From dc16d40c5397d4b45d5e9b178470e85d0aaa92f6 Mon Sep 17 00:00:00 2001 From: Ersin Erdal <92688503+ersin-erdal@users.noreply.github.com> Date: Tue, 21 Feb 2023 16:25:09 +0100 Subject: [PATCH] Add date_nanos support to Time field (#151374) Fixes: #145855 `Time field` in rule update/create forms shows only the fields with `date` data type. This PR adds `date_nanos` type as well. ## To verify: - Create an index that has fields with `date` and `date_nanos` types. ``` PUT test-index-date { "mappings": { "properties": { "date": { "type": "date" }, "timestamp": { "type": "date_nanos" } } } } ``` - Add data with `date` and `date_nanos` data types Note: You can use https://www.site24x7.com/tools/time-stamp-converter.html address to generate date_nanos timestamps with a date you desired. ``` PUT test-index-date/_bulk?refresh { "index" : { "_id" : "1" } } { "date": "2023-02-15T18:00:00.000Z", "timestamp": 1676480400000} { "index" : { "_id" : "2" } } { "date": "2023-02-15T18:00:00.000Z", "timestamp": 1676480400000 } ``` - Open a Rule create form and select `Elasticsearch query` - Select `Query DSL` - Click on `select an index` - Type the above index name (test-index-date) in `Indices to query` input - Select `timestamp` from time field - Click on `Test Query` button and expect to see `Query matched 2 documents in the last 5m.` (cherry picked from commit 58204cf2a0fd2b921d5f5c3e138b725bce1c5229) --- .../common/build_sorted_events_query.test.ts | 7 +++++++ .../stack_alerts/common/build_sorted_events_query.ts | 1 + .../rule_types/es_query/lib/fetch_es_query.test.ts | 4 ++++ .../rule_types/es_query/lib/fetch_search_source_query.ts | 9 ++++++++- .../public/common/lib/get_time_options.test.ts | 6 +++++- .../public/common/lib/get_time_options.ts | 2 +- 6 files changed, 26 insertions(+), 3 deletions(-) diff --git a/x-pack/plugins/stack_alerts/common/build_sorted_events_query.test.ts b/x-pack/plugins/stack_alerts/common/build_sorted_events_query.test.ts index bac84bd4a4b28..8e53736b23963 100644 --- a/x-pack/plugins/stack_alerts/common/build_sorted_events_query.test.ts +++ b/x-pack/plugins/stack_alerts/common/build_sorted_events_query.test.ts @@ -63,6 +63,7 @@ describe('buildSortedEventsQuery', () => { sort: [ { timefield: { + format: 'strict_date_optional_time||epoch_millis', order: 'asc', }, }, @@ -111,6 +112,7 @@ describe('buildSortedEventsQuery', () => { sort: [ { timefield: { + format: 'strict_date_optional_time||epoch_millis', order: 'asc', }, }, @@ -160,6 +162,7 @@ describe('buildSortedEventsQuery', () => { sort: [ { timefield: { + format: 'strict_date_optional_time||epoch_millis', order: 'asc', }, }, @@ -210,6 +213,7 @@ describe('buildSortedEventsQuery', () => { sort: [ { timefield: { + format: 'strict_date_optional_time||epoch_millis', order: 'asc', }, }, @@ -272,6 +276,7 @@ describe('buildSortedEventsQuery', () => { sort: [ { timefield: { + format: 'strict_date_optional_time||epoch_millis', order: 'asc', }, }, @@ -320,6 +325,7 @@ describe('buildSortedEventsQuery', () => { sort: [ { timefield: { + format: 'strict_date_optional_time||epoch_millis', order: 'desc', }, }, @@ -368,6 +374,7 @@ describe('buildSortedEventsQuery', () => { sort: [ { timefield: { + format: 'strict_date_optional_time||epoch_millis', order: 'asc', }, }, diff --git a/x-pack/plugins/stack_alerts/common/build_sorted_events_query.ts b/x-pack/plugins/stack_alerts/common/build_sorted_events_query.ts index 7b92374b8fb33..5253fb8eb74ee 100644 --- a/x-pack/plugins/stack_alerts/common/build_sorted_events_query.ts +++ b/x-pack/plugins/stack_alerts/common/build_sorted_events_query.ts @@ -80,6 +80,7 @@ export const buildSortedEventsQuery = ({ { [sortField]: { order: sortOrder ?? 