Add group-by feature in APM rules

[benakansara]

Summary

Adds group-by dropdown in the following APM rules.

• APM Latency threshold (Preselected fields: service.name, service.environment, transaction.type)
• APM Failed transaction rate (Preselected fields: service.name, service.environment, transaction.type)
• APM Error count threshold (Preselected fields: service.name, service.environment)

The preselected fields cannot be removed by user. The transaction.name field is selectable by user from the group-by dropdown.

• Add group-by dropdown in APM Latency threshold rule #154535
• Add group-by dropdown in APM Failed transaction rate rule #154536
• Add group-by dropdown in APM Error count threshold rule #154537

Reason message is updated to include group key instead of only service name:

• Update reason message of the APM rules to include group key instead of only service name #155011

The transaction.name is added to the alert document:

• Add transaction.name in alert document for APM rules #154543

The transaction.name action variable is added in UI:

• Add action variable transactionName in APM rules #154545

The transaction.name is added to the context of active alert notifications:

• Add transactionName in the context of active alerts of APM rules #154547

There is an additional field in group-by dropdown for Error count threshold rule: #155633

• error.grouping_key

Fixes

• Latency threshold rule schedules alerts with same ID #154818

Update on Alert Id

The alert Id is updated for all 3 rules. The new Id is generated from the group key. This is to avoid issues similar to #154818 where alerts are scheduled with same ID. Example of the new alert Ids - opbeans-java_development_request_GET /flaky, opbeans-java_development_GET /fail

Out of scope of this PR

• Updating the preview chart based on selected group by fields

Checklist

• Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
• Unit or functional tests were updated or added to match the most common scenarios

Release note

As the alert Id is updated for the APM Latency threshold rule, APM Failed transaction rate rule and APM Error count rule, the existing alerts, if any, will be recovered, and new alerts will be fired in place of them.

[apmmachine]

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

• /oblt-deploy : Deploy a Kibana instance using the Observability test environments.
• run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

[elasticmachine]

Pinging @elastic/apm-ui (Team:APM)

[benakansara]

/oblt-deploy

[kdelemme]

I did a first pass, small neats. Going to tests further

[benakansara]

/oblt-deploy

[benakansara]

/oblt-deploy

[benakansara]

Hmm.. Yeah, you could do that. But alternatively you could hash the message like:

I am fine with either way (removing for now or using hash). My only concern is that if we need more discussion around alert ID, we should wait till it is clear.

[dgieselaar]

Does this mean that users can (maybe theoretically?) force the rule to not use service.name and service.environment as grouping keys?

[benakansara]

No. This check is to support existing rules when upgrading Kibana since groupBy was not present before so it's value will be undefined. If user opens the rule in UI and saves it, this will be updated.

[dgieselaar]

Users can (and do) use the API directly though. I think these kinds of things should ideally be in the server. Part of it in the browser and part of it in the server is a bit risky IMHO. But not a blocker.

[benakansara]

I see, I have updated the code to always include predefined group-by fields.

[benakansara]

@dgieselaar @sqren
I am going to remove error.grouping_name entirely (UI, logic) for now. I will add it back when alert ID part is clear.

update: removed error.grouping_name related functionality

[sorenlouv]

Just a few nits left. LGTM and thanks for all the help!
APM alerting is improving rapidly these days!

[kibana-ci]

💛 Build succeeded, but was flaky

• Buildkite Build
• Commit: 1b1cbe6

Failed CI Steps

• FTR Configs #49
• FTR Configs #57

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id	before	after	diff
apm	1322	1323	+1

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id	before	after	diff
apm	3.5MB	3.5MB	+4.8KB

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id	before	after	diff
apm	32.3KB	32.3KB	+10.0B

Unknown metric groups

ESLint disabled line counts

id	before	after	diff
enterpriseSearch	17	19	+2
securitySolution	395	398	+3
total			+5

Total ESLint disabled count

id	before	after	diff
enterpriseSearch	18	20	+2
securitySolution	475	478	+3
total			+5

History

• 💔 Build #122830 failed 48a22c5
• 💚 Build #122703 succeeded b7badaa
• 💚 Build #122604 succeeded c126029
• 💔 Build #122532 failed 5fd7ae4
• 💔 Build #122485 failed 6c553d4

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @benakansara

[sorenlouv]

nit: with lodash this can be simplified like:

      const allGroupbyFields = union(predefinedGroupBy, ruleParams.groupBy)

(also: there is a consistency with "group by". Sometimes it's written as "groupby" other times as "groupBy". I suggest we consistently use the latter.

[benakansara]

I will address this in a new PR.