New artifacts schema in the rule creation/update/find#216292
Merged
mgiota merged 103 commits intoelastic:mainfrom Apr 22, 2025
Merged
New artifacts schema in the rule creation/update/find#216292mgiota merged 103 commits intoelastic:mainfrom
mgiota merged 103 commits intoelastic:mainfrom
Conversation
mgiota
force-pushed
the
artifacts_dashboard_schema
branch
3 times, most recently
from
e89c084 to
a74f58b
Compare
mgiota
force-pushed
the
artifacts_dashboard_schema
branch
from
a74f58b to
14d7073
Compare
mgiota
force-pushed
the
artifacts_dashboard_schema
branch
from
e7ec4c9 to
2416e0f
Compare
mgiota
commented
Mar 31, 2025
|
|
||
| export const dashboardSchema = schema.arrayOf(schema.object({ id: schema.string() })); | ||
|
|
||
| export const artifactSchema = schema.object({ |
Contributor
Author
There was a problem hiding this comment.
Same schema is defined in server/application/rule/schemas/rule_schemas . Is there any reason why we have the schemas duplicated in these two files? I checked existing schemas and they are duplicated in these 2 files, x-pack/platform/plugins/shared/alerting/common/routes/rule/response/schemas/v1.ts and x-pack/platform/plugins/shared/alerting/server/application/rule/schemas/rule_schemas.ts
Can I reuse the schemas from common folder?
Member
There was a problem hiding this comment.
The schemas in the common/routes folder are for the routes, and the schemas in server/application/ are for the rule client. Even if they are the same, they may diverge in the future. Routes can evolve differently from the rule client to avoid breaking changes, for example. I would say not to use common/routes schemas in the rule client and duplicate the types as you did.
mgiota
force-pushed
the
artifacts_dashboard_schema
branch
from
60c8531 to
186d1d6
Compare
…refs back to dashboard ids)
Contributor
Author
|
@elasticmachine merge upstream |
mgiota
changed the title
…t --include-path /api/status --include-path /api/alerting/rule/ --include-path /api/alerting/rules --include-path /api/actions --include-path /api/security/role --include-path /api/spaces --include-path /api/streams --include-path /api/fleet --include-path /api/dashboards --update'
… src/core/server/integration_tests/ci_checks'
Contributor
Author
|
@elasticmachine merge upstream |
mgiota
added
backport:version
Contributor
|
Starting backport for target branches: 8.19 https://github.com/elastic/kibana/actions/runs/14612794479 |
Contributor
💔 All backports failed
Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
Contributor
Author
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
mgiota
added a commit
to mgiota/kibana
that referenced
this pull request
Apr 23, 2025
We want to add a new `root-level` key in the rule called `artifacts`.
The new key will be added to the `create`, `update` and `find` Rule apis
and will contain `dashboards` and `investigation_guide`. This PR handles
only the addition of dashboards.
```
artifacts: {
dasboards: Array<{ id: string }]>;
}
```
<img width="1265" alt="Screenshot 2025-04-02 at 12 35 00"
src="https://github.com/user-attachments/assets/51783fd5-f63e-4a2e-80b0-7a724675c11c"
/>
This PR includes only backend changes to the Rule APIs. In order to test
you can use Kibana > Dev Tools.
```
POST kbn:/api/alerting/rule
{
"name": "TEST RULE",
"params": {
"criteria": [
{
"comparator": ">",
"metrics": [
{
"name": "A",
"aggType": "count"
}
],
"threshold": [
3
],
"timeSize": 1,
"timeUnit": "m"
}
],
"alertOnNoData": false,
"alertOnGroupDisappear": false,
"searchConfiguration": {
"query": {
"query": "",
"language": "kuery"
},
"index": "e7744dbe-a7a4-457b-83aa-539e9c88764c"
}
},
"rule_type_id": "observability.rules.custom_threshold",
"consumer": "logs",
"schedule": {
"interval": "1m"
},
"artifacts": {
"dashboards": [
{ "id":"1" }
]
}
}
```
The artifacts shouldn't be returned in the rule response. The new
dashboard artifacts should be saved in the Rules SO. You can check it
directly under `Kibana > Stack Management > Saved Objects`. You should
verify a new `artifacts` entry is added in the rules SO:
```
"artifacts": {
"dashboards": [
{
"refId": "dashboard_0"
}
]
},
```
Also the new dashboard should be added into the references array:
```
"references": [
..
{
"id": "1",
"name": "dashboard_0",
"type": "dashboard"
}
],
```
```
PUT kbn:/api/alerting/rule/{RULE_ID}
{
"name": "TEST RULE",
"schedule": {
"interval": "1m"
},
"params": {
"criteria": [
{
"comparator": ">",
"metrics": [
{
"name": "A",
"aggType": "count"
}
],
"threshold": [
3
],
"timeSize": 1,
"timeUnit": "m"
}
],
"alertOnNoData": false,
"alertOnGroupDisappear": false,
"searchConfiguration": {
"query": {
"query": "",
"language": "kuery"
},
"index": "e7744dbe-a7a4-457b-83aa-539e9c88764c"
}
},
"artifacts": {
"dashboards": [{"id": "2"}, {"id": "1"}]
}
}
```
The artifacts shouldn't be returned in the rule response. The updated
artifacts should be saved in the Rules SO. You can check it directly
under `Kibana > Stack Management > Saved Objects`. You should verify the
updated dashboards list is correct.
