[Incident management] Callout for alerts that triggered around the same time#223473
Merged
baileycash-elastic merged 24 commits intoelastic:mainfrom Jun 24, 2025
Merged
[Incident management] Callout for alerts that triggered around the same time#223473baileycash-elastic merged 24 commits intoelastic:mainfrom
baileycash-elastic merged 24 commits intoelastic:mainfrom
Conversation
fix context error
copy change address linting
botelastic
bot
added
the
Team:actionable-obs
Contributor
|
Pinging @elastic/obs-ux-management-team (Team:obs-ux-management) |
github-actions
bot
added
the
author:obs-ux-management
baileycash-elastic
added
release_note:feature
baileycash-elastic
changed the title
baileycash-elastic
added
release_note:skip
kdelemme
reviewed
Jun 12, 2025
Contributor
kdelemme
left a comment
kdelemme
left a comment
There was a problem hiding this comment.
I just have a few comments/nits but otherwise LGTM. I haven't tested it though
...k/solutions/observability/plugins/observability/public/pages/alert_details/alert_details.tsx
Outdated
Show resolved
Hide resolved
.../observability/public/pages/alert_details/components/related_alerts/related_alerts_table.tsx
Outdated
Show resolved
Hide resolved
| lte: startDate.clone().add(1, 'days').toISOString(), | ||
| gte: startDate | ||
| .clone() | ||
| .subtract(...range) |
Contributor
There was a problem hiding this comment.
nit: Destructuring an array so it becomes the exact arguments expected by the function feels brittle to me.
Contributor
Author
There was a problem hiding this comment.
I felt this was cleaner than having a conditional for the "same time" filter bool * (startDate + endDate) combinations
...s/observability/plugins/observability/public/pages/alert_details/proximal_alerts_callout.tsx
Outdated
Show resolved
Hide resolved
...s/observability/plugins/observability/public/pages/alert_details/proximal_alerts_callout.tsx
Outdated
Show resolved
Hide resolved
kdelemme
reviewed
Jun 12, 2025
Contributor
kdelemme
left a comment
kdelemme
left a comment
There was a problem hiding this comment.
One last question about reusing useBuildRelatedAlertsQuery vs not
...rvability/plugins/observability/public/pages/alert_details/hooks/use_find_proximal_alerts.ts
Outdated
Show resolved
Hide resolved
| <EuiCallOut> | ||
| {i18n.translate('xpack.observability.alertDetails.proximalAlert.description', { | ||
| defaultMessage: | ||
| '{count, plural, one {# alert was} other {# alerts were}} triggered around the same time.', |
Contributor
Author
There was a problem hiding this comment.
@nastasha-solomon @mdbirnstiehl Hey folks! I want to get your feedback on the wording of this callout.
Here's the issue I'm referencing.
Member
There was a problem hiding this comment.
Thanks for the ping! I'd recommend changing "triggered" to something a bit less harsh like "created" or "generated":
Suggested change
| '{count, plural, one {# alert was} other {# alerts were}} triggered around the same time.', | |
| '{count, plural, one {# alert was} other {# alerts were}} created around the same time.', |
Another reason is because alerts are only created when the rule is triggered -- at least that's my understanding. Saying that an alert is triggered by an event sorta makes sense, but is less precise than saying that an event triggers a rule, which then creates an alert. That's just my two cents though. Feel free to disagree, especially if this phrasing is used in other places throughout the Observability app.
One more suggestion: I'd change "See more" to "See related alerts." That way, users know exactly what they're navigating to.
| label={i18n.translate( | ||
| 'xpack.observability.alerts.relatedAlerts.proximityCheckboxLabel', | ||
| { | ||
| defaultMessage: 'Triggered around the same time', |
Member
There was a problem hiding this comment.
Minor fix:
Suggested change
| defaultMessage: 'Triggered around the same time', | |
| defaultMessage: 'Created around the same time', |
nastasha-solomon
approved these changes
Jun 13, 2025
jcger
reviewed
Jun 18, 2025
Contributor
jcger
left a comment
jcger
left a comment
There was a problem hiding this comment.
I think you are missing the 9.1 label
src/platform/packages/shared/kbn-alerts-ui-shared/src/common/hooks/use_search_alerts_query.ts
Outdated
Show resolved
Hide resolved
Contributor
💚 Build Succeeded
Metrics [docs]Module Count
Async chunks
History
|
adcoelho
approved these changes
Jun 24, 2025
Contributor
adcoelho
left a comment
adcoelho
left a comment
There was a problem hiding this comment.
LGTM but was wondering why you want to skip our query context skipAlertsQueryContext in useSearchAlertsQuery.
