Skip to content

Commit

Permalink
[Usage Collection] [schema] alerts (#78933)
Browse files Browse the repository at this point in the history
  • Loading branch information
@afharo
afharo authored Oct 2, 2020
1 parent d679624 commit 7afb8b4
Show file tree
Hide file tree
Showing 3 changed files with 248 additions and 2 deletions.
1 change: 0 additions & 1 deletion x-pack/.telemetryrc.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@
"output": "plugins/telemetry_collection_xpack/schema/xpack_plugins.json",
"root": "plugins/",
"exclude": [
"plugins/alerts/server/usage/alerts_usage_collector.ts",
"plugins/apm/server/lib/apm_telemetry/index.ts"
]
}
57 changes: 56 additions & 1 deletion x-pack/plugins/alerts/server/usage/alerts_usage_collector.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,44 @@
* you may not use this file except in compliance with the Elastic License.
*/

import { UsageCollectionSetup } from 'src/plugins/usage_collection/server';
import { MakeSchemaFrom, UsageCollectionSetup } from 'src/plugins/usage_collection/server';
import { get } from 'lodash';
import { TaskManagerStartContract } from '../../../task_manager/server';
import { AlertsUsage } from './types';

const byTypeSchema: MakeSchemaFrom<AlertsUsage>['count_by_type'] = {
// TODO: Find out an automated way to populate the keys or reformat these into an array (and change the Remote Telemetry indexer accordingly)
DYNAMIC_KEY: { type: 'long' },
// Known alerts (searching the use of the alerts API `registerType`:
// Built-in
'__index-threshold': { type: 'long' },
// APM
apm__error_rate: { type: 'long' }, // eslint-disable-line @typescript-eslint/naming-convention
apm__transaction_error_rate: { type: 'long' }, // eslint-disable-line @typescript-eslint/naming-convention
apm__transaction_duration: { type: 'long' }, // eslint-disable-line @typescript-eslint/naming-convention
apm__transaction_duration_anomaly: { type: 'long' }, // eslint-disable-line @typescript-eslint/naming-convention
// Infra
metrics__alert__threshold: { type: 'long' }, // eslint-disable-line @typescript-eslint/naming-convention
metrics__alert__inventory__threshold: { type: 'long' }, // eslint-disable-line @typescript-eslint/naming-convention
logs__alert__document__count: { type: 'long' }, // eslint-disable-line @typescript-eslint/naming-convention
// Monitoring
monitoring_alert_cluster_health: { type: 'long' },
monitoring_alert_cpu_usage: { type: 'long' },
monitoring_alert_disk_usage: { type: 'long' },
monitoring_alert_elasticsearch_version_mismatch: { type: 'long' },
monitoring_alert_kibana_version_mismatch: { type: 'long' },
monitoring_alert_license_expiration: { type: 'long' },
monitoring_alert_logstash_version_mismatch: { type: 'long' },
monitoring_alert_nodes_changed: { type: 'long' },
// Security Solution
siem__signals: { type: 'long' }, // eslint-disable-line @typescript-eslint/naming-convention
siem__notifications: { type: 'long' }, // eslint-disable-line @typescript-eslint/naming-convention
// Uptime
xpack__uptime__alerts__monitorStatus: { type: 'long' }, // eslint-disable-line @typescript-eslint/naming-convention
xpack__uptime__alerts__tls: { type: 'long' }, // eslint-disable-line @typescript-eslint/naming-convention
xpack__uptime__alerts__durationAnomaly: { type: 'long' }, // eslint-disable-line @typescript-eslint/naming-convention
};

export function createAlertsUsageCollector(
usageCollection: UsageCollectionSetup,
taskManager: TaskManagerStartContract
Expand Down Expand Up @@ -50,6 +83,28 @@ export function createAlertsUsageCollector(
};
}
},
schema: {
count_total: { type: 'long' },
count_active_total: { type: 'long' },
count_disabled_total: { type: 'long' },
throttle_time: {
min: { type: 'long' },
avg: { type: 'float' },
max: { type: 'long' },
},
schedule_time: {
min: { type: 'long' },
avg: { type: 'float' },
max: { type: 'long' },
},
connectors_per_alert: {
min: { type: 'long' },
avg: { type: 'float' },
max: { type: 'long' },
},
count_active_by_type: byTypeSchema,
count_by_type: byTypeSchema,
},
});
}

