout",
"disabled",
"validate",
"maxExecutableActions",
"maxAlerts",
"maxQueuedActions",
"ruleExecution"
],
"nullable": true,
"type": "string"
}
},
"required": [
"outcome",
"alerts_count"
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "object"
"type": "string"
},
"success": {
"description": "Indicates whether the rule run was successful.",
@ -4701,6 +4518,7 @@
"description": "Indicates hours of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byminute": {
@ -4708,6 +4526,7 @@
"description": "Indicates minutes of the hour to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonth": {
@ -4715,6 +4534,7 @@
"description": "Indicates months of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonthday": {
@ -4722,6 +4542,7 @@
"description": "Indicates the days of the month to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysecond": {
@ -4729,6 +4550,7 @@
"description": "Indicates seconds of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysetpos": {
@ -4736,6 +4558,7 @@
"description": "A positive or negative integer affecting the nth day of the month. For example, -2 combined with `byweekday` of FR is 2nd to last Friday of the month. It is recommended to not set this manually and just use `byweekday`.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byweekday": {
@ -4750,6 +4573,7 @@
],
"description": "Indicates the days of the week to recur or else nth-day-of-month strings. For example, \"+2TU\" second Tuesday of month, \"-1FR\" last Friday of the month, which are internally converted to a `byweekday/bysetpos` combination."
},
"nullable": true,
"type": "array"
},
"byweekno": {
@ -4757,6 +4581,7 @@
"description": "Indicates number of the week hours to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byyearday": {
@ -4764,6 +4589,7 @@
"description": "Indicates the days of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"count": {
@ -5966,80 +5792,13 @@
"type": "number"
},
"outcome": {
"additionalProperties": false,
"properties": {
"alerts_count": {
"additionalProperties": false,
"properties": {
"active": {
"description": "Number of active alerts during last run.",
"nullable": true,
"type": "number"
},
"ignored": {
"description": "Number of ignored alerts during last run.",
"nullable": true,
"type": "number"
},
"new": {
"description": "Number of new alerts during last run.",
"nullable": true,
"type": "number"
},
"recovered": {
"description": "Number of recovered alerts during last run.",
"nullable": true,
"type": "number"
}
},
"type": "object"
},
"outcome": {
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "string"
},
"outcome_msg": {
"items": {
"description": "Outcome message generated during last rule run.",
"type": "string"
},
"nullable": true,
"type": "array"
},
"outcome_order": {
"description": "Order of the outcome.",
"type": "number"
},
"warning": {
"description": "Warning of last rule execution.",
"enum": [
"read",
"decrypt",
"execute",
"unknown",
"license",
"timeout",
"disabled",
"validate",
"maxExecutableActions",
"maxAlerts",
"maxQueuedActions",
"ruleExecution"
],
"nullable": true,
"type": "string"
}
},
"required": [
"outcome",
"alerts_count"
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "object"
"type": "string"
},
"success": {
"description": "Indicates whether the rule run was successful.",
@ -6206,6 +5965,7 @@
"description": "Indicates hours of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byminute": {
@ -6213,6 +5973,7 @@
"description": "Indicates minutes of the hour to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonth": {
@ -6220,6 +5981,7 @@
"description": "Indicates months of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonthday": {
@ -6227,6 +5989,7 @@
"description": "Indicates the days of the month to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysecond": {
@ -6234,6 +5997,7 @@
"description": "Indicates seconds of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysetpos": {
@ -6241,6 +6005,7 @@
"description": "A positive or negative integer affecting the nth day of the month. For example, -2 combined with `byweekday` of FR is 2nd to last Friday of the month. It is recommended to not set this manually and just use `byweekday`.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byweekday": {
@ -6255,6 +6020,7 @@
],
"description": "Indicates the days of the week to recur or else nth-day-of-month strings. For example, \"+2TU\" second Tuesday of month, \"-1FR\" last Friday of the month, which are internally converted to a `byweekday/bysetpos` combination."
},
"nullable": true,
"type": "array"
},
"byweekno": {
@ -6262,6 +6028,7 @@
"description": "Indicates number of the week hours to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byyearday": {
@ -6269,6 +6036,7 @@
"description": "Indicates the days of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"count": {

352
oas_docs/bundle.serverless.json
View file

@ -2002,80 +2002,13 @@
"type": "number"
},
"outcome": {
"additionalProperties": false,
"properties": {
"alerts_count": {
"additionalProperties": false,
"properties": {
"active": {
"description": "Number of active alerts during last run.",
"nullable": true,
"type": "number"
},
"ignored": {
"description": "Number of ignored alerts during last run.",
"nullable": true,
"type": "number"
},
"new": {
"description": "Number of new alerts during last run.",
"nullable": true,
"type": "number"
},
"recovered": {
"description": "Number of recovered alerts during last run.",
"nullable": true,
"type": "number"
}
},
"type": "object"
},
"outcome": {
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "string"
},
"outcome_msg": {
"items": {
"description": "Outcome message generated during last rule run.",
"type": "string"
},
"nullable": true,
"type": "array"
},
"outcome_order": {
"description": "Order of the outcome.",
"type": "number"
},
"warning": {
"description": "Warning of last rule execution.",
"enum": [
"read",
"decrypt",
"execute",
"unknown",
"license",
"timeout",
"disabled",
"validate",
"maxExecutableActions",
"maxAlerts",
"maxQueuedActions",
"ruleExecution"
],
"nullable": true,
"type": "string"
}
},
"required": [
"outcome",
"alerts_count"
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "object"
"type": "string"
},
"success": {
"description": "Indicates whether the rule run was successful.",
@ -2242,6 +2175,7 @@
"description": "Indicates hours of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byminute": {
@ -2249,6 +2183,7 @@
"description": "Indicates minutes of the hour to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonth": {
@ -2256,6 +2191,7 @@
"description": "Indicates months of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonthday": {
@ -2263,6 +2199,7 @@
"description": "Indicates the days of the month to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysecond": {
@ -2270,6 +2207,7 @@
"description": "Indicates seconds of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysetpos": {
@ -2277,6 +2215,7 @@
"description": "A positive or negative integer affecting the nth day of the month. For example, -2 combined with `byweekday` of FR is 2nd to last Friday of the month. It is recommended to not set this manually and just use `byweekday`.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byweekday": {
@ -2291,6 +2230,7 @@
],
"description": "Indicates the days of the week to recur or else nth-day-of-month strings. For example, \"+2TU\" second Tuesday of month, \"-1FR\" last Friday of the month, which are internally converted to a `byweekday/bysetpos` combination."
},
"nullable": true,
"type": "array"
},
"byweekno": {
@ -2298,6 +2238,7 @@
"description": "Indicates number of the week hours to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byyearday": {
@ -2305,6 +2246,7 @@
"description": "Indicates the days of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"count": {
@ -3240,80 +3182,13 @@
"type": "number"
},
"outcome": {
"additionalProperties": false,
"properties": {
"alerts_count": {
"additionalProperties": false,
"properties": {
"active": {
"description": "Number of active alerts during last run.",
"nullable": true,
"type": "number"
},
"ignored": {
"description": "Number of ignored alerts during last run.",
"nullable": true,
"type": "number"
},
"new": {
"description": "Number of new alerts during last run.",
"nullable": true,
"type": "number"
},
"recovered": {
"description": "Number of recovered alerts during last run.",
"nullable": true,
"type": "number"
}
},
"type": "object"
},
"outcome": {
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "string"
},
"outcome_msg": {
"items": {
"description": "Outcome message generated during last rule run.",
"type": "string"
},
"nullable": true,
"type": "array"
},
"outcome_order": {
"description": "Order of the outcome.",
"type": "number"
},
"warning": {
"description": "Warning of last rule execution.",
"enum": [
"read",
"decrypt",
"execute",
"unknown",
"license",
"timeout",
"disabled",
"validate",
"maxExecutableActions",
"maxAlerts",
"maxQueuedActions",
"ruleExecution"
],
"nullable": true,
"type": "string"
}
},
"required": [
"outcome",
"alerts_count"
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "object"
"type": "string"
},
"success": {
"description": "Indicates whether the rule run was successful.",
@ -3480,6 +3355,7 @@
"description": "Indicates hours of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byminute": {
@ -3487,6 +3363,7 @@
"description": "Indicates minutes of the hour to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonth": {
@ -3494,6 +3371,7 @@
"description": "Indicates months of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonthday": {
@ -3501,6 +3379,7 @@
"description": "Indicates the days of the month to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysecond": {
@ -3508,6 +3387,7 @@
"description": "Indicates seconds of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysetpos": {
@ -3515,6 +3395,7 @@
"description": "A positive or negative integer affecting the nth day of the month. For example, -2 combined with `byweekday` of FR is 2nd to last Friday of the month. It is recommended to not set this manually and just use `byweekday`.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byweekday": {
@ -3529,6 +3410,7 @@
],
"description": "Indicates the days of the week to recur or else nth-day-of-month strings. For example, \"+2TU\" second Tuesday of month, \"-1FR\" last Friday of the month, which are internally converted to a `byweekday/bysetpos` combination."
},
"nullable": true,
"type": "array"
},
"byweekno": {
@ -3536,6 +3418,7 @@
"description": "Indicates number of the week hours to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byyearday": {
@ -3543,6 +3426,7 @@
"description": "Indicates the days of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"count": {
@ -4461,80 +4345,13 @@
"type": "number"
},
"outcome": {
"additionalProperties": false,
"properties": {
"alerts_count": {
"additionalProperties": false,
"properties": {
"active": {
"description": "Number of active alerts during last run.",
"nullable": true,
"type": "number"
},
"ignored": {
"description": "Number of ignored alerts during last run.",
"nullable": true,
"type": "number"
},
"new": {
"description": "Number of new alerts during last run.",
"nullable": true,
"type": "number"
},
"recovered": {
"description": "Number of recovered alerts during last run.",
"nullable": true,
"type": "number"
}
},
"type": "object"
},
"outcome": {
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "string"
},
"outcome_msg": {
"items": {
"description": "Outcome message generated during last rule run.",
"type": "string"
},
"nullable": true,
"type": "array"
},
"outcome_order": {
"description": "Order of the outcome.",
"type": "number"
},
"warning": {
"description": "Warning of last rule execution.",
"enum": [
"read",
"decrypt",
"execute",
"unknown",
"license",
"timeout",
"disabled",
"validate",
"maxExecutableActions",
"maxAlerts",
"maxQueuedActions",
"ruleExecution"
],
"nullable": true,
"type": "string"
}
},
"required": [
"outcome",
"alerts_count"
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "object"
"type": "string"
},
"success": {
"description": "Indicates whether the rule run was successful.",
@ -4701,6 +4518,7 @@
"description": "Indicates hours of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byminute": {
@ -4708,6 +4526,7 @@
"description": "Indicates minutes of the hour to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonth": {
@ -4715,6 +4534,7 @@
"description": "Indicates months of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonthday": {
@ -4722,6 +4542,7 @@
"description": "Indicates the days of the month to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysecond": {
@ -4729,6 +4550,7 @@
"description": "Indicates seconds of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysetpos": {
@ -4736,6 +4558,7 @@
"description": "A positive or negative integer affecting the nth day of the month. For example, -2 combined with `byweekday` of FR is 2nd to last Friday of the month. It is recommended to not set this manually and just use `byweekday`.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byweekday": {
@ -4750,6 +4573,7 @@
],
"description": "Indicates the days of the week to recur or else nth-day-of-month strings. For example, \"+2TU\" second Tuesday of month, \"-1FR\" last Friday of the month, which are internally converted to a `byweekday/bysetpos` combination."
},
"nullable": true,
"type": "array"
},
"byweekno": {
@ -4757,6 +4581,7 @@
"description": "Indicates number of the week hours to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byyearday": {
@ -4764,6 +4589,7 @@
"description": "Indicates the days of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"count": {
@ -5966,80 +5792,13 @@
"type": "number"
},
"outcome": {
"additionalProperties": false,
"properties": {
"alerts_count": {
"additionalProperties": false,
"properties": {
"active": {
"description": "Number of active alerts during last run.",
"nullable": true,
"type": "number"
},
"ignored": {
"description": "Number of ignored alerts during last run.",
"nullable": true,
"type": "number"
},
"new": {
"description": "Number of new alerts during last run.",
"nullable": true,
"type": "number"
},
"recovered": {
"description": "Number of recovered alerts during last run.",
"nullable": true,
"type": "number"
}
},
"type": "object"
},
"outcome": {
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "string"
},
"outcome_msg": {
"items": {
"description": "Outcome message generated during last rule run.",
"type": "string"
},
"nullable": true,
"type": "array"
},
"outcome_order": {
"description": "Order of the outcome.",
"type": "number"
},
"warning": {
"description": "Warning of last rule execution.",
"enum": [
"read",
"decrypt",
"execute",
"unknown",
"license",
"timeout",
"disabled",
"validate",
"maxExecutableActions",
"maxAlerts",
"maxQueuedActions",
"ruleExecution"
],
"nullable": true,
"type": "string"
}
},
"required": [
"outcome",
"alerts_count"
"description": "Outcome of last run of the rule. Value could be succeeded, warning or failed.",
"enum": [
"succeeded",
"warning",
"failed"
],
"type": "object"
"type": "string"
},
"success": {
"description": "Indicates whether the rule run was successful.",
@ -6206,6 +5965,7 @@
"description": "Indicates hours of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byminute": {
@ -6213,6 +5973,7 @@
"description": "Indicates minutes of the hour to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonth": {
@ -6220,6 +5981,7 @@
"description": "Indicates months of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bymonthday": {
@ -6227,6 +5989,7 @@
"description": "Indicates the days of the month to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysecond": {
@ -6234,6 +5997,7 @@
"description": "Indicates seconds of the day to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"bysetpos": {
@ -6241,6 +6005,7 @@
"description": "A positive or negative integer affecting the nth day of the month. For example, -2 combined with `byweekday` of FR is 2nd to last Friday of the month. It is recommended to not set this manually and just use `byweekday`.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byweekday": {
@ -6255,6 +6020,7 @@
],
"description": "Indicates the days of the week to recur or else nth-day-of-month strings. For example, \"+2TU\" second Tuesday of month, \"-1FR\" last Friday of the month, which are internally converted to a `byweekday/bysetpos` combination."
},
"nullable": true,
"type": "array"
},
"byweekno": {
@ -6262,6 +6028,7 @@
"description": "Indicates number of the week hours to recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"byyearday": {
@ -6269,6 +6036,7 @@
"description": "Indicates the days of the year that this rule should recur.",
"type": "number"
},
"nullable": true,
"type": "array"
},
"count": {