'asc', + format: 'strict_date_optional_time||epoch_millis', }, }, ], diff --git a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_es_query.test.ts b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_es_query.test.ts index 10e8278f1976a..193f559ce2d62 100644 --- a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_es_query.test.ts +++ b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_es_query.test.ts @@ -130,6 +130,7 @@ describe('fetchEsQuery', () => { sort: [ { '@timestamp': { + format: 'strict_date_optional_time||epoch_millis', order: 'desc', }, }, @@ -194,6 +195,7 @@ describe('fetchEsQuery', () => { sort: [ { '@timestamp': { + format: 'strict_date_optional_time||epoch_millis', order: 'desc', }, }, @@ -258,6 +260,7 @@ describe('fetchEsQuery', () => { sort: [ { '@timestamp': { + format: 'strict_date_optional_time||epoch_millis', order: 'desc', }, }, @@ -349,6 +352,7 @@ describe('fetchEsQuery', () => { sort: [ { '@timestamp': { + format: 'strict_date_optional_time||epoch_millis', order: 'desc', }, }, diff --git a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_search_source_query.ts b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_search_source_query.ts index 13f4a49796b6d..e033f9c6ef4a8 100644 --- a/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_search_source_query.ts +++ b/x-pack/plugins/stack_alerts/server/rule_types/es_query/lib/fetch_search_source_query.ts @@ -129,7 +129,14 @@ export function updateSearchSource( const searchSourceChild = searchSource.createChild(); searchSourceChild.setField('filter', filters as Filter[]); - searchSourceChild.setField('sort', [{ [timeFieldName]: SortDirection.desc }]); + searchSourceChild.setField('sort', [ + { + [timeFieldName]: { + order: SortDirection.desc, + format: 'strict_date_optional_time||epoch_millis', + }, + }, + ]); searchSourceChild.setField( 'aggs', buildAggregation({ diff --git a/x-pack/plugins/triggers_actions_ui/public/common/lib/get_time_options.test.ts b/x-pack/plugins/triggers_actions_ui/public/common/lib/get_time_options.test.ts index 684253c5acdf5..83d6515bf7831 100644 --- a/x-pack/plugins/triggers_actions_ui/public/common/lib/get_time_options.test.ts +++ b/x-pack/plugins/triggers_actions_ui/public/common/lib/get_time_options.test.ts @@ -31,8 +31,12 @@ describe('get_time_options', () => { test('if getTimeFieldOptions return only date type fields', () => { const timeOnlyTypeFields = getTimeFieldOptions([ { type: 'date', name: 'order_date' }, + { type: 'date_nanos', name: 'order_date_nanos' }, { type: 'number', name: 'sum' }, ]); - expect(timeOnlyTypeFields).toMatchObject([{ text: 'order_date', value: 'order_date' }]); + expect(timeOnlyTypeFields).toMatchObject([ + { text: 'order_date', value: 'order_date' }, + { text: 'order_date_nanos', value: 'order_date_nanos' }, + ]); }); }); diff --git a/x-pack/plugins/triggers_actions_ui/public/common/lib/get_time_options.ts b/x-pack/plugins/triggers_actions_ui/public/common/lib/get_time_options.ts index 16a7a8db61301..c20a2385c12c9 100644 --- a/x-pack/plugins/triggers_actions_ui/public/common/lib/get_time_options.ts +++ b/x-pack/plugins/triggers_actions_ui/public/common/lib/get_time_options.ts @@ -27,7 +27,7 @@ export const getTimeFieldOptions = ( const options: TimeFieldOptions[] = []; fields.forEach((field: { type: string; name: string }) => { - if (field.type === 'date') { + if (field.type === 'date' || field.type === 'date_nanos') { options.push({ text: field.name, value: field.name,