github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/x-pack/plugins/infra/server/utils
History
Exact
Bena Kansara ab43a50045
Additional context for log threshold rule (#148503) 
## Summary

Resolves https://github.com/elastic/kibana/issues/146348

- Adds new context variables for count and ratio alerts in Log threshold
rule
- Indexes new context variables to AAD
- Adds new context variables to recovered count and ratio alerts

The context variables are added based on group by and filter used when
creating the rule.

When the prefix of `group by` or filter (`WITH` condition) includes one
of the following, contextual attributes for that entity are added.

- `cloud`
- `host`
- `orchestrator`
- `container`
- `labels`
- `tags`

Following fields are excluded from the context: `*.cpu`, `*.network`,
`*.disk`, `*.memory`

In case of ratio alerts without `group by`, the prefix from numerator
query is considered to add contextual attributes. In both count and
ratio alerts, only positive criteria is used from filter (with `is` or
`matches` condition) for adding contextual attributes.

### Manual Testing
1. Create different Log threshold rules (Count, Ratio, With group by,
Without group by)
2. Configure action template with `{{context}}`
3. Observe additional context to be included in alert notification
4. Let alerts be recovered
5. Observe additional context to be included in recovery notification
6. Observe additional context fields are indexed in AAD

### Checklist

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
2023-02-03 11:45:01 -07:00
..
calculate_metric_interval.ts [Logs UI][Metrics UI] Remove deprecated config fields from APIs and SavedObjects (#116821) 2021-11-04 17:57:18 +00:00
create_afterkey_handler.ts rename @elastic/* packages to @kbn/* (#138957) 2022-08-18 08:54:42 -07:00
elasticsearch_runtime_types.ts [Logs UI] Allow for missing properties on ES shard failure responses (#96768) 2021-04-15 13:28:26 +02:00
get_all_composite_data.ts [ES] Upgrade client to v8.0 (#113950) 2021-10-26 14:08:22 +02:00
get_all_metrics_data.ts Elastic License 2.0 (#90099) 2021-02-03 18:12:39 -08:00
get_original_action_group.ts Additional context for log threshold rule (#148503) 2023-02-03 11:45:01 -07:00
README.md
request_context.ts Change ContextContainer to lazily initialize providers (#129896) 2022-04-22 13:15:58 +02:00
round_timestamp.ts chore(NA): upgrades bazel rules nodejs to v5 (#129522) 2022-04-08 20:42:37 +01:00
serialized_query.ts [Data cleanup] unify serializable state (#107745) 2021-08-10 13:03:48 +02:00
typed_elasticsearch_mappings.ts Elastic License 2.0 (#90099) 2021-02-03 18:12:39 -08:00
typed_search_strategy.ts [Data cleanup] unify serializable state (#107745) 2021-08-10 13:03:48 +02:00

README.md

Utils should be data processing functions and other tools.... all in all utils is basicly everything that is not an adaptor, or presenter and yet too much to put in a lib.