0
oas_docs/output/kibana.serverless.staging.yaml Normal file
View file

336
oas_docs/output/kibana.serverless.yaml
View file

@ -1396,73 +1396,14 @@ paths:
description: Duration of the rule run.
type: number
outcome:
additionalProperties: false
type: object
properties:
alerts_count:
additionalProperties: false
type: object
properties:
active:
description: Number of active alerts during last run.
nullable: true
type: number
ignored:
description: >-
Number of ignored alerts during last
run.
nullable: true
type: number
new:
description: Number of new alerts during last run.
nullable: true
type: number
recovered:
description: >-
Number of recovered alerts during last
run.
nullable: true
type: number
outcome:
description: >-
Outcome of last run of the rule. Value
could be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
outcome_msg:
items:
description: >-
Outcome message generated during last
rule run.
type: string
nullable: true
type: array
outcome_order:
description: Order of the outcome.
type: number
warning:
description: Warning of last rule execution.
enum:
- read
- decrypt
- execute
- unknown
- license
- timeout
- disabled
- validate
- maxExecutableActions
- maxAlerts
- maxQueuedActions
- ruleExecution
nullable: true
type: string
required:
- outcome
- alerts_count
description: >-
Outcome of last run of the rule. Value could
be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
success:
description: >-
Indicates whether the rule run was
@ -1610,11 +1551,13 @@ paths:
items:
description: Indicates hours of the day to recur.
type: number
nullable: true
type: array
byminute:
items:
description: Indicates minutes of the hour to recur.
type: number
nullable: true
type: array
bymonth:
items:
@ -1622,16 +1565,19 @@ paths:
Indicates months of the year that this rule
should recur.
type: number
nullable: true
type: array
bymonthday:
items:
description: Indicates the days of the month to recur.
type: number
nullable: true
type: array
bysecond:
items:
description: Indicates seconds of the day to recur.
type: number
nullable: true
type: array
bysetpos:
items:
@ -1642,6 +1588,7 @@ paths:
of the month. It is recommended to not set
this manually and just use `byweekday`.
type: number
nullable: true
type: array
byweekday:
items:
@ -1655,11 +1602,13 @@ paths:
Friday of the month, which are internally
converted to a `byweekday/bysetpos`
combination.
nullable: true
type: array
byweekno:
items:
description: Indicates number of the week hours to recur.
type: number
nullable: true
type: array
byyearday:
items:
@ -1667,6 +1616,7 @@ paths:
Indicates the days of the year that this rule
should recur.
type: number
nullable: true
type: array
count:
description: >-
@ -2569,73 +2519,14 @@ paths:
description: Duration of the rule run.
type: number
outcome:
additionalProperties: false
type: object
properties:
alerts_count:
additionalProperties: false
type: object
properties:
active:
description: Number of active alerts during last run.
nullable: true
type: number
ignored:
description: >-
Number of ignored alerts during last
run.
nullable: true
type: number
new:
description: Number of new alerts during last run.
nullable: true
type: number
recovered:
description: >-
Number of recovered alerts during last
run.
nullable: true
type: number
outcome:
description: >-
Outcome of last run of the rule. Value
could be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
outcome_msg:
items:
description: >-
Outcome message generated during last
rule run.
type: string
nullable: true
type: array
outcome_order:
description: Order of the outcome.
type: number
warning:
description: Warning of last rule execution.
enum:
- read
- decrypt
- execute
- unknown
- license
- timeout
- disabled
- validate
- maxExecutableActions
- maxAlerts
- maxQueuedActions
- ruleExecution
nullable: true
type: string
required:
- outcome
- alerts_count
description: >-
Outcome of last run of the rule. Value could
be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
success:
description: >-
Indicates whether the rule run was
@ -2783,11 +2674,13 @@ paths:
items:
description: Indicates hours of the day to recur.
type: number
nullable: true
type: array
byminute:
items:
description: Indicates minutes of the hour to recur.
type: number
nullable: true
type: array
bymonth:
items:
@ -2795,16 +2688,19 @@ paths:
Indicates months of the year that this rule
should recur.
type: number
nullable: true
type: array
bymonthday:
items:
description: Indicates the days of the month to recur.
type: number
nullable: true
type: array
bysecond:
items:
description: Indicates seconds of the day to recur.
type: number
nullable: true
type: array
bysetpos:
items:
@ -2815,6 +2711,7 @@ paths:
of the month. It is recommended to not set
this manually and just use `byweekday`.
type: number
nullable: true
type: array
byweekday:
items:
@ -2828,11 +2725,13 @@ paths:
Friday of the month, which are internally
converted to a `byweekday/bysetpos`
combination.
nullable: true
type: array
byweekno:
items:
description: Indicates number of the week hours to recur.
type: number
nullable: true
type: array
byyearday:
items:
@ -2840,6 +2739,7 @@ paths:
Indicates the days of the year that this rule
should recur.
type: number
nullable: true
type: array
count:
description: >-
@ -3713,73 +3613,14 @@ paths:
description: Duration of the rule run.
type: number
outcome:
additionalProperties: false
type: object
properties:
alerts_count:
additionalProperties: false
type: object
properties:
active:
description: Number of active alerts during last run.
nullable: true
type: number
ignored:
description: >-
Number of ignored alerts during last
run.
nullable: true
type: number
new:
description: Number of new alerts during last run.
nullable: true
type: number
recovered:
description: >-
Number of recovered alerts during last
run.
nullable: true
type: number
outcome:
description: >-
Outcome of last run of the rule. Value
could be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
outcome_msg:
items:
description: >-
Outcome message generated during last
rule run.
type: string
nullable: true
type: array
outcome_order:
description: Order of the outcome.
type: number
warning:
description: Warning of last rule execution.
enum:
- read
- decrypt
- execute
- unknown
- license
- timeout
- disabled
- validate
- maxExecutableActions
- maxAlerts
- maxQueuedActions
- ruleExecution
nullable: true
type: string
required:
- outcome
- alerts_count
description: >-
Outcome of last run of the rule. Value could
be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
success:
description: >-
Indicates whether the rule run was
@ -3927,11 +3768,13 @@ paths:
items:
description: Indicates hours of the day to recur.
type: number
nullable: true
type: array
byminute:
items:
description: Indicates minutes of the hour to recur.
type: number
nullable: true
type: array
bymonth:
items:
@ -3939,16 +3782,19 @@ paths:
Indicates months of the year that this rule
should recur.
type: number
nullable: true
type: array
bymonthday:
items:
description: Indicates the days of the month to recur.
type: number
nullable: true
type: array
bysecond:
items:
description: Indicates seconds of the day to recur.
type: number
nullable: true
type: array
bysetpos:
items:
@ -3959,6 +3805,7 @@ paths:
of the month. It is recommended to not set
this manually and just use `byweekday`.
type: number
nullable: true
type: array
byweekday:
items:
@ -3972,11 +3819,13 @@ paths:
Friday of the month, which are internally
converted to a `byweekday/bysetpos`
combination.
nullable: true
type: array
byweekno:
items:
description: Indicates number of the week hours to recur.
type: number
nullable: true
type: array
byyearday:
items:
@ -3984,6 +3833,7 @@ paths:
Indicates the days of the year that this rule
should recur.
type: number
nullable: true
type: array
count:
description: >-
@ -4951,73 +4801,14 @@ paths:
description: Duration of the rule run.
type: number
outcome:
additionalProperties: false
type: object
properties:
alerts_count:
additionalProperties: false
type: object
properties:
active:
description: Number of active alerts during last run.
nullable: true
type: number
ignored:
description: >-
Number of ignored alerts during last
run.
nullable: true
type: number
new:
description: Number of new alerts during last run.
nullable: true
type: number
recovered:
description: >-
Number of recovered alerts during last
run.
nullable: true
type: number
outcome:
description: >-
Outcome of last run of the rule. Value
could be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
outcome_msg:
items:
description: >-
Outcome message generated during last
rule run.
type: string
nullable: true
type: array
outcome_order:
description: Order of the outcome.
type: number
warning:
description: Warning of last rule execution.
enum:
- read
- decrypt
- execute
- unknown
- license
- timeout
- disabled
- validate
- maxExecutableActions
- maxAlerts
- maxQueuedActions
- ruleExecution
nullable: true
type: string
required:
- outcome
- alerts_count
description: >-
Outcome of last run of the rule. Value could
be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
success:
description: >-
Indicates whether the rule run was
@ -5165,11 +4956,13 @@ paths:
items:
description: Indicates hours of the day to recur.
type: number
nullable: true
type: array
byminute:
items:
description: Indicates minutes of the hour to recur.
type: number
nullable: true
type: array
bymonth:
items:
@ -5177,16 +4970,19 @@ paths:
Indicates months of the year that this rule
should recur.
type: number
nullable: true
type: array
bymonthday:
items:
description: Indicates the days of the month to recur.
type: number
nullable: true
type: array
bysecond:
items:
description: Indicates seconds of the day to recur.
type: number
nullable: true
type: array
bysetpos:
items:
@ -5197,6 +4993,7 @@ paths:
of the month. It is recommended to not set
this manually and just use `byweekday`.
type: number
nullable: true
type: array
byweekday:
items:
@ -5210,11 +5007,13 @@ paths:
Friday of the month, which are internally
converted to a `byweekday/bysetpos`
combination.
nullable: true
type: array
byweekno:
items:
description: Indicates number of the week hours to recur.
type: number
nullable: true
type: array
byyearday:
items:
@ -5222,6 +5021,7 @@ paths:
Indicates the days of the year that this rule
should recur.
type: number
nullable: true
type: array
count:
description: >-

0
oas_docs/output/kibana.staging.yaml Normal file
View file

336
oas_docs/output/kibana.yaml
View file

@ -1776,73 +1776,14 @@ paths:
description: Duration of the rule run.
type: number
outcome:
additionalProperties: false
type: object
properties:
alerts_count:
additionalProperties: false
type: object
properties:
active:
description: Number of active alerts during last run.
nullable: true
type: number
ignored:
description: >-
Number of ignored alerts during last
run.
nullable: true
type: number
new:
description: Number of new alerts during last run.
nullable: true
type: number
recovered:
description: >-
Number of recovered alerts during last
run.
nullable: true
type: number
outcome:
description: >-
Outcome of last run of the rule. Value
could be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
outcome_msg:
items:
description: >-
Outcome message generated during last
rule run.
type: string
nullable: true
type: array
outcome_order:
description: Order of the outcome.
type: number
warning:
description: Warning of last rule execution.
enum:
- read
- decrypt
- execute
- unknown
- license
- timeout
- disabled
- validate
- maxExecutableActions
- maxAlerts
- maxQueuedActions
- ruleExecution
nullable: true
type: string
required:
- outcome
- alerts_count
description: >-
Outcome of last run of the rule. Value could
be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
success:
description: >-
Indicates whether the rule run was
@ -1990,11 +1931,13 @@ paths:
items:
description: Indicates hours of the day to recur.
type: number
nullable: true
type: array
byminute:
items:
description: Indicates minutes of the hour to recur.
type: number
nullable: true
type: array
bymonth:
items:
@ -2002,16 +1945,19 @@ paths:
Indicates months of the year that this rule
should recur.
type: number
nullable: true
type: array
bymonthday:
items:
description: Indicates the days of the month to recur.
type: number
nullable: true
type: array
bysecond:
items:
description: Indicates seconds of the day to recur.
type: number
nullable: true
type: array
bysetpos:
items:
@ -2022,6 +1968,7 @@ paths:
of the month. It is recommended to not set
this manually and just use `byweekday`.
type: number
nullable: true
type: array
byweekday:
items:
@ -2035,11 +1982,13 @@ paths:
Friday of the month, which are internally
converted to a `byweekday/bysetpos`
combination.
nullable: true
type: array
byweekno:
items:
description: Indicates number of the week hours to recur.
type: number
nullable: true
type: array
byyearday:
items:
@ -2047,6 +1996,7 @@ paths:
Indicates the days of the year that this rule
should recur.
type: number
nullable: true
type: array
count:
description: >-
@ -2949,73 +2899,14 @@ paths:
description: Duration of the rule run.
type: number
outcome:
additionalProperties: false
type: object
properties:
alerts_count:
additionalProperties: false
type: object
properties:
active:
description: Number of active alerts during last run.
nullable: true
type: number
ignored:
description: >-
Number of ignored alerts during last
run.
nullable: true
type: number
new:
description: Number of new alerts during last run.
nullable: true
type: number
recovered:
description: >-
Number of recovered alerts during last
run.
nullable: true
type: number
outcome:
description: >-
Outcome of last run of the rule. Value
could be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
outcome_msg:
items:
description: >-
Outcome message generated during last
rule run.
type: string
nullable: true
type: array
outcome_order:
description: Order of the outcome.
type: number
warning:
description: Warning of last rule execution.
enum:
- read
- decrypt
- execute
- unknown
- license
- timeout
- disabled
- validate
- maxExecutableActions
- maxAlerts
- maxQueuedActions
- ruleExecution
nullable: true
type: string
required:
- outcome
- alerts_count
description: >-
Outcome of last run of the rule. Value could
be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
success:
description: >-
Indicates whether the rule run was
@ -3163,11 +3054,13 @@ paths:
items:
description: Indicates hours of the day to recur.
type: number
nullable: true
type: array
byminute:
items:
description: Indicates minutes of the hour to recur.
type: number
nullable: true
type: array
bymonth:
items:
@ -3175,16 +3068,19 @@ paths:
Indicates months of the year that this rule
should recur.
type: number
nullable: true
type: array
bymonthday:
items:
description: Indicates the days of the month to recur.
type: number
nullable: true
type: array
bysecond:
items:
description: Indicates seconds of the day to recur.
type: number
nullable: true
type: array
bysetpos:
items:
@ -3195,6 +3091,7 @@ paths:
of the month. It is recommended to not set
this manually and just use `byweekday`.
type: number
nullable: true
type: array
byweekday:
items:
@ -3208,11 +3105,13 @@ paths:
Friday of the month, which are internally
converted to a `byweekday/bysetpos`
combination.
nullable: true
type: array
byweekno:
items:
description: Indicates number of the week hours to recur.
type: number
nullable: true
type: array
byyearday:
items:
@ -3220,6 +3119,7 @@ paths:
Indicates the days of the year that this rule
should recur.
type: number
nullable: true
type: array
count:
description: >-
@ -4093,73 +3993,14 @@ paths:
description: Duration of the rule run.
type: number
outcome:
additionalProperties: false
type: object
properties:
alerts_count:
additionalProperties: false
type: object
properties:
active:
description: Number of active alerts during last run.
nullable: true
type: number
ignored:
description: >-
Number of ignored alerts during last
run.
nullable: true
type: number
new:
description: Number of new alerts during last run.
nullable: true
type: number
recovered:
description: >-
Number of recovered alerts during last
run.
nullable: true
type: number
outcome:
description: >-
Outcome of last run of the rule. Value
could be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
outcome_msg:
items:
description: >-
Outcome message generated during last
rule run.
type: string
nullable: true
type: array
outcome_order:
description: Order of the outcome.
type: number
warning:
description: Warning of last rule execution.
enum:
- read
- decrypt
- execute
- unknown
- license
- timeout
- disabled
- validate
- maxExecutableActions
- maxAlerts
- maxQueuedActions
- ruleExecution
nullable: true
type: string
required:
- outcome
- alerts_count
description: >-
Outcome of last run of the rule. Value could
be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
success:
description: >-
Indicates whether the rule run was
@ -4307,11 +4148,13 @@ paths:
items:
description: Indicates hours of the day to recur.
type: number
nullable: true
type: array
byminute:
items:
description: Indicates minutes of the hour to recur.
type: number
nullable: true
type: array
bymonth:
items:
@ -4319,16 +4162,19 @@ paths:
Indicates months of the year that this rule
should recur.
type: number
nullable: true
type: array
bymonthday:
items:
description: Indicates the days of the month to recur.
type: number
nullable: true
type: array
bysecond:
items:
description: Indicates seconds of the day to recur.
type: number
nullable: true
type: array
bysetpos:
items:
@ -4339,6 +4185,7 @@ paths:
of the month. It is recommended to not set
this manually and just use `byweekday`.
type: number
nullable: true
type: array
byweekday:
items:
@ -4352,11 +4199,13 @@ paths:
Friday of the month, which are internally
converted to a `byweekday/bysetpos`
combination.
nullable: true
type: array
byweekno:
items:
description: Indicates number of the week hours to recur.
type: number
nullable: true
type: array
byyearday:
items:
@ -4364,6 +4213,7 @@ paths:
Indicates the days of the year that this rule
should recur.
type: number
nullable: true
type: array
count:
description: >-
@ -5331,73 +5181,14 @@ paths:
description: Duration of the rule run.
type: number
outcome:
additionalProperties: false
type: object
properties:
alerts_count:
additionalProperties: false
type: object
properties:
active:
description: Number of active alerts during last run.
nullable: true
type: number
ignored:
description: >-
Number of ignored alerts during last
run.
nullable: true
type: number
new:
description: Number of new alerts during last run.
nullable: true
type: number
recovered:
description: >-
Number of recovered alerts during last
run.
nullable: true
type: number
outcome:
description: >-
Outcome of last run of the rule. Value
could be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
outcome_msg:
items:
description: >-
Outcome message generated during last
rule run.
type: string
nullable: true
type: array
outcome_order:
description: Order of the outcome.
type: number
warning:
description: Warning of last rule execution.
enum:
- read
- decrypt
- execute
- unknown
- license
- timeout
- disabled
- validate
- maxExecutableActions
- maxAlerts
- maxQueuedActions
- ruleExecution
nullable: true
type: string
required:
- outcome
- alerts_count
description: >-
Outcome of last run of the rule. Value could
be succeeded, warning or failed.
enum:
- succeeded
- warning
- failed
type: string
success:
description: >-
Indicates whether the rule run was
@ -5545,11 +5336,13 @@ paths:
items:
description: Indicates hours of the day to recur.
type: number
nullable: true
type: array
byminute:
items:
description: Indicates minutes of the hour to recur.
type: number
nullable: true
type: array
bymonth:
items:
@ -5557,16 +5350,19 @@ paths:
Indicates months of the year that this rule
should recur.
type: number
nullable: true
type: array
bymonthday:
items:
description: Indicates the days of the month to recur.
type: number
nullable: true
type: array
bysecond:
items:
description: Indicates seconds of the day to recur.
type: number
nullable: true
type: array
bysetpos:
items:
@ -5577,6 +5373,7 @@ paths:
of the month. It is recommended to not set
this manually and just use `byweekday`.
type: number
nullable: true
type: array
byweekday:
items:
@ -5590,11 +5387,13 @@ paths:
Friday of the month, which are internally
converted to a `byweekday/bysetpos`
combination.
nullable: true
type: array
byweekno:
items:
description: Indicates number of the week hours to recur.
type: number
nullable: true
type: array
byyearday:
items:
@ -5602,6 +5401,7 @@ paths:
Indicates the days of the year that this rule
should recur.
type: number
nullable: true
type: array
count:
description: >-

2
packages/kbn-alerting-types/r_rule_types.ts
View file

@ -14,7 +14,7 @@ export type RRuleParams = Partial<RRuleRecord> & Pick<RRuleRecord, 'dtstart' | '
// An iCal RRULE to define a recurrence schedule, see https://github.com/jakubroztocil/rrule for the spec
export type RRuleRecord = Omit<Options, 'dtstart' | 'byweekday' | 'wkst' | 'until'> & {
dtstart: string;
byweekday?: Array<WeekdayStr | string | number>;
byweekday?: Array<WeekdayStr | string | number> | null;
wkst?: WeekdayStr;
until?: string;
};

8
packages/kbn-rrule/rrule.ts
View file

@ -16,6 +16,7 @@ export enum Frequency {
DAILY = 3,
HOURLY = 4,
MINUTELY = 5,
SECONDLY = 6,
}
export enum Weekday {
@ -270,6 +271,13 @@ export const getNextRecurrences = function ({
...opts,
});
}
case Frequency.SECONDLY: {
const nextRef = moment(refDT).add(interval, 's');
return getMinuteOfRecurrences({
refDT: nextRef,
...opts,
});
}
}
};

2
src/core/server/integration_tests/ci_checks/saved_objects/check_registered_types.test.ts
View file