```
GET kbn:/api/alerting/rules/_find?search="TEST RULE"
```
The artifacts shouldn't be returned in the rule response. Only the
internal Find API returns the artifacts.
```
POST kbn:/internal/alerting/rules/_find
{
"search": "TEST RULE"
}
```
- The dashboard IDs should be saved as `references in the Rule SO
- The Rule APIs will not return the artifacts
- Only the `internal Find API` used by the UI will return the artifacts
- Integrations and unit tests should be added
---------
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Justin Kambic <jk@elastic.co>
Co-authored-by: Christos Nasikas <xristosnasikas@gmail.com>
(cherry picked from commit 09740a6)
mgiota
added a commit
that referenced
this pull request
Apr 23, 2025
#218920) # Backport This will backport the following commits from `main` to `8.19`: - [New artifacts schema in the rule creation/update/find (#216292)](#216292) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Panagiota Mitsopoulou","email":"panagiota.mitsopoulou@elastic.co"},"sourceCommit":{"committedDate":"2025-04-22T21:20:49Z","message":"New artifacts schema in the rule creation/update/find (#216292)\n\n## 🗒️ Summary\nWe want to add a new `root-level` key in the rule called `artifacts`.\nThe new key will be added to the `create`, `update` and `find` Rule apis\nand will contain `dashboards` and `investigation_guide`. This PR handles\nonly the addition of dashboards.\n \n```\nartifacts: {\n dasboards: Array<{ id: string }]>;\n}\n```\n\n## Architecture diagram\n<img width=\"1265\" alt=\"Screenshot 2025-04-02 at 12 35 00\"\nsrc=\"https://github.com/user-attachments/assets/51783fd5-f63e-4a2e-80b0-7a724675c11c\"\n/>\n\n\n## 🧪 How to test\nThis PR includes only backend changes to the Rule APIs. In order to test\nyou can use Kibana > Dev Tools.\n\n### Create a rule\n\n```\nPOST kbn:/api/alerting/rule\n{\n \"name\": \"TEST RULE\",\n \"params\": {\n \"criteria\": [\n {\n \"comparator\": \">\",\n \"metrics\": [\n {\n \"name\": \"A\",\n \"aggType\": \"count\"\n }\n ],\n \"threshold\": [\n 3\n ],\n \"timeSize\": 1,\n \"timeUnit\": \"m\"\n }\n ],\n \"alertOnNoData\": false,\n \"alertOnGroupDisappear\": false,\n \"searchConfiguration\": {\n \"query\": {\n \"query\": \"\",\n \"language\": \"kuery\"\n },\n \"index\": \"e7744dbe-a7a4-457b-83aa-539e9c88764c\"\n }\n },\n \"rule_type_id\": \"observability.rules.custom_threshold\",\n \"consumer\": \"logs\",\n \"schedule\": {\n \"interval\": \"1m\"\n },\n \"artifacts\": {\n \"dashboards\": [\n { \"id\":\"1\" }\n ]\n }\n}\n```\nThe artifacts shouldn't be returned in the rule response. The new\ndashboard artifacts should be saved in the Rules SO. You can check it\ndirectly under `Kibana > Stack Management > Saved Objects`. You should\nverify a new `artifacts` entry is added in the rules SO:\n\n```\n\"artifacts\": {\n \"dashboards\": [\n {\n \"refId\": \"dashboard_0\"\n }\n ]\n },\n```\n\nAlso the new dashboard should be added into the references array:\n\n```\n\"references\": [\n ..\n {\n \"id\": \"1\",\n \"name\": \"dashboard_0\",\n \"type\": \"dashboard\"\n }\n ],\n```\n\n\n### Update a rule\n\n```\nPUT kbn:/api/alerting/rule/{RULE_ID}\n{\n \"name\": \"TEST RULE\",\n \"schedule\": {\n \"interval\": \"1m\"\n },\n \"params\": {\n \"criteria\": [\n {\n \"comparator\": \">\",\n \"metrics\": [\n {\n \"name\": \"A\",\n \"aggType\": \"count\"\n }\n ],\n \"threshold\": [\n 3\n ],\n \"timeSize\": 1,\n \"timeUnit\": \"m\"\n }\n ],\n \"alertOnNoData\": false,\n \"alertOnGroupDisappear\": false,\n \"searchConfiguration\": {\n \"query\": {\n \"query\": \"\",\n \"language\": \"kuery\"\n },\n \"index\": \"e7744dbe-a7a4-457b-83aa-539e9c88764c\"\n }\n },\n \"artifacts\": {\n \"dashboards\": [{\"id\": \"2\"}, {\"id\": \"1\"}]\n }\n}\n```\nThe artifacts shouldn't be returned in the rule response. The updated\nartifacts should be saved in the Rules SO. You can check it directly\nunder `Kibana > Stack Management > Saved Objects`. You should verify the\nupdated dashboards list is correct.\n\n### Find a rule\n\n```\nGET kbn:/api/alerting/rules/_find?search=\"TEST RULE\"\n\n```\n\nThe artifacts shouldn't be returned in the rule response. Only the\ninternal Find API returns the artifacts.