Convert event log's duration from number to string in Kibana (keep as "long" in Elasticsearch)#130819
Merged
mikecote merged 13 commits intoelastic:mainfrom May 3, 2022
Merged
Convert event log's duration from number to string in Kibana (keep as "long" in Elasticsearch)#130819mikecote merged 13 commits intoelastic:mainfrom
mikecote merged 13 commits intoelastic:mainfrom
Conversation
mikecote
added
release_note:skip
Contributor
|
Pinging @elastic/response-ops (Team:ResponseOps) |
ymao1
reviewed
Apr 27, 2022
Contributor
Author
|
@elasticmachine merge upstream |
ersin-erdal
reviewed
Apr 29, 2022
ymao1
reviewed
Apr 29, 2022
ymao1
reviewed
Apr 29, 2022
Contributor
Author
|
@elasticmachine merge upstream |
💚 Build SucceededMetrics [docs]Public APIs missing comments
History
To update your PR or re-run it, just comment with: cc @mikecote |
academo
added a commit
that referenced
this pull request
May 5, 2022
* Add severity field to create API and migration * Adds integration test for severity field migration * remove exclusive test * Change severity levels * Update integration tests for post case * Add more integration tests * Fix all cases list test * Fix some server test * Fix util server test * Fix client util test * Convert event log's duration from number to string in Kibana (keep as "long" in Elasticsearch) (#130819) * Convert event.duration to string in TypeScript, keep as long in Elasticsearch * Fix jest test * Fix functional tests * Add ecsStringOrNumber to event log schema * Fix jest test * Add utility functions to event log plugin * Use new event log utility functions * PR fixes Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> * filter o11y rule aggregations (#131301) * [Cloud Posture] Display and save rules per benchmark (#131412) * Adding aria-label for discover data grid select document checkbox (#131277) * Update API docs (#130999) Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> * [CI] Use GCS buckets for bazel remote caching (#131345) * [Actionable Observability] Add license modal to rules table (#131232) * Add fix license link * fix localization * fix CI error * fix more translation issues Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> * [RAM] Add shareable rule status filter (#130705) * rule state filter * turn off experiment * [CI] Auto-commit changed files from 'node scripts/eslint --no-cache --fix' * Status filter API call * Fix tests * rename state to status, added tests * Address comments and fix tests * Revert experiment flag * Remove unused translations * Addressed comments Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> * [storybook] Watch for changes in packages (#131467) * [storybook] Watch for changes in packages * Update default_config.ts * Improve saved objects migrations failure errors and logs (#131359) * [Unified observability] Add tour step to guided setup (#131149) * [Lens] Improved interval input (#131372) * [Vega] Adjust vega doc for usage of ems files (#130948) * adjust vega doc * Update docs/user/dashboard/vega-reference.asciidoc Co-authored-by: Nick Peihl <nickpeihl@gmail.com> * Update docs/user/dashboard/vega-reference.asciidoc Co-authored-by: Nick Peihl <nickpeihl@gmail.com> * Update docs/user/dashboard/vega-reference.asciidoc Co-authored-by: Nick Peihl <nickpeihl@gmail.com> * Update docs/user/dashboard/vega-reference.asciidoc Co-authored-by: Nick Peihl <nickpeihl@gmail.com> * Update docs/user/dashboard/vega-reference.asciidoc Co-authored-by: Nick Peihl <nickpeihl@gmail.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Nick Peihl <nickpeihl@gmail.com> * Excess intersections * Create severity user action * Add severity to create_case user action * Fix and add integration tests * Minor improvements Co-authored-by: Mike Côté <mikecote@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: mgiota <panagiota.mitsopoulou@elastic.co> Co-authored-by: Jordan <51442161+JordanSh@users.noreply.github.com> Co-authored-by: Bhavya RM <bhavya@elastic.co> Co-authored-by: Thomas Neirynck <thomas@elastic.co> Co-authored-by: Brian Seeders <brian.seeders@elastic.co> Co-authored-by: Jiawei Wu <74562234+JiaweiWu@users.noreply.github.com> Co-authored-by: Clint Andrew Hall <clint.hall@elastic.co> Co-authored-by: Christiane (Tina) Heiligers <christiane.heiligers@elastic.co> Co-authored-by: Alejandro Fernández Gómez <alejandro.fernandez@elastic.co> Co-authored-by: Joe Reuter <johannes.reuter@elastic.co> Co-authored-by: Nick Peihl <nickpeihl@gmail.com> Co-authored-by: Christos Nasikas <christos.nasikas@elastic.co>
kertal
pushed a commit
to kertal/kibana
that referenced
this pull request
May 24, 2022
… "long" in Elasticsearch) (elastic#130819) * Convert event.duration to string in TypeScript, keep as long in Elasticsearch * Fix jest test * Fix functional tests * Add ecsStringOrNumber to event log schema * Fix jest test * Add utility functions to event log plugin * Use new event log utility functions * PR fixes Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
kertal
pushed a commit
to kertal/kibana
that referenced
this pull request
