Fixes https://github.com/elastic/kibana/issues/163959
While digging into the original issue, it was determined that the
existing components were unsalvageable. Fixing all of the issues would
have required more work than just starting over. Problems with original
components include:
1) updating rule state on component load. This is the cause of the
reported bug.
2) lack of loading state when performing async tasks, like loading data
views.
3) not displaying validation errors. When users clicked "save" with
missing configuration, no UI notifications were displayed
4) Heavy use of EuiExpression made it impossible to view all
configuration in a single time
Now, geo containment form:
1) Only updates rule state when users interact with inputs.
2) Displays loading state when performing async tasks, like loading data
views.
3) Displays validation errors
4) Has a simpler UI that allows users to see all configuration
information at the same time.
<img width="300" alt="Screen Shot 2023-08-30 at 5 34 00 PM"
src="65abfa5d-6c8e-45a9-b69f-cc07f5be7184">
<img width="300" alt="Screen Shot 2023-08-30 at 5 34 48 PM"
src="63b5af12-7104-43ae-a836-0236cf9d1e98">
---------
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Resolves https://github.com/elastic/kibana/issues/89481
## Summary
Adds group by options to the ES query rule type, both DSL and KQL
options. This is the same limited group by options that are offered in
the index threshold rule type so I used the same UI components and rule
parameter names. I moved some aggregation building code to `common` so
they could be reused. All existing ES query rules are migrated to be
`count over all` rules.
## To Verify
* Create the following types of rules and verify they work as expected.
Verify for both DSL query and KQL query
* `count over all` rule - this should run the same as before, where it
counts the number of documents that matches the query and applies the
threshold condition to that value. `{{context.hits}}` is all the
documents that match the query if the threshold condition is met.
* `<metric> over all` rule - this calculates the specific aggregation
metric and applies the threshold condition to the aggregated metric (for
example, `avg event.duration`). `{{context.hits}}` is all the documents
that match the query if the threshold condition is met.
* `count over top N terms` - this will apply a term aggregation to the
query and matches the threshold condition to each term bucket (for
example, `count over top 10 event.action` will apply the threshold
condition to the count of documents within each `event.action` bucket).
`{{context.hits}}` is the result of the top hits aggregation within each
term bucket if the threshold condition is met for that bucket.
* `<metric> over top N terms` - this will apply a term aggregation and a
metric sub-aggregation to the query and matches the threshold condition
to the metric value within each term bucket (for example, `avg
event.duration over top 10 event.action` will apply the threshold
condition to the average value of `event.duration` within each
`event.action` bucket). `{{context.hits}}` is the result of the top hits
aggregation within each term bucket if the threshold condition is met
for that bucket.
* Verify the migration by creating a DSL and KQL query in an older
version of Kibana and then upgrading to this PR. The rules should still
continue running successfully.
### Checklist
- [x]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Lisa Cawley <lcawley@elastic.co>
* Adding words
* PR feedback
* Update docs/user/alerting/troubleshooting/alerting-common-issues.asciidoc
Co-authored-by: Mike Côté <mikecote@users.noreply.github.com>
Co-authored-by: Mike Côté <mikecote@users.noreply.github.com>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [Alerting][Docs] Support enablement documentation.
* additional docs
* fixed links
* Apply suggestions from code review
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
* fixed common issues
* Apply suggestions from code review
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
* fixed due to comments
* fixed TM health api page
* fixed TM health api page 2
* Apply suggestions from code review
Co-authored-by: ymao1 <ying.mao@elastic.co>
Co-authored-by: Mike Côté <mikecote@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Mike Côté <mikecote@users.noreply.github.com>
Co-authored-by: ymao1 <ying.mao@elastic.co>
* fixed due to the comments
* fixed due to the comments
* fixed experimental flag
* fixed due to the comments
* Apply suggestions from code review
Co-authored-by: ymao1 <ying.mao@elastic.co>
* Update docs/user/alerting/alerting-troubleshooting.asciidoc
Co-authored-by: ymao1 <ying.mao@elastic.co>
* fixed due to the comments
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com>
Co-authored-by: ymao1 <ying.mao@elastic.co>
Co-authored-by: Mike Côté <mikecote@users.noreply.github.com>
* Fix UX when alert is disabled and in an error state
* Reset executionStatus to pending after enabling an alert
* Renames alert instance status OK to Recovered
* Fix end to end test
* Update doc screenshot
* Fix confusing test name
* Remove flakiness in integration test
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Adding action variable docs for index threshold and ES query alerts
* Adding section for common action variables
* Adding link to server publicBaseUrl
* PR fixes