\n\n```\nPOST kbn:/internal/alerting/rules/_find\n{\n \"search\": \"TEST RULE\"\n}\n```\n\n\n## ✔️ Acceptance criteria\n- The dashboard IDs should be saved as `references in the Rule SO\n- The Rule APIs will not return the artifacts\n- Only the `internal Find API` used by the UI will return the artifacts\n- Integrations and unit tests should be added\n\n---------\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Justin Kambic <jk@elastic.co>\nCo-authored-by: Christos Nasikas <xristosnasikas@gmail.com>","sha":"09740a63d14c6448bd948e952e3e70236b3fc634","branchLabelMapping":{"^v9.1.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport:version","v9.1.0","v8.19.0"],"title":"New artifacts schema in the rule creation/update/find","number":216292,"url":"https://github.com/elastic/kibana/pull/216292","mergeCommit":{"message":"New artifacts schema in the rule creation/update/find (#216292)\n\n## 🗒️ Summary\nWe want to add a new `root-level` key in the rule called `artifacts`.\nThe new key will be added to the `create`, `update` and `find` Rule apis\nand will contain `dashboards` and `investigation_guide`. This PR handles\nonly the addition of dashboards.\n \n```\nartifacts: {\n dasboards: Array<{ id: string }]>;\n}\n```\n\n## Architecture diagram\n<img width=\"1265\" alt=\"Screenshot 2025-04-02 at 12 35 00\"\nsrc=\"https://github.com/user-attachments/assets/51783fd5-f63e-4a2e-80b0-7a724675c11c\"\n/>\n\n\n## 🧪 How to test\nThis PR includes only backend changes to the Rule APIs. In order to test\nyou can use Kibana > Dev Tools.\n\n### Create a rule\n\n```\nPOST kbn:/api/alerting/rule\n{\n \"name\": \"TEST RULE\",\n \"params\": {\n \"criteria\": [\n {\n \"comparator\": \">\",\n \"metrics\": [\n {\n \"name\": \"A\",\n \"aggType\": \"count\"\n }\n ],\n \"threshold\": [\n 3\n ],\n \"timeSize\": 1,\n \"timeUnit\": \"m\"\n }\n ],\n \"alertOnNoData\": false,\n \"alertOnGroupDisappear\": false,\n \"searchConfiguration\": {\n \"query\": {\n \"query\": \"\",\n \"language\": \"kuery\"\n },\n \"index\": \"e7744dbe-a7a4-457b-83aa-539e9c88764c\"\n }\n },\n \"rule_type_id\": \"observability.rules.custom_threshold\",\n \"consumer\": \"logs\",\n \"schedule\": {\n \"interval\": \"1m\"\n },\n \"artifacts\": {\n \"dashboards\": [\n { \"id\":\"1\" }\n ]\n }\n}\n```\nThe artifacts shouldn't be returned in the rule response. The new\ndashboard artifacts should be saved in the Rules SO. You can check it\ndirectly under `Kibana > Stack Management > Saved Objects`. You should\nverify a new `artifacts` entry is added in the rules SO:\n\n```\n\"artifacts\": {\n \"dashboards\": [\n {\n \"refId\": \"dashboard_0\"\n }\n ]\n },\n```\n\nAlso the new dashboard should be added into the references array:\n\n```\n\"references\": [\n ..\n {\n \"id\": \"1\",\n \"name\": \"dashboard_0\",\n \"type\": \"dashboard\"\n }\n ],\n```\n\n\n### Update a rule\n\n```\nPUT kbn:/api/alerting/rule/{RULE_ID}\n{\n \"name\": \"TEST RULE\",\n \"schedule\": {\n \"interval\": \"1m\"\n },\n \"params\": {\n \"criteria\": [\n {\n \"comparator\": \">\",\n \"metrics\": [\n {\n \"name\": \"A\",\n \"aggType\": \"count\"\n }\n ],\n \"threshold\": [\n 3\n ],\n \"timeSize\": 1,\n \"timeUnit\": \"m\"\n }\n ],\n \"alertOnNoData\": false,\n \"alertOnGroupDisappear\": false,\n \"searchConfiguration\": {\n \"query\": {\n \"query\": \"\",\n \"language\": \"kuery\"\n },\n \"index\": \"e7744dbe-a7a4-457b-83aa-539e9c88764c\"\n }\n },\n \"artifacts\": {\n \"dashboards\": [{\"id\": \"2\"}, {\"id\": \"1\"}]\n }\n}\n```\nThe artifacts shouldn't be returned in the rule response. The updated\nartifacts should be saved in the Rules SO. You can check it directly\nunder `Kibana > Stack Management > Saved Objects`. You should verify the\nupdated dashboards list is correct.\n\n### Find a rule\n\n```\nGET kbn:/api/alerting/rules/_find?search=\"TEST RULE\"\n\n```\n\nThe artifacts shouldn't be returned in the rule response. Only the\ninternal Find API returns the artifacts.\n\n```\nPOST kbn:/internal/alerting/rules/_find\n{\n \"search\": \"TEST RULE\"\n}\n```\n\n\n## ✔️ Acceptance criteria\n- The dashboard IDs should be saved as `references in the Rule SO\n- The Rule APIs will not return the artifacts\n- Only the `internal Find API` used by the UI will return the artifacts\n- Integrations and unit tests should be added\n\n---------\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Justin Kambic <jk@elastic.co>\nCo-authored-by: Christos Nasikas <xristosnasikas@gmail.com>","sha":"09740a63d14c6448bd948e952e3e70236b3fc634"}},"sourceBranch":"main","suggestedTargetBranches":["8.19"],"targetPullRequestStates":[{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/216292","number":216292,"mergeCommit":{"message":"New artifacts schema in the rule creation/update/find (#216292)\n\n## 🗒️ Summary\nWe want to add a new `root-level` key in the rule called `artifacts`.