Skip to content

[Response Ops] API to retrieve execution log entries from event log.#127339

Merged
ymao1 merged 68 commits intoelastic:mainfrom
ymao1:alerting/execution-log-api
Mar 18, 2022
Merged

[Response Ops] API to retrieve execution log entries from event log.#127339
ymao1 merged 68 commits intoelastic:mainfrom
ymao1:alerting/execution-log-api

Conversation

@ymao1
Copy link
Contributor

@ymao1 ymao1 commented Mar 9, 2022
edited
Loading

Resolves #126837

Summary

Adds new HTTP API to retrieve execution log information.

To Verify

  • Create a rule and let it run.
  • Navigate to https://localhost:5601/internal/alerting/rule/<rule_id>/_execution_log?date_start=<ISO date string> and see entries for the execution log. Only date_start query parameter is required, all others have default values. Defaults to sorting by descending timestamp order with 10 results per page.
  • Try passing in other query params like sort, page, and per page.
  • Response should look like this:
{
      total: 374,
      data: [
        {
          id: '6705da7d-2635-499d-a6a8-1aee1ae1eac9',
          timestamp: '2022-03-07T15:38:32.617Z',
          duration_ms: 1056,
          status: 'success',
          message:
            "rule executed: example.always-firing:a348a740-9e2c-11ec-bd64-774ed95c43ef: 'test rule'",
          num_active_alerts: 5,
          num_new_alerts: 5,
          num_recovered_alerts: 0,
          num_triggered_actions: 5,
          num_succeeded_actions: 5,
          num_errored_actions: 0,
          total_search_duration_ms: 0,
          es_search_duration_ms: 0,
          timed_out: false,
          schedule_delay_ms: 3393,
        },
        {
          id: '41b2755e-765a-4044-9745-b03875d5e79a',
          timestamp: '2022-03-07T15:39:05.604Z',
          duration_ms: 1165,
          status: 'success',
          message:
            "rule executed: example.always-firing:a348a740-9e2c-11ec-bd64-774ed95c43ef: 'test rule'",
          num_active_alerts: 5,
          num_new_alerts: 5,
          num_recovered_alerts: 5,
          num_triggered_actions: 5,
          num_succeeded_actions: 5,
          num_errored_actions: 0,
          total_search_duration_ms: 0,
          es_search_duration_ms: 0,
          timed_out: false,
          schedule_delay_ms: 3456,
        },
      ],
    }

Checklist

ymao1 and others added 30 commits March 4, 2022 13:26
@ymao1
wip
bab6494
@ymao1
wip
037d7d4
@ymao1
Merge branch 'main' of https://github.com/elastic/kibana into alertin…
188043d 
…g/event-log-aggregate
@ymao1
Reverting changes not related to event log aggregation
939340e
@ymao1
Reverting changes not related to event log aggregation
40a93a4
@ymao1
Updating event log client find to take array of sort options
c40c902
@ymao1
Merge branch 'main' of https://github.com/elastic/kibana into alertin…
4ffccb6 
…g/event-log-aggregate
@ymao1
Merge branch 'main' of https://github.com/elastic/kibana into alertin…
d2de541 
…g/event-log-aggregate
@ymao1
Updating tests and adding basic aggregation function
1b13695
@ymao1
Adding tests
9d6e606
@ymao1
Fixing functional test
63e8ebf
@ymao1
Merge branch 'main' of https://github.com/elastic/kibana into alertin…
86d8812 
…g/event-log-aggregate
@ymao1
Fixing functional test
c22c460
@ymao1
Revert "Reverting changes not related to event log aggregation"
6c87182 
This reverts commit 939340e.
@ymao1
Revert "Reverting changes not related to event log aggregation"
2f8a87c 
This reverts commit 40a93a4.
@ymao1
Getting aggregation and parsing aggregation results
a03ce1d
@ymao1
Cleanup
08d52ca
@ymao1
Changing api to internal
bf45ff2
@ymao1
Fixing types
f68a469
@ymao1
Merge branch 'main' of https://github.com/elastic/kibana into alertin…
e13ed64 
…g/event-log-aggregate
@ymao1
Merge branch 'alerting/event-log-aggregate' into alerting/execution-l…
85dd7f2 
…og-api
@kibanamachine
Merge branch 'main' into alerting/event-log-aggregate
386203a
@ymao1
PR feedback
45ea81c
@ymao1
Merge branch 'main' of https://github.com/elastic/kibana into alertin…
5709f0c 
…g/event-log-aggregate
@ymao1
Merge branch 'alerting/event-log-aggregate' of https://github.com/yma…
04b68d4 
…o1/kibana into alerting/event-log-aggregate
@kibanamachine
Merge branch 'main' into alerting/event-log-aggregate
cb88e34
@ymao1
Merge branch 'alerting/event-log-aggregate' into alerting/execution-l…
904d63c 
…og-api
@kibanamachine
Merge branch 'main' into alerting/event-log-aggregate
677b0d2
@ymao1
omg types
ec23e2c
@ymao1
types and optional accessors
95b3fdf
mikecote
mikecote approved these changes Mar 17, 2022
View reviewed changes
Copy link
Contributor

