[RAC] Replace usages of kibana.alert.status: open with active #109033
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
marshallmain
changed the title
marshallmain
changed the title
marshallmain
added
v7.15.0
v7.16.0
v8.0.0
auto-backport
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
botelastic
bot
added
Team:APM
|
Pinging @elastic/uptime (Team:uptime) |
|
Pinging @elastic/apm-ui (Team:apm) |
|
@elasticmachine merge upstream |
|
@elasticmachine merge upstream |
52 tasks
|
@marshallmain We also replace usages of Could you review our open PR again? Failing tests are fixed and PR is ready for review. |
…ibana into update-alert-status-usage
💚 Build SucceededMetrics [docs]Async chunks
Page load bundle
History
To update your PR or re-run it, just comment with: |
spong
reviewed
Aug 26, 2021
| @@ -129,12 +132,11 @@ The following fields are defined in the technical field component template and s | |||
| - `kibana.alert.rule.consumer`: the feature which produced the alert (inherited from the rule producer field). Usually a Kibana feature id like `apm`, `siem`... | |||
| - `kibana.alert.id`: the id of the alert, that is unique within the context of the rule execution it was created in. E.g., for a rule that monitors latency for all services in all environments, this might be `opbeans-java:production`. | |||
| - `kibana.alert.uuid`: the unique identifier for the alert during its lifespan. If an alert recovers (or closes), this identifier is re-generated when it is opened again. | |||
| - `kibana.alert.status`: the status of the alert. Can be `open` or `closed`. | |||
| - `kibana.alert.status`: the status of the alert. Can be `active` or `recovered`. | |||
There was a problem hiding this comment.
Should we have an entry for kibana.alert.workflow_status as well?
There was a problem hiding this comment.
Yeah, the readme is pretty out of date so I'm planning to update the rest of it in a follow up PR
spong
approved these changes
Aug 26, 2021
There was a problem hiding this comment.
Checked out, tested locally, reviewed code, and all LGTM! 👍 🚀
One note, in testing it was discovered that if you have the xpack.securitySolution.signalsIndex kibana.yml configuration set, the Alerts table bsearch will still query the specified .siem-signals index instead of the AAD index, and can result in no documents being displays. This configuration isn't officially supported, but wanted to note the behavior. The histogram and counts table continues to use the find API and returns data though. cc @XavierM
kibanamachine
added a commit
to kibanamachine/kibana
that referenced
this pull request
Aug 26, 2021
…c#109033) * Replace usages of alert.status: open with active * Update unit tests * Add back home.disableWelcomeScreen=true * Only disable welcome screen within APM ftr config * Add disableWelcomeScreen option to security solution cypress config * Fix reference to workflow status * oops * Remove duplicate disableWelcomeScreen * Update README.md Co-authored-by: Kibana Machine <[email protected]>
This was referenced Aug 26, 2021
kibanamachine
added a commit
to kibanamachine/kibana
that referenced
this pull request
Aug 26, 2021
…c#109033) * Replace usages of alert.status: open with active * Update unit tests * Add back home.disableWelcomeScreen=true * Only disable welcome screen within APM ftr config * Add disableWelcomeScreen option to security solution cypress config * Fix reference to workflow status * oops * Remove duplicate disableWelcomeScreen * Update README.md Co-authored-by: Kibana Machine <[email protected]>
This was referenced Aug 26, 2021
marshallmain
added a commit
to marshallmain/kibana
that referenced
this pull request
Aug 27, 2021
…c#109033) * Replace usages of alert.status: open with active * Update unit tests * Add back home.disableWelcomeScreen=true * Only disable welcome screen within APM ftr config * Add disableWelcomeScreen option to security solution cypress config * Fix reference to workflow status * oops * Remove duplicate disableWelcomeScreen * Update README.md Co-authored-by: Kibana Machine <[email protected]>
marshallmain
added a commit
to marshallmain/kibana
that referenced
this pull request
Aug 27, 2021
…c#109033) * Replace usages of alert.status: open with active * Update unit tests * Add back home.disableWelcomeScreen=true * Only disable welcome screen within APM ftr config * Add disableWelcomeScreen option to security solution cypress config * Fix reference to workflow status * oops * Remove duplicate disableWelcomeScreen * Update README.md Co-authored-by: Kibana Machine <[email protected]>
marshallmain
added a commit
that referenced
this pull request
Aug 27, 2021
…109033) (#110384) * [RAC] Replace usages of kibana.alert.status: open with active (#109033) * Replace usages of alert.status: open with active * Update unit tests * Add back home.disableWelcomeScreen=true * Only disable welcome screen within APM ftr config * Add disableWelcomeScreen option to security solution cypress config * Fix reference to workflow status * oops * Remove duplicate disableWelcomeScreen * Update README.md Co-authored-by: Kibana Machine <[email protected]> * Fix remaining reference to ALERT_STATUS Co-authored-by: Kibana Machine <[email protected]>
marshallmain
added a commit
that referenced
this pull request
Aug 27, 2021
…109033) (#110383) * [RAC] Replace usages of kibana.alert.status: open with active (#109033) * Replace usages of alert.status: open with active * Update unit tests * Add back home.disableWelcomeScreen=true * Only disable welcome screen within APM ftr config * Add disableWelcomeScreen option to security solution cypress config * Fix reference to workflow status * oops * Remove duplicate disableWelcomeScreen * Update README.md Co-authored-by: Kibana Machine <[email protected]> * Fix remaining reference to ALERT_STATUS Co-authored-by: Kibana Machine <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Addresses #108607
Per the schema,
kibana.alert.statusis to be populated withactiveorrecovered. A few places were usingopenandclosedinstead, which are the values forkibana.alert.workflow_status. This PR replaces those usages with the correct values.Checklist
Delete any items that are not applicable to this PR.
Risk Matrix
Delete this section if it is not applicable to this PR.
Before closing this PR, invite QA, stakeholders, and other developers to identify risks that should be tested prior to the change/feature release.
When forming the risk matrix, consider some of the following examples and how they may potentially impact the change:
For maintainers