\nThe new key will be added to the `create`, `update` and `find` Rule apis\nand will contain `dashboards` and `investigation_guide`. This PR handles\nonly the addition of dashboards.\n \n```\nartifacts: {\n dasboards: Array<{ id: string }]>;\n}\n```\n\n## Architecture diagram\n<img width=\"1265\" alt=\"Screenshot 2025-04-02 at 12 35 00\"\nsrc=\"https://github.com/user-attachments/assets/51783fd5-f63e-4a2e-80b0-7a724675c11c\"\n/>\n\n\n## 🧪 How to test\nThis PR includes only backend changes to the Rule APIs. In order to test\nyou can use Kibana > Dev Tools.\n\n### Create a rule\n\n```\nPOST kbn:/api/alerting/rule\n{\n \"name\": \"TEST RULE\",\n \"params\": {\n \"criteria\": [\n {\n \"comparator\": \">\",\n \"metrics\": [\n {\n \"name\": \"A\",\n \"aggType\": \"count\"\n }\n ],\n \"threshold\": [\n 3\n ],\n \"timeSize\": 1,\n \"timeUnit\": \"m\"\n }\n ],\n \"alertOnNoData\": false,\n \"alertOnGroupDisappear\": false,\n \"searchConfiguration\": {\n \"query\": {\n \"query\": \"\",\n \"language\": \"kuery\"\n },\n \"index\": \"e7744dbe-a7a4-457b-83aa-539e9c88764c\"\n }\n },\n \"rule_type_id\": \"observability.rules.custom_threshold\",\n \"consumer\": \"logs\",\n \"schedule\": {\n \"interval\": \"1m\"\n },\n \"artifacts\": {\n \"dashboards\": [\n { \"id\":\"1\" }\n ]\n }\n}\n```\nThe artifacts shouldn't be returned in the rule response. The new\ndashboard artifacts should be saved in the Rules SO. You can check it\ndirectly under `Kibana > Stack Management > Saved Objects`. You should\nverify a new `artifacts` entry is added in the rules SO:\n\n```\n\"artifacts\": {\n \"dashboards\": [\n {\n \"refId\": \"dashboard_0\"\n }\n ]\n },\n```\n\nAlso the new dashboard should be added into the references array:\n\n```\n\"references\": [\n ..\n {\n \"id\": \"1\",\n \"name\": \"dashboard_0\",\n \"type\": \"dashboard\"\n }\n ],\n```\n\n\n### Update a rule\n\n```\nPUT kbn:/api/alerting/rule/{RULE_ID}\n{\n \"name\": \"TEST RULE\",\n \"schedule\": {\n \"interval\": \"1m\"\n },\n \"params\": {\n \"criteria\": [\n {\n \"comparator\": \">\",\n \"metrics\": [\n {\n \"name\": \"A\",\n \"aggType\": \"count\"\n }\n ],\n \"threshold\": [\n 3\n ],\n \"timeSize\": 1,\n \"timeUnit\": \"m\"\n }\n ],\n \"alertOnNoData\": false,\n \"alertOnGroupDisappear\": false,\n \"searchConfiguration\": {\n \"query\": {\n \"query\": \"\",\n \"language\": \"kuery\"\n },\n \"index\": \"e7744dbe-a7a4-457b-83aa-539e9c88764c\"\n }\n },\n \"artifacts\": {\n \"dashboards\": [{\"id\": \"2\"}, {\"id\": \"1\"}]\n }\n}\n```\nThe artifacts shouldn't be returned in the rule response. The updated\nartifacts should be saved in the Rules SO. You can check it directly\nunder `Kibana > Stack Management > Saved Objects`. You should verify the\nupdated dashboards list is correct.\n\n### Find a rule\n\n```\nGET kbn:/api/alerting/rules/_find?search=\"TEST RULE\"\n\n```\n\nThe artifacts shouldn't be returned in the rule response. Only the\ninternal Find API returns the artifacts.\n\n```\nPOST kbn:/internal/alerting/rules/_find\n{\n \"search\": \"TEST RULE\"\n}\n```\n\n\n## ✔️ Acceptance criteria\n- The dashboard IDs should be saved as `references in the Rule SO\n- The Rule APIs will not return the artifacts\n- Only the `internal Find API` used by the UI will return the artifacts\n- Integrations and unit tests should be added\n\n---------\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Justin Kambic <jk@elastic.co>\nCo-authored-by: Christos Nasikas <xristosnasikas@gmail.com>","sha":"09740a63d14c6448bd948e952e3e70236b3fc634"}},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT-->
mgiota
added a commit
that referenced
this pull request
Apr 25, 2025
Follow up PR that addresses [this](#216292 (review)) comment and returns the artifacts in the internal _resolve API. The `_resolve` api is used in the edit rule form and fixes a UI issue in this draft [PR](#219019) --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
kibanamachine
added a commit
to kibanamachine/kibana
that referenced
this pull request
