Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[AO] Add data view information to the reason in the new threshold rule #162710

Closed
maryam-saeidi opened this issue Jul 28, 2023 · 3 comments · Fixed by #169414
Closed

[AO] Add data view information to the reason in the new threshold rule #162710

maryam-saeidi opened this issue Jul 28, 2023 · 3 comments · Fixed by #169414
Assignees
@maryam-saeidi
Labels
Feature:Alerting Team: Actionable Observability - DEPRECATED For Observability Alerting and SLOs use "Team:obs-ux-management", for AIops "Team:obs-knowledge" v8.10.0

Comments

@maryam-saeidi
Copy link
Member

maryam-saeidi commented Jul 28, 2023
edited
Loading

📝 Summary

Previously, we added the data view to the new threshold rule (#158840), we also need to adjust the reason to include the data view information.

Katrin's input:

  • Why? When we have only document count, then it is important to see what indices/data view was queried.
  • What? Data view name or index patterns (open to discussion)

✅ Acceptance Criteria

  • Add data view information to the reason
@maryam-saeidi maryam-saeidi added Team: Actionable Observability - DEPRECATED For Observability Alerting and SLOs use "Team:obs-ux-management", for AIops "Team:obs-knowledge" v8.10.0 labels Jul 28, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/actionable-observability (Team: Actionable Observability)

@maryam-saeidi maryam-saeidi self-assigned this Oct 12, 2023
@maryam-saeidi
Copy link
Member Author

maryam-saeidi commented Oct 18, 2023
edited
Loading

Current implementation

Rule definition Reason
image Custom equation is 18 in the last 1 min for host-11. Alert when > 1.
image Without label:
Custom equation is 18 in the last 1 min for host-11. Alert when > 1. Custom equation is 1.8 in the last 1 min for host-11. Alert when > 1.

With Label:
Number of documents is 18 in the last 1 min for host-11. Alert when > 1. CPU usage is 2.43333 in the last 1 min for host-11. Alert when > 1.

@maryam-saeidi
Copy link
Member Author

maryam-saeidi commented Oct 18, 2023
edited
Loading

Suggestion:

Document count is 21, above the threshold of 1; CPU usage is 2.11429, above the threshold of 1. (duration: 1 min, data view: metrics-fake_hosts, group: host-11)

Update: Discussed with Katrin.

This was referenced Oct 18, 2023
Closed
Merged
maryam-saeidi added a commit that referenced this issue Oct 26, 2023
@maryam-saeidi
Improve reason message of custom threshold rule by adding data view i…
c15da16 
…nformation (#169414)

Resolves #162710

## Summary

This PR improves the custom threshold rule reason message by adding the
data view indices and adjusting the reason for multiple aggregations.
Previously, for multiple aggregations, we repeat some information that
is shared between aggregations, such as interval and group information.

Also, this PR improves the reason messages for single aggregation based
on the selected aggregation and field, similar to what we currently have
in the metric threshold rule.

|Previous reason message | New reason message|
|---|---|

|![image](https://github.com/elastic/kibana/assets/12370520/bb7e0048-3590-48f0-adfe-218618c48782)|![image](https://github.com/elastic/kibana/assets/12370520/7a3d9778-f84b-4bbb-a8e0-a99debfe78d1)|

## 🧪 How to test
- Create some custom threshold rules and check the reason message
    - Single condition (different aggregators and comparators)
        - With a label for the equation
        - Without a label
    - Multiple conditions (different aggregators and comparators)
        - With a label for the equation
        - Without a label


### Known issue
I created an issue for `is not between` comparator and I wasn't able to
genarate an alert for it:
#169524
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@maryam-saeidi maryam-saeidi

Labels
Feature:Alerting Team: Actionable Observability - DEPRECATED For Observability Alerting and SLOs use "Team:obs-ux-management", for AIops "Team:obs-knowledge" v8.10.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Improve reason message of custom threshold rule by adding data view information maryam-saeidi/kibana
3 participants
@maryam-saeidi @elasticmachine @emma-raffenne