May 24, 2022
* Add severity field to create API and migration * Adds integration test for severity field migration * remove exclusive test * Change severity levels * Update integration tests for post case * Add more integration tests * Fix all cases list test * Fix some server test * Fix util server test * Fix client util test * Convert event log's duration from number to string in Kibana (keep as "long" in Elasticsearch) (elastic#130819) * Convert event.duration to string in TypeScript, keep as long in Elasticsearch * Fix jest test * Fix functional tests * Add ecsStringOrNumber to event log schema * Fix jest test * Add utility functions to event log plugin * Use new event log utility functions * PR fixes Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> * filter o11y rule aggregations (elastic#131301) * [Cloud Posture] Display and save rules per benchmark (elastic#131412) * Adding aria-label for discover data grid select document checkbox (elastic#131277) * Update API docs (elastic#130999) Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> * [CI] Use GCS buckets for bazel remote caching (elastic#131345) * [Actionable Observability] Add license modal to rules table (elastic#131232) * Add fix license link * fix localization * fix CI error * fix more translation issues Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> * [RAM] Add shareable rule status filter (elastic#130705) * rule state filter * turn off experiment * [CI] Auto-commit changed files from 'node scripts/eslint --no-cache --fix' * Status filter API call * Fix tests * rename state to status, added tests * Address comments and fix tests * Revert experiment flag * Remove unused translations * Addressed comments Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> * [storybook] Watch for changes in packages (elastic#131467) * [storybook] Watch for changes in packages * Update default_config.ts * Improve saved objects migrations failure errors and logs (elastic#131359) * [Unified observability] Add tour step to guided setup (elastic#131149) * [Lens] Improved interval input (elastic#131372) * [Vega] Adjust vega doc for usage of ems files (elastic#130948) * adjust vega doc * Update docs/user/dashboard/vega-reference.asciidoc Co-authored-by: Nick Peihl <nickpeihl@gmail.com> * Update docs/user/dashboard/vega-reference.asciidoc Co-authored-by: Nick Peihl <nickpeihl@gmail.com> * Update docs/user/dashboard/vega-reference.asciidoc Co-authored-by: Nick Peihl <nickpeihl@gmail.com> * Update docs/user/dashboard/vega-reference.asciidoc Co-authored-by: Nick Peihl <nickpeihl@gmail.com> * Update docs/user/dashboard/vega-reference.asciidoc Co-authored-by: Nick Peihl <nickpeihl@gmail.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Nick Peihl <nickpeihl@gmail.com> * Excess intersections * Create severity user action * Add severity to create_case user action * Fix and add integration tests * Minor improvements Co-authored-by: Mike Côté <mikecote@users.noreply.github.com> Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: mgiota <panagiota.mitsopoulou@elastic.co> Co-authored-by: Jordan <51442161+JordanSh@users.noreply.github.com> Co-authored-by: Bhavya RM <bhavya@elastic.co> Co-authored-by: Thomas Neirynck <thomas@elastic.co> Co-authored-by: Brian Seeders <brian.seeders@elastic.co> Co-authored-by: Jiawei Wu <74562234+JiaweiWu@users.noreply.github.com> Co-authored-by: Clint Andrew Hall <clint.hall@elastic.co> Co-authored-by: Christiane (Tina) Heiligers <christiane.heiligers@elastic.co> Co-authored-by: Alejandro Fernández Gómez <alejandro.fernandez@elastic.co> Co-authored-by: Joe Reuter <johannes.reuter@elastic.co> Co-authored-by: Nick Peihl <nickpeihl@gmail.com> Co-authored-by: Christos Nasikas <christos.nasikas@elastic.co>
mikecote
added a commit
that referenced
this pull request
Nov 10, 2022
…eep as "long" in Elasticsearch) (#144837) Fixes #143562. Backport of #130819 to `7.x`. ## Steps to verify 1. Fake alert event log durations to be 1 year by changing the following code >https://github.com/elastic/kibana/pull/144837/files#diff-27ff694dc534e9e509d43b00c563eabada722db2371c9bcf016ff3c8b929c5fbR706 >const duration = millisToNanos(31556926000); 2. Create a rule that creates an alert consistently (ex: index threshold) 3. Let the rule run a few times 4. See event log now capturing long durations successfully >curl -XGET 'https://elastic:changeme@localhost:9200/.kibana-event-log*/_search?pretty' -k Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #127802
In this PR, I'm making
event.durationa string in the TypeScript definition while keeping it alongwithin Elasticsearch. This forces Kibana to work with these values as strings / BigInt while letting Elasticsearch properly parse it and store it as a number. The aggregations onevent.durationstill return number values after this change.The event log HTTP APIs will return a string for
event.durationbut these APIs are only used by the functional test and have been fixed accordingly. The event logfindEventsBySavedObjectIdsAPI has type safety and has been fixed accordingly.