Skip to content

[9.2] [Infra][Hosts] Fix inventory Network Inbound and Outbound alert rules (#251855)#252691

Merged
kibanamachine merged 1 commit into
elastic:9.2from
kibanamachine:backport/9.2/pr-251855
Feb 11, 2026
Merged

[9.2] [Infra][Hosts] Fix inventory Network Inbound and Outbound alert rules (#251855)#252691
kibanamachine merged 1 commit into
elastic:9.2from
kibanamachine:backport/9.2/pr-251855

Conversation

@kibanamachine
Copy link
Copy Markdown
Contributor

@kibanamachine kibanamachine commented Feb 11, 2026

Backport

This will backport the following commits from main to 9.2:

Questions ?

Please refer to the Backport tool documentation

@crespocarlos @elasticmachine
[Infra][Hosts] Fix inventory Network Inbound and Outbound alert rules (
cfc7600 
…elastic#251855)

fixes elastic#251854

## Summary

This PR fixes the network inbound and outbound alert executors. There
were basically 2 issues:

- OTel multi-dimension aggregation: The alert was not handling the
filter-wrapped aggregation pattern used by `rxV2`/`txV2` metrics,
causing the query to fail.
- Missing bits-to-bytes conversion: The threshold conversion (÷8) was
implemented for `rx`/`tx` but missing for `rxV2`/`txV2`, causing
threshold comparisons to be off by 8x.

Otel
<img width="800" height="702" alt="image"
src="https://github.com/user-attachments/assets/14481a73-3481-4605-b554-64bf645810ee"
/>

ECS
<img width="800" height="813" alt="image"
src="https://github.com/user-attachments/assets/82096690-ea1a-4372-a3de-65565fe35b9d"
/>

### how to test

- Otel:
- Run: `./forge --dataset hosts --format otel --interval 30s`
(https://github.com/simianhacker/simian-forge)
   - Create Network Inbound and Outbound metrics in the Infra UI
- ECS:
   - Run `node scripts/synthtrace infra_hosts_ecs.ts --live`
   - Create Network Inbound and Outbound metrics in the Infra UI

---------

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
(cherry picked from commit c3c9c78)
@kibanamachine kibanamachine added the backport This PR is a backport of another PR label Feb 11, 2026
@kibanamachine kibanamachine enabled auto-merge (squash) February 11, 2026 11:31
@kibanamachine kibanamachine mentioned this pull request Feb 11, 2026
Merged
@kibanamachine kibanamachine merged commit 3ad2a29 into elastic:9.2 Feb 11, 2026
17 checks passed
@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Feb 11, 2026

💚 Build Succeeded

Metrics [docs]

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id before after diff
metricsDataAccess 151 153 +2

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
metricsDataAccess 40.7KB 40.7KB +78.0B
Unknown metric groups

API count

id before after diff
metricsDataAccess 151 153 +2

cc @crespocarlos

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

@crespocarlos crespocarlos

Labels

backport This PR is a backport of another PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kibanamachine @elasticmachine @crespocarlos