mirror of
https://github.com/elastic/kibana.git
synced 2025-04-25 10:23:14 -04:00
78671f113c
## Summary This PR fixes #155083 with the following changes: - Create a new field to store the action context for an alert under `ALERT_CONTEXT` (`kibana.alert.context`) for Log Threshold Rule. - Change the alert detail page to reference the `groupByKeys` under `ALERT_CONTEXT` for the group by section - Change the history chart to only display `12h` buckets I plan to do a follow up PR to add the ALERT_CONTEXT to the other Observability Rules which we will also need for our alert details pages. ### How to test 1. Index data using: https://github.com/elastic/high-cardinality-cluster/tree/main/high_cardinality_indexer by running the following command: ``` DATASET="fake_stack" EVENTS_PER_CYCLE=1 INDEX_INTERVAL=60000 ELASTICSEARCH_HOSTS=http://localhost:9200 node src/run.js ``` 2. Create a DataView for named "Admin Console" with the index pattern of `high-cardinality-data-fake_stack.admin-console-*` and the timestamp field set to `@timestamp` 3. Go to the Log Stream in Observability and change the index pattern to "Admin Console" 4. Create a rule that looks like: <img width="600" alt="image" src="https://user-images.githubusercontent.com/41702/232578891-e65a3f1a-457c-459a-8d7f-cadc85e7067c.png"> 5. Create a rule WITHOUT a group by that will trigger and check the alert detail page 6. Create a rule with a ratio WITHOUT a group by that will trigger and check the alert detail page 7. Create a rule with a ratio WITH a group by that will trigger and check the alert detail page --------- Co-authored-by: Kevin Delemme <kdelemme@gmail.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| src | ||
| index.ts | ||
| kibana.jsonc | ||
| package.json | ||
| tsconfig.json | ||
