Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Maintenance Windows] Support "filtering" what Rules/Alerts Maintenance Windows affect #164255

Closed
BenB196 opened this issue Aug 20, 2023 · 2 comments · Fixed by #171597, #171949 or #172252
Closed

[Maintenance Windows] Support "filtering" what Rules/Alerts Maintenance Windows affect #164255

BenB196 opened this issue Aug 20, 2023 · 2 comments · Fixed by #171597, #171949 or #172252
Assignees
@JiaweiWu
Labels
enhancement New value added to drive a business result Feature:Alerting/RulesManagement Issues related to the Rules Management UX Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)

Comments

@BenB196
Copy link

BenB196 commented Aug 20, 2023
edited
Loading

Describe the feature:

The new maintenance window feature is a great concept, however, it has one serious flaw; it affects all rules in the space during the maintenance window. I'd like to be able to "filter" the Rules/Alerts that the maintenance window will affect.

Describe a specific use case for the feature:

Maintenance windows are great because they allow for suppressing notifications while doing work, however, in their current implementation, they suppress all alerts for all rules in a space.

A few reasons why this can be an issue.

Use Case 1

Suppose I want to work on System A, and not have notifications for this system. If I add a Maintenance window, now I won't get alerts if System B has an issue, even though I really want to get alerts from System B, as I'm not actively working on this system.

Use Case 2

Similar to Use Case 1, but slightly different, suppose Operations Team A and Operations Team B, both operate out of a shared space Observability. If Operations Team A wants to do work on their systems and they add a Maintenance Window, then Operations Team B will now not get notified if one of there rules fires.

In both of the use cases above, Maintenance Windows now become a "dangerous" feature as they have the real possibility of hiding issues that aren't intended to be hidden.

(I think something similar to the recently added Conditional Actions functionality, would be a relatively robust fit for Maintenance Windows to make them more effective)
@BenB196 BenB196 changed the title [Maintenance Windows] Support "filtering" what Rules/Alerts Maintenance windows affect [Maintenance Windows] Support "filtering" what Rules/Alerts Maintenance Windows affect Aug 20, 2023
@botelastic botelastic bot added the needs-team Issues missing a team label label Aug 20, 2023
@jsanz jsanz added the Team:Kibana Management Dev Tools, Index Management, Upgrade Assistant, ILM, Ingest Node Pipelines, and more label Aug 31, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/platform-deployment-management (Team:Deployment Management)

@botelastic botelastic bot removed the needs-team Issues missing a team label label Aug 31, 2023
@alisonelizabeth alisonelizabeth added Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) and removed Team:Kibana Management Dev Tools, Index Management, Upgrade Assistant, ILM, Ingest Node Pipelines, and more labels Aug 31, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops (Team:ResponseOps)

@XavierM XavierM moved this from Awaiting Triage to Todo in AppEx: ResponseOps - Rules & Alerts Management Oct 10, 2023
@JiaweiWu JiaweiWu mentioned this issue Nov 21, 2023
Merged
1 task
@JiaweiWu JiaweiWu reopened this Nov 22, 2023
@JiaweiWu JiaweiWu added enhancement New value added to drive a business result Feature:Alerting/RulesManagement Issues related to the Rules Management UX labels Nov 22, 2023
lcawl pushed a commit to lcawl/kibana that referenced this issue Nov 22, 2023
@JiaweiWu @kibanamachine
[RAM][Maintenance Window] MW scoped query schema and API changes (ela…
92bc2a0 
…stic#171597)

## Summary

Partially Resolves: elastic#164255

This pull request is part 1/3 to add scoped queries to maintenance
windows. More specifically, this PR adds the new `scoped_query` field to
the `maintenanceWindow` type and schema. Also adds the `scoped_query`
field to `create/update` maintenance window APIs.

This PR only contains the schema and API component. All changes should
be backwards compatible since the `scoped_query` field is optional. So
this PR can be merged without any dependencies.

The 2 PRs that comes after will be:
- Frontend changes
- Task runner changes

### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

Co-authored-by: Kibana Machine <[email protected]>
This was referenced Nov 27, 2023
Merged
Merged
JiaweiWu added a commit that referenced this issue Dec 4, 2023
@JiaweiWu @kibanamachine
[RAM][Maintenance Window] Maintenance window scoped query task manage…
75e34f6 
…r changes (#172252)

## Summary
Resolves: #164255

This is part 3/3 of the maintenance window scoped query PR. This change
contains only the task manager changes and has no dependency on other
PRs. To test the changes in this PR, I recommend using this branch
#172117 which has all of the
frontend changes and the changes in this PR.

This PR adds support for maintenance window scoped query in the task
manager. To do this, we need to perform a fetch on the new persisted
alerts with the scoped query as filters. We then must save these alerts
again with the update maintenance window IDs.

### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: Kibana Machine <[email protected]>
@JiaweiWu JiaweiWu reopened this Dec 4, 2023
JiaweiWu added a commit that referenced this issue Dec 4, 2023
@JiaweiWu @kibanamachine
[RAM][Maintenance Window] Maintenance window scoped query frontend ch…
e4805fc 
…anges (#171949)

## Summary
Partially resolves: #164255,
this is 2/3 of the scoped query changes.

Maintenance window scoped query frontend changes. Adds the ability to
add and edit scoped query for maintenance windows. Due to limitations
with the alerts search bar and each solution fetches AAD fields, we only
allow users to associate scoped query with 1 category (manangement,
o11y, or security solution). The intended usage in this case is for the
user to create multiple maintenance windows if they wish to apply scoped
queries to multiple solutions.

### To test:
go to
`x-pack/plugins/alerting/public/pages/maintenance_windows/constants.ts`
and set `IS_SCOPED_QUERY_ENABLED` to `true`

### Scoped query off, multiple category allowed:

![image](https://github.com/elastic/kibana/assets/74562234/dbf03e8e-f9bd-449c-8d23-0b474fe5a9c4)

### Scoped query on, multiple category disallowed:

![image](https://github.com/elastic/kibana/assets/74562234/368f954a-7671-410b-839b-77f0420f26fa)

### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

---------

Co-authored-by: Kibana Machine <[email protected]>
@lcawl lcawl mentioned this issue Jan 5, 2024
Merged
@BenB196 BenB196 mentioned this issue Mar 15, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@JiaweiWu JiaweiWu

Labels
enhancement New value added to drive a business result Feature:Alerting/RulesManagement Issues related to the Rules Management UX Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)
Projects
No open projects
AppEx: ResponseOps - Rules & Alerts Management
Status: Done
Milestone
No milestone
5 participants
@jsanz @alisonelizabeth @BenB196 @elasticmachine @JiaweiWu