Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add group-by dropdown in APM Error count threshold rule #154537

Closed
Tracked by #143107
benakansara opened this issue Apr 6, 2023 · 1 comment
Closed
Tracked by #143107

Add group-by dropdown in APM Error count threshold rule #154537

benakansara opened this issue Apr 6, 2023 · 1 comment
Assignees
Labels
Team: Actionable Observability - DEPRECATED For Observability Alerting and SLOs use "Team:obs-ux-management", for AIops "Team:obs-knowledge" v8.8.0

Comments

@benakansara
Copy link
Contributor

benakansara commented Apr 6, 2023

Part of #143107

Add group by dropdown in APM Error count threshold rule.

Add following fields to the group by dropdown as readonly fields. These are preselected and cannot be removed by user.

  • service.name
  • service.environment

Add following fields to the group by dropdown as selectable by user.

  • transaction.name

The service.name and service.environment fields are already part of multi_terms aggregation in the rule. We need to add transaction.name in the list of multi_terms aggregation.

@benakansara benakansara added Team: Actionable Observability - DEPRECATED For Observability Alerting and SLOs use "Team:obs-ux-management", for AIops "Team:obs-knowledge" v8.8.0 labels Apr 6, 2023
@benakansara benakansara self-assigned this Apr 6, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/actionable-observability (Team: Actionable Observability)

benakansara added a commit that referenced this issue Apr 25, 2023
## Summary
Adds group-by dropdown in the following APM rules.
- APM Latency threshold (Preselected fields: `service.name`,
`service.environment`, `transaction.type`)
- APM Failed transaction rate (Preselected fields: `service.name`,
`service.environment`, `transaction.type`)
- APM Error count threshold (Preselected fields: `service.name`,
`service.environment`)

<img width="609" alt="Screenshot 2023-04-17 at 13 44 34"
src="https://user-images.githubusercontent.com/69037875/232475262-41786edf-d16b-4b1f-90a9-8fe242a36bcc.png">

The preselected fields cannot be removed by user. The `transaction.name`
field is selectable by user from the group-by dropdown.

- #154535
- #154536
- #154537

Reason message is updated to include group key instead of only service
name:
- #155011

The `transaction.name` is added to the alert document:
- #154543

The `transaction.name` action variable is added in UI:
- #154545

The `transaction.name` is added to the context of active alert
notifications:
- #154547

There are additional fields in group-by dropdown for Error count
threshold rule: #155633
- error.grouping_key
- error.grouping_name

## Fixes
- #154818

### Update on Alert Id
The alert Id is updated for all 3 rules. The new Id is generated from
the group key. This is to avoid issues similar to #154818 where alerts
are scheduled with same ID. Example of the new alert Ids -
`opbeans-java_development_request_GET /flaky`,
`opbeans-java_development_GET /fail`

## Out of scope of this PR
- Updating the preview chart based on selected group by fields

## Checklist
- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

## Release note
As the alert Id is updated for the APM Latency threshold rule, APM
Failed transaction rate rule and APM Error count rule, the existing
alerts, if any, will be recovered, and new alerts will be fired in place
of them.

---------

Co-authored-by: Katerina Patticha <[email protected]>
Co-authored-by: Søren Louv-Jansen <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Team: Actionable Observability - DEPRECATED For Observability Alerting and SLOs use "Team:obs-ux-management", for AIops "Team:obs-knowledge" v8.8.0
Projects
None yet
Development

No branches or pull requests

2 participants