Apr 25, 2025
Follow up PR that addresses [this](elastic#216292 (review)) comment and returns the artifacts in the internal _resolve API. The `_resolve` api is used in the edit rule form and fixes a UI issue in this draft [PR](elastic#219019) --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> (cherry picked from commit ed2d0f8)
justinkambic
added a commit
that referenced
this pull request
May 2, 2025
## Summary Related to #213024. This adds the necessary backend schema changes for the investigation guide. Note this PR depends on #216292 and should not be merged before it. --------- Co-authored-by: Panagiota Mitsopoulou <giota85@gmail.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Panagiota Mitsopoulou <panagiota.mitsopoulou@elastic.co> Co-authored-by: Christos Nasikas <xristosnasikas@gmail.com>
justinkambic
added a commit
to justinkambic/kibana
that referenced
this pull request
May 2, 2025
Related to elastic#213024. This adds the necessary backend schema changes for the investigation guide. Note this PR depends on elastic#216292 and should not be merged before it. --------- Co-authored-by: Panagiota Mitsopoulou <giota85@gmail.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Panagiota Mitsopoulou <panagiota.mitsopoulou@elastic.co> Co-authored-by: Christos Nasikas <xristosnasikas@gmail.com> (cherry picked from commit 8ee1ceb)
justinkambic
added a commit
that referenced
this pull request
May 7, 2025
…219943) # Backport This will backport the following commits from `main` to `8.19`: - [[Incident Management] Investigation Guide backend (#216377)](#216377) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Justin Kambic","email":"jk@elastic.co"},"sourceCommit":{"committedDate":"2025-05-02T14:16:50Z","message":"[Incident Management] Investigation Guide backend (#216377)\n\n## Summary\n\nRelated to #213024.\n\nThis adds the necessary backend schema changes for the investigation\nguide.\n\nNote this PR depends on #216292 and should not be merged before it.\n\n---------\n\nCo-authored-by: Panagiota Mitsopoulou <giota85@gmail.com>\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Panagiota Mitsopoulou <panagiota.mitsopoulou@elastic.co>\nCo-authored-by: Christos Nasikas <xristosnasikas@gmail.com>","sha":"8ee1cebadf9c63eb5a87d2ab4c49bdcb29f99443","branchLabelMapping":{"^v9.1.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:feature","backport:prev-minor","Team:obs-ux-management","v9.1.0","v8.19.0"],"title":"[Incident Management] Investigation Guide backend","number":216377,"url":"https://github.com/elastic/kibana/pull/216377","mergeCommit":{"message":"[Incident Management] Investigation Guide backend (#216377)\n\n## Summary\n\nRelated to #213024.\n\nThis adds the necessary backend schema changes for the investigation\nguide.\n\nNote this PR depends on #216292 and should not be merged before it.\n\n---------\n\nCo-authored-by: Panagiota Mitsopoulou <giota85@gmail.com>\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Panagiota Mitsopoulou <panagiota.mitsopoulou@elastic.co>\nCo-authored-by: Christos Nasikas <xristosnasikas@gmail.com>","sha":"8ee1cebadf9c63eb5a87d2ab4c49bdcb29f99443"}},"sourceBranch":"main","suggestedTargetBranches":["8.19"],"targetPullRequestStates":[{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/216377","number":216377,"mergeCommit":{"message":"[Incident Management] Investigation Guide backend (#216377)\n\n## Summary\n\nRelated to #213024.\n\nThis adds the necessary backend schema changes for the investigation\nguide.\n\nNote this PR depends on #216292 and should not be merged before it.\n\n---------\n\nCo-authored-by: Panagiota Mitsopoulou <giota85@gmail.com>\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Panagiota Mitsopoulou <panagiota.mitsopoulou@elastic.co>\nCo-authored-by: Christos Nasikas <xristosnasikas@gmail.com>","sha":"8ee1cebadf9c63eb5a87d2ab4c49bdcb29f99443"}},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> --------- Co-authored-by: Panagiota Mitsopoulou <giota85@gmail.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Panagiota Mitsopoulou <panagiota.mitsopoulou@elastic.co> Co-authored-by: Christos Nasikas <xristosnasikas@gmail.com>
akowalska622
pushed a commit
to akowalska622/kibana
that referenced
this pull request
May 29, 2025
## 🗒️ Summary
We want to add a new `root-level` key in the rule called `artifacts`.
