[RAC] [Observability] Use simpler alert severity level mapping (#109068…

…) (#109172)

* [RAC][Observability] remove severity fields from mapping keep only ALERT_SEVERITY

* temporarily remove severity value occurences

* remove ALERT_SEVERITY_VALUE occurences, this value is not being read and shown in the Observability alerts table

* remove duplicate ALERT_SEVERITY identifier

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>

Co-authored-by: mgiota <giota85@gmail.com>

packages/kbn-rule-data-utils/src/technical_field_names.ts

@@ -32,8 +32,6 @@ const ALERT_ID = `${ALERT_NAMESPACE}.id` as const;
 const ALERT_REASON = `${ALERT_NAMESPACE}.reason` as const;
 const ALERT_RISK_SCORE = `${ALERT_NAMESPACE}.risk_score` as const;
 const ALERT_SEVERITY = `${ALERT_NAMESPACE}.severity` as const;
-const ALERT_SEVERITY_LEVEL = `${ALERT_NAMESPACE}.severity.level` as const;
-const ALERT_SEVERITY_VALUE = `${ALERT_NAMESPACE}.severity.value` as const;
 const ALERT_START = `${ALERT_NAMESPACE}.start` as const;
 const ALERT_STATUS = `${ALERT_NAMESPACE}.status` as const;
 const ALERT_SYSTEM_STATUS = `${ALERT_NAMESPACE}.system_status` as const;
@@ -127,8 +125,6 @@ const fields = {
  ALERT_RULE_VERSION,
  ALERT_START,
  ALERT_SEVERITY,
- ALERT_SEVERITY_LEVEL,
- ALERT_SEVERITY_VALUE,
  ALERT_STATUS,
  ALERT_SYSTEM_STATUS,
  ALERT_UUID,
@@ -183,8 +179,6 @@ export {
  ALERT_RULE_VERSION,
  ALERT_RULE_SEVERITY,
  ALERT_SEVERITY,
- ALERT_SEVERITY_LEVEL,
- ALERT_SEVERITY_VALUE,
  ALERT_START,
  ALERT_SYSTEM_STATUS,
  ALERT_UUID,

x-pack/plugins/apm/public/components/alerting/register_apm_alerts.ts

@@ -11,12 +11,12 @@ import { stringify } from 'querystring';
 import type {
  ALERT_EVALUATION_THRESHOLD as ALERT_EVALUATION_THRESHOLD_TYPED,
  ALERT_EVALUATION_VALUE as ALERT_EVALUATION_VALUE_TYPED,
- ALERT_SEVERITY_LEVEL as ALERT_SEVERITY_LEVEL_TYPED,
+ ALERT_SEVERITY as ALERT_SEVERITY_TYPED,
 } from '@kbn/rule-data-utils';
 import {
  ALERT_EVALUATION_THRESHOLD as ALERT_EVALUATION_THRESHOLD_NON_TYPED,
  ALERT_EVALUATION_VALUE as ALERT_EVALUATION_VALUE_NON_TYPED,
- ALERT_SEVERITY_LEVEL as ALERT_SEVERITY_LEVEL_NON_TYPED,
+ ALERT_SEVERITY as ALERT_SEVERITY_NON_TYPED,
  // @ts-expect-error
 } from '@kbn/rule-data-utils/target_node/technical_field_names';
 import type { ObservabilityRuleTypeRegistry } from '../../../../observability/public';
@@ -36,7 +36,7 @@ const TRANSACTION_TYPE = 'transaction.type';
 
 const ALERT_EVALUATION_THRESHOLD: typeof ALERT_EVALUATION_THRESHOLD_TYPED = ALERT_EVALUATION_THRESHOLD_NON_TYPED;
 const ALERT_EVALUATION_VALUE: typeof ALERT_EVALUATION_VALUE_TYPED = ALERT_EVALUATION_VALUE_NON_TYPED;
-const ALERT_SEVERITY_LEVEL: typeof ALERT_SEVERITY_LEVEL_TYPED = ALERT_SEVERITY_LEVEL_NON_TYPED;
+const ALERT_SEVERITY: typeof ALERT_SEVERITY_TYPED = ALERT_SEVERITY_NON_TYPED;
 