@ -59,7 +59,7 @@ describe('checking migration metadata changes on all registered SO types', () =>
"action": "0e6fc0b74c7312a8c11ff6b14437b93a997358b8",
"action_task_params": "b50cb5c8a493881474918e8d4985e61374ca4c30",
"ad_hoc_run_params": "d4e3c5c794151d0a4f5c71e886b2aa638da73ad2",
"alert": "05b07040b12ff45ab642f47464e8a6c903cf7b86",
"alert": "556a03378f5ee1c31593c3a37c66b54555ee14ff",
"api_key_pending_invalidation": "8f5554d1984854011b8392d9a6f7ef985bcac03c",
"apm-custom-dashboards": "b67128f78160c288bd7efe25b2da6e2afd5e82fc",
"apm-indices": "8a2d68d415a4b542b26b0d292034a28ffac6fed4",

130
x-pack/plugins/alerting/common/routes/r_rule/response/schemas/v1.ts
View file

@ -78,86 +78,104 @@ export const rRuleResponseSchema = schema.object({
)
),
byweekday: schema.maybe(
schema.arrayOf(
schema.oneOf([schema.string(), schema.number()], {
meta: {
description:
'Indicates the days of the week to recur or else nth-day-of-month strings. For example, "+2TU" second Tuesday of month, "-1FR" last Friday of the month, which are internally converted to a `byweekday/bysetpos` combination.',
},
})
schema.nullable(
schema.arrayOf(
schema.oneOf([schema.string(), schema.number()], {
meta: {
description:
'Indicates the days of the week to recur or else nth-day-of-month strings. For example, "+2TU" second Tuesday of month, "-1FR" last Friday of the month, which are internally converted to a `byweekday/bysetpos` combination.',
},
})
)
)
),
bymonth: schema.maybe(
schema.arrayOf(
schema.number({
meta: {
description: 'Indicates months of the year that this rule should recur.',
},
})
schema.nullable(
schema.arrayOf(
schema.number({
meta: {
description: 'Indicates months of the year that this rule should recur.',
},
})
)
)
),
bysetpos: schema.maybe(
schema.arrayOf(
schema.number({
meta: {
description:
'A positive or negative integer affecting the nth day of the month. For example, -2 combined with `byweekday` of FR is 2nd to last Friday of the month. It is recommended to not set this manually and just use `byweekday`.',
},
})
schema.nullable(
schema.arrayOf(
schema.number({
meta: {
description:
'A positive or negative integer affecting the nth day of the month. For example, -2 combined with `byweekday` of FR is 2nd to last Friday of the month. It is recommended to not set this manually and just use `byweekday`.',
},
})
)
)
),
bymonthday: schema.maybe(
schema.arrayOf(
schema.number({
meta: {
description: 'Indicates the days of the month to recur.',
},
})
schema.nullable(
schema.arrayOf(
schema.number({
meta: {
description: 'Indicates the days of the month to recur.',
},
})
)
)
),
byyearday: schema.maybe(
schema.arrayOf(
schema.number({
meta: {
description: 'Indicates the days of the year that this rule should recur.',
},
})
schema.nullable(
schema.arrayOf(
schema.number({
meta: {
description: 'Indicates the days of the year that this rule should recur.',
},
})
)
)
),
byweekno: schema.maybe(
schema.arrayOf(
schema.number({
meta: {
description: 'Indicates number of the week hours to recur.',
},
})
schema.nullable(
schema.arrayOf(
schema.number({
meta: {
description: 'Indicates number of the week hours to recur.',
},
})
)
)
),
byhour: schema.maybe(
schema.arrayOf(
schema.number({
meta: {
description: 'Indicates hours of the day to recur.',
},
})
schema.nullable(
schema.arrayOf(
schema.number({
meta: {
description: 'Indicates hours of the day to recur.',
},
})
)
)
),
byminute: schema.maybe(
schema.arrayOf(
schema.number({
meta: {
description: 'Indicates minutes of the hour to recur.',
},
})
schema.nullable(
schema.arrayOf(
schema.number({
meta: {
description: 'Indicates minutes of the hour to recur.',
},
})
)
)
),
bysecond: schema.maybe(
schema.arrayOf(
schema.number({
meta: {
description: 'Indicates seconds of the day to recur.',
},
})
schema.nullable(
schema.arrayOf(
schema.number({
meta: {
description: 'Indicates seconds of the day to recur.',
},
})
)
)
),
});

29
x-pack/plugins/alerting/common/routes/rule/response/schemas/v1.ts
View file

@ -224,20 +224,21 @@ export const ruleExecutionStatusSchema = schema.object({
),
});
export const outcome = schema.oneOf(
[
schema.literal(ruleLastRunOutcomeValuesV1.SUCCEEDED),
schema.literal(ruleLastRunOutcomeValuesV1.WARNING),
schema.literal(ruleLastRunOutcomeValuesV1.FAILED),
],
{
meta: {
description: 'Outcome of last run of the rule. Value could be succeeded, warning or failed.',
},
}
);
export const ruleLastRunSchema = schema.object({
outcome: schema.oneOf(
[
schema.literal(ruleLastRunOutcomeValuesV1.SUCCEEDED),
schema.literal(ruleLastRunOutcomeValuesV1.WARNING),
schema.literal(ruleLastRunOutcomeValuesV1.FAILED),
],
{
meta: {
description:
'Outcome of last run of the rule. Value could be succeeded, warning or failed.',
},
}
),
outcome,
outcome_order: schema.maybe(
schema.number({
meta: {
@ -334,7 +335,7 @@ export const monitoringSchema = schema.object(
duration: schema.maybe(
schema.number({ meta: { description: 'Duration of the rule run.' } })
),
outcome: schema.maybe(ruleLastRunSchema),
outcome: schema.maybe(outcome),
}),
{ meta: { description: 'History of the rule run.' } }
),

1
x-pack/plugins/alerting/public/services/maintenance_windows_api/transform_maintenance_window_response.ts
View file

@ -17,7 +17,6 @@ export const transformMaintenanceWindowResponse = (
duration: response.duration,
expirationDate: response.expiration_date,
events: response.events,
// @ts-expect-error upgrade typescript v5.1.6
rRule: response.r_rule,
...(response.category_ids !== undefined ? { categoryIds: response.category_ids } : {}),
...(response.scoped_query !== undefined ? { scopedQuery: response.scoped_query } : {}),

8
x-pack/plugins/alerting/server/application/backfill/methods/schedule/schedule_backfill.ts
View file

@ -10,7 +10,6 @@ import Boom from '@hapi/boom';
import { KueryNode, nodeBuilder } from '@kbn/es-query';
import { SavedObjectsFindResult } from '@kbn/core/server';
import { RULE_SAVED_OBJECT_TYPE } from '../../../../saved_objects';
import { RuleAttributes } from '../../../../data/rule/types';
import { findRulesSo } from '../../../../data/rule';
import {
alertingAuthorizationFilterOpts,
@ -27,6 +26,7 @@ import type {
} from './types';
import { scheduleBackfillParamsSchema } from './schemas';
import { transformRuleAttributesToRuleDomain } from '../../../rule/transforms';
import { RawRule } from '../../../../types';
export async function scheduleBackfill(
context: RulesClientContext,
@ -116,7 +116,7 @@ export async function scheduleBackfill(
);
const rulesFinder =
await context.encryptedSavedObjectsClient.createPointInTimeFinderDecryptedAsInternalUser<RuleAttributes>(
await context.encryptedSavedObjectsClient.createPointInTimeFinderDecryptedAsInternalUser<RawRule>(
{
filter: kueryNodeFilterWithAuth,
type: RULE_SAVED_OBJECT_TYPE,
@ -125,7 +125,7 @@ export async function scheduleBackfill(
}
);
let rulesToSchedule: Array<SavedObjectsFindResult<RuleAttributes>> = [];
let rulesToSchedule: Array<SavedObjectsFindResult<RawRule>> = [];
for await (const response of rulesFinder.find()) {
for (const rule of response.saved_objects) {
context.auditLogger?.log(
@ -150,7 +150,7 @@ export async function scheduleBackfill(
rules: rulesToSchedule.map(({ id, attributes, references }) => {
const ruleType = context.ruleTypeRegistry.get(attributes.alertTypeId!);
return transformRuleAttributesToRuleDomain(
attributes as RuleAttributes,
attributes,
{
id,
logger: context.logger,

1
x-pack/plugins/alerting/server/application/maintenance_window/methods/archive/archive_maintenance_window.ts
View file

@ -69,7 +69,6 @@ async function archiveWithOCC(
const events = mergeEvents({
newEvents: generateMaintenanceWindowEvents({
// @ts-expect-error upgrade typescript v5.1.6
rRule: attributes.rRule,
duration: attributes.duration,
expirationDate,

1
x-pack/plugins/alerting/server/application/maintenance_window/methods/finish/finish_maintenance_window.ts
View file

@ -74,7 +74,6 @@ async function finishWithOCC(
// Generate new events with new expiration date
const newEvents = generateMaintenanceWindowEvents({
// @ts-expect-error upgrade typescript v5.1.6
rRule: maintenanceWindow.rRule,
duration: maintenanceWindow.duration,
expirationDate: expirationDate.toISOString(),

1
x-pack/plugins/alerting/server/application/maintenance_window/methods/update/update_maintenance_window.ts
View file

@ -101,7 +101,6 @@ async function updateWithOCC(
const modificationMetadata = await getModificationMetadata();
let events = generateMaintenanceWindowEvents({
// @ts-expect-error upgrade typescript v5.1.6
rRule: rRule || maintenanceWindow.rRule,
duration: typeof duration === 'number' ? duration : maintenanceWindow.duration,
expirationDate,

20
x-pack/plugins/alerting/server/application/r_rule/schemas/r_rule_schema.ts
View file

@ -34,13 +34,15 @@ export const rRuleSchema = schema.object({
schema.literal('SU'),
])
),
byweekday: schema.maybe(schema.arrayOf(schema.oneOf([schema.string(), schema.number()]))),
bymonth: schema.maybe(schema.arrayOf(schema.number())),
bysetpos: schema.maybe(schema.arrayOf(schema.number())),
bymonthday: schema.maybe(schema.arrayOf(schema.number())),
byyearday: schema.maybe(schema.arrayOf(schema.number())),
byweekno: schema.maybe(schema.arrayOf(schema.number())),
byhour: schema.maybe(schema.arrayOf(schema.number())),
byminute: schema.maybe(schema.arrayOf(schema.number())),
bysecond: schema.maybe(schema.arrayOf(schema.number())),
byweekday: schema.maybe(
schema.nullable(schema.arrayOf(schema.oneOf([schema.string(), schema.number()])))
),
bymonth: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))),
bysetpos: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))),
bymonthday: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))),
byyearday: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))),
byweekno: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))),
byhour: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))),
byminute: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))),
bysecond: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))),
});

21
x-pack/plugins/alerting/server/application/rule/methods/bulk_delete/bulk_delete_rules.ts
View file

@ -31,7 +31,6 @@ import type {
BulkDeleteRulesRequestBody,
} from './types';
import { validateBulkDeleteRulesBody } from './validation';
import type { RuleAttributes } from '../../../../data/rule/types';
import { bulkDeleteRulesSo } from '../../../../data/rule';
import { transformRuleAttributesToRuleDomain, transformRuleDomainToRule } from '../../transforms';
import { ruleDomainSchema } from '../../schemas';
@ -103,7 +102,7 @@ export const bulkDeleteRules = async <Params extends RuleParams>(
// when we are doing the bulk delete and this should fix itself
const ruleType = context.ruleTypeRegistry.get(attributes.alertTypeId!);
const ruleDomain = transformRuleAttributesToRuleDomain<Params>(
attributes as RuleAttributes,
attributes as RawRule,
{
id,
logger: context.logger,
@ -144,17 +143,15 @@ const bulkDeleteWithOCC = async (
type: 'rules',
},
() =>
context.encryptedSavedObjectsClient.createPointInTimeFinderDecryptedAsInternalUser<RuleAttributes>(
{
filter,
type: RULE_SAVED_OBJECT_TYPE,
perPage: 100,
...(context.namespace ? { namespaces: [context.namespace] } : undefined),
}
)
context.encryptedSavedObjectsClient.createPointInTimeFinderDecryptedAsInternalUser<RawRule>({
filter,
type: RULE_SAVED_OBJECT_TYPE,
perPage: 100,
...(context.namespace ? { namespaces: [context.namespace] } : undefined),
})
);
const rulesToDelete: Array<SavedObjectsBulkUpdateObject<RuleAttributes>> = [];
const rulesToDelete: Array<SavedObjectsBulkUpdateObject<RawRule>> = [];
const apiKeyToRuleIdMapping: Record<string, string> = {};
const taskIdToRuleIdMapping: Record<string, string> = {};
const ruleNameToRuleIdMapping: Record<string, string> = {};
@ -194,7 +191,7 @@ const bulkDeleteWithOCC = async (
);
for (const { id, attributes } of rulesToDelete) {
await untrackRuleAlerts(context, id, attributes as RuleAttributes);
await untrackRuleAlerts(context, id, attributes as RawRule);
}
const result = await withSpan(

30
x-pack/plugins/alerting/server/application/rule/methods/bulk_disable/bulk_disable_rules.ts
View file

@ -33,7 +33,6 @@ import type {
BulkDisableRulesResult,
BulkDisableRulesRequestBody,
} from './types';
import type { RuleAttributes } from '../../../../data/rule/types';
import { validateBulkDisableRulesBody } from './validation';
import { ruleDomainSchema } from '../../schemas';
import type { RulesClientContext } from '../../../../rules_client/types';
@ -96,7 +95,7 @@ export const bulkDisableRules = async <Params extends RuleParams>(
// when we are doing the bulk disable and this should fix itself
const ruleType = context.ruleTypeRegistry.get(attributes.alertTypeId!);
const ruleDomain = transformRuleAttributesToRuleDomain<Params>(
attributes as RuleAttributes,
attributes as RawRule,
{
id,
logger: context.logger,
@ -139,17 +138,15 @@ const bulkDisableRulesWithOCC = async (
type: 'rules',
},
() =>
context.encryptedSavedObjectsClient.createPointInTimeFinderDecryptedAsInternalUser<RuleAttributes>(
{
filter,
type: RULE_SAVED_OBJECT_TYPE,
perPage: 100,
...(context.namespace ? { namespaces: [context.namespace] } : undefined),
}
)
context.encryptedSavedObjectsClient.createPointInTimeFinderDecryptedAsInternalUser<RawRule>({
filter,
type: RULE_SAVED_OBJECT_TYPE,
perPage: 100,
...(context.namespace ? { namespaces: [context.namespace] } : undefined),
})
);
const rulesToDisable: Array<SavedObjectsBulkUpdateObject<RuleAttributes>> = [];
const rulesToDisable: Array<SavedObjectsBulkUpdateObject<RawRule>> = [];
const errors: BulkOperationError[] = [];
const ruleNameToRuleIdMapping: Record<string, string> = {};
const username = await context.getUserName();
@ -204,7 +201,7 @@ const bulkDisableRulesWithOCC = async (
// TODO (http-versioning) Remove casts when updateMeta has been converted
attributes: {
...updatedAttributes,
} as RuleAttributes,
} as RawRule,
...(migratedActions.hasLegacyActions
? { references: migratedActions.resultedReferences }
: {}),
@ -252,9 +249,7 @@ const bulkDisableRulesWithOCC = async (
() =>
bulkDisableRulesSo({
savedObjectsClient: context.unsecuredSavedObjectsClient,
bulkDisableRuleAttributes: rulesToDisable as Array<
SavedObjectsBulkCreateObject<RuleAttributes>
>,
bulkDisableRuleAttributes: rulesToDisable as Array<SavedObjectsBulkCreateObject<RawRule>>,
savedObjectsBulkCreateOptions: { overwrite: true },
})
);
@ -262,7 +257,7 @@ const bulkDisableRulesWithOCC = async (
const taskIdsToDisable: string[] = [];
const taskIdsToDelete: string[] = [];
const taskIdsToClearState: string[] = [];
const disabledRules: Array<SavedObjectsBulkUpdateObject<RuleAttributes>> = [];
const disabledRules: Array<SavedObjectsBulkUpdateObject<RawRule>> = [];
result.saved_objects.forEach((rule) => {
if (rule.error === undefined) {
@ -294,8 +289,7 @@ const bulkDisableRulesWithOCC = async (
return {
errors,
// TODO: delete the casting when we do versioning of bulk disable api
rules: disabledRules as Array<SavedObjectsBulkUpdateObject<RuleAttributes>>,
rules: disabledRules,
accListSpecificForBulkOperation: [taskIdsToDisable, taskIdsToDelete, taskIdsToClearState],
};
};

4
x-pack/plugins/alerting/server/application/rule/methods/bulk_edit/bulk_edit_rules.test.ts
View file

@ -37,11 +37,11 @@ import { migrateLegacyActions } from '../../../../rules_client/lib';
import { migrateLegacyActionsMock } from '../../../../rules_client/lib/siem_legacy_actions/retrieve_migrated_legacy_actions.mock';
import { ConnectorAdapterRegistry } from '../../../../connector_adapters/connector_adapter_registry';
import { ConnectorAdapter } from '../../../../connector_adapters/types';
import { RuleAttributes } from '../../../../data/rule/types';
import { SavedObject } from '@kbn/core/server';
import { bulkEditOperationsSchema } from './schemas';
import { RULE_SAVED_OBJECT_TYPE } from '../../../../saved_objects';
import { backfillClientMock } from '../../../../backfill_client/backfill_client.mock';
import { RawRule } from '../../../../types';
jest.mock('../../../../rules_client/lib/siem_legacy_actions/migrate_legacy_actions', () => {
return {
@ -1175,7 +1175,7 @@ describe('bulkEdit()', () => {
});
const rule = unsecuredSavedObjectsClient.bulkCreate.mock.calls[0][0] as Array<
SavedObject<RuleAttributes>
SavedObject<RawRule>
>;
expect(rule[0].attributes.actions).toEqual([

