forked from elastic/kibana
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Alerting] Preconfigured alert history index connector (elastic#94909)
* Adding preconfigured alert history index * Adding functions to build alert history document * Adding functions to build alert history document * Moving index template creation to plugin start * Adding unit tests * Adding unit tests * Adding unit tests * Simplifying * Revert "Merge branch 'master' of https://github.com/elastic/kibana into alerting/default-es-index-schema" This reverts commit 957c333, reversing changes made to 4b1b787. * Reverting some changes * Reverting some changes * Adding index override * Updating UI with index override * Only allow indexOverride for preconfigured alert history connector * Handling preconfigured connector id clashes * Cleanup * UI unit tests * Fixing default schema shown in UI * Fixing functional tests * Adding functional test * Fixing functional tests * Adding docs and link to docs * Adding config to docker allowlist * Fixing wrong typescript operator * Changing default for config to false * Cleanup * Adding note about index privileges to docs * Fixing i18n * PR fixes * PR fixes * PR fixes * PR fixes - wording * PR fixes * Fixing unit and functional tests * Fixing types check * ES -> Elasticsearch * Moving files * Adding kibana- to beginning of prefix * Namespacing alert data within schema with kibana * Fix i18n * Updating docs * Fixing unit tests * Fixing doc links * Fixing types check * PR fixes Co-authored-by: Kibana Machine <[email protected]>
- Loading branch information
1 parent
db1597c
commit 05d8f52
Showing
42 changed files
with
1,577 additions
and
59 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
122 changes: 122 additions & 0 deletions
122
x-pack/plugins/actions/common/alert_history_schema.test.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,122 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
import { buildAlertHistoryDocument } from './alert_history_schema'; | ||
|
||
function getVariables(overrides = {}) { | ||
return { | ||
date: '2021-01-01T00:00:00.000Z', | ||
rule: { | ||
id: 'rule-id', | ||
name: 'rule-name', | ||
type: 'rule-type', | ||
spaceId: 'space-id', | ||
}, | ||
context: { | ||
contextVar1: 'contextValue1', | ||
contextVar2: 'contextValue2', | ||
}, | ||
params: { | ||
ruleParam: 1, | ||
ruleParamString: 'another param', | ||
}, | ||
tags: ['abc', 'def'], | ||
alert: { | ||
id: 'alert-id', | ||
actionGroup: 'action-group-id', | ||
actionGroupName: 'Action Group', | ||
}, | ||
...overrides, | ||
}; | ||
} | ||
|
||
describe('buildAlertHistoryDocument', () => { | ||
it('handles empty variables', () => { | ||
expect(buildAlertHistoryDocument({})).toBeNull(); | ||
}); | ||
|
||
it('returns null if rule type is not defined', () => { | ||
expect(buildAlertHistoryDocument(getVariables({ rule: { type: undefined } }))).toBeNull(); | ||
}); | ||
|
||
it('returns null if alert variables are not defined', () => { | ||
expect(buildAlertHistoryDocument(getVariables({ alert: undefined }))).toBeNull(); | ||
}); | ||
|
||
it('returns null if rule variables are not defined', () => { | ||
expect(buildAlertHistoryDocument(getVariables({ rule: undefined }))).toBeNull(); | ||
}); | ||
|
||
it('includes @timestamp field if date is null', () => { | ||
const alertHistoryDoc = buildAlertHistoryDocument(getVariables({ date: undefined })); | ||
expect(alertHistoryDoc).not.toBeNull(); | ||
expect(alertHistoryDoc!['@timestamp']).toBeTruthy(); | ||
}); | ||
|
||
it(`doesn't include context if context is empty`, () => { | ||
const alertHistoryDoc = buildAlertHistoryDocument(getVariables({ context: {} })); | ||
expect(alertHistoryDoc).not.toBeNull(); | ||
expect(alertHistoryDoc!.kibana?.alert?.context).toBeFalsy(); | ||
}); | ||
|
||
it(`doesn't include params if params is empty`, () => { | ||
const alertHistoryDoc = buildAlertHistoryDocument(getVariables({ params: {} })); | ||
expect(alertHistoryDoc).not.toBeNull(); | ||
expect(alertHistoryDoc!.rule?.params).toBeFalsy(); | ||
}); | ||
|
||