 const format = ({
  pathname,
@@ -211,7 +211,7 @@ export function registerApmAlerts(
  format: ({ fields }) => ({
  reason: formatTransactionDurationAnomalyReason({
  serviceName: String(fields[SERVICE_NAME][0]),
- severityLevel: String(fields[ALERT_SEVERITY_LEVEL]),
+ severityLevel: String(fields[ALERT_SEVERITY]),
  measured: Number(fields[ALERT_EVALUATION_VALUE]),
  }),
  link: format({

x-pack/plugins/apm/public/components/shared/charts/helper/get_alert_annotations.test.tsx

@@ -13,7 +13,7 @@ import {
  ALERT_ID,
  ALERT_RULE_PRODUCER,
  ALERT_RULE_CONSUMER,
- ALERT_SEVERITY_LEVEL,
+ ALERT_SEVERITY,
  ALERT_START,
  ALERT_STATUS,
  ALERT_UUID,
@@ -163,7 +163,7 @@ describe('getAlertAnnotations', () => {
  describe('with an alert with a warning severity', () => {
  const warningAlert: Alert = {
  ...alert,
- [ALERT_SEVERITY_LEVEL]: ['warning'],
+ [ALERT_SEVERITY]: ['warning'],
  };
 
  it('uses the warning color', () => {
@@ -196,7 +196,7 @@ describe('getAlertAnnotations', () => {
  describe('with an alert with a critical severity', () => {
  const criticalAlert: Alert = {
  ...alert,
- [ALERT_SEVERITY_LEVEL]: ['critical'],
+ [ALERT_SEVERITY]: ['critical'],
  };
 
  it('uses the critical color', () => {

x-pack/plugins/apm/public/components/shared/charts/helper/get_alert_annotations.tsx

@@ -14,15 +14,15 @@ import { EuiButtonIcon } from '@elastic/eui';
 import { i18n } from '@kbn/i18n';
 import type {
  ALERT_DURATION as ALERT_DURATION_TYPED,
- ALERT_SEVERITY_LEVEL as ALERT_SEVERITY_LEVEL_TYPED,
+ ALERT_SEVERITY as ALERT_SEVERITY_TYPED,
  ALERT_START as ALERT_START_TYPED,
  ALERT_UUID as ALERT_UUID_TYPED,
  ALERT_RULE_TYPE_ID as ALERT_RULE_TYPE_ID_TYPED,
  ALERT_RULE_NAME as ALERT_RULE_NAME_TYPED,
 } from '@kbn/rule-data-utils';
 import {
  ALERT_DURATION as ALERT_DURATION_NON_TYPED,
- ALERT_SEVERITY_LEVEL as ALERT_SEVERITY_LEVEL_NON_TYPED,
+ ALERT_SEVERITY as ALERT_SEVERITY_NON_TYPED,
  ALERT_START as ALERT_START_NON_TYPED,
  ALERT_UUID as ALERT_UUID_NON_TYPED,
  ALERT_RULE_TYPE_ID as ALERT_RULE_TYPE_ID_NON_TYPED,
@@ -38,7 +38,7 @@ import { asDuration, asPercent } from '../../../../../common/utils/formatters';
 import { APIReturnType } from '../../../../services/rest/createCallApmApi';
 
 const ALERT_DURATION: typeof ALERT_DURATION_TYPED = ALERT_DURATION_NON_TYPED;
-const ALERT_SEVERITY_LEVEL: typeof ALERT_SEVERITY_LEVEL_TYPED = ALERT_SEVERITY_LEVEL_NON_TYPED;
+const ALERT_SEVERITY: typeof ALERT_SEVERITY_TYPED = ALERT_SEVERITY_NON_TYPED;
 const ALERT_START: typeof ALERT_START_TYPED = ALERT_START_NON_TYPED;
 const ALERT_UUID: typeof ALERT_UUID_TYPED = ALERT_UUID_NON_TYPED;
 const ALERT_RULE_TYPE_ID: typeof ALERT_RULE_TYPE_ID_TYPED = ALERT_RULE_TYPE_ID_NON_TYPED;
@@ -119,7 +119,7 @@ export function getAlertAnnotations({
  new Date(parsed[ALERT_START]!).getTime()
  );
  const end = start + parsed[ALERT_DURATION]! / 1000;
- const severityLevel = parsed[ALERT_SEVERITY_LEVEL];
+ const severityLevel = parsed[ALERT_SEVERITY];
  const color = getAlertColor({ severityLevel, theme });
  const header = getAlertHeader({ severityLevel });
  const formatter = getFormatter(parsed[ALERT_RULE_TYPE_ID]!);