The new key will be added to the `create`, `update` and `find` Rule apis
and will contain `dashboards` and `investigation_guide`. This PR handles
only the addition of dashboards.
```
artifacts: {
dasboards: Array<{ id: string }]>;
}
```
## Architecture diagram
<img width="1265" alt="Screenshot 2025-04-02 at 12 35 00"
src="https://github.com/user-attachments/assets/51783fd5-f63e-4a2e-80b0-7a724675c11c"
/>
## 🧪 How to test
This PR includes only backend changes to the Rule APIs. In order to test
you can use Kibana > Dev Tools.
### Create a rule
```
POST kbn:/api/alerting/rule
{
"name": "TEST RULE",
"params": {
"criteria": [
{
"comparator": ">",
"metrics": [
{
"name": "A",
"aggType": "count"
}
],
"threshold": [
3
],
"timeSize": 1,
"timeUnit": "m"
}
],
"alertOnNoData": false,
"alertOnGroupDisappear": false,
"searchConfiguration": {
"query": {
"query": "",
"language": "kuery"
},
"index": "e7744dbe-a7a4-457b-83aa-539e9c88764c"
}
},
"rule_type_id": "observability.rules.custom_threshold",
"consumer": "logs",
"schedule": {
"interval": "1m"
},
"artifacts": {
"dashboards": [
{ "id":"1" }
]
}
}
```
The artifacts shouldn't be returned in the rule response. The new
dashboard artifacts should be saved in the Rules SO. You can check it
directly under `Kibana > Stack Management > Saved Objects`. You should
verify a new `artifacts` entry is added in the rules SO:
```
"artifacts": {
"dashboards": [
{
"refId": "dashboard_0"
}
]
},
```
Also the new dashboard should be added into the references array:
```
"references": [
..
{
"id": "1",
"name": "dashboard_0",
"type": "dashboard"
}
],
```
### Update a rule
```
PUT kbn:/api/alerting/rule/{RULE_ID}
{
"name": "TEST RULE",
"schedule": {
"interval": "1m"
},
"params": {
"criteria": [
{
"comparator": ">",
"metrics": [
{
"name": "A",
"aggType": "count"
}
],
"threshold": [
3
],
"timeSize": 1,
"timeUnit": "m"
}
],
"alertOnNoData": false,
"alertOnGroupDisappear": false,
"searchConfiguration": {
"query": {
"query": "",
"language": "kuery"
},
"index": "e7744dbe-a7a4-457b-83aa-539e9c88764c"
}
},
"artifacts": {
"dashboards": [{"id": "2"}, {"id": "1"}]
}
}
```
The artifacts shouldn't be returned in the rule response. The updated
artifacts should be saved in the Rules SO. You can check it directly
under `Kibana > Stack Management > Saved Objects`. You should verify the
updated dashboards list is correct.
### Find a rule
```
GET kbn:/api/alerting/rules/_find?search="TEST RULE"
```
The artifacts shouldn't be returned in the rule response. Only the
internal Find API returns the artifacts.