45
x-pack/plugins/alerting/server/application/rule/methods/bulk_edit/bulk_edit_rules.ts
View file

@ -74,7 +74,6 @@ import { ruleNotifyWhen } from '../../constants';
import { actionRequestSchema, ruleDomainSchema, systemActionRequestSchema } from '../../schemas';
import { RuleParams, RuleDomain, RuleSnoozeSchedule } from '../../types';
import { findRulesSo, bulkCreateRulesSo } from '../../../../data/rule';
import { RuleAttributes, RuleActionAttributes } from '../../../../data/rule/types';
import {
transformRuleAttributesToRuleDomain,
transformRuleDomainToRuleAttributes,
@ -98,7 +97,7 @@ type ApiKeysMap = Map<
}
>;
type ApiKeyAttributes = Pick<RuleAttributes, 'apiKey' | 'apiKeyOwner' | 'apiKeyCreatedByUser'>;
type ApiKeyAttributes = Pick<RawRule, 'apiKey' | 'apiKeyOwner' | 'apiKeyCreatedByUser'>;
type RuleType = ReturnType<RuleTypeRegistry['get']>;
@ -236,7 +235,7 @@ export async function bulkEditRules<Params extends RuleParams>(
// when we are doing the bulk create and this should fix itself
const ruleType = context.ruleTypeRegistry.get(attributes.alertTypeId!);
const ruleDomain = transformRuleAttributesToRuleDomain<Params>(
attributes as RuleAttributes,
attributes as RawRule,
{
id,
logger: context.logger,
@ -279,13 +278,13 @@ async function bulkEditRulesOcc<Params extends RuleParams>(
}
): Promise<{
apiKeysToInvalidate: string[];
rules: Array<SavedObjectsBulkUpdateObject<RuleAttributes>>;
resultSavedObjects: Array<SavedObjectsUpdateResponse<RuleAttributes>>;
rules: Array<SavedObjectsBulkUpdateObject<RawRule>>;
resultSavedObjects: Array<SavedObjectsUpdateResponse<RawRule>>;
errors: BulkOperationError[];
skipped: BulkActionSkipResult[];
}> {
const rulesFinder =
await context.encryptedSavedObjectsClient.createPointInTimeFinderDecryptedAsInternalUser<RuleAttributes>(
await context.encryptedSavedObjectsClient.createPointInTimeFinderDecryptedAsInternalUser<RawRule>(
{
filter,
type: RULE_SAVED_OBJECT_TYPE,
@ -294,7 +293,7 @@ async function bulkEditRulesOcc<Params extends RuleParams>(
}
);
const rules: Array<SavedObjectsBulkUpdateObject<RuleAttributes>> = [];
const rules: Array<SavedObjectsBulkUpdateObject<RawRule>> = [];
const skipped: BulkActionSkipResult[] = [];
const errors: BulkOperationError[] = [];
const apiKeysMap: ApiKeysMap = new Map();
@ -311,7 +310,7 @@ async function bulkEditRulesOcc<Params extends RuleParams>(
await pMap(
response.saved_objects,
async (rule: SavedObjectsFindResult<RuleAttributes>) =>
async (rule: SavedObjectsFindResult<RawRule>) =>
updateRuleAttributesAndParamsInMemory({
context,
rule,
@ -436,11 +435,11 @@ async function updateRuleAttributesAndParamsInMemory<Params extends RuleParams>(
shouldIncrementRevision = () => true,
}: {
context: RulesClientContext;
rule: SavedObjectsFindResult<RuleAttributes>;
rule: SavedObjectsFindResult<RawRule>;
operations: BulkEditOperation[];
paramsModifier?: ParamsModifier<Params>;
apiKeysMap: ApiKeysMap;
rules: Array<SavedObjectsBulkUpdateObject<RuleAttributes>>;
rules: Array<SavedObjectsBulkUpdateObject<RawRule>>;
skipped: BulkActionSkipResult[];
errors: BulkOperationError[];
username: string | null;
@ -556,7 +555,7 @@ async function updateRuleAttributesAndParamsInMemory<Params extends RuleParams>(
rule: updatedRule,
params: {
legacyId: rule.attributes.legacyId,
paramsWithRefs: updatedParams as RuleAttributes['params'],
paramsWithRefs: updatedParams,
},
});
@ -605,7 +604,7 @@ async function updateRuleAttributesAndParamsInMemory<Params extends RuleParams>(
async function ensureAuthorizationForBulkUpdate(
context: RulesClientContext,
operations: BulkEditOperation[],
rule: SavedObjectsFindResult<RuleAttributes>
rule: SavedObjectsFindResult<RawRule>
): Promise<void> {
if (rule.attributes.actions.length === 0) {
return;
@ -859,10 +858,10 @@ function validateScheduleOperation(
async function prepareApiKeys(
context: RulesClientContext,
rule: SavedObjectsFindResult<RuleAttributes>,
rule: SavedObjectsFindResult<RawRule>,
ruleType: RuleType,
apiKeysMap: ApiKeysMap,
attributes: RuleAttributes,
attributes: RawRule,
hasUpdateApiKeyOperation: boolean,
username: string | null
): Promise<{ apiKeyAttributes: ApiKeyAttributes }> {
@ -890,13 +889,13 @@ async function prepareApiKeys(
function updateAttributes(
context: RulesClientContext,
attributes: RuleAttributes,
attributes: RawRule,
apiKeyAttributes: ApiKeyAttributes,
updatedParams: RuleParams,
rawAlertActions: RuleActionAttributes[],
rawAlertActions: RawRuleAction[],
username: string | null
): {
updatedAttributes: RuleAttributes;
updatedAttributes: RawRule;
} {
// get notifyWhen
const notifyWhen = getRuleNotifyWhenType(
@ -905,16 +904,16 @@ function updateAttributes(
);
// TODO (http-versioning) Remove casts when updateMeta has been converted
const castedAttributes = attributes as RawRule;
const castedAttributes = attributes;
const updatedAttributes = updateMeta(context, {
...castedAttributes,
...apiKeyAttributes,
params: updatedParams as RawRule['params'],
actions: rawAlertActions as RawRule['actions'],
params: updatedParams,
actions: rawAlertActions,
notifyWhen,
updatedBy: username,
updatedAt: new Date().toISOString(),
}) as RuleAttributes;
});
// add mapped_params
const mappedParams = getMappedParams(updatedParams);
@ -934,7 +933,7 @@ async function saveBulkUpdatedRules({
apiKeysMap,
}: {
context: RulesClientContext;
rules: Array<SavedObjectsBulkUpdateObject<RuleAttributes>>;
rules: Array<SavedObjectsBulkUpdateObject<RawRule>>;
apiKeysMap: ApiKeysMap;
}) {
const apiKeysToInvalidate: string[] = [];
@ -945,7 +944,7 @@ async function saveBulkUpdatedRules({
// bulk_disable, bulk_enable, etc. to fix this cast
result = await bulkCreateRulesSo({
savedObjectsClient: context.unsecuredSavedObjectsClient,
bulkCreateRuleAttributes: rules as Array<SavedObjectsBulkCreateObject<RuleAttributes>>,
bulkCreateRuleAttributes: rules as Array<SavedObjectsBulkCreateObject<RawRule>>,
savedObjectsBulkCreateOptions: { overwrite: true },
});
} catch (e) {

24
x-pack/plugins/alerting/server/application/rule/methods/bulk_enable/bulk_enable_rules.ts
View file

@ -18,7 +18,7 @@ import { Logger } from '@kbn/core/server';
import { TaskManagerStartContract, TaskStatus } from '@kbn/task-manager-plugin/server';
import { TaskInstanceWithDeprecatedFields } from '@kbn/task-manager-plugin/server/task';
import { bulkCreateRulesSo } from '../../../../data/rule';
import { RawRule, RawRuleAction } from '../../../../types';
import { RawRule } from '../../../../types';
import { RuleDomain, RuleParams } from '../../types';
import { convertRuleIdsToKueryNode } from '../../../../lib';
import { ruleAuditEvent, RuleAuditAction } from '../../../../rules_client/common/audit_events';
@ -37,7 +37,6 @@ import {
} from '../../../../rules_client/lib';
import { RulesClientContext, BulkOperationError } from '../../../../rules_client/types';
import { validateScheduleLimit } from '../get_schedule_frequency';
import { RuleAttributes } from '../../../../data/rule/types';
import { RULE_SAVED_OBJECT_TYPE } from '../../../../saved_objects';
import { BulkEnableRulesParams, BulkEnableRulesResult } from './types';
import { bulkEnableRulesParamsSchema } from './schemas';
@ -122,7 +121,7 @@ export const bulkEnableRules = async <Params extends RuleParams>(
// when we are doing the bulk delete and this should fix itself
const ruleType = context.ruleTypeRegistry.get(attributes.alertTypeId!);
const ruleDomain: RuleDomain<Params> = transformRuleAttributesToRuleDomain<Params>(
attributes as RuleAttributes,
attributes as RawRule,
{
id,
logger: context.logger,
@ -159,7 +158,7 @@ const bulkEnableRulesWithOCC = async (
type: 'rules',
},
async () =>
await context.encryptedSavedObjectsClient.createPointInTimeFinderDecryptedAsInternalUser<RuleAttributes>(
await context.encryptedSavedObjectsClient.createPointInTimeFinderDecryptedAsInternalUser<RawRule>(
{
filter,
type: RULE_SAVED_OBJECT_TYPE,
@ -169,8 +168,8 @@ const bulkEnableRulesWithOCC = async (
)
);
const rulesFinderRules: Array<SavedObjectsFindResult<RuleAttributes>> = [];
const rulesToEnable: Array<SavedObjectsBulkUpdateObject<RuleAttributes>> = [];
const rulesFinderRules: Array<SavedObjectsFindResult<RawRule>> = [];
const rulesToEnable: Array<SavedObjectsBulkUpdateObject<RawRule>> = [];
const tasksToSchedule: TaskInstanceWithDeprecatedFields[] = [];
const errors: BulkOperationError[] = [];
const ruleNameToRuleIdMapping: Record<string, string> = {};
@ -221,12 +220,11 @@ const bulkEnableRulesWithOCC = async (
ruleNameToRuleIdMapping[rule.id] = ruleName;
}
// TODO (http-versioning) Remove RawRuleAction and RawRule casts
const migratedActions = await migrateLegacyActions(context, {
ruleId: rule.id,
actions: rule.attributes.actions as RawRuleAction[],
actions: rule.attributes.actions,
references: rule.references,
attributes: rule.attributes as RawRule,
attributes: rule.attributes,
});
const updatedAttributes = updateMetaAttributes(context, {
@ -344,16 +342,14 @@ const bulkEnableRulesWithOCC = async (
// bulk_disable, bulk_enable, etc. to fix this cast
bulkCreateRulesSo({
savedObjectsClient: context.unsecuredSavedObjectsClient,
bulkCreateRuleAttributes: rulesToEnable as Array<
SavedObjectsBulkCreateObject<RuleAttributes>
>,
bulkCreateRuleAttributes: rulesToEnable as Array<SavedObjectsBulkCreateObject<RawRule>>,
savedObjectsBulkCreateOptions: {
overwrite: true,
},
})
);
const rules: Array<SavedObjectsBulkUpdateObject<RuleAttributes>> = [];
const rules: Array<SavedObjectsBulkUpdateObject<RawRule>> = [];
const taskIdsToEnable: string[] = [];
result.saved_objects.forEach((rule) => {
@ -376,7 +372,7 @@ const bulkEnableRulesWithOCC = async (
return {
errors,
// TODO: delete the casting when we do versioning of bulk disable api
rules: rules as Array<SavedObjectsBulkUpdateObject<RuleAttributes>>,
rules: rules as Array<SavedObjectsBulkUpdateObject<RawRule>>,
accListSpecificForBulkOperation: [taskIdsToEnable],
};
};

15
x-pack/plugins/alerting/server/application/rule/methods/clone/clone_rule.ts
View file

@ -21,7 +21,6 @@ import { createNewAPIKeySet, createRuleSavedObject } from '../../../../rules_cli
import { RulesClientContext } from '../../../../rules_client/types';
import { RULE_SAVED_OBJECT_TYPE } from '../../../../saved_objects';
import { CloneRuleParams } from './types';
import { RuleAttributes } from '../../../../data/rule/types';
import { RuleDomain, RuleParams } from '../../types';
import { getDecryptedRuleSo, getRuleSo } from '../../../../data/rule';
import { transformRuleAttributesToRuleDomain, transformRuleDomainToRule } from '../../transforms';
@ -40,7 +39,7 @@ export async function cloneRule<Params extends RuleParams = never>(
throw Boom.badRequest(`Error validating clone data - ${error.message}`);
}
let ruleSavedObject: SavedObject<RuleAttributes>;
let ruleSavedObject: SavedObject<RawRule>;
try {
ruleSavedObject = await withSpan(
@ -78,8 +77,7 @@ export async function cloneRule<Params extends RuleParams = never>(
* functionality until we resolve our difference
*/
if (
// TODO (http-versioning): Remove this cast to RawRule
isDetectionEngineAADRuleType(ruleSavedObject as SavedObject<RawRule>) ||
isDetectionEngineAADRuleType(ruleSavedObject) ||
ruleSavedObject.attributes.consumer === AlertConsumers.SIEM
) {
throw Boom.badRequest(
@ -126,7 +124,7 @@ export async function cloneRule<Params extends RuleParams = never>(
errorMessage: 'Error creating rule: could not create API key',
});
const ruleAttributes: RuleAttributes = {
const ruleAttributes: RawRule = {
...ruleSavedObject.attributes,
name: ruleName,
...apiKeyAttributes,
@ -139,10 +137,7 @@ export async function cloneRule<Params extends RuleParams = never>(
muteAll: false,
mutedInstanceIds: [],
executionStatus: getRuleExecutionStatusPendingAttributes(lastRunTimestamp.toISOString()),
// TODO (http-versioning): Remove this cast to RuleAttributes
monitoring: getDefaultMonitoring(
lastRunTimestamp.toISOString()
) as RuleAttributes['monitoring'],
monitoring: getDefaultMonitoring(lastRunTimestamp.toISOString()),
revision: 0,
scheduledTaskId: null,
running: false,
@ -168,7 +163,7 @@ export async function cloneRule<Params extends RuleParams = never>(
})
);
// Convert ES RuleAttributes back to domain rule object
// Convert ES RawRule back to domain rule object
const ruleDomain: RuleDomain<Params> = transformRuleAttributesToRuleDomain<Params>(
clonedRuleAttributes.attributes,
{

8
x-pack/plugins/alerting/server/application/rule/methods/create/create_rule.ts
View file

@ -27,14 +27,13 @@ import { generateAPIKeyName, apiKeyAsRuleDomainProperties } from '../../../../ru
import { ruleAuditEvent, RuleAuditAction } from '../../../../rules_client/common/audit_events';
import { RulesClientContext } from '../../../../rules_client/types';
import { RuleDomain, RuleParams } from '../../types';
import { SanitizedRule } from '../../../../types';
import { RawRule, SanitizedRule } from '../../../../types';
import {
transformRuleAttributesToRuleDomain,
transformRuleDomainToRuleAttributes,
transformRuleDomainToRule,
} from '../../transforms';
import { ruleDomainSchema } from '../../schemas';
import { RuleAttributes } from '../../../../data/rule/types';
import type { CreateRuleData } from './types';
import { createRuleDataSchema } from './schemas';
import { createRuleSavedObject } from '../../../../rules_client/lib';
@ -225,12 +224,11 @@ export async function createRule<Params extends RuleParams = never>(
},
params: {
legacyId,
// @ts-expect-error upgrade typescript v4.9.5
paramsWithRefs: updatedParams,
},
});
const createdRuleSavedObject: SavedObject<RuleAttributes> = await withSpan(
const createdRuleSavedObject: SavedObject<RawRule> = await withSpan(
{ name: 'createRuleSavedObject', type: 'rules' },
() =>
createRuleSavedObject(context, {
@ -243,7 +241,7 @@ export async function createRule<Params extends RuleParams = never>(
})
);
// Convert ES RuleAttributes back to domain rule object
// Convert ES RawRule back to domain rule object
const ruleDomain: RuleDomain<Params> = transformRuleAttributesToRuleDomain<Params>(
createdRuleSavedObject.attributes,
{

3
x-pack/plugins/alerting/server/application/rule/methods/delete/delete_rule.ts
View file

@ -14,7 +14,6 @@ import { bulkMarkApiKeysForInvalidation } from '../../../../invalidate_pending_a
import { ruleAuditEvent, RuleAuditAction } from '../../../../rules_client/common/audit_events';
import { RulesClientContext } from '../../../../rules_client/types';
import { untrackRuleAlerts, migrateLegacyActions } from '../../../../rules_client/lib';
import { RuleAttributes } from '../../../../data/rule/types';
import { RULE_SAVED_OBJECT_TYPE } from '../../../../saved_objects';
import { DeleteRuleParams } from './types';
import { deleteRuleParamsSchema } from './schemas';
@ -40,7 +39,7 @@ async function deleteRuleWithOCC(context: RulesClientContext, { id }: { id: stri
let taskIdToRemove: string | undefined | null;
let apiKeyToInvalidate: string | null = null;
let apiKeyCreatedByUser: boolean | undefined | null = false;
let attributes: RuleAttributes;
let attributes: RawRule;
try {
const decryptedRule = await getDecryptedRuleSo({

3
x-pack/plugins/alerting/server/application/rule/methods/disable/disable_rule.ts
View file

