[Custom threshold/Metric threshold] [Preview chart] Sort groups by fi…

…rst metric and aggType combination (#199643) Resolves #183491 This PR sorts the data in Preview chart of Custom threshold and Metric threshold rules based on first metric and aggType combination used in the rule equation. For `rate`, `percentile` and `last_value` aggregations, I have used `max` aggregation as those aggregations require additional params to pass to `LensAttributesBuilder` which are not supported currently. Also, sorting based on equation is not supported right now. | Before | After | | --- | --- | | <img width="601" alt="Screenshot 2024-11-11 at 17 07 47" src="https://github.com/user-attachments/assets/0f22991f-fa82-4dcf-8f44-7c88d7f85d8e"> | <img width="596" alt="Screenshot 2024-11-12 at 13 37 06" src="https://github.com/user-attachments/assets/a4a53bac-ecd0-4cc7-9ba5-11c733cc8f88"> | --------- Co-authored-by: kibanamachine <[email protected]>
elastic · Nov 18, 2024 · b87e47b · b87e47b
1 parent 5d00a0a
commit b87e47b
Show file tree

Hide file tree

Showing 6 changed files with 288 additions and 63 deletions.
diff --git a/packages/kbn-lens-embeddable-utils/attribute_builder/utils.ts b/packages/kbn-lens-embeddable-utils/attribute_builder/utils.ts
@@ -28,7 +28,7 @@ export type DateHistogramColumnParams = DateHistogramIndexPatternColumn['params'
 
 export type TopValuesColumnParams = Pick<
   TermsIndexPatternColumn['params'],
-  'size' | 'orderDirection' | 'orderBy' | 'secondaryFields' | 'accuracyMode'
+  'size' | 'orderDirection' | 'orderBy' | 'secondaryFields' | 'accuracyMode' | 'orderAgg'
 >;
 
 export const getHistogramColumn = ({

diff --git a/...servability_solution/observability/public/components/rule_condition_chart/helpers.test.ts b/...servability_solution/observability/public/components/rule_condition_chart/helpers.test.ts
@@ -17,7 +17,11 @@ const useCases = [
       filter: '',
       name: '',
     },
-    'sum(system.cpu.user.pct)',
+    {
+      operation: 'sum',
+      operationWithField: 'sum(system.cpu.user.pct)',
+      sourceField: 'system.cpu.user.pct',
+    },
   ],
   [
     {
@@ -26,7 +30,11 @@ const useCases = [
       filter: '',
       name: '',
     },
-    'max(system.cpu.user.pct)',
+    {
+      operation: 'max',
+      operationWithField: 'max(system.cpu.user.pct)',
+      sourceField: 'system.cpu.user.pct',
+    },
   ],
   [
     {
@@ -35,7 +43,11 @@ const useCases = [
       filter: '',
       name: '',
     },
-    'min(system.cpu.user.pct)',
+    {
+      operation: 'min',
+      operationWithField: 'min(system.cpu.user.pct)',
+      sourceField: 'system.cpu.user.pct',
+    },
   ],
   [
     {
@@ -44,16 +56,24 @@ const useCases = [
       filter: '',
       name: '',
     },
-    'average(system.cpu.user.pct)',
+    {
+      operation: 'average',
+      operationWithField: 'average(system.cpu.user.pct)',
+      sourceField: 'system.cpu.user.pct',
+    },
   ],
   [
     {
       aggType: Aggregators.COUNT,
-      field: 'system.cpu.user.pct',
-      filter: '',
+      field: '',
+      filter: 'system.cpu.user.pct: *',
       name: '',
     },
-    'count(___records___)',
+    {
+      operation: 'count',
+      operationWithField: `count(kql='system.cpu.user.pct: *')`,
+      sourceField: '',
+    },
   ],
   [
     {
@@ -62,7 +82,11 @@ const useCases = [
       filter: '',
       name: '',
     },
-    'unique_count(system.cpu.user.pct)',
+    {
+      operation: 'unique_count',
+      operationWithField: 'unique_count(system.cpu.user.pct)',
+      sourceField: 'system.cpu.user.pct',
+    },
   ],
   [
     {
@@ -71,7 +95,11 @@ const useCases = [
       filter: '',
       name: '',
     },
-    'percentile(system.cpu.user.pct, percentile=95)',
+    {
+      operation: 'percentile',
+      operationWithField: 'percentile(system.cpu.user.pct, percentile=95)',
+      sourceField: 'system.cpu.user.pct',
+    },
   ],
   [
     {
@@ -80,7 +108,11 @@ const useCases = [
       filter: '',
       name: '',
     },
-    'percentile(system.cpu.user.pct, percentile=99)',
+    {
+      operation: 'percentile',
+      operationWithField: 'percentile(system.cpu.user.pct, percentile=99)',
+      sourceField: 'system.cpu.user.pct',
+    },
   ],
   [
     {
@@ -89,7 +121,11 @@ const useCases = [
       filter: '',
       name: '',
     },
-    `counter_rate(max(system.network.in.bytes), kql='')`,
+    {
+      operation: 'counter_rate',
+      operationWithField: `counter_rate(max(system.network.in.bytes), kql='')`,
+      sourceField: 'system.network.in.bytes',
+    },
   ],
   [
     {
@@ -98,7 +134,11 @@ const useCases = [
       filter: 'host.name : "foo"',
       name: '',
     },
-    `counter_rate(max(system.network.in.bytes), kql='host.name : foo')`,
+    {
+      operation: 'counter_rate',
+      operationWithField: `counter_rate(max(system.network.in.bytes), kql='host.name : foo')`,
+      sourceField: 'system.network.in.bytes',
+    },
   ],
 ];
 

