Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Response Ops][Alerting] Update common component template generation for framework alerts as data #150384

Merged
merged 83 commits into from
Feb 27, 2023
Merged
Show file tree
Hide file tree
Changes from 79 commits
Commits
Show all changes
83 commits
Select commit Hold shift + click to select a range
1ad0848
wip
ymao1 Feb 6, 2023
2197c3e
Splitting technical fields into default and legacy. Removing the fiel…
ymao1 Feb 6, 2023
a0b331d
Merge branch 'main' of github.com:elastic/kibana into alerting/faad-r…
ymao1 Feb 7, 2023
f24a0be
Removing rule registry FieldMap and mappingFromFieldMap in favor of a…
ymao1 Feb 7, 2023
a5d0b5d
Need to double check alerts client typing
ymao1 Feb 7, 2023
c8b6027
[CI] Auto-commit changed files from 'node scripts/lint_ts_projects --…
kibanamachine Feb 7, 2023
851b779
trying to fix distribution issue
ymao1 Feb 7, 2023
f6799fd
Merge branch 'alerting/faad-resources-common' of github.com:ymao1/kib…
ymao1 Feb 7, 2023
085b7b8
testing revert
ymao1 Feb 7, 2023
2ca888c
unbelievable
ymao1 Feb 7, 2023
b5b5b1a
Fixing tests
ymao1 Feb 8, 2023
d8c2acf
Fixing tests
ymao1 Feb 8, 2023
ea01b73
Merge branch 'main' of github.com:elastic/kibana into alerting/faad-r…
ymao1 Feb 8, 2023
e738874
Building technical field map from legacy and framework alert field map
ymao1 Feb 8, 2023
a7425b3
Merge branch 'main' of github.com:elastic/kibana into alerting/faad-r…
ymao1 Feb 8, 2023
8fa924a
Building technical field map from legacy and framework alert field map
ymao1 Feb 8, 2023
15af36c
Merge branch 'main' of github.com:elastic/kibana into alerting/faad-r…
ymao1 Feb 8, 2023
f54aefe
parameters have to be flattened
ymao1 Feb 8, 2023
98f957b
Installing legacy alert component template on startup
ymao1 Feb 8, 2023
65b24e4
Referencing legacy alert template when specified
ymao1 Feb 8, 2023
9055fc2
Adding ecs field map and installing ecs component template
ymao1 Feb 9, 2023
4ced657
Merging in main
ymao1 Feb 9, 2023
23b5bc7
[CI] Auto-commit changed files from 'node scripts/lint_ts_projects --…
kibanamachine Feb 9, 2023
3444c8d
Fixing functional test
ymao1 Feb 10, 2023
6cf91a7
Merge branch 'main' of github.com:elastic/kibana into alerting/faad-r…
ymao1 Feb 10, 2023
e1590dc
Merge branch 'alerting/faad-resources-common' of github.com:ymao1/kib…
ymao1 Feb 10, 2023
cbfead1
Adding flag to allow rule types to use ecs component template
ymao1 Feb 10, 2023
6fe2c54
Merging in main
ymao1 Feb 13, 2023
482a435
Trying to control bundle size
ymao1 Feb 13, 2023
b78b881
[CI] Auto-commit changed files from 'node scripts/precommit_hook.js -…
kibanamachine Feb 13, 2023
031f0a4
Moving field maps to packages
ymao1 Feb 13, 2023
57ecb44
Merge branch 'alerting/faad-resources-common' of github.com:ymao1/kib…
ymao1 Feb 13, 2023
cadc717
[CI] Auto-commit changed files from 'node scripts/lint_ts_projects --…
kibanamachine Feb 13, 2023
727dcd8
Merging in main
ymao1 Feb 14, 2023
5e6b995
Fixing types
ymao1 Feb 14, 2023
b5bc473
Merge branch 'alerting/faad-resources-common' of github.com:ymao1/kib…
ymao1 Feb 14, 2023
c828e61
Moving to a new package
ymao1 Feb 14, 2023
30d9848
Merge branch 'main' of github.com:elastic/kibana into alerting/faad-r…
ymao1 Feb 14, 2023
27d63d1
[CI] Auto-commit changed files from 'node scripts/lint_ts_projects --…
kibanamachine Feb 14, 2023
98a34fa
[CI] Auto-commit changed files from 'node scripts/generate codeowners'
kibanamachine Feb 14, 2023
c60177a
Fixing checks
ymao1 Feb 14, 2023
b9963d2
Merge branch 'alerting/faad-resources-common' of github.com:ymao1/kib…
ymao1 Feb 14, 2023
dc311d9
[CI] Auto-commit changed files from 'node scripts/lint_ts_projects --…
kibanamachine Feb 14, 2023
5d6f656
Fixing checks
ymao1 Feb 14, 2023
7cfef7d
Merge branch 'alerting/faad-resources-common' of github.com:ymao1/kib…
ymao1 Feb 14, 2023
089807f
[CI] Auto-commit changed files from 'node scripts/lint_ts_projects --…
kibanamachine Feb 14, 2023
6d00d49
[CI] Auto-commit changed files from 'node scripts/generate codeowners'