@ -13,7 +13,6 @@ import { retryIfConflicts } from '../../../../lib/retry_if_conflicts';
import { ruleAuditEvent, RuleAuditAction } from '../../../../rules_client/common/audit_events';
import { RulesClientContext } from '../../../../rules_client/types';
import { untrackRuleAlerts, updateMeta, migrateLegacyActions } from '../../../../rules_client/lib';
import { RuleAttributes } from '../../../../data/rule/types';
import { RULE_SAVED_OBJECT_TYPE } from '../../../../saved_objects';
import { DisableRuleParams } from './types';
import { disableRuleParamsSchema } from './schemas';
@ -86,7 +85,7 @@ async function disableWithOCC(
}
if (untrack) {
await untrackRuleAlerts(context, id, attributes as RuleAttributes);
await untrackRuleAlerts(context, id, attributes);
}
context.auditLogger?.log(

3
x-pack/plugins/alerting/server/application/rule/methods/mute_all/mute_all.ts
View file

@ -14,7 +14,6 @@ import { ruleAuditEvent, RuleAuditAction } from '../../../../rules_client/common
import { RulesClientContext } from '../../../../rules_client/types';
import { updateMetaAttributes } from '../../../../rules_client/lib';
import { clearUnscheduledSnoozeAttributes } from '../../../../rules_client/common';
import { RuleAttributes } from '../../../../data/rule/types';
import { MuteAllRuleParams } from './types';
import { muteAllRuleParamsSchema } from './schemas';
@ -77,7 +76,7 @@ async function muteAllWithOCC(context: RulesClientContext, params: MuteAllRulePa
const updateAttributes = updateMetaAttributes(context, {
muteAll: true,
mutedInstanceIds: [],
snoozeSchedule: clearUnscheduledSnoozeAttributes(attributes as RuleAttributes),
snoozeSchedule: clearUnscheduledSnoozeAttributes(attributes),
updatedBy: await context.getUserName(),
updatedAt: new Date().toISOString(),
});

3
x-pack/plugins/alerting/server/application/rule/methods/unmute_all/unmute_all.ts
View file

@ -14,7 +14,6 @@ import { ruleAuditEvent, RuleAuditAction } from '../../../../rules_client/common
import { RulesClientContext } from '../../../../rules_client/types';
import { updateMetaAttributes } from '../../../../rules_client/lib';
import { clearUnscheduledSnoozeAttributes } from '../../../../rules_client/common';
import { RuleAttributes } from '../../../../data/rule/types';
import { UnmuteAllRuleParams } from './types';
import { unmuteAllRuleParamsSchema } from './schemas';
@ -77,7 +76,7 @@ async function unmuteAllWithOCC(context: RulesClientContext, params: UnmuteAllRu
const updateAttributes = updateMetaAttributes(context, {
muteAll: false,
mutedInstanceIds: [],
snoozeSchedule: clearUnscheduledSnoozeAttributes(attributes as RuleAttributes),
snoozeSchedule: clearUnscheduledSnoozeAttributes(attributes),
updatedBy: await context.getUserName(),
updatedAt: new Date().toISOString(),
});

9
x-pack/plugins/alerting/server/application/rule/methods/update/update_rule.ts
View file

@ -37,13 +37,12 @@ import { createRuleSo, getDecryptedRuleSo, getRuleSo } from '../../../../data/ru
import { validateScheduleLimit, ValidateScheduleLimitResult } from '../get_schedule_frequency';
import { RULE_SAVED_OBJECT_TYPE } from '../../../../saved_objects';
import { updateRuleDataSchema } from './schemas';
import { RuleAttributes } from '../../../../data/rule/types';
import { transformRuleAttributesToRuleDomain, transformRuleDomainToRule } from '../../transforms';
import { ruleDomainSchema } from '../../schemas';
const validateCanUpdateFlapping = (
isFlappingEnabled: boolean,
originalFlapping: RuleAttributes['flapping'],
originalFlapping: RawRule['flapping'],
updateFlapping: UpdateRuleParams['data']['flapping']
) => {
// If flapping is enabled, allow rule flapping to be updated and do nothing
@ -112,7 +111,7 @@ async function updateWithOCC<Params extends RuleParams = never>(
throw Boom.badRequest(`Error validating update data - ${error.message}`);
}
let originalRuleSavedObject: SavedObject<RuleAttributes>;
let originalRuleSavedObject: SavedObject<RawRule>;
try {
originalRuleSavedObject = await getDecryptedRuleSo({
@ -296,7 +295,7 @@ async function updateRuleAttributes<Params extends RuleParams = never>({
}: {
context: RulesClientContext;
updateRuleData: UpdateRuleData<Params>;
originalRuleSavedObject: SavedObject<RuleAttributes>;
originalRuleSavedObject: SavedObject<RawRule>;
validatedRuleTypeParams: Params;
shouldIncrementRevision: (params?: Params) => boolean;
isSystemAction: (connectorId: string) => boolean;
@ -376,7 +375,7 @@ async function updateRuleAttributes<Params extends RuleParams = never>({
updatedRuleAttributes.mapped_params = mappedParams;
}
let updatedRuleSavedObject: SavedObject<RuleAttributes>;
let updatedRuleSavedObject: SavedObject<RawRule>;
const { id, version } = originalRuleSavedObject;
try {

14
x-pack/plugins/alerting/server/application/rule/schemas/rule_schemas.ts
View file

@ -64,12 +64,14 @@ export const ruleExecutionStatusSchema = schema.object({
),
});
const outcome = schema.oneOf([
schema.literal(ruleLastRunOutcomeValues.SUCCEEDED),
schema.literal(ruleLastRunOutcomeValues.WARNING),
schema.literal(ruleLastRunOutcomeValues.FAILED),
]);
export const ruleLastRunSchema = schema.object({
outcome: schema.oneOf([
schema.literal(ruleLastRunOutcomeValues.SUCCEEDED),
schema.literal(ruleLastRunOutcomeValues.WARNING),
schema.literal(ruleLastRunOutcomeValues.FAILED),
]),
outcome,
outcomeOrder: schema.maybe(schema.number()),
warning: schema.maybe(
schema.nullable(
@ -105,7 +107,7 @@ export const monitoringSchema = schema.object({
success: schema.boolean(),
timestamp: schema.number(),
duration: schema.maybe(schema.number()),
outcome: schema.maybe(ruleLastRunSchema),
outcome: schema.maybe(outcome),
})
),
calculated_metrics: schema.object({

6
x-pack/plugins/alerting/server/application/rule/transforms/transform_raw_actions_to_domain_actions.test.ts
View file

@ -5,13 +5,13 @@
* 2.0.
*/
import { RuleActionAttributes } from '../../../data/rule/types';
import { RawRuleAction } from '../../../types';
import {
transformRawActionsToDomainActions,
transformRawActionsToDomainSystemActions,
} from './transform_raw_actions_to_domain_actions';
const defaultAction: RuleActionAttributes = {
const defaultAction: RawRuleAction = {
group: 'default',
uuid: '1',
actionRef: 'default-action-ref',
@ -25,7 +25,7 @@ const defaultAction: RuleActionAttributes = {
alertsFilter: { query: { kql: 'test:1', dsl: '{}', filters: [] } },
};
const systemAction: RuleActionAttributes = {
const systemAction: RawRuleAction = {
actionRef: 'system_action:my-system-action-id',
uuid: '123',
actionTypeId: '.test-system-action',

13
x-pack/plugins/alerting/server/application/rule/transforms/transform_raw_actions_to_domain_actions.ts
View file

@ -8,13 +8,12 @@
import { omit } from 'lodash';
import { SavedObjectReference } from '@kbn/core/server';
import { injectReferencesIntoActions } from '../../../rules_client/common';
import { RuleAttributes } from '../../../data/rule/types';
import { RawRule } from '../../../types';
import { RuleDomain } from '../types';
interface Args {
ruleId: string;
actions: RuleAttributes['actions'] | RawRule['actions'];
actions: RawRule['actions'];
isSystemAction: (connectorId: string) => boolean;
omitGeneratedValues?: boolean;
references?: SavedObjectReference[];
@ -42,8 +41,8 @@ export const transformRawActionsToDomainActions = ({
uuid: action.uuid,
...(action.frequency ? { frequency: action.frequency } : {}),
...(action.alertsFilter ? { alertsFilter: action.alertsFilter } : {}),
...(action.useAlertDataAsTemplate
? { useAlertDataAsTemplate: action.useAlertDataAsTemplate }
...(action.useAlertDataForTemplate
? { useAlertDataForTemplate: action.useAlertDataForTemplate }
: {}),
};
@ -54,7 +53,7 @@ export const transformRawActionsToDomainActions = ({
return defaultAction;
});
return ruleDomainActions;
return ruleDomainActions as RuleDomain['actions'];
};
export const transformRawActionsToDomainSystemActions = ({
@ -76,8 +75,8 @@ export const transformRawActionsToDomainSystemActions = ({
params: action.params,
actionTypeId: action.actionTypeId,
uuid: action.uuid,
...(action.useAlertDataAsTemplate
? { useAlertDataAsTemplate: action.useAlertDataAsTemplate }
...(action.useAlertDataForTemplate
? { useAlertDataForTemplate: action.useAlertDataForTemplate }
: {}),
};
});

8
x-pack/plugins/alerting/server/application/rule/transforms/transform_rule_attributes_to_rule_domain.test.ts
View file

@ -9,7 +9,7 @@ import { RecoveredActionGroup } from '../../../../common';
import { loggingSystemMock } from '@kbn/core-logging-server-mocks';
import { transformRuleAttributesToRuleDomain } from './transform_rule_attributes_to_rule_domain';
import { UntypedNormalizedRuleType } from '../../../rule_type_registry';
import { RuleActionAttributes } from '../../../data/rule/types';
import { RawRuleAction } from '../../../types';
const ruleType: jest.Mocked<UntypedNormalizedRuleType> = {
id: 'test.rule-type',
@ -37,7 +37,7 @@ const ruleType: jest.Mocked<UntypedNormalizedRuleType> = {
validLegacyConsumers: [],
};
const defaultAction: RuleActionAttributes = {
const defaultAction: RawRuleAction = {
group: 'default',
uuid: '1',
actionRef: 'default-action-ref',
@ -51,7 +51,7 @@ const defaultAction: RuleActionAttributes = {
alertsFilter: { query: { kql: 'test:1', dsl: '{}', filters: [] } },
};
const systemAction: RuleActionAttributes = {
const systemAction: RawRuleAction = {
actionRef: 'system_action:my-system-action-id',
uuid: '123',
actionTypeId: '.test-system-action',
@ -82,6 +82,8 @@ describe('transformRuleAttributesToRuleDomain', () => {
executionStatus: {
lastExecutionDate: '2019-02-12T21:01:22.479Z',
status: 'pending' as const,
error: null,
warning: null,
},
params: {},
throttle: null,

10
x-pack/plugins/alerting/server/application/rule/transforms/transform_rule_attributes_to_rule_domain.ts
View file

@ -10,8 +10,7 @@ import { SavedObjectReference } from '@kbn/core/server';
import { ruleExecutionStatusValues } from '../constants';
import { getRuleSnoozeEndTime } from '../../../lib';
import { RuleDomain, Monitoring, RuleParams } from '../types';
import { PartialRule, SanitizedRule } from '../../../types';
import { RuleAttributes, RuleExecutionStatusAttributes } from '../../../data/rule/types';
import { PartialRule, RawRule, RawRuleExecutionStatus, SanitizedRule } from '../../../types';
import { UntypedNormalizedRuleType } from '../../../rule_type_registry';
import { injectReferencesIntoParams } from '../../../rules_client/common';
import { getActiveScheduledSnoozes } from '../../../lib/is_rule_snoozed';
@ -32,7 +31,7 @@ const INITIAL_LAST_RUN_METRICS = {
const transformEsExecutionStatus = (
logger: Logger,
ruleId: string,
esRuleExecutionStatus: RuleExecutionStatusAttributes
esRuleExecutionStatus: RawRuleExecutionStatus
): RuleDomain['executionStatus'] => {
const {
lastExecutionDate,
@ -89,7 +88,7 @@ export const updateMonitoring = ({
const transformEsMonitoring = (
logger: Logger,
ruleId: string,
monitoring?: RuleAttributes['monitoring']
monitoring?: RawRule['monitoring']
): Monitoring | undefined => {
if (!monitoring) {
return undefined;
@ -120,7 +119,7 @@ interface TransformEsToRuleParams {
}
export const transformRuleAttributesToRuleDomain = <Params extends RuleParams = never>(
esRule: RuleAttributes,
esRule: RawRule,
transformParams: TransformEsToRuleParams,
isSystemAction: (connectorId: string) => boolean
): RuleDomain<Params> => {
@ -251,5 +250,6 @@ export const transformRuleAttributesToRuleDomain = <Params extends RuleParams =
}
}
// nullable rrule bymonth?
return rule;
};

12
x-pack/plugins/alerting/server/application/rule/transforms/transform_rule_domain_to_rule_attributes.ts
View file

@ -4,15 +4,15 @@
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { RawRule } from '../../../types';
import { RuleDomain } from '../types';
import { RuleAttributes } from '../../../data/rule/types';
import { getMappedParams } from '../../../rules_client/common';
import { DenormalizedAction } from '../../../rules_client';
interface TransformRuleToEsParams {
legacyId: RuleAttributes['legacyId'];
paramsWithRefs: RuleAttributes['params'];
meta?: RuleAttributes['meta'];
legacyId: RawRule['legacyId'];
paramsWithRefs: RawRule['params'];
meta?: RawRule['meta'];
}
export const transformRuleDomainToRuleAttributes = ({
@ -23,7 +23,7 @@ export const transformRuleDomainToRuleAttributes = ({
actionsWithRefs: DenormalizedAction[];
rule: Omit<RuleDomain, 'actions' | 'params' | 'systemActions'>;
params: TransformRuleToEsParams;
}): RuleAttributes => {
}): RawRule => {
const { legacyId, paramsWithRefs, meta } = params;
const mappedParams = getMappedParams(paramsWithRefs);
@ -81,5 +81,5 @@ export const transformRuleDomainToRuleAttributes = ({
...(rule.running !== undefined ? { running: rule.running } : {}),
...(rule.alertDelay !== undefined ? { alertDelay: rule.alertDelay } : {}),
...(rule.flapping !== undefined ? { flapping: rule.flapping } : {}),
};
} as RawRule;
};

18
x-pack/plugins/alerting/server/data/r_rule/types/r_rule_attributes.ts
View file

@ -17,13 +17,13 @@ export interface RRuleAttributes {
count?: number;
interval?: number;
wkst?: WeekdayStr;
byweekday?: Array<string | number>;
bymonth?: number[];
bysetpos?: number[];
bymonthday?: number[];
byyearday?: number[];
byweekno?: number[];
byhour?: number[];
byminute?: number[];
bysecond?: number[];
byweekday?: Array<string | number> | null;
bymonth?: number[] | null;
bysetpos?: number[] | null;
bymonthday?: number[] | null;
byyearday?: number[] | null;
byweekno?: number[] | null;
byhour?: number[] | null;
byminute?: number[] | null;
bysecond?: number[] | null;
}

8
x-pack/plugins/alerting/server/data/rule/methods/bulk_create_rule_so.ts
View file

@ -11,20 +11,20 @@ import {
SavedObjectsBulkCreateObject,
SavedObjectsBulkResponse,
} from '@kbn/core/server';
import { RuleAttributes } from '../types';
import { RawRule } from '../../../types';
export interface BulkCreateRulesSoParams {
savedObjectsClient: SavedObjectsClientContract;
bulkCreateRuleAttributes: Array<SavedObjectsBulkCreateObject<RuleAttributes>>;
bulkCreateRuleAttributes: Array<SavedObjectsBulkCreateObject<RawRule>>;
savedObjectsBulkCreateOptions?: SavedObjectsCreateOptions;
}
export const bulkCreateRulesSo = (
params: BulkCreateRulesSoParams
): Promise<SavedObjectsBulkResponse<RuleAttributes>> => {
): Promise<SavedObjectsBulkResponse<RawRule>> => {
const { savedObjectsClient, bulkCreateRuleAttributes, savedObjectsBulkCreateOptions } = params;
return savedObjectsClient.bulkCreate<RuleAttributes>(
return savedObjectsClient.bulkCreate<RawRule>(
bulkCreateRuleAttributes,
savedObjectsBulkCreateOptions
);

8
x-pack/plugins/alerting/server/data/rule/methods/bulk_disable_rules_so.ts
View file

@ -11,20 +11,20 @@ import {
SavedObjectsBulkCreateObject,
SavedObjectsBulkResponse,
} from '@kbn/core/server';
import { RuleAttributes } from '../types';
import { RawRule } from '../../../types';
export interface BulkDisableRulesSoParams {
savedObjectsClient: SavedObjectsClientContract;
bulkDisableRuleAttributes: Array<SavedObjectsBulkCreateObject<RuleAttributes>>;
bulkDisableRuleAttributes: Array<SavedObjectsBulkCreateObject<RawRule>>;
savedObjectsBulkCreateOptions?: SavedObjectsCreateOptions;
}
export const bulkDisableRulesSo = (
params: BulkDisableRulesSoParams
): Promise<SavedObjectsBulkResponse<RuleAttributes>> => {
): Promise<SavedObjectsBulkResponse<RawRule>> => {
const { savedObjectsClient, bulkDisableRuleAttributes, savedObjectsBulkCreateOptions } = params;
return savedObjectsClient.bulkCreate<RuleAttributes>(
return savedObjectsClient.bulkCreate<RawRule>(
bulkDisableRuleAttributes,
savedObjectsBulkCreateOptions
);

