[ResponseOps][Alerting] Adding back unknown outcome filter (#143546)

* Adding back the unknown filter

* Adding tests

x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/get_filter.test.ts

@@ -0,0 +1,26 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { getFilter } from './get_filter';
+
+describe('getFilter', () => {
+  test('should return message filter', () => {
+    expect(getFilter({ message: 'test message' })).toEqual([
+      'message: "test message" OR error.message: "test message"',
+    ]);
+  });
+
+  test('should return outcome filter', () => {
+    expect(getFilter({ outcomeFilter: ['failure', 'warning', 'success', 'unknown'] })).toEqual([
+      'event.outcome: failure OR kibana.alerting.outcome: warning OR kibana.alerting.outcome:success OR (event.outcome: success AND NOT kibana.alerting.outcome:*) OR event.outcome: unknown',
+    ]);
+  });
+
+  test('should return runId filter', () => {
+    expect(getFilter({ runId: 'test' })).toEqual(['kibana.alert.rule.execution.uuid: test']);
+  });
+});

x-pack/plugins/triggers_actions_ui/public/application/lib/rule_api/get_filter.ts

@@ -39,6 +39,7 @@ function getOutcomeFilter(outcomeFilter: string[]) {
     warning: 'kibana.alerting.outcome: warning',
     success:
       'kibana.alerting.outcome:success OR (event.outcome: success AND NOT kibana.alerting.outcome:*)',
+    unknown: 'event.outcome: unknown',
   };
   return `${outcomeFilter.map((f) => filterMapping[f]).join(' OR ')}`;
 }