kibanamachine Feb 14, 2023
539b4c3
cleanup
ymao1 Feb 15, 2023
5e6f7cf
Merge branch 'main' of github.com:elastic/kibana into alerting/faad-r…
ymao1 Feb 15, 2023
0642883
Merge branch 'alerting/faad-resources-common' of github.com:ymao1/kib…
ymao1 Feb 15, 2023
52dfd19
cleanup
ymao1 Feb 15, 2023
0715cd1
Merge branch 'main' of github.com:elastic/kibana into alerting/faad-r…
ymao1 Feb 15, 2023
88a0ea7
Conditionally installing ECS component template. Updating to use same…
ymao1 Feb 15, 2023
de819fc
[CI] Auto-commit changed files from 'node scripts/lint_ts_projects --…
kibanamachine Feb 15, 2023
29e26ea
Fixing types
ymao1 Feb 15, 2023
2cf0113
Merge branch 'alerting/faad-resources-common' of github.com:ymao1/kib…
ymao1 Feb 15, 2023
044018e
Not using multi_field
ymao1 Feb 15, 2023
8431ca0
Fixing functional test
ymao1 Feb 15, 2023
e5379a2
Removing index and doc values fields
ymao1 Feb 15, 2023
1bb3c88
Merge branch 'main' of github.com:elastic/kibana into alerting/faad-r…
ymao1 Feb 15, 2023
d4201df
Keeping rule registry ecsFieldMap for now
ymao1 Feb 16, 2023
2345eba
[CI] Auto-commit changed files from 'node scripts/lint_ts_projects --…
kibanamachine Feb 16, 2023
f311523
temporarily updating ecs_flat and upping field limit
ymao1 Feb 16, 2023
96450fd
Merge branch 'main' of github.com:elastic/kibana into alerting/faad-r…
ymao1 Feb 16, 2023
08885e8
Merge branch 'alerting/faad-resources-common' of github.com:ymao1/kib…
ymao1 Feb 16, 2023
ab6977f
wip
ymao1 Feb 16, 2023
54c7aa8
Updating index template field mapping limit on error and retrying com…
ymao1 Feb 16, 2023
6c894c9
Merge branch 'main' of github.com:elastic/kibana into alerting/faad-r…
ymao1 Feb 16, 2023
19d5c96
[CI] Auto-commit changed files from 'node scripts/lint_ts_projects --…
kibanamachine Feb 16, 2023
2629c31
Merge branch 'main' into alerting/faad-resources-common
kibanamachine Feb 21, 2023
75a8316
Merging in main
ymao1 Feb 21, 2023
6c5f875
Cleanup
ymao1 Feb 21, 2023
7e5f5d3
Merge branch 'main' of github.com:elastic/kibana into alerting/faad-r…
ymao1 Feb 21, 2023
9e77b99
Update x-pack/plugins/alerting/server/alerts_service/types.ts
ymao1 Feb 21, 2023
c773f3c
Merge branch 'main' into alerting/faad-resources-common
kibanamachine Feb 22, 2023
8e15fe9
Merging in main
ymao1 Feb 22, 2023
6d97dfa
Merging in main
ymao1 Feb 22, 2023
b9ac0f4
Restoring multi_fields
ymao1 Feb 22, 2023
84d867b
Merging in main
ymao1 Feb 22, 2023
1587689
Merge branch 'main' into alerting/faad-resources-common
kibanamachine Feb 24, 2023
9069f77
Merge branch 'main' into alerting/faad-resources-common
kibanamachine Feb 27, 2023
18854e2
Merge branch 'main' into alerting/faad-resources-common
kibanamachine Feb 27, 2023
af0428e
Merge branch 'main' into alerting/faad-resources-common
kibanamachine Feb 27, 2023
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ x-pack/examples/alerting_example @elastic/response-ops
x-pack/test/functional_with_es_ssl/plugins/alerts @elastic/response-ops
x-pack/plugins/alerting @elastic/response-ops
packages/kbn-alerts @elastic/security-solution
packages/kbn-alerts-as-data-utils @elastic/response-ops
x-pack/test/alerting_api_integration/common/plugins/alerts_restricted @elastic/response-ops
packages/kbn-alerts-ui-shared @elastic/response-ops
packages/kbn-ambient-common-types @elastic/kibana-operations
Expand Down
1 change: 1 addition & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,7 @@
"@kbn/alerting-fixture-plugin": "link:x-pack/test/functional_with_es_ssl/plugins/alerts",
"@kbn/alerting-plugin": "link:x-pack/plugins/alerting",
"@kbn/alerts": "link:packages/kbn-alerts",
"@kbn/alerts-as-data-utils": "link:packages/kbn-alerts-as-data-utils",
"@kbn/alerts-restricted-fixtures-plugin": "link:x-pack/test/alerting_api_integration/common/plugins/alerts_restricted",
"@kbn/alerts-ui-shared": "link:packages/kbn-alerts-ui-shared",
"@kbn/analytics": "link:packages/kbn-analytics",
Expand Down
9 changes: 9 additions & 0 deletions packages/kbn-alerts-as-data-utils/index.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/