6
x-pack/plugins/alerting/server/data/rule/methods/create_rule_so.ts
View file

@ -10,16 +10,16 @@ import {
SavedObjectsCreateOptions,
SavedObject,
} from '@kbn/core/server';
import { RawRule } from '../../../types';
import { RULE_SAVED_OBJECT_TYPE } from '../../../saved_objects';
import { RuleAttributes } from '../types';
export interface CreateRuleSoParams {
savedObjectsClient: SavedObjectsClientContract;
ruleAttributes: RuleAttributes;
ruleAttributes: RawRule;
savedObjectsCreateOptions?: SavedObjectsCreateOptions;
}
export const createRuleSo = (params: CreateRuleSoParams): Promise<SavedObject<RuleAttributes>> => {
export const createRuleSo = (params: CreateRuleSoParams): Promise<SavedObject<RawRule>> => {
const { savedObjectsClient, ruleAttributes, savedObjectsCreateOptions } = params;
return savedObjectsClient.create(

6
x-pack/plugins/alerting/server/data/rule/methods/find_rules_so.ts
View file

@ -11,7 +11,7 @@ import {
SavedObjectsFindResponse,
} from '@kbn/core/server';
import { RULE_SAVED_OBJECT_TYPE } from '../../../saved_objects';
import { RuleAttributes } from '../types';
import { RawRule } from '../../../types';
export interface FindRulesSoParams {
savedObjectsClient: SavedObjectsClientContract;
@ -20,10 +20,10 @@ export interface FindRulesSoParams {
export const findRulesSo = <RuleAggregation = Record<string, unknown>>(
params: FindRulesSoParams
): Promise<SavedObjectsFindResponse<RuleAttributes, RuleAggregation>> => {
): Promise<SavedObjectsFindResponse<RawRule, RuleAggregation>> => {
const { savedObjectsClient, savedObjectsFindOptions } = params;
return savedObjectsClient.find<RuleAttributes, RuleAggregation>({
return savedObjectsClient.find<RawRule, RuleAggregation>({
...savedObjectsFindOptions,
type: RULE_SAVED_OBJECT_TYPE,
});

6
x-pack/plugins/alerting/server/data/rule/methods/get_decrypted_rule_so.ts
View file

@ -8,8 +8,8 @@
import { SavedObject } from '@kbn/core/server';
import { EncryptedSavedObjectsClient } from '@kbn/encrypted-saved-objects-plugin/server';
import { SavedObjectsGetOptions } from '@kbn/core-saved-objects-api-server';
import { RawRule } from '../../../types';
import { RULE_SAVED_OBJECT_TYPE } from '../../../saved_objects';
import { RuleAttributes } from '../types';
export interface GetDecryptedRuleSoParams {
encryptedSavedObjectsClient: EncryptedSavedObjectsClient;
@ -19,10 +19,10 @@ export interface GetDecryptedRuleSoParams {
export const getDecryptedRuleSo = (
params: GetDecryptedRuleSoParams
): Promise<SavedObject<RuleAttributes>> => {
): Promise<SavedObject<RawRule>> => {
const { id, encryptedSavedObjectsClient, savedObjectsGetOptions } = params;
return encryptedSavedObjectsClient.getDecryptedAsInternalUser<RuleAttributes>(
return encryptedSavedObjectsClient.getDecryptedAsInternalUser<RawRule>(
RULE_SAVED_OBJECT_TYPE,
id,
savedObjectsGetOptions

6
x-pack/plugins/alerting/server/data/rule/methods/get_rule_so.ts
View file

@ -7,8 +7,8 @@
import { SavedObjectsClientContract, SavedObject } from '@kbn/core/server';
import { SavedObjectsGetOptions } from '@kbn/core-saved-objects-api-server';
import { RawRule } from '../../../types';
import { RULE_SAVED_OBJECT_TYPE } from '../../../saved_objects';
import { RuleAttributes } from '../types';
export interface GetRuleSoParams {
savedObjectsClient: SavedObjectsClientContract;
@ -16,8 +16,8 @@ export interface GetRuleSoParams {
savedObjectsGetOptions?: SavedObjectsGetOptions;
}
export const getRuleSo = (params: GetRuleSoParams): Promise<SavedObject<RuleAttributes>> => {
export const getRuleSo = (params: GetRuleSoParams): Promise<SavedObject<RawRule>> => {
const { savedObjectsClient, id, savedObjectsGetOptions } = params;
return savedObjectsClient.get<RuleAttributes>(RULE_SAVED_OBJECT_TYPE, id, savedObjectsGetOptions);
return savedObjectsClient.get<RawRule>(RULE_SAVED_OBJECT_TYPE, id, savedObjectsGetOptions);
};

4
x-pack/plugins/alerting/server/data/rule/methods/resolve_rule_so.ts
View file

@ -8,7 +8,7 @@
import { SavedObjectsClientContract, SavedObjectsResolveResponse } from '@kbn/core/server';
import { SavedObjectsResolveOptions } from '@kbn/core-saved-objects-api-server';
import { RULE_SAVED_OBJECT_TYPE } from '../../../saved_objects';
import { RuleAttributes } from '../types';
import { RawRule } from '../../../types';
export interface ResolveRuleSoParams {
savedObjectsClient: SavedObjectsClientContract;
@ -18,7 +18,7 @@ export interface ResolveRuleSoParams {
export const resolveRuleSo = (
params: ResolveRuleSoParams
): Promise<SavedObjectsResolveResponse<RuleAttributes>> => {
): Promise<SavedObjectsResolveResponse<RawRule>> => {
const { savedObjectsClient, id, savedObjectsResolveOptions } = params;
return savedObjectsClient.resolve(RULE_SAVED_OBJECT_TYPE, id, savedObjectsResolveOptions);

10
x-pack/plugins/alerting/server/data/rule/methods/update_rule_so.ts
View file

@ -11,21 +11,21 @@ import {
SavedObjectsUpdateResponse,
} from '@kbn/core/server';
import { RULE_SAVED_OBJECT_TYPE } from '../../../saved_objects';
import { RuleAttributes } from '../types';
import { RawRule } from '../../../types';
export interface UpdateRuleSoParams {
savedObjectsClient: SavedObjectsClientContract;
id: string;
updateRuleAttributes: Partial<RuleAttributes>;
savedObjectsUpdateOptions?: SavedObjectsUpdateOptions<RuleAttributes>;
updateRuleAttributes: Partial<RawRule>;
savedObjectsUpdateOptions?: SavedObjectsUpdateOptions<RawRule>;
}
export const updateRuleSo = (
params: UpdateRuleSoParams
): Promise<SavedObjectsUpdateResponse<RuleAttributes>> => {
): Promise<SavedObjectsUpdateResponse<RawRule>> => {
const { savedObjectsClient, id, updateRuleAttributes, savedObjectsUpdateOptions } = params;
return savedObjectsClient.update<RuleAttributes>(
return savedObjectsClient.update<RawRule>(
RULE_SAVED_OBJECT_TYPE,
id,
updateRuleAttributes,

24
x-pack/plugins/alerting/server/data/rule/types/index.ts
View file

@ -1,24 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
export type {
RuleNotifyWhenAttributes,
RuleLastRunOutcomeValuesAttributes,
RuleActionAttributes,
RuleExecutionStatusValuesAttributes,
RuleExecutionStatusErrorReasonAttributes,
RuleExecutionStatusWarningReasonAttributes,
RuleSnoozeScheduleAttributes,
RuleExecutionStatusAttributes,
RuleLastRunAttributes,
RuleMonitoringHistoryAttributes,
RuleMonitoringCalculatedMetricsAttributes,
RuleMonitoringLastRunMetricsAttributes,
RuleMonitoringLastRunAttributes,
RuleMonitoringAttributes,
RuleAttributes,
} from './rule_attributes';

189
x-pack/plugins/alerting/server/data/rule/types/rule_attributes.ts
View file

@ -1,189 +0,0 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import type { SavedObjectAttributes } from '@kbn/core/server';
import { IsoWeekday } from '../../../../common';
import {
ruleNotifyWhenAttributes,
ruleLastRunOutcomeValuesAttributes,
ruleExecutionStatusValuesAttributes,
ruleExecutionStatusErrorReasonAttributes,
ruleExecutionStatusWarningReasonAttributes,
} from '../constants';
import { RRuleAttributes } from '../../r_rule/types';
import { AlertsFilterQueryAttributes } from '../../alerts_filter_query/types';
export type RuleNotifyWhenAttributes =
(typeof ruleNotifyWhenAttributes)[keyof typeof ruleNotifyWhenAttributes];
export type RuleLastRunOutcomeValuesAttributes =
(typeof ruleLastRunOutcomeValuesAttributes)[keyof typeof ruleLastRunOutcomeValuesAttributes];
export type RuleExecutionStatusValuesAttributes =
(typeof ruleExecutionStatusValuesAttributes)[keyof typeof ruleExecutionStatusValuesAttributes];
export type RuleExecutionStatusErrorReasonAttributes =
(typeof ruleExecutionStatusErrorReasonAttributes)[keyof typeof ruleExecutionStatusErrorReasonAttributes];
export type RuleExecutionStatusWarningReasonAttributes =
(typeof ruleExecutionStatusWarningReasonAttributes)[keyof typeof ruleExecutionStatusWarningReasonAttributes];
export interface RuleSnoozeScheduleAttributes {
duration: number;
rRule: RRuleAttributes;
id?: string;
skipRecurrences?: string[];
}
export interface RuleExecutionStatusAttributes {
status: RuleExecutionStatusValuesAttributes;
lastExecutionDate: string;
lastDuration?: number;
error?: {
reason: RuleExecutionStatusErrorReasonAttributes;
message: string;
} | null;
warning?: {
reason: RuleExecutionStatusWarningReasonAttributes;
message: string;
} | null;
}
export interface RuleLastRunAttributes {
outcome: RuleLastRunOutcomeValuesAttributes;
outcomeOrder?: number;
warning?:
| RuleExecutionStatusErrorReasonAttributes
| RuleExecutionStatusWarningReasonAttributes
| null;
outcomeMsg?: string[] | null;
alertsCount: {
active?: number | null;
new?: number | null;
recovered?: number | null;
ignored?: number | null;
};
}
export interface RuleMonitoringHistoryAttributes {
success: boolean;
timestamp: number;
duration?: number;
outcome?: RuleLastRunAttributes;
}
export interface RuleMonitoringCalculatedMetricsAttributes {
p50?: number;
p95?: number;
p99?: number;
success_ratio: number;
}
export interface RuleMonitoringLastRunMetricsAttributes {
duration?: number;
total_search_duration_ms?: number | null;
total_indexing_duration_ms?: number | null;
total_alerts_detected?: number | null;
total_alerts_created?: number | null;
gap_duration_s?: number | null;
}
export interface RuleMonitoringLastRunAttributes {
timestamp: string;
metrics: RuleMonitoringLastRunMetricsAttributes;
}
export interface RuleMonitoringAttributes {
run: {
history: RuleMonitoringHistoryAttributes[];
calculated_metrics: RuleMonitoringCalculatedMetricsAttributes;
last_run: RuleMonitoringLastRunAttributes;
};
}
interface IntervaleScheduleAttributes extends SavedObjectAttributes {
interval: string;
}
interface AlertsFilterTimeFrameAttributes {
days: IsoWeekday[];
timezone: string;
hours: {
start: string;
end: string;
};
}
export interface AlertsFilterAttributes {
query?: AlertsFilterQueryAttributes;
timeframe?: AlertsFilterTimeFrameAttributes;
}
export interface RuleActionAttributes {
uuid: string;
group?: string;
actionRef: string;
actionTypeId: string;
params: SavedObjectAttributes;
frequency?: {
summary: boolean;
notifyWhen: RuleNotifyWhenAttributes;
throttle: string | null;
};
alertsFilter?: AlertsFilterAttributes;
useAlertDataAsTemplate?: boolean;
}
type MappedParamsAttributes = SavedObjectAttributes & {
risk_score?: number;
severity?: string;
};
interface RuleMetaAttributes {
versionApiKeyLastmodified?: string;
}
interface AlertDelayAttributes {
active: number;
}
interface FlappingAttributes {
lookBackWindow: number;
statusChangeThreshold: number;
}
export interface RuleAttributes {
name: string;
tags: string[];
enabled: boolean;
alertTypeId: string;
consumer: string;
legacyId: string | null;
schedule: IntervaleScheduleAttributes;
actions: RuleActionAttributes[];
params: SavedObjectAttributes;
mapped_params?: MappedParamsAttributes;
scheduledTaskId?: string | null;
createdBy: string | null;
updatedBy: string | null;
createdAt: string;
updatedAt: string;
apiKey: string | null;
apiKeyOwner: string | null;
apiKeyCreatedByUser?: boolean | null;
throttle?: string | null;
notifyWhen?: RuleNotifyWhenAttributes | null;
muteAll: boolean;
mutedInstanceIds: string[];
meta?: RuleMetaAttributes;
executionStatus?: RuleExecutionStatusAttributes;
monitoring?: RuleMonitoringAttributes;
snoozeSchedule?: RuleSnoozeScheduleAttributes[];
isSnoozedUntil?: string | null;
lastRun?: RuleLastRunAttributes | null;
nextRun?: string | null;
revision: number;
running?: boolean | null;
alertDelay?: AlertDelayAttributes;
flapping?: FlappingAttributes | null;
}

1
x-pack/plugins/alerting/server/routes/maintenance_window/apis/archive/archive_maintenance_window_route.test.ts
View file

@ -71,7 +71,6 @@ describe('archiveMaintenanceWindowRoute', () => {
archive: true,
});
expect(res.ok).toHaveBeenLastCalledWith({
// @ts-expect-error upgrade typescript v5.1.6
body: rewritePartialMaintenanceBodyRes(mockMaintenanceWindow),
});
});

1
x-pack/plugins/alerting/server/routes/maintenance_window/apis/find/find_maintenance_windows_route.test.ts
View file

@ -70,7 +70,6 @@ describe('findMaintenanceWindowsRoute', () => {
expect(maintenanceWindowClient.find).toHaveBeenCalled();
expect(res.ok).toHaveBeenLastCalledWith({
body: {
// @ts-expect-error upgrade typescript v5.1.6
data: mockMaintenanceWindows.data.map((data) => rewriteMaintenanceWindowRes(data)),
total: 2,
},

1
x-pack/plugins/alerting/server/routes/maintenance_window/apis/finish/finish_maintenance_window_route.test.ts
View file

@ -61,7 +61,6 @@ describe('finishMaintenanceWindowRoute', () => {
expect(maintenanceWindowClient.finish).toHaveBeenLastCalledWith({ id: 'test-id' });
expect(res.ok).toHaveBeenLastCalledWith({
// @ts-expect-error upgrade typescript v5.1.6
body: rewritePartialMaintenanceBodyRes(mockMaintenanceWindow),
});
});

1
x-pack/plugins/alerting/server/routes/maintenance_window/apis/get/get_maintenance_window_route.test.ts
View file

@ -61,7 +61,6 @@ describe('getMaintenanceWindowRoute', () => {
expect(maintenanceWindowClient.get).toHaveBeenLastCalledWith({ id: 'test-id' });
expect(res.ok).toHaveBeenLastCalledWith({
// @ts-expect-error upgrade typescript v5.1.6
body: rewritePartialMaintenanceBodyRes(mockMaintenanceWindow),
});
});

1
x-pack/plugins/alerting/server/routes/maintenance_window/apis/get_active/get_active_maintenance_windows_route.test.ts
View file

@ -69,7 +69,6 @@ describe('getActiveMaintenanceWindowsRoute', () => {
expect(maintenanceWindowClient.getActiveMaintenanceWindows).toHaveBeenCalled();
expect(res.ok).toHaveBeenLastCalledWith({
// @ts-expect-error upgrade typescript v5.1.6
body: mockMaintenanceWindows.map((data) => rewriteMaintenanceWindowRes(data)),
});
});

1
x-pack/plugins/alerting/server/routes/maintenance_window/apis/update/update_maintenance_window_route.test.ts
View file

@ -82,7 +82,6 @@ describe('updateMaintenanceWindowRoute', () => {
});
expect(res.ok).toHaveBeenLastCalledWith({
// @ts-expect-error upgrade typescript v5.1.6
body: rewritePartialMaintenanceBodyRes(mockMaintenanceWindow),
});
});

2
x-pack/plugins/alerting/server/routes/rule/transforms/transform_rule_to_rule_response/v1.ts
View file

@ -30,7 +30,7 @@ export const transformMonitoring = (monitoring: Monitoring): MonitoringV1 => {
success: history.success,
timestamp: history.timestamp,
...(history.duration !== undefined ? { duration: history.duration } : {}),
...(history.outcome ? { outcome: transformRuleLastRun(history.outcome) } : {}),
...(history.outcome !== undefined ? { outcome: history.outcome } : {}),
})),
calculated_metrics: monitoring.run.calculated_metrics,
last_run: monitoring.run.last_run,

3
x-pack/plugins/alerting/server/rules_client/common/inject_references.ts
View file

@ -10,7 +10,6 @@ import { omit } from 'lodash';
import { SavedObjectReference, SavedObjectAttributes } from '@kbn/core/server';
import { UntypedNormalizedRuleType } from '../../rule_type_registry';
import { RawRule, RuleTypeParams } from '../../types';
import { RuleActionAttributes } from '../../data/rule/types';
import {
preconfiguredConnectorActionRefPrefix,
extractedSavedObjectParamReferenceNamePrefix,
@ -19,7 +18,7 @@ import {
export function injectReferencesIntoActions(
alertId: string,
actions: RawRule['actions'] | RuleActionAttributes[],
actions: RawRule['actions'],
references: SavedObjectReference[]
) {
return actions.map((action) => {