@mikecote mikecote left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes LGTM! Pulled down locally and saw the API return logs for a given rule 👍

@ymao1
Copy link
Contributor Author

ymao1 commented Mar 17, 2022

@elasticmachine merge upstream

spong
spong approved these changes Mar 18, 2022
View reviewed changes
Copy link
Member

@spong spong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fantastic @ymao1! 🙌 Thanks for all the collab here and helping nail down the queries -- really appreciate it! And of course thank you for getting the initial agg work into the event-log client as well too! LGTM! 🙂 🚀

@ymao1
Copy link
Contributor Author

ymao1 commented Mar 18, 2022

@elasticmachine merge upstream

@ymao1 ymao1 enabled auto-merge (squash) March 18, 2022 13:38
@ymao1
Copy link
Contributor Author

ymao1 commented Mar 18, 2022

@elasticmachine merge upstream

@ymao1 ymao1 disabled auto-merge March 18, 2022 18:24
@ymao1
Copy link
Contributor Author

ymao1 commented Mar 18, 2022

@elasticmachine merge upstream

@kibana-ci
Copy link

kibana-ci commented Mar 18, 2022

💚 Build Succeeded

Metrics [docs]

Public APIs missing exports

Total count of every type that is part of your API that should be exported but is not. This will cause broken links in the API documentation system. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats exports for more detailed information.

id before after diff
alerting 18 20 +2

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @ymao1

@ymao1 ymao1 merged commit 5435cf9 into elastic:main Mar 18, 2022
@ymao1 ymao1 deleted the alerting/execution-log-api branch March 18, 2022 22:38
@ymao1 ymao1 mentioned this pull request Mar 24, 2022
Merged
This was referenced Mar 29, 2022
Closed
Merged
@tylersmalley tylersmalley added ci:cloud-deploy Create or update a Cloud deployment and removed ci:deploy-cloud labels Aug 17, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mikecote mikecote mikecote approved these changes

@XavierM XavierM XavierM approved these changes

@spong spong spong approved these changes

@JiaweiWu JiaweiWu Awaiting requested review from JiaweiWu

+1 more reviewer

@jportner jportner jportner approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@ymao1 ymao1

Labels

backport:skip This PR does not require backporting ci:cloud-deploy Create or update a Cloud deployment Feature:Alerting/RulesManagement Issues related to the Rules Management UX release_note:skip Skip the PR/issue when compiling release notes Team:ResponseOps Platform ResponseOps team (formerly the Cases and Alerting teams) t// v8.2.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Response Ops] API for Execution History Summary

10 participants

@ymao1 @elasticmachine @kibana-ci @XavierM @spong @mikecote @jportner @tylersmalley @gmmorris @kibanamachine