Expand Down
192 changes: 192 additions & 0 deletions x-pack/plugins/telemetry_collection_xpack/schema/xpack_plugins.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,198 @@
}
}
},
"alerts": {
"properties": {
"count_total": {
"type": "long"
},
"count_active_total": {
"type": "long"
},
"count_disabled_total": {
"type": "long"
},
"throttle_time": {
"properties": {
"min": {
"type": "long"
},
"avg": {
"type": "float"
},
"max": {
"type": "long"
}
}
},
"schedule_time": {
"properties": {
"min": {
"type": "long"
},
"avg": {
"type": "float"
},
"max": {
"type": "long"
}
}
},
"connectors_per_alert": {
"properties": {
"min": {
"type": "long"
},
"avg": {
"type": "float"
},
"max": {
"type": "long"
}
}
},
"count_active_by_type": {
"properties": {
"DYNAMIC_KEY": {
"type": "long"
},
"__index-threshold": {
"type": "long"
},
"apm__error_rate": {
"type": "long"
},
"apm__transaction_error_rate": {
"type": "long"
},
"apm__transaction_duration": {
"type": "long"
},
"apm__transaction_duration_anomaly": {
"type": "long"
},
"metrics__alert__threshold": {
"type": "long"
},
"metrics__alert__inventory__threshold": {
"type": "long"
},
"logs__alert__document__count": {
"type": "long"
},
"monitoring_alert_cluster_health": {
"type": "long"
},
"monitoring_alert_cpu_usage": {
"type": "long"
},
"monitoring_alert_disk_usage": {
"type": "long"
},
"monitoring_alert_elasticsearch_version_mismatch": {
"type": "long"
},
"monitoring_alert_kibana_version_mismatch": {
"type": "long"
},
"monitoring_alert_license_expiration": {
"type": "long"
},
"monitoring_alert_logstash_version_mismatch": {
"type": "long"
},
"monitoring_alert_nodes_changed": {
"type": "long"
},
"siem__signals": {
"type": "long"
},
"siem__notifications": {
"type": "long"
},
"xpack__uptime__alerts__monitorStatus": {
"type": "long"
},
"xpack__uptime__alerts__tls": {
"type": "long"
},
"xpack__uptime__alerts__durationAnomaly": {
"type": "long"
}
}
},
"count_by_type": {
"properties": {
"DYNAMIC_KEY": {
"type": "long"
},
"__index-threshold": {
"type": "long"
},
"apm__error_rate": {
"type": "long"
},
"apm__transaction_error_rate": {
"type": "long"
},
"apm__transaction_duration": {
"type": "long"
},
"apm__transaction_duration_anomaly": {
"type": "long"
},
"metrics__alert__threshold": {
"type": "long"
},
"metrics__alert__inventory__threshold": {
"type": "long"
},
"logs__alert__document__count": {
"type": "long"
},
"monitoring_alert_cluster_health": {
"type": "long"
},
"monitoring_alert_cpu_usage": {
"type": "long"
},
"monitoring_alert_disk_usage": {
"type": "long"
},
"monitoring_alert_elasticsearch_version_mismatch": {
"type": "long"
},
"monitoring_alert_kibana_version_mismatch": {
"type": "long"
},
"monitoring_alert_license_expiration": {
"type": "long"
},
"monitoring_alert_logstash_version_mismatch": {
"type": "long"
},
"monitoring_alert_nodes_changed": {
"type": "long"
},
"siem__signals": {
"type": "long"
},
"siem__notifications": {
"type": "long"
},
"xpack__uptime__alerts__monitorStatus": {
"type": "long"
},
"xpack__uptime__alerts__tls": {
"type": "long"
},
"xpack__uptime__alerts__durationAnomaly": {
"type": "long"
}
}
}
}
},
"canvas": {
"properties": {
"workpads": {
Expand Down

0 comments on commit 7afb8b4

Please sign in to comment.