diff --git a/...ns/observability_solution/observability/public/components/rule_condition_chart/helpers.ts b/...ns/observability_solution/observability/public/components/rule_condition_chart/helpers.ts
@@ -8,29 +8,35 @@
 import { Aggregators } from '../../../common/custom_threshold_rule/types';
 import { GenericMetric } from './rule_condition_chart';
 
-export const getLensOperationFromRuleMetric = (metric: GenericMetric): string => {
+export interface LensOperation {
+  operation: string;
+  operationWithField: string;
+  sourceField: string;
+}
+
+export const getLensOperationFromRuleMetric = (metric: GenericMetric): LensOperation => {
   const { aggType, field, filter } = metric;
   let operation: string = aggType;
   const operationArgs: string[] = [];
   const aggFilter = JSON.stringify(filter || '').replace(/"|\\/g, '');
 
   if (aggType === Aggregators.RATE) {
-    return `counter_rate(max(${field}), kql='${aggFilter}')`;
+    return {
+      operation: 'counter_rate',
+      operationWithField: `counter_rate(max(${field}), kql='${aggFilter}')`,
+      sourceField: field || '',
+    };
   }
 
   if (aggType === Aggregators.AVERAGE) operation = 'average';
   if (aggType === Aggregators.CARDINALITY) operation = 'unique_count';
   if (aggType === Aggregators.P95 || aggType === Aggregators.P99) operation = 'percentile';
   if (aggType === Aggregators.COUNT) operation = 'count';
 
-  let sourceField = field;
-
-  if (aggType === Aggregators.COUNT) {
-    sourceField = '___records___';
+  if (field) {
+    operationArgs.push(field);
   }
 
-  operationArgs.push(sourceField || '');
-
   if (aggType === Aggregators.P95) {
     operationArgs.push('percentile=95');
   }
@@ -41,7 +47,11 @@ export const getLensOperationFromRuleMetric = (metric: GenericMetric): string =>
 
   if (aggFilter) operationArgs.push(`kql='${aggFilter}'`);
 
-  return operation + '(' + operationArgs.join(', ') + ')';
+  return {
+    operation,
+    operationWithField: `${operation}(${operationArgs.join(', ')})`,
+    sourceField: field || '',
+  };
 };
 
 export const getBufferThreshold = (threshold?: number): string =>