export * from './src/field_maps';
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Created a package for the field maps because exporting the ECS field map from alerting/common increased the page load bundle size by 500 KB

5 changes: 5 additions & 0 deletions packages/kbn-alerts-as-data-utils/kibana.jsonc
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
{
"type": "shared-common",
"id": "@kbn/alerts-as-data-utils",
"owner": "@elastic/response-ops"
}
6 changes: 6 additions & 0 deletions packages/kbn-alerts-as-data-utils/package.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
{
"name": "@kbn/alerts-as-data-utils",
"private": true,
"version": "1.0.0",
"license": "SSPL-1.0 OR Elastic License 2.0"
}
Original file line number Diff line number Diff line change
@@ -1,16 +1,20 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/

import {
ALERT_ACTION_GROUP,
ALERT_CASE_IDS,
ALERT_DURATION,
ALERT_END,
ALERT_FLAPPING,
ALERT_ID,
ALERT_FLAPPING_HISTORY,
ALERT_INSTANCE_ID,
ALERT_LAST_DETECTED,
ALERT_REASON,
ALERT_RULE_CATEGORY,
ALERT_RULE_CONSUMER,
Expand All @@ -27,92 +31,93 @@ import {
ALERT_UUID,
ALERT_WORKFLOW_STATUS,
SPACE_IDS,
TIMESTAMP,
VERSION,
} from '@kbn/rule-data-utils';

export const alertFieldMap = {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These changes are just to alphabetize the fields in the field map

