Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Event log][7.x] Update event log client to search across legacy IDs #108077

Closed
chrisronline opened this issue Aug 10, 2021 · 4 comments · Fixed by #109365
Closed

[Event log][7.x] Update event log client to search across legacy IDs #108077

chrisronline opened this issue Aug 10, 2021 · 4 comments · Fixed by #109365
Assignees
@YulNaumenko
Labels
estimate:small Small Estimated Level of Effort Feature:EventLog insight Issues related to user insight into platform operations and resilience Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) technical debt Improvement of the software architecture and operational architecture

Comments

@chrisronline
Copy link
Contributor

Relates to #100067
Blocked by #56771

In #108075, we are adding a new field to every rule saved object that points to the legacy ID (which is the current ID in 7.x but will potentially differ from the ID in 8.0). To support this new field, we need to change the event log client to accept this new ID field and use it in the query to ensure we find all relevant logs.

There is a chance that we will encounter a conflict scenario, where a legacy ID matches some migrated ID. In this case, we need to rely on this change which will add the version to the event log and handle that in our query appropriately.

See the PoC PR for more insight into how this might work.
@chrisronline chrisronline added blocked loe:medium Medium Level of Effort Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Feature:EventLog labels Aug 10, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-alerting-services (Team:Alerting Services)

This was referenced Aug 10, 2021
Closed
Closed
@YulNaumenko YulNaumenko self-assigned this Aug 13, 2021
@gmmorris gmmorris added technical debt Improvement of the software architecture and operational architecture insight Issues related to user insight into platform operations and resilience estimate:small Small Estimated Level of Effort labels Aug 13, 2021
@YulNaumenko YulNaumenko mentioned this issue Aug 20, 2021
Merged
2 tasks
@mikecote
Copy link
Contributor

mikecote commented Aug 23, 2021
edited
Loading

@chrisronline Regarding the scope of this issue, is it a separate issue to make findEventsBySavedObjectIds calls pass in legacyIds (ex: https://github.com/elastic/kibana/blob/master/x-pack/plugins/alerting/server/rules_client/rules_client.ts#L505), or is it part of this issue?

@chrisronline
Copy link
Contributor Author

This should be part of the issue

@YulNaumenko
Copy link
Contributor

I will add the proper changes 👍 to this PR

@gmmorris gmmorris removed the loe:medium Medium Level of Effort label Sep 2, 2021
@kobelb kobelb added the needs-team Issues missing a team label label Jan 31, 2022
@botelastic botelastic bot removed the needs-team Issues missing a team label label Jan 31, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@YulNaumenko YulNaumenko

Labels
estimate:small Small Estimated Level of Effort Feature:EventLog insight Issues related to user insight into platform operations and resilience Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) technical debt Improvement of the software architecture and operational architecture
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Event log][7.x] Updated event log client to search across legacy IDs YulNaumenko/kibana
6 participants
@chrisronline @gmmorris @kobelb @mikecote @elasticmachine @YulNaumenko