Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add intended timestamp #191717

Merged
merged 12 commits into from
Sep 9, 2024
Merged

Add intended timestamp #191717

merged 12 commits into from
Sep 9, 2024

Conversation

nkhristinin
Copy link
Contributor

@nkhristinin nkhristinin commented Aug 29, 2024
edited
Loading

Add new field to alert

Add optional kibana.alert.intended_timestamp. For scheduled rules it has the same values as ALERT_RULE_EXECUTION_TIMESTAMP (kibana.alert.rule.execution.timestamp)

for manual rule runs (backfill) it - will get the startedAtOverridden

For example if i have event at 14:30

And if we run manual rule run from 14:00-15:00, then alert will have kibana.alert.intended_timestamp at 15:00

@nkhristinin
Copy link
Contributor Author

/ci

@nkhristinin
Copy link
Contributor Author

/ci

@nkhristinin
Copy link
Contributor Author

/ci

@nkhristinin
Copy link
Contributor Author

/ci

2 similar comments
@nkhristinin
Copy link
Contributor Author

/ci

@nkhristinin
Copy link
Contributor Author

/ci

@nkhristinin
Copy link
Contributor Author

@elasticmachine merge upstream

@nkhristinin
Copy link
Contributor Author

/ci

@nkhristinin nkhristinin marked this pull request as ready for review September 2, 2024 10:44
@nkhristinin nkhristinin requested review from a team as code owners September 2, 2024 10:44
@nkhristinin nkhristinin added the release_note:skip Skip the PR/issue when compiling release notes label Sep 2, 2024
@nkhristinin nkhristinin marked this pull request as draft September 3, 2024 12:36
@nkhristinin nkhristinin marked this pull request as ready for review September 3, 2024 14:39
dominiqueclarke
dominiqueclarke approved these changes Sep 3, 2024
View reviewed changes
Copy link
Contributor

@dominiqueclarke dominiqueclarke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

obs-ux-management change LGTM

ymao1
ymao1 approved these changes Sep 4, 2024
View reviewed changes
Copy link
Contributor

@ymao1 ymao1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

response ops changes LGTM

@nkhristinin
Copy link
Contributor Author

@elasticmachine merge upstream

rylnd
rylnd approved these changes Sep 6, 2024
View reviewed changes
Copy link
Contributor

@rylnd rylnd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me! I just had one followup question about processes related to new field additions. Thanks Nikita!

...n_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/indicator_match.ts
@@ -153,6 +153,7 @@ function alertsAreTheSame(alertsA: any[], alertsB: any[]): void {
'kibana.alert.rule.uuid',
'kibana.alert.rule.execution.uuid',
'kibana.alert.rule.execution.timestamp',
'kibana.alert.intended_timestamp',
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice job adding these "omission" entries where necessary. Is this something that you just knew to do, or do we have some kind of documentation pointing developers to these blocklists when new fields are added?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I mostly follow the recent kibana.alert.rule.execution.timestamp changes, didn't see any docs

@nkhristinin
Copy link
Contributor Author

@elasticmachine merge upstream

@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id before after diff
@kbn/rule-data-utils 125 126 +1

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
investigateApp 346.3KB 346.4KB +70.0B
observability 463.2KB 463.2KB +41.0B
securitySolution 19.7MB 19.7MB +267.0B
slo 852.1KB 852.2KB +41.0B
synthetics 964.1KB 964.1KB +42.0B
total +461.0B

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
observability 102.6KB 102.6KB +62.0B
slo 24.7KB 24.7KB +62.0B
synthetics 36.8KB 36.9KB +62.0B
total +186.0B
Unknown metric groups

API count

id before after diff
@kbn/rule-data-utils 128 129 +1

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@nkhristinin nkhristinin merged commit af399c1 into elastic:main Sep 9, 2024
37 checks passed
@kibanamachine kibanamachine added v8.16.0 backport:skip This commit does not require backporting labels Sep 9, 2024
@szaffarano szaffarano mentioned this pull request Sep 13, 2024
Merged
1 task
gergoabraham pushed a commit to gergoabraham/kibana that referenced this pull request Sep 13, 2024
@nkhristinin @elasticmachine @gergoabraham
Add intended timestamp (elastic#191717)
5aff918 
## Add new field to alert


Add optional `kibana.alert.intended_timestamp`. For scheduled rules it
has the same values as ALERT_RULE_EXECUTION_TIMESTAMP
(`kibana.alert.rule.execution.timestamp`)

for manual rule runs (backfill) it - will get the startedAtOverridden 

For example if i have event at 14:30

And if we run manual rule run from 14:00-15:00, then alert will have
`kibana.alert.intended_timestamp` at 15:00

---------

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
@nastasha-solomon nastasha-solomon mentioned this pull request Sep 18, 2024
Closed
15 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rylnd rylnd rylnd approved these changes

@dominiqueclarke dominiqueclarke dominiqueclarke approved these changes

@ymao1 ymao1 ymao1 approved these changes

Assignees
No one assigned
Labels
backport:skip This commit does not require backporting release_note:skip Skip the PR/issue when compiling release notes v8.16.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@nkhristinin @kibana-ci @rylnd @dominiqueclarke @ymao1 @kibanamachine @elasticmachine