```
POST kbn:/internal/alerting/rules/_find
{
"search": "TEST RULE"
}
```
## ✔️ Acceptance criteria
- The dashboard IDs should be saved as `references in the Rule SO
- The Rule APIs will not return the artifacts
- Only the `internal Find API` used by the UI will return the artifacts
- Integrations and unit tests should be added
---------
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Justin Kambic <jk@elastic.co>
Co-authored-by: Christos Nasikas <xristosnasikas@gmail.com>
akowalska622
pushed a commit
to akowalska622/kibana
that referenced
this pull request
May 29, 2025
Follow up PR that addresses [this](elastic#216292 (review)) comment and returns the artifacts in the internal _resolve API. The `_resolve` api is used in the edit rule form and fixes a UI issue in this draft [PR](elastic#219019) --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
akowalska622
pushed a commit
to akowalska622/kibana
that referenced
this pull request
May 29, 2025
## Summary Related to elastic#213024. This adds the necessary backend schema changes for the investigation guide. Note this PR depends on elastic#216292 and should not be merged before it. --------- Co-authored-by: Panagiota Mitsopoulou <giota85@gmail.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Panagiota Mitsopoulou <panagiota.mitsopoulou@elastic.co> Co-authored-by: Christos Nasikas <xristosnasikas@gmail.com>
justinkambic
added a commit
that referenced
this pull request
May 29, 2025
## Summary 🌹 Resolves #213024. The frontend changes for [#216377](#216377). Depends on #216377 and #216292. ## Testing these changes 🌸 This adds frontend integration with the API changes we previously merged in #216377. There is a new editor in the Rule Create/Edit Detail view, below the pre-existing field for naming the rule. To test that this feature is working you should: - This is easiest to test if you have actual data that will trigger an alert in your cluster. If you need some fake data, you can use the nifty `data-forge` utility with a command like: ```shell node x-pack/scripts/data_forge.js --events-per-cycle 200 --lookback now-1h --ephemeral-project-ids 10 --dataset fake_stack --install-kibana-assets --kibana-url http://localhost:5601 --event-template bad ``` - Create a rule with an investigation guide specified. This is easy. Write some Markdown text into the editor and save the rule. My favorite rule for testing the feature is Custom Threshold, because it's easy to configure an alert that will fire. But this works for any rule. <img width="1260" alt="image" src="https://github.com/user-attachments/assets/bf9bf866-2439-456a-a700-1a93ae2e5dac" /> - After you create your rule, it should fire at some point, ideally. Using the Observability -> Alerts view, drill into the Alert Details page. There, you should find a spiffy new tab called _Investigation Guide_. Confirm the contents on that tab are your markdown, properly rendered. <img width="1000" alt="image" src="https://github.com/user-attachments/assets/bff19e48-da44-4886-bcf7-a296559c0aca" /> - Repeat step 1-2 as many times as you like with different rule types, if you desire. - Edit your rule, using the edit page or flyout. <img width="606" alt="image" src="https://github.com/user-attachments/assets/1a6149fe-016a-4b8c-9846-24cb2931aed3" /> - When you save the rule you should be able to refresh the alert details page and see the modified Investigation Guide reflected in the tab. --------- Co-authored-by: Panagiota Mitsopoulou <giota85@gmail.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
kibanamachine
added a commit
to kibanamachine/kibana
that referenced
this pull request
May 29, 2025
## Summary 🌹 Resolves elastic#213024. The frontend changes for [elastic#216377](elastic#216377). Depends on elastic#216377 and elastic#216292. ## Testing these changes 🌸 This adds frontend integration with the API changes we previously merged in elastic#216377. There is a new editor in the Rule Create/Edit Detail view, below the pre-existing field for naming the rule. To test that this feature is working you should: - This is easiest to test if you have actual data that will trigger an alert in your cluster. If you need some fake data, you can use the nifty `data-forge` utility with a command like: ```shell node x-pack/scripts/data_forge.js --events-per-cycle 200 --lookback now-1h --ephemeral-project-ids 10 --dataset fake_stack --install-kibana-assets --kibana-url http://localhost:5601 --event-template bad ``` - Create a rule with an investigation guide specified. This is easy. Write some Markdown text into the editor and save the rule. My favorite rule for testing the feature is Custom Threshold, because it's easy to configure an alert that will fire. But this works for any rule. <img width="1260" alt="image" src="https://github.com/user-attachments/assets/bf9bf866-2439-456a-a700-1a93ae2e5dac" /> - After you create your rule, it should fire at some point, ideally. Using the Observability -> Alerts view, drill into the Alert Details page. There, you should find a spiffy new tab called _Investigation Guide_. Confirm the contents on that tab are your markdown, properly rendered. <img width="1000" alt="image" src="https://github.com/user-attachments/assets/bff19e48-da44-4886-bcf7-a296559c0aca" /> - Repeat step 1-2 as many times as you like with different rule types, if you desire. - Edit your rule, using the edit page or flyout. <img width="606" alt="image" src="https://github.com/user-attachments/assets/1a6149fe-016a-4b8c-9846-24cb2931aed3" /> - When you save the rule you should be able to refresh the alert details page and see the modified Investigation Guide reflected in the tab. --------- Co-authored-by: Panagiota Mitsopoulou <giota85@gmail.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> (cherry picked from commit 6b556d5)
qn895
pushed a commit
to qn895/kibana
that referenced
this pull request
Jun 3, 2025