it(`doesn't include tags if tags is empty array`, () => { | ||
const alertHistoryDoc = buildAlertHistoryDocument(getVariables({ tags: [] })); | ||
expect(alertHistoryDoc).not.toBeNull(); | ||
expect(alertHistoryDoc!.tags).toBeFalsy(); | ||
}); | ||
|
||
it(`included message if context contains message`, () => { | ||
const alertHistoryDoc = buildAlertHistoryDocument( | ||
getVariables({ | ||
context: { contextVar1: 'contextValue1', contextVar2: 'contextValue2', message: 'hello!' }, | ||
}) | ||
); | ||
expect(alertHistoryDoc).not.toBeNull(); | ||
expect(alertHistoryDoc!.message).toEqual('hello!'); | ||
}); | ||
|
||
it('builds alert history document from variables', () => { | ||
expect(buildAlertHistoryDocument(getVariables())).toEqual({ | ||
'@timestamp': '2021-01-01T00:00:00.000Z', | ||
kibana: { | ||
alert: { | ||
actionGroup: 'action-group-id', | ||
actionGroupName: 'Action Group', | ||
context: { | ||
'rule-type': { | ||
contextVar1: 'contextValue1', | ||
contextVar2: 'contextValue2', | ||
}, | ||
}, | ||
id: 'alert-id', | ||
}, | ||
}, | ||
event: { | ||
kind: 'alert', | ||
}, | ||
rule: { | ||
id: 'rule-id', | ||
name: 'rule-name', | ||
params: { | ||
'rule-type': { | ||
ruleParam: 1, | ||
ruleParamString: 'another param', | ||
}, | ||
}, | ||
space: 'space-id', | ||
type: 'rule-type', | ||
}, | ||
tags: ['abc', 'def'], | ||
}); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
import { isEmpty } from 'lodash'; | ||
|
||
export const ALERT_HISTORY_PREFIX = 'kibana-alert-history-'; | ||
export const AlertHistoryDefaultIndexName = `${ALERT_HISTORY_PREFIX}default`; | ||
export const AlertHistoryEsIndexConnectorId = 'preconfigured-alert-history-es-index'; | ||
|
||
export const buildAlertHistoryDocument = (variables: Record<string, unknown>) => { | ||
const { date, alert: alertVariables, context, params, tags, rule: ruleVariables } = variables as { | ||
date: string; | ||
alert: Record<string, unknown>; | ||
context: Record<string, unknown>; | ||
params: Record<string, unknown>; | ||
rule: Record<string, unknown>; | ||
tags: string[]; | ||
}; | ||
|
||
if (!alertVariables || !ruleVariables) { | ||
return null; | ||
} | ||
|
||
const { actionGroup, actionGroupName, id: alertId } = alertVariables as { | ||
actionGroup: string; | ||
actionGroupName: string; | ||
id: string; | ||
}; | ||
|
||
const { id: ruleId, name, spaceId, type } = ruleVariables as { | ||
id: string; | ||
name: string; | ||
spaceId: string; | ||
type: string; | ||
}; | ||
|
||
if (!type) { | ||
// can't build the document without a type | ||
return null; | ||
} | ||
|
||
const ruleType = type.replace(/\./g, '__'); | ||
|
||
const rule = { | ||
...(ruleId ? { id: ruleId } : {}), | ||
...(name ? { name } : {}), | ||
...(!isEmpty(params) ? { params: { [ruleType]: params } } : {}), | ||
...(spaceId ? { space: spaceId } : {}), | ||
...(type ? { type } : {}), | ||
}; | ||
const alert = { | ||
...(alertId ? { id: alertId } : {}), | ||
...(!isEmpty(context) ? { context: { [ruleType]: context } } : {}), | ||
...(actionGroup ? { actionGroup } : {}), | ||
...(actionGroupName ? { actionGroupName } : {}), | ||
}; | ||
|
||
const alertHistoryDoc = { | ||
'@timestamp': date ? date : new Date().toISOString(), | ||
...(tags && tags.length > 0 ? { tags } : {}), | ||
...(context?.message ? { message: context.message } : {}), | ||
...(!isEmpty(rule) ? { rule } : {}), | ||
...(!isEmpty(alert) ? { kibana: { alert } } : {}), | ||
}; | ||
|
||
return !isEmpty(alertHistoryDoc) ? { ...alertHistoryDoc, event: { kind: 'alert' } } : null; | ||
}; | ||
|
||
export const AlertHistoryDocumentTemplate = Object.freeze( | ||
buildAlertHistoryDocument({ | ||
rule: { | ||
id: '{{rule.id}}', | ||
name: '{{rule.name}}', | ||
type: '{{rule.type}}', | ||
spaceId: '{{rule.spaceId}}', | ||
}, | ||
context: '{{context}}', | ||
params: '{{params}}', | ||
tags: '{{rule.tags}}', | ||
alert: { | ||
id: '{{alert.id}}', | ||
actionGroup: '{{alert.actionGroup}}', | ||
actionGroupName: '{{alert.actionGroupName}}', | ||
}, | ||
}) | ||
); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.