10
x-pack/plugins/alerting/server/rules_client/common/retry_if_bulk_edit_conflicts.ts
View file

@ -12,24 +12,24 @@ import { Logger, SavedObjectsBulkUpdateObject, SavedObjectsUpdateResponse } from
import { BulkActionSkipResult } from '../../../common/bulk_edit';
import { convertRuleIdsToKueryNode } from '../../lib';
import { BulkOperationError } from '../types';
import { RuleAttributes } from '../../data/rule/types';
import { waitBeforeNextRetry, RETRY_IF_CONFLICTS_ATTEMPTS } from './wait_before_next_retry';
import { RULE_SAVED_OBJECT_TYPE } from '../../saved_objects';
import { RawRule } from '../../types';
// max number of failed SO ids in one retry filter
const MaxIdsNumberInRetryFilter = 1000;
type BulkEditOperation = (filter: KueryNode | null) => Promise<{
apiKeysToInvalidate: string[];
rules: Array<SavedObjectsBulkUpdateObject<RuleAttributes>>;
resultSavedObjects: Array<SavedObjectsUpdateResponse<RuleAttributes>>;
rules: Array<SavedObjectsBulkUpdateObject<RawRule>>;
resultSavedObjects: Array<SavedObjectsUpdateResponse<RawRule>>;
errors: BulkOperationError[];
skipped: BulkActionSkipResult[];
}>;
interface ReturnRetry {
apiKeysToInvalidate: string[];
results: Array<SavedObjectsUpdateResponse<RuleAttributes>>;
results: Array<SavedObjectsUpdateResponse<RawRule>>;
errors: BulkOperationError[];
skipped: BulkActionSkipResult[];
}
@ -55,7 +55,7 @@ export const retryIfBulkEditConflicts = async (
filter: KueryNode | null,
retries: number = RETRY_IF_CONFLICTS_ATTEMPTS,
accApiKeysToInvalidate: string[] = [],
accResults: Array<SavedObjectsUpdateResponse<RuleAttributes>> = [],
accResults: Array<SavedObjectsUpdateResponse<RawRule>> = [],
accErrors: BulkOperationError[] = [],
accSkipped: BulkActionSkipResult[] = []
): Promise<ReturnRetry> => {

6
x-pack/plugins/alerting/server/rules_client/common/retry_if_bulk_operation_conflicts.ts
View file

@ -13,13 +13,13 @@ import { withSpan } from '@kbn/apm-utils';
import { convertRuleIdsToKueryNode } from '../../lib';
import { BulkOperationError } from '../types';
import { waitBeforeNextRetry, RETRY_IF_CONFLICTS_ATTEMPTS } from './wait_before_next_retry';
import { RuleAttributes } from '../../data/rule/types';
import { RawRule } from '../../types';
const MAX_RULES_IDS_IN_RETRY = 1000;
interface BulkOperationResult {
errors: BulkOperationError[];
rules: Array<SavedObjectsBulkUpdateObject<RuleAttributes>>;
rules: Array<SavedObjectsBulkUpdateObject<RawRule>>;
accListSpecificForBulkOperation: string[][];
}
@ -63,7 +63,7 @@ const handler = async ({
filter: KueryNode | null;
accListSpecificForBulkOperation?: string[][];
accErrors?: BulkOperationError[];
accRules?: Array<SavedObjectsBulkUpdateObject<RuleAttributes>>;
accRules?: Array<SavedObjectsBulkUpdateObject<RawRule>>;
retries?: number;
}): Promise<BulkOperationResult> => {
try {

17
x-pack/plugins/alerting/server/rules_client/common/snooze_utils.ts
View file

@ -12,13 +12,10 @@ import {
RuleParams,
RuleSnoozeSchedule as RuleDomainSnoozeSchedule,
} from '../../application/rule/types';
import { RuleAttributes } from '../../data/rule/types';
import { getActiveScheduledSnoozes } from '../../lib/is_rule_snoozed';
import { RawRule } from '../../types';
export function getSnoozeAttributes(
attributes: RuleAttributes,
snoozeSchedule: RuleDomainSnoozeSchedule
) {
export function getSnoozeAttributes(attributes: RawRule, snoozeSchedule: RuleDomainSnoozeSchedule) {
// If duration is -1, instead mute all
const { id: snoozeId, duration } = snoozeSchedule;
@ -70,7 +67,7 @@ export function getBulkSnooze<Params extends RuleParams>(
};
}
export function getUnsnoozeAttributes(attributes: RuleAttributes, scheduleIds?: string[]) {
export function getUnsnoozeAttributes(attributes: RawRule, scheduleIds?: string[]) {
const snoozeSchedule = scheduleIds
? clearScheduledSnoozesAttributesById(attributes, scheduleIds)
: clearCurrentActiveSnoozeAttributes(attributes);
@ -104,7 +101,7 @@ export function getBulkUnsnooze<Params extends RuleParams>(
};
}
export function clearUnscheduledSnoozeAttributes(attributes: RuleAttributes) {
export function clearUnscheduledSnoozeAttributes(attributes: RawRule) {
// Clear any snoozes that have no ID property. These are "simple" snoozes created with the quick UI, e.g. snooze for 3 days starting now
return attributes.snoozeSchedule
? attributes.snoozeSchedule.filter((s) => typeof s.id !== 'undefined')
@ -115,7 +112,7 @@ export function clearUnscheduledSnooze<Params extends RuleParams>(rule: RuleDoma
return rule.snoozeSchedule ? rule.snoozeSchedule.filter((s) => typeof s.id !== 'undefined') : [];
}
export function clearScheduledSnoozesAttributesById(attributes: RuleAttributes, ids: string[]) {
export function clearScheduledSnoozesAttributesById(attributes: RawRule, ids: string[]) {
return attributes.snoozeSchedule
? attributes.snoozeSchedule.filter((s) => !(s.id && ids.includes(s.id)))
: [];
@ -128,11 +125,10 @@ export function clearScheduledSnoozesById<Params extends RuleParams>(
return rule.snoozeSchedule ? rule.snoozeSchedule.filter((s) => s.id && !ids.includes(s.id)) : [];
}
export function clearCurrentActiveSnoozeAttributes(attributes: RuleAttributes) {
export function clearCurrentActiveSnoozeAttributes(attributes: RawRule) {
// First attempt to cancel a simple (unscheduled) snooze
const clearedUnscheduledSnoozes = clearUnscheduledSnoozeAttributes(attributes);
// Now clear any scheduled snoozes that are currently active and never recur
// @ts-expect-error upgrade typescript v5.1.6
const activeSnoozes = getActiveScheduledSnoozes(attributes);
const activeSnoozeIds = activeSnoozes?.map((s) => s.id) ?? [];
const recurringSnoozesToSkip: string[] = [];
@ -160,7 +156,6 @@ export function clearCurrentActiveSnooze<Params extends RuleParams>(rule: RuleDo
// First attempt to cancel a simple (unscheduled) snooze
const clearedUnscheduledSnoozes = clearUnscheduledSnooze(rule);
// Now clear any scheduled snoozes that are currently active and never recur
// @ts-expect-error upgrade typescript v5.1.6
const activeSnoozes = getActiveScheduledSnoozes(rule);
const activeSnoozeIds = activeSnoozes?.map((s) => s.id) ?? [];
const recurringSnoozesToSkip: string[] = [];

16
x-pack/plugins/alerting/server/rules_client/lib/create_rule_saved_object.ts
View file

@ -8,7 +8,6 @@
import { SavedObjectReference, SavedObject } from '@kbn/core/server';
import { withSpan } from '@kbn/apm-utils';
import { Rule, RuleWithLegacyId, RawRule, RuleTypeParams } from '../../types';
import { RuleAttributes } from '../../data/rule/types';
import { bulkMarkApiKeysForInvalidation } from '../../invalidate_pending_api_keys/bulk_mark_api_keys_for_invalidation';
import { ruleAuditEvent, RuleAuditAction } from '../common/audit_events';
import { SavedObjectOptions } from '../types';
@ -30,7 +29,7 @@ interface CreateRuleSavedObjectParams {
interface CreateRuleSavedObjectAttributeParams {
intervalInMs: number;
rawRule: RuleAttributes;
rawRule: RawRule;
references: SavedObjectReference[];
ruleId: string;
options?: SavedObjectOptions;
@ -46,11 +45,11 @@ export async function createRuleSavedObject<Params extends RuleTypeParams = neve
export async function createRuleSavedObject<Params extends RuleTypeParams = never>(
context: RulesClientContext,
params: CreateRuleSavedObjectAttributeParams
): Promise<SavedObject<RuleAttributes>>;
): Promise<SavedObject<RawRule>>;
export async function createRuleSavedObject<Params extends RuleTypeParams = never>(
context: RulesClientContext,
params: CreateRuleSavedObjectParams | CreateRuleSavedObjectAttributeParams
): Promise<Rule<Params> | RuleWithLegacyId<Params> | SavedObject<RuleAttributes>> {
): Promise<Rule<Params> | RuleWithLegacyId<Params> | SavedObject<RawRule>> {
const { intervalInMs, rawRule, references, ruleId, options, returnRuleAttributes } = params;
context.auditLogger?.log(
@ -61,14 +60,13 @@ export async function createRuleSavedObject<Params extends RuleTypeParams = neve
})
);
// TODO (http-versioning): Remove casts
let createdAlert: SavedObject<RawRule>;
try {
createdAlert = (await withSpan(
createdAlert = await withSpan(
{ name: 'unsecuredSavedObjectsClient.create', type: 'rules' },
() =>
createRuleSo({
ruleAttributes: updateMeta(context, rawRule as RawRule) as RuleAttributes,
ruleAttributes: updateMeta(context, rawRule),
savedObjectsClient: context.unsecuredSavedObjectsClient,
savedObjectsCreateOptions: {
...options,
@ -76,7 +74,7 @@ export async function createRuleSavedObject<Params extends RuleTypeParams = neve
id: ruleId,
},
})
)) as SavedObject<RawRule>;
);
} catch (e) {
// Avoid unused API key
await bulkMarkApiKeysForInvalidation(
@ -138,7 +136,7 @@ export async function createRuleSavedObject<Params extends RuleTypeParams = neve
// TODO (http-versioning): Remove casts
if (returnRuleAttributes) {
return createdAlert as SavedObject<RuleAttributes>;
return createdAlert as SavedObject<RawRule>;
}
return getAlertFromRaw<Params>({

4
x-pack/plugins/alerting/server/rules_client/lib/get_rule_saved_object.ts
View file

@ -10,8 +10,8 @@ import { withSpan } from '@kbn/apm-utils';
import { ruleAuditEvent, RuleAuditAction } from '../common/audit_events';
import { RulesClientContext } from '../types';
import { getRuleSo } from '../../data/rule';
import { RuleAttributes } from '../../data/rule/types';
import { RULE_SAVED_OBJECT_TYPE } from '../../saved_objects';
import { RawRule } from '../../types';
interface GetRuleSavedObjectParams {
ruleId: string;
@ -20,7 +20,7 @@ interface GetRuleSavedObjectParams {
export async function getRuleSavedObject(
context: RulesClientContext,
params: GetRuleSavedObjectParams
): Promise<SavedObject<RuleAttributes>> {
): Promise<SavedObject<RawRule>> {
const { ruleId } = params;
context.auditLogger?.log(

5
x-pack/plugins/alerting/server/rules_client/lib/increment_revision.test.ts
View file

@ -8,13 +8,12 @@
import { mockedDateString } from '../tests/lib';
import { incrementRevision } from './increment_revision';
import { SavedObject } from '@kbn/core/server';
import { RuleTypeParams } from '../../types';
import { RawRule, RuleTypeParams } from '../../types';
import { RULE_SAVED_OBJECT_TYPE } from '../../saved_objects';
import { UpdateRuleData } from '../../application/rule/methods/update';
import { RuleAttributes } from '../../data/rule/types';
describe('incrementRevision', () => {
const currentRule: SavedObject<RuleAttributes> = {
const currentRule: SavedObject<RawRule> = {
id: '1',
type: RULE_SAVED_OBJECT_TYPE,
attributes: {

5
x-pack/plugins/alerting/server/rules_client/lib/increment_revision.ts
View file

@ -6,17 +6,16 @@
*/
import { get, isEqual } from 'lodash';
import { RuleTypeParams } from '../../types';
import { RuleTypeParams, RawRule } from '../../types';
import { fieldsToExcludeFromRevisionUpdates } from '..';
import { UpdateRuleData } from '../../application/rule/methods/update';
import { RuleAttributes } from '../../data/rule/types';
export function incrementRevision<Params extends RuleTypeParams>({
originalRule,
updateRuleData,
updatedParams,
}: {
originalRule: RuleAttributes;
originalRule: RawRule;
updateRuleData: UpdateRuleData<Params>;
updatedParams: RuleTypeParams;
}): number {

4
x-pack/plugins/alerting/server/rules_client/lib/resolve_rule_saved_object.ts
View file

@ -10,8 +10,8 @@ import { withSpan } from '@kbn/apm-utils';
import { ruleAuditEvent, RuleAuditAction } from '../common/audit_events';
import { RulesClientContext } from '../types';
import { resolveRuleSo } from '../../data/rule';
import { RuleAttributes } from '../../data/rule/types';
import { RULE_SAVED_OBJECT_TYPE } from '../../saved_objects';
import { RawRule } from '../../types';
interface ResolveRuleSavedObjectParams {
ruleId: string;
@ -20,7 +20,7 @@ interface ResolveRuleSavedObjectParams {
export async function resolveRuleSavedObject(
context: RulesClientContext,
params: ResolveRuleSavedObjectParams
): Promise<SavedObjectsResolveResponse<RuleAttributes>> {
): Promise<SavedObjectsResolveResponse<RawRule>> {
const { ruleId } = params;
context.auditLogger?.log(

5
x-pack/plugins/alerting/server/rules_client/lib/untrack_rule_alerts.ts
View file

@ -8,19 +8,18 @@
import { mapValues } from 'lodash';
import { SAVED_OBJECT_REL_PRIMARY } from '@kbn/event-log-plugin/server';
import { withSpan } from '@kbn/apm-utils';
import { SanitizedRule, RawAlertInstance as RawAlert } from '../../types';
import { SanitizedRule, RawAlertInstance as RawAlert, RawRule } from '../../types';
import { taskInstanceToAlertTaskInstance } from '../../task_runner/alert_task_instance';
import { Alert } from '../../alert';
import { EVENT_LOG_ACTIONS } from '../../plugin';
import { createAlertEventLogRecordObject } from '../../lib/create_alert_event_log_record_object';
import { RulesClientContext } from '../types';
import { RuleAttributes } from '../../data/rule/types';
import { RULE_SAVED_OBJECT_TYPE } from '../../saved_objects';
export const untrackRuleAlerts = async (
context: RulesClientContext,
id: string,
attributes: RuleAttributes
attributes: RawRule
) => {
return withSpan({ name: 'untrackRuleAlerts', type: 'rules' }, async () => {
if (!context.eventLogger || !attributes.scheduledTaskId) return;

9
x-pack/plugins/alerting/server/rules_client/lib/update_meta.ts
View file

@ -16,8 +16,13 @@ export function updateMeta<T extends Partial<RawRule>>(
alertAttributes: T
): T {
if (Object.hasOwn(alertAttributes, 'apiKey') || Object.hasOwn(alertAttributes, 'apiKeyOwner')) {
alertAttributes.meta = alertAttributes.meta ?? {};
alertAttributes.meta.versionApiKeyLastmodified = context.kibanaVersion;
return {
...alertAttributes,
meta: {
...(alertAttributes.meta ?? {}),
versionApiKeyLastmodified: context.kibanaVersion,
},
};
}
return alertAttributes;
}

4
x-pack/plugins/alerting/server/rules_client/lib/update_meta_attributes.ts
View file

@ -5,10 +5,10 @@
* 2.0.
*/
import { RuleAttributes } from '../../data/rule/types';
import { RawRule } from '../../types';
import { RulesClientContext } from '../types';
export function updateMetaAttributes<T extends Partial<RuleAttributes>>(
export function updateMetaAttributes<T extends Partial<RawRule>>(
context: RulesClientContext,
alertAttributes: T
): T {

9
x-pack/plugins/alerting/server/saved_objects/model_versions/rule_model_versions.ts
View file

@ -6,7 +6,7 @@
*/
import { SavedObjectsModelVersionMap } from '@kbn/core-saved-objects-server';
import { rawRuleSchemaV1, rawRuleSchemaV2 } from '../schemas/raw_rule';
import { rawRuleSchemaV1, rawRuleSchemaV2, rawRuleSchemaV3 } from '../schemas/raw_rule';
export const ruleModelVersions: SavedObjectsModelVersionMap = {
'1': {
@ -23,4 +23,11 @@ export const ruleModelVersions: SavedObjectsModelVersionMap = {
create: rawRuleSchemaV2,
},
},
'3': {
changes: [],
schemas: {
forwardCompatibility: rawRuleSchemaV3.extends({}, { unknowns: 'ignore' }),
create: rawRuleSchemaV3,
},
},
};

4
x-pack/plugins/alerting/server/saved_objects/partially_update_rule.test.ts
View file

@ -228,7 +228,7 @@ const DefaultAttributes = {
const ExtraneousAttributes = { ...DefaultAttributes, foo: 'bar' };
const DefaultAttributesForEsUpdate = {
const DefaultAttributesForEsUpdate: PartiallyUpdateableRuleAttributes = {
running: false,
executionStatus: {
status: 'active' as RuleExecutionStatuses,
@ -247,7 +247,7 @@ const DefaultAttributesForEsUpdate = {
success: true,
timestamp: 1640991880000,
duration: 12,
outcome: 'success',
outcome: 'succeeded',
},
],
last_run: {

