[ResponseOps][Alerting] Do not return alerts from internally managed rule types#223453
Merged
cnasikas merged 8 commits intoelastic:mainfrom Jun 20, 2025
Merged
[ResponseOps][Alerting] Do not return alerts from internally managed rule types#223453cnasikas merged 8 commits intoelastic:mainfrom
cnasikas merged 8 commits intoelastic:mainfrom
Conversation
cnasikas
added
release_note:skip
2 tasks
Contributor
|
Pinging @elastic/response-ops (Team:ResponseOps) |
kdelemme
approved these changes
Jun 16, 2025
Contributor
kdelemme
left a comment
kdelemme
left a comment
There was a problem hiding this comment.
Thanks for introducing this feature (and adding it into the streams rule), code LGTM. I just have a question regarding the SearchStrategy and its scope. Is the SearchStrategy also used by the alerting client?
It's not really a problem right now because we do search the alerts-as-data indices directly.
Member
Author
Thanks! No, the alerts client does not use he search strategy. It is only used by the UI atm. |
Contributor
💛 Build succeeded, but was flaky
Failed CI StepsMetrics [docs]History
cc @cnasikas |
jcger
approved these changes
Jun 18, 2025
| new Map( | ||
| Array.from(registeredRuleTypes).filter( | ||
| ([_id, ruleType]) => | ||
| ruleType.internallyManaged == null || !Boolean(ruleType.internallyManaged) |
Contributor
There was a problem hiding this comment.
The first part should be redundant as Boolean() also checks for false, 0, "", null, undefined and NaN https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Boolean#boolean_coercion
Member
Author
There was a problem hiding this comment.
If I use only !Boolean, it will filter out rule types that do not have the internallyManaged property defined. The property is optional, and all of the rule types aside from stream rules do not define it. I want to filter out only rule types that have the internallyManaged defined and set it to true.
Member
Author
|
@elasticmachine merge upstream |
Contributor
|
Starting backport for target branches: 8.19 https://github.com/elastic/kibana/actions/runs/15776082363 |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Jun 20, 2025
…rule types (elastic#223453) ## Summary This PR introduces the concept of internally managed rule types. The purpose of this PR is to hide alerts in the alerts table in the UI produced by internally managed rule types. In following PRs, we will enhance the framework to handle more cases when the product requirements are clearer. If, in the future, the streams team wants to use the alerts table to show stream alerts, we could introduce a new parameter in the alerting API to allow alerts produced by internally managed rule types to be returned. Fixes: elastic#221379 cc @kdelemme @dgieselaar ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> (cherry picked from commit 61113a0)
Contributor
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
This was referenced Jun 20, 2025
kibanamachine
added a commit
that referenced
this pull request
Jun 21, 2025
…anaged rule types (#223453) (#224653) # Backport This will backport the following commits from `main` to `8.19`: - [[ResponseOps][Alerting] Do not return alerts from internally managed rule types (#223453)](#223453) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Christos Nasikas","email":"christos.nasikas@elastic.co"},"sourceCommit":{"committedDate":"2025-06-20T09:42:01Z","message":"[ResponseOps][Alerting] Do not return alerts from internally managed rule types (#223453)\n\n## Summary\n\nThis PR introduces the concept of internally managed rule types. The\npurpose of this PR is to hide alerts in the alerts table in the UI\nproduced by internally managed rule types. In following PRs, we will\nenhance the framework to handle more cases when the product requirements\nare clearer. If, in the future, the streams team wants to use the alerts\ntable to show stream alerts, we could introduce a new parameter in the\nalerting API to allow alerts produced by internally managed rule types\nto be returned.\n\nFixes: https://github.com/elastic/kibana/issues/221379\n\ncc @kdelemme @dgieselaar \n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"61113a0c46a1d7610bdb28302949001e372ebf98","branchLabelMapping":{"^v9.1.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:ResponseOps","backport:version","v9.1.0","v8.19.0"],"title":"[ResponseOps][Alerting] Do not return alerts from internally managed rule types","number":223453,"url":"https://github.com/elastic/kibana/pull/223453","mergeCommit":{"message":"[ResponseOps][Alerting] Do not return alerts from internally managed rule types (#223453)\n\n## Summary\n\nThis PR introduces the concept of internally managed rule types. The\npurpose of this PR is to hide alerts in the alerts table in the UI\nproduced by internally managed rule types. In following PRs, we will\nenhance the framework to handle more cases when the product requirements\nare clearer. If, in the future, the streams team wants to use the alerts\ntable to show stream alerts, we could introduce a new parameter in the\nalerting API to allow alerts produced by internally managed rule types\nto be returned.\n\nFixes: https://github.com/elastic/kibana/issues/221379\n\ncc @kdelemme @dgieselaar \n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"61113a0c46a1d7610bdb28302949001e372ebf98"}},"sourceBranch":"main","suggestedTargetBranches":["8.19"],"targetPullRequestStates":[{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/223453","number":223453,"mergeCommit":{"message":"[ResponseOps][Alerting] Do not return alerts from internally managed rule types (#223453)\n\n## Summary\n\nThis PR introduces the concept of internally managed rule types. The\npurpose of this PR is to hide alerts in the alerts table in the UI\nproduced by internally managed rule types. In following PRs, we will\nenhance the framework to handle more cases when the product requirements\nare clearer. If, in the future, the streams team wants to use the alerts\ntable to show stream alerts, we could introduce a new parameter in the\nalerting API to allow alerts produced by internally managed rule types\nto be returned.\n\nFixes: https://github.com/elastic/kibana/issues/221379\n\ncc @kdelemme @dgieselaar \n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n\n---------\n\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"61113a0c46a1d7610bdb28302949001e372ebf98"}},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> --------- Co-authored-by: Christos Nasikas <christos.nasikas@elastic.co> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
akowalska622
pushed a commit
to akowalska622/kibana
that referenced
this pull request
Jun 25, 2025
…rule types (elastic#223453) ## Summary This PR introduces the concept of internally managed rule types. The purpose of this PR is to hide alerts in the alerts table in the UI produced by internally managed rule types. In following PRs, we will enhance the framework to handle more cases when the product requirements are clearer. If, in the future, the streams team wants to use the alerts table to show stream alerts, we could introduce a new parameter in the alerting API to allow alerts produced by internally managed rule types to be returned. Fixes: elastic#221379 cc @kdelemme @dgieselaar ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR introduces the concept of internally managed rule types. The purpose of this PR is to hide alerts in the alerts table in the UI produced by internally managed rule types. In following PRs, we will enhance the framework to handle more cases when the product requirements are clearer. If, in the future, the streams team wants to use the alerts table to show stream alerts, we could introduce a new parameter in the alerting API to allow alerts produced by internally managed rule types to be returned.
Fixes: #221379
cc @kdelemme @dgieselaar
Checklist