## Summary Related to elastic#213024. This adds the necessary backend schema changes for the investigation guide. Note this PR depends on elastic#216292 and should not be merged before it. --------- Co-authored-by: Panagiota Mitsopoulou <giota85@gmail.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Panagiota Mitsopoulou <panagiota.mitsopoulou@elastic.co> Co-authored-by: Christos Nasikas <xristosnasikas@gmail.com>
zacharyparikh
pushed a commit
to zacharyparikh/kibana
that referenced
this pull request
Jun 4, 2025
## Summary 🌹 Resolves elastic#213024. The frontend changes for [elastic#216377](elastic#216377). Depends on elastic#216377 and elastic#216292. ## Testing these changes 🌸 This adds frontend integration with the API changes we previously merged in elastic#216377. There is a new editor in the Rule Create/Edit Detail view, below the pre-existing field for naming the rule. To test that this feature is working you should: - This is easiest to test if you have actual data that will trigger an alert in your cluster. If you need some fake data, you can use the nifty `data-forge` utility with a command like: ```shell node x-pack/scripts/data_forge.js --events-per-cycle 200 --lookback now-1h --ephemeral-project-ids 10 --dataset fake_stack --install-kibana-assets --kibana-url http://localhost:5601 --event-template bad ``` - Create a rule with an investigation guide specified. This is easy. Write some Markdown text into the editor and save the rule. My favorite rule for testing the feature is Custom Threshold, because it's easy to configure an alert that will fire. But this works for any rule. <img width="1260" alt="image" src="https://github.com/user-attachments/assets/bf9bf866-2439-456a-a700-1a93ae2e5dac" /> - After you create your rule, it should fire at some point, ideally. Using the Observability -> Alerts view, drill into the Alert Details page. There, you should find a spiffy new tab called _Investigation Guide_. Confirm the contents on that tab are your markdown, properly rendered. <img width="1000" alt="image" src="https://github.com/user-attachments/assets/bff19e48-da44-4886-bcf7-a296559c0aca" /> - Repeat step 1-2 as many times as you like with different rule types, if you desire. - Edit your rule, using the edit page or flyout. <img width="606" alt="image" src="https://github.com/user-attachments/assets/1a6149fe-016a-4b8c-9846-24cb2931aed3" /> - When you save the rule you should be able to refresh the alert details page and see the modified Investigation Guide reflected in the tab. --------- Co-authored-by: Panagiota Mitsopoulou <giota85@gmail.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
nickpeihl
pushed a commit
to nickpeihl/kibana
that referenced
this pull request
Jun 12, 2025
## Summary 🌹 Resolves elastic#213024. The frontend changes for [elastic#216377](elastic#216377). Depends on elastic#216377 and elastic#216292. ## Testing these changes 🌸 This adds frontend integration with the API changes we previously merged in elastic#216377. There is a new editor in the Rule Create/Edit Detail view, below the pre-existing field for naming the rule. To test that this feature is working you should: - This is easiest to test if you have actual data that will trigger an alert in your cluster. If you need some fake data, you can use the nifty `data-forge` utility with a command like: ```shell node x-pack/scripts/data_forge.js --events-per-cycle 200 --lookback now-1h --ephemeral-project-ids 10 --dataset fake_stack --install-kibana-assets --kibana-url http://localhost:5601 --event-template bad ``` - Create a rule with an investigation guide specified. This is easy. Write some Markdown text into the editor and save the rule. My favorite rule for testing the feature is Custom Threshold, because it's easy to configure an alert that will fire. But this works for any rule. <img width="1260" alt="image" src="https://github.com/user-attachments/assets/bf9bf866-2439-456a-a700-1a93ae2e5dac" /> - After you create your rule, it should fire at some point, ideally. Using the Observability -> Alerts view, drill into the Alert Details page. There, you should find a spiffy new tab called _Investigation Guide_. Confirm the contents on that tab are your markdown, properly rendered. <img width="1000" alt="image" src="https://github.com/user-attachments/assets/bff19e48-da44-4886-bcf7-a296559c0aca" /> - Repeat step 1-2 as many times as you like with different rule types, if you desire. - Edit your rule, using the edit page or flyout. <img width="606" alt="image" src="https://github.com/user-attachments/assets/1a6149fe-016a-4b8c-9846-24cb2931aed3" /> - When you save the rule you should be able to refresh the alert details page and see the modified Investigation Guide reflected in the tab. --------- Co-authored-by: Panagiota Mitsopoulou <giota85@gmail.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #219523
🗒️ Summary
We want to add a new
root-levelkey in the rule calledartifacts. The new key will be added to thecreate,updateandfindRule apis and will containdashboardsandinvestigation_guide. This PR handles only the addition of dashboards.Architecture diagram
🧪 How to test
This PR includes only backend changes to the Rule APIs. In order to test you can use Kibana > Dev Tools.
Create a rule
The artifacts shouldn't be returned in the rule response. The new dashboard artifacts should be saved in the Rules SO. You can check it directly under
Kibana > Stack Management > Saved Objects. You should verify a newartifactsentry is added in the rules SO:Also the new dashboard should be added into the references array:
Update a rule
The artifacts shouldn't be returned in the rule response. The updated artifacts should be saved in the Rules SO. You can check it directly under
Kibana > Stack Management > Saved Objects. You should verify the updated dashboards list is correct.Find a rule
The artifacts shouldn't be returned in the rule response. Only the internal Find API returns the artifacts.
✔️ Acceptance criteria
internal Find APIused by the UI will return the artifacts