[ALERT_RULE_PARAMETERS]: {
type: 'object',
enabled: false,
[ALERT_ACTION_GROUP]: {
type: 'keyword',
array: false,
required: false,
},
[ALERT_RULE_TYPE_ID]: {
[ALERT_CASE_IDS]: {
type: 'keyword',
array: true,
required: false,
},
[ALERT_DURATION]: {
type: 'long',
array: false,
required: true,
required: false,
},
[ALERT_RULE_CONSUMER]: {
type: 'keyword',
[ALERT_END]: {
type: 'date',
array: false,
required: true,
required: false,
},
[ALERT_RULE_PRODUCER]: {
type: 'keyword',
[ALERT_FLAPPING]: {
type: 'boolean',
array: false,
required: true,
required: false,
},
[SPACE_IDS]: {
type: 'keyword',
[ALERT_FLAPPING_HISTORY]: {
type: 'boolean',
array: true,
required: true,
},
[ALERT_UUID]: {
type: 'keyword',
array: false,
required: true,
required: false,
},
[ALERT_ID]: {
[ALERT_INSTANCE_ID]: {
type: 'keyword',
array: false,
required: true,
},
[ALERT_START]: {
[ALERT_LAST_DETECTED]: {
type: 'date',
array: false,
required: false,
},
[ALERT_TIME_RANGE]: {
type: 'date_range',
format: 'epoch_millis||strict_date_optional_time',
array: false,
required: false,
},
[ALERT_END]: {
type: 'date',
[ALERT_REASON]: {
type: 'keyword',
array: false,
required: false,
},
[ALERT_DURATION]: {
type: 'long',
[ALERT_RULE_CATEGORY]: {
type: 'keyword',
array: false,
required: false,
required: true,
},
[ALERT_STATUS]: {
[ALERT_RULE_CONSUMER]: {
type: 'keyword',
array: false,
required: true,
},
[VERSION]: {
type: 'version',
[ALERT_RULE_EXECUTION_UUID]: {
type: 'keyword',
array: false,
required: false,
},
[ALERT_WORKFLOW_STATUS]: {
[ALERT_RULE_NAME]: {
type: 'keyword',
array: false,
required: false,
required: true,
},
[ALERT_ACTION_GROUP]: {
type: 'keyword',
[ALERT_RULE_PARAMETERS]: {
array: false,
type: 'flattened',
ignore_above: 4096,
required: false,
},
[ALERT_REASON]: {
[ALERT_RULE_PRODUCER]: {
type: 'keyword',
array: false,
required: true,
},
[ALERT_RULE_TAGS]: {
type: 'keyword',
array: true,
required: false,
},
[ALERT_RULE_CATEGORY]: {
[ALERT_RULE_TYPE_ID]: {
type: 'keyword',
array: false,
required: true,
Expand All @@ -122,26 +127,47 @@ export const alertFieldMap = {
array: false,
required: true,
},
[ALERT_RULE_EXECUTION_UUID]: {
[ALERT_START]: {
type: 'date',
array: false,
required: false,
},
[ALERT_STATUS]: {
type: 'keyword',
array: false,
required: true,
},
[ALERT_TIME_RANGE]: {
type: 'date_range',
format: 'epoch_millis||strict_date_optional_time',
array: false,
required: false,
},
[ALERT_RULE_NAME]: {
[ALERT_UUID]: {
type: 'keyword',
array: false,
required: true,
},
[ALERT_RULE_TAGS]: {
[ALERT_WORKFLOW_STATUS]: {
type: 'keyword',
array: true,
array: false,
required: false,
},
[ALERT_FLAPPING]: {
type: 'boolean',
[SPACE_IDS]: {
type: 'keyword',
array: true,
required: true,
},
[TIMESTAMP]: {
type: 'date',
required: true,
array: false,
},
[VERSION]: {
type: 'version',
array: false,
required: false,
},
};
} as const;

export type AlertFieldMap = typeof alertFieldMap;
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/

import { EcsFlat } from '@kbn/ecs';
import { EcsMetadata, FieldMap } from './types';

export const ecsFieldMap: FieldMap = Object.keys(EcsFlat).reduce((acc, currKey) => {
const value: EcsMetadata = EcsFlat[currKey as keyof typeof EcsFlat];
return {
...acc,
[currKey]: {
type: value.type,
array: value.normalize.includes('array'),
required: !!value.required,
...(value.scaling_factor ? { scaling_factor: value.scaling_factor } : {}),
...(value.ignore_above ? { ignore_above: value.ignore_above } : {}),
...(value.multi_fields ? { multi_fields: value.multi_fields } : {}),
},
};
}, {});

export type EcsFieldMap = typeof ecsFieldMap;
12 changes: 12 additions & 0 deletions packages/kbn-alerts-as-data-utils/src/field_maps/index.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/

export * from './alert_field_map';
export * from './ecs_field_map';
export * from './legacy_alert_field_map';
export type { FieldMap, MultiField } from './types';
Loading