Contributor
|
Starting backport for target branches: 8.19 https://github.com/elastic/kibana/actions/runs/15846120627 |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Jun 24, 2025
…me time (elastic#223473) ## Summary Implements elastic#213020 Partially implements filter bar seen with elastic#213015 This PR adds a callout on the alert details page to encourage users to visit the related alerts page when at least one alert was triggered within 30 minutes of the current alert. If no alerts were triggered, the message remains without a call to action. https://github.com/user-attachments/assets/23b2d3e9-353b-45e1-a007-d188db5617fc ## Testing The related alert query usually find alerts that were raised within a day of each other. To find alerts that were raised within a few minutes, try creating an SLO with a chosen groupBy field that will easily violate a burn rate rule. Alerts should be triggered for each instance within seconds. Once the filter is executed, these alerts should appear without alerts that were triggered earlier in the day. (cherry picked from commit 7da827e)
Contributor
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Jun 24, 2025
… the same time (#223473) (#225026) # Backport This will backport the following commits from `main` to `8.19`: - [[Incident management] Callout for alerts that triggered around the same time (#223473)](#223473) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Bailey Cash","email":"bailey.cash@elastic.co"},"sourceCommit":{"committedDate":"2025-06-24T09:03:20Z","message":"[Incident management] Callout for alerts that triggered around the same time (#223473)\n\n## Summary\n\nImplements #213020\nPartially implements filter bar seen with #213015\n\n\nThis PR adds a callout on the alert details page to encourage users to\nvisit the related alerts page when at least one alert was triggered\nwithin 30 minutes of the current alert. If no alerts were triggered, the\nmessage remains without a call to action.\n\n\nhttps://github.com/user-attachments/assets/23b2d3e9-353b-45e1-a007-d188db5617fc\n\n\n\n## Testing\n\nThe related alert query usually find alerts that were raised within a\nday of each other. To find alerts that were raised within a few minutes,\ntry creating an SLO with a chosen groupBy field that will easily violate\na burn rate rule. Alerts should be triggered for each instance within\nseconds. Once the filter is executed, these alerts should appear without\nalerts that were triggered earlier in the day.","sha":"7da827e8d9b1d354c3d0093941e72ca79e821c3d","branchLabelMapping":{"^v9.1.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:obs-ux-management","backport:version","v9.1.0","v8.19.0"],"title":"[Incident management] Callout for alerts that triggered around the same time","number":223473,"url":"https://github.com/elastic/kibana/pull/223473","mergeCommit":{"message":"[Incident management] Callout for alerts that triggered around the same time (#223473)\n\n## Summary\n\nImplements #213020\nPartially implements filter bar seen with #213015\n\n\nThis PR adds a callout on the alert details page to encourage users to\nvisit the related alerts page when at least one alert was triggered\nwithin 30 minutes of the current alert. If no alerts were triggered, the\nmessage remains without a call to action.\n\n\nhttps://github.com/user-attachments/assets/23b2d3e9-353b-45e1-a007-d188db5617fc\n\n\n\n## Testing\n\nThe related alert query usually find alerts that were raised within a\nday of each other. To find alerts that were raised within a few minutes,\ntry creating an SLO with a chosen groupBy field that will easily violate\na burn rate rule. Alerts should be triggered for each instance within\nseconds. Once the filter is executed, these alerts should appear without\nalerts that were triggered earlier in the day.","sha":"7da827e8d9b1d354c3d0093941e72ca79e821c3d"}},"sourceBranch":"main","suggestedTargetBranches":["8.19"],"targetPullRequestStates":[{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/223473","number":223473,"mergeCommit":{"message":"[Incident management] Callout for alerts that triggered around the same time (#223473)\n\n## Summary\n\nImplements #213020\nPartially implements filter bar seen with #213015\n\n\nThis PR adds a callout on the alert details page to encourage users to\nvisit the related alerts page when at least one alert was triggered\nwithin 30 minutes of the current alert. If no alerts were triggered, the\nmessage remains without a call to action.\n\n\nhttps://github.com/user-attachments/assets/23b2d3e9-353b-45e1-a007-d188db5617fc\n\n\n\n## Testing\n\nThe related alert query usually find alerts that were raised within a\nday of each other. To find alerts that were raised within a few minutes,\ntry creating an SLO with a chosen groupBy field that will easily violate\na burn rate rule. Alerts should be triggered for each instance within\nseconds. Once the filter is executed, these alerts should appear without\nalerts that were triggered earlier in the day.","sha":"7da827e8d9b1d354c3d0093941e72ca79e821c3d"}},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Bailey Cash <bailey.cash@elastic.co>
akowalska622
pushed a commit
to akowalska622/kibana
that referenced
this pull request
Jun 25, 2025
…me time (elastic#223473) ## Summary Implements elastic#213020 Partially implements filter bar seen with elastic#213015 This PR adds a callout on the alert details page to encourage users to visit the related alerts page when at least one alert was triggered within 30 minutes of the current alert. If no alerts were triggered, the message remains without a call to action. https://github.com/user-attachments/assets/23b2d3e9-353b-45e1-a007-d188db5617fc ## Testing The related alert query usually find alerts that were raised within a day of each other. To find alerts that were raised within a few minutes, try creating an SLO with a chosen groupBy field that will easily violate a burn rate rule. Alerts should be triggered for each instance within seconds. Once the filter is executed, these alerts should appear without alerts that were triggered earlier in the day.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
8 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Implements #213020
Partially implements filter bar seen with #213015
This PR adds a callout on the alert details page to encourage users to visit the related alerts page when at least one alert was triggered within 30 minutes of the current alert. If no alerts were triggered, the message remains without a call to action.
Screen.Recording.2025-06-12.at.4.23.17.PM.mov
Testing
The related alert query usually find alerts that were raised within a day of each other. To find alerts that were raised within a few minutes, try creating an SLO with a chosen groupBy field that will easily violate a burn rate rule. Alerts should be triggered for each instance within seconds. Once the filter is executed, these alerts should appear without alerts that were triggered earlier in the day.