8
x-pack/plugins/alerting/server/saved_objects/partially_update_rule.ts
View file

@ -22,13 +22,9 @@ import {
RuleAttributesNotPartiallyUpdatable,
RULE_SAVED_OBJECT_TYPE,
} from '.';
import { RuleAttributes } from '../data/rule/types';
// We have calling code that references both RawRule and RuleAttributes,
// so we need to support both of these types (they are effectively the same)
export type PartiallyUpdateableRuleAttributes = Partial<
| Omit<RawRule, RuleAttributesNotPartiallyUpdatable>
| Omit<RuleAttributes, RuleAttributesNotPartiallyUpdatable>
Omit<RawRule, RuleAttributesNotPartiallyUpdatable>
>;
interface PartiallyUpdateRuleSavedObjectOptions {
@ -54,7 +50,7 @@ export async function partiallyUpdateRule(
...RuleAttributesToEncrypt,
...RuleAttributesIncludedInAAD,
]);
const updateOptions: SavedObjectsUpdateOptions<RuleAttributes> = pick(
const updateOptions: SavedObjectsUpdateOptions<RawRule> = pick(
options,
'namespace',
'version',

3
x-pack/plugins/alerting/server/saved_objects/schemas/raw_rule/index.ts
View file

@ -5,5 +5,8 @@
* 2.0.
*/
export * from './latest';
export { rawRuleSchema as rawRuleSchemaV1 } from './v1';
export { rawRuleSchema as rawRuleSchemaV2 } from './v2';
export { rawRuleSchema as rawRuleSchemaV3 } from './v3';

25
x-pack/plugins/alerting/server/saved_objects/schemas/raw_rule/latest.ts Normal file
View file

@ -0,0 +1,25 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { TypeOf } from '@kbn/config-schema';
import {
rawRuleExecutionStatusSchema,
rawRuleActionSchema,
rawRuleAlertsFilterSchema,
rawRuleLastRunSchema,
rawRuleMonitoringSchema,
rawRuleSchema,
} from './v3';
type Mutable<T> = { -readonly [P in keyof T]: T[P] extends object ? Mutable<T[P]> : T[P] };
export type RawRuleAction = Mutable<TypeOf<typeof rawRuleActionSchema>>;
export type RawRuleExecutionStatus = Mutable<TypeOf<typeof rawRuleExecutionStatusSchema>>;
export type RawRuleAlertsFilter = Mutable<TypeOf<typeof rawRuleAlertsFilterSchema>>;
export type RawRuleLastRun = Mutable<TypeOf<typeof rawRuleLastRunSchema>>;
export type RawRuleMonitoring = Mutable<TypeOf<typeof rawRuleMonitoringSchema>>;
export type RawRule = Mutable<TypeOf<typeof rawRuleSchema>>;

1
x-pack/plugins/alerting/server/saved_objects/schemas/raw_rule/v2.ts
View file

@ -7,6 +7,7 @@
import { schema } from '@kbn/config-schema';
import { rawRuleSchema as rawRuleSchemaV1 } from './v1';
export * from './v1';
export const flappingSchema = schema.object({
lookBackWindow: schema.number(),

299
x-pack/plugins/alerting/server/saved_objects/schemas/raw_rule/v3.ts Normal file
View file

@ -0,0 +1,299 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import { schema } from '@kbn/config-schema';
import { FilterStateStore } from '@kbn/es-query';
import {
RuleExecutionStatusErrorReasons,
RuleExecutionStatusWarningReasons,
} from '@kbn/alerting-types';
import { ruleLastRunOutcomeValues } from '../../../application/rule/constants';
export * from './v2';
export const executionStatusWarningReason = schema.oneOf([
schema.literal(RuleExecutionStatusWarningReasons.MAX_EXECUTABLE_ACTIONS), // change
schema.literal(RuleExecutionStatusWarningReasons.MAX_ALERTS), // change
schema.literal(RuleExecutionStatusWarningReasons.MAX_QUEUED_ACTIONS), // change
schema.literal(RuleExecutionStatusWarningReasons.EXECUTION), // change
]);
export const executionStatusErrorReason = schema.oneOf([
schema.literal(RuleExecutionStatusErrorReasons.Read), // change
schema.literal(RuleExecutionStatusErrorReasons.Decrypt), // change
schema.literal(RuleExecutionStatusErrorReasons.Execute), // change
schema.literal(RuleExecutionStatusErrorReasons.Unknown), // change
schema.literal(RuleExecutionStatusErrorReasons.License), // change
schema.literal(RuleExecutionStatusErrorReasons.Timeout), // change
schema.literal(RuleExecutionStatusErrorReasons.Disabled), // change
schema.literal(RuleExecutionStatusErrorReasons.Validate), // change
]);
export const rawRuleExecutionStatusSchema = schema.object({
status: schema.oneOf([
schema.literal('ok'),
schema.literal('active'),
schema.literal('error'),
schema.literal('pending'),
schema.literal('unknown'),
schema.literal('warning'),
]),
lastExecutionDate: schema.string(),
lastDuration: schema.maybe(schema.number()),
error: schema.nullable(
schema.object({
reason: executionStatusErrorReason,
message: schema.string(),
})
),
warning: schema.nullable(
schema.object({
reason: executionStatusWarningReason,
message: schema.string(),
})
),
});
export const ISOWeekdaysSchema = schema.oneOf([
schema.literal(1),
schema.literal(2),
schema.literal(3),
schema.literal(4),
schema.literal(5),
schema.literal(6),
schema.literal(7),
]);
export const rRuleSchema = schema.object({
dtstart: schema.string(),
tzid: schema.string(),
freq: schema.maybe(
schema.oneOf([
schema.literal(0),
schema.literal(1),
schema.literal(2),
schema.literal(3),
schema.literal(4),
schema.literal(5),
schema.literal(6),
])
),
until: schema.maybe(schema.string()),
count: schema.maybe(schema.number()),
interval: schema.maybe(schema.number()),
wkst: schema.maybe(
schema.oneOf([
schema.literal('MO'),
schema.literal('TU'),
schema.literal('WE'),
schema.literal('TH'),
schema.literal('FR'),
schema.literal('SA'),
schema.literal('SU'),
])
),
byweekday: schema.maybe(
schema.nullable(schema.arrayOf(schema.oneOf([schema.string(), schema.number()]))) // change
),
bymonth: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))), // change
bysetpos: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))), // change
bymonthday: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))), // change
byyearday: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))), // change
byweekno: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))), // change
byhour: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))), // change
byminute: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))), // change
bysecond: schema.maybe(schema.nullable(schema.arrayOf(schema.number()))), // change
});
export const outcome = schema.oneOf([
schema.literal(ruleLastRunOutcomeValues.SUCCEEDED), // change
schema.literal(ruleLastRunOutcomeValues.WARNING), // change
schema.literal(ruleLastRunOutcomeValues.FAILED), // change
]);
export const rawRuleLastRunSchema = schema.object({
outcome,
outcomeOrder: schema.maybe(schema.number()),
alertsCount: schema.object({
new: schema.maybe(schema.nullable(schema.number())),
active: schema.maybe(schema.nullable(schema.number())),
recovered: schema.maybe(schema.nullable(schema.number())),
ignored: schema.maybe(schema.nullable(schema.number())),
}),
outcomeMsg: schema.maybe(schema.nullable(schema.arrayOf(schema.string()))),
warning: schema.maybe(
schema.nullable(schema.oneOf([executionStatusErrorReason, executionStatusWarningReason]))
),
});
export const rawRuleMonitoringSchema = schema.object({
run: schema.object({
history: schema.arrayOf(
schema.object({
success: schema.boolean(),
timestamp: schema.number(),
duration: schema.maybe(schema.number()),
outcome: schema.maybe(outcome),
})
),
calculated_metrics: schema.object({
p50: schema.maybe(schema.number()),
p95: schema.maybe(schema.number()),
p99: schema.maybe(schema.number()),
success_ratio: schema.number(),
}),
last_run: schema.object({
timestamp: schema.string(),
metrics: schema.object({
duration: schema.maybe(schema.number()),
total_search_duration_ms: schema.maybe(schema.nullable(schema.number())),
total_indexing_duration_ms: schema.maybe(schema.nullable(schema.number())),
total_alerts_detected: schema.maybe(schema.nullable(schema.number())),
total_alerts_created: schema.maybe(schema.nullable(schema.number())),
gap_duration_s: schema.maybe(schema.nullable(schema.number())),
}),
}),
}),
});
export const rawRuleAlertsFilterSchema = schema.object({
query: schema.maybe(
schema.object({
kql: schema.string(),
filters: schema.arrayOf(
schema.object({
query: schema.maybe(schema.recordOf(schema.string(), schema.any())),
meta: schema.object({
alias: schema.maybe(schema.nullable(schema.string())),
disabled: schema.maybe(schema.boolean()),
negate: schema.maybe(schema.boolean()),
controlledBy: schema.maybe(schema.string()),
group: schema.maybe(schema.string()),
index: schema.maybe(schema.string()),
isMultiIndex: schema.maybe(schema.boolean()),
type: schema.maybe(schema.string()),
key: schema.maybe(schema.string()),
params: schema.maybe(schema.any()),
value: schema.maybe(schema.string()),
field: schema.maybe(schema.string()),
relation: schema.maybe(schema.oneOf([schema.literal('OR'), schema.literal('AND')])),
}),
$state: schema.maybe(
schema.object({
store: schema.oneOf([
schema.literal(FilterStateStore.APP_STATE), // change
schema.literal(FilterStateStore.GLOBAL_STATE), // change
]),
})
),
})
),
dsl: schema.string(), // change
})
),
timeframe: schema.maybe(
schema.object({
days: schema.arrayOf(ISOWeekdaysSchema),
hours: schema.object({
start: schema.string(),
end: schema.string(),
}),
timezone: schema.string(),
})
),
});
export const rawRuleActionSchema = schema.object({
uuid: schema.string(), // change
group: schema.maybe(schema.string()),
actionRef: schema.string(),
actionTypeId: schema.string(),
params: schema.recordOf(schema.string(), schema.any()),
frequency: schema.maybe(
schema.object({
summary: schema.boolean(),
notifyWhen: schema.oneOf([
schema.literal('onActionGroupChange'),
schema.literal('onActiveAlert'),
schema.literal('onThrottleInterval'),
]),
throttle: schema.nullable(schema.string()),
})
),
alertsFilter: schema.maybe(rawRuleAlertsFilterSchema),
useAlertDataForTemplate: schema.maybe(schema.boolean()),
});
export const alertDelaySchema = schema.object({
active: schema.number(),
});
export const flappingSchema = schema.object({
lookBackWindow: schema.number(),
statusChangeThreshold: schema.number(),
});
export const rawRuleSchema = schema.object({
name: schema.string(),
enabled: schema.boolean(),
consumer: schema.string(),
tags: schema.arrayOf(schema.string()),
alertTypeId: schema.string(),
apiKeyOwner: schema.nullable(schema.string()),
apiKey: schema.nullable(schema.string()),
apiKeyCreatedByUser: schema.maybe(schema.nullable(schema.boolean())),
createdBy: schema.nullable(schema.string()),
updatedBy: schema.nullable(schema.string()),
updatedAt: schema.string(),
createdAt: schema.string(),
muteAll: schema.boolean(),
mutedInstanceIds: schema.arrayOf(schema.string()),
throttle: schema.maybe(schema.nullable(schema.string())),
revision: schema.number(),
running: schema.maybe(schema.nullable(schema.boolean())),
schedule: schema.object({
interval: schema.string(),
}),
legacyId: schema.nullable(schema.string()),
scheduledTaskId: schema.maybe(schema.nullable(schema.string())),
isSnoozedUntil: schema.maybe(schema.nullable(schema.string())),
snoozeSchedule: schema.maybe(
schema.arrayOf(
schema.object({
duration: schema.number(),
rRule: rRuleSchema,
id: schema.maybe(schema.string()),
skipRecurrences: schema.maybe(schema.arrayOf(schema.string())),
})
)
),
meta: schema.maybe(schema.object({ versionApiKeyLastmodified: schema.maybe(schema.string()) })),
actions: schema.arrayOf(rawRuleActionSchema),
executionStatus: rawRuleExecutionStatusSchema,
notifyWhen: schema.maybe(
schema.nullable(
schema.oneOf([
schema.literal('onActionGroupChange'),
schema.literal('onActiveAlert'),
schema.literal('onThrottleInterval'),
])
)
),
monitoring: schema.maybe(rawRuleMonitoringSchema),
lastRun: schema.maybe(schema.nullable(rawRuleLastRunSchema)),
nextRun: schema.maybe(schema.nullable(schema.string())),
mapped_params: schema.maybe(
schema.object({
risk_score: schema.maybe(schema.number()),
severity: schema.maybe(schema.string()),
})
),
params: schema.recordOf(schema.string(), schema.maybe(schema.any())),
typeVersion: schema.maybe(schema.number()),
alertDelay: schema.maybe(alertDelaySchema),
flapping: schema.maybe(schema.nullable(flappingSchema)), // carry over from v2
});

105
x-pack/plugins/alerting/server/types.ts
View file

@ -26,7 +26,6 @@ import type { PublicMethodsOf } from '@kbn/utility-types';
import { SharePluginStart } from '@kbn/share-plugin/server';
import type { DefaultAlert, FieldMap } from '@kbn/alerts-as-data-utils';
import { Alert } from '@kbn/alerts-as-data-utils';
import { Filter } from '@kbn/es-query';
import { ActionsApiRequestHandlerContext } from '@kbn/actions-plugin/server';
import { AlertsHealth } from '@kbn/alerting-types';
import { RuleTypeRegistry as OrigruleTypeRegistry } from './rule_type_registry';
@ -43,28 +42,14 @@ import {
Rule,
RuleTypeParams,
RuleTypeState,
RuleActionParams,
RuleExecutionStatuses,
RuleExecutionStatusErrorReasons,
RuleExecutionStatusWarningReasons,
RuleNotifyWhenType,
ActionGroup,
AlertInstanceContext,
AlertInstanceState,
WithoutReservedActionGroups,
ActionVariable,
SanitizedRuleConfig,
RuleMonitoring,
MappedParams,
RuleSnooze,
IntervalSchedule,
RuleLastRun,
SanitizedRule,
AlertsFilter,
AlertsFilterTimeframe,
RuleAlertData,
AlertDelay,
Flapping,
} from '../common';
import { PublicAlertFactory } from './alert/create_alert_factory';
import { RulesSettingsFlappingProperties } from '../common/rules_settings';
@ -426,87 +411,13 @@ export type PublicRuleMonitoringService = PublicMetricsSetters;
export type PublicRuleResultService = PublicLastRunSetters;
export interface RawRuleLastRun extends SavedObjectAttributes, RuleLastRun {}
export interface RawRuleMonitoring extends SavedObjectAttributes, RuleMonitoring {}
export interface RawRuleAlertsFilter extends AlertsFilter {
query?: {
kql: string;
filters: Filter[];
dsl: string;
};
timeframe?: AlertsFilterTimeframe;
}
export interface RawRuleAction extends SavedObjectAttributes {
uuid: string;
group?: string;
actionRef: string;
actionTypeId: string;
params: RuleActionParams;
frequency?: {
summary: boolean;
notifyWhen: RuleNotifyWhenType;
throttle: string | null;
};
alertsFilter?: RawRuleAlertsFilter;
useAlertDataAsTemplate?: boolean;
}
// note that the `error` property is "null-able", as we're doing a partial
// update on the rule when we update this data, but need to ensure we
// delete any previous error if the current status has no error
export interface RawRuleExecutionStatus extends SavedObjectAttributes {
status: RuleExecutionStatuses;
lastExecutionDate: string;
lastDuration?: number;
error: null | {
reason: RuleExecutionStatusErrorReasons;
message: string;
};
warning: null | {
reason: RuleExecutionStatusWarningReasons;
message: string;
};
}
/**
* @deprecated in favor of Rule
*/
export interface RawRule extends SavedObjectAttributes {
enabled: boolean;
name: string;
tags: string[];
alertTypeId: string; // this cannot be renamed since it is in the saved object
consumer: string;
legacyId: string | null;
schedule: IntervalSchedule;
actions: RawRuleAction[];
params: SavedObjectAttributes;
mapped_params?: MappedParams;
scheduledTaskId?: string | null;
createdBy: string | null;
updatedBy: string | null;
createdAt: string;
updatedAt: string;
apiKey: string | null;
apiKeyOwner: string | null;
apiKeyCreatedByUser?: boolean | null;
throttle?: string | null;
notifyWhen?: RuleNotifyWhenType | null;
muteAll: boolean;
mutedInstanceIds: string[];
meta?: RuleMeta;
executionStatus: RawRuleExecutionStatus;
monitoring?: RawRuleMonitoring;
snoozeSchedule?: RuleSnooze; // Remove ? when this parameter is made available in the public API
isSnoozedUntil?: string | null;
lastRun?: RawRuleLastRun | null;
nextRun?: string | null;
revision: number;
running?: boolean | null;
alertDelay?: AlertDelay;
flapping?: Flapping | null;
}
export type {
RawRule,
RawRuleAction,
RawRuleExecutionStatus,
RawRuleAlertsFilter,
RawRuleLastRun,
RawRuleMonitoring,
} from './saved_objects/schemas/raw_rule';
export type { DataStreamAdapter } from './alerts_service/lib/data_stream_adapter';