x-pack/plugins/apm/public/components/shared/charts/latency_chart/latency_chart.stories.tsx

@@ -11,7 +11,7 @@ import {
  ALERT_RULE_TYPE_ID,
  ALERT_EVALUATION_VALUE,
  ALERT_ID,
- ALERT_SEVERITY_LEVEL,
+ ALERT_SEVERITY,
  ALERT_START,
  ALERT_STATUS,
  ALERT_UUID,
@@ -158,7 +158,7 @@ Example.args = {
  tags: ['apm', 'service.name:frontend-rum'],
  'transaction.type': ['page-load'],
  [ALERT_RULE_PRODUCER]: ['apm'],
- [ALERT_SEVERITY_LEVEL]: ['warning'],
+ [ALERT_SEVERITY]: ['warning'],
  [ALERT_UUID]: ['af2ae371-df79-4fca-b0eb-a2dbd9478181'],
  [ALERT_RULE_UUID]: ['82e0ee40-c2f4-11eb-9a42-a9da66a1722f'],
  'event.action': ['active'],
@@ -180,7 +180,7 @@ Example.args = {
  tags: ['apm', 'service.name:frontend-rum'],
  'transaction.type': ['page-load'],
  [ALERT_RULE_PRODUCER]: ['apm'],
- [ALERT_SEVERITY_LEVEL]: ['critical'],
+ [ALERT_SEVERITY]: ['critical'],
  [ALERT_UUID]: ['af2ae371-df79-4fca-b0eb-a2dbd9478182'],
  [ALERT_RULE_UUID]: ['82e0ee40-c2f4-11eb-9a42-a9da66a1722f'],
  'event.action': ['active'],

x-pack/plugins/apm/server/lib/alerts/register_transaction_duration_anomaly_alert_type.ts

@@ -12,15 +12,13 @@ import { QueryDslQueryContainer } from '@elastic/elasticsearch/api/types';
 import type {
  ALERT_EVALUATION_THRESHOLD as ALERT_EVALUATION_THRESHOLD_TYPED,
  ALERT_EVALUATION_VALUE as ALERT_EVALUATION_VALUE_TYPED,
- ALERT_SEVERITY_LEVEL as ALERT_SEVERITY_LEVEL_TYPED,
- ALERT_SEVERITY_VALUE as ALERT_SEVERITY_VALUE_TYPED,
+ ALERT_SEVERITY as ALERT_SEVERITY_TYPED,
  ALERT_REASON as ALERT_REASON_TYPED,
 } from '@kbn/rule-data-utils';
 import {
  ALERT_EVALUATION_THRESHOLD as ALERT_EVALUATION_THRESHOLD_NON_TYPED,
  ALERT_EVALUATION_VALUE as ALERT_EVALUATION_VALUE_NON_TYPED,
- ALERT_SEVERITY_LEVEL as ALERT_SEVERITY_LEVEL_NON_TYPED,
- ALERT_SEVERITY_VALUE as ALERT_SEVERITY_VALUE_NON_TYPED,
+ ALERT_SEVERITY as ALERT_SEVERITY_NON_TYPED,
  ALERT_REASON as ALERT_REASON_NON_TYPED,
  // @ts-expect-error
 } from '@kbn/rule-data-utils/target_node/technical_field_names';
@@ -51,8 +49,7 @@ import {
 
 const ALERT_EVALUATION_THRESHOLD: typeof ALERT_EVALUATION_THRESHOLD_TYPED = ALERT_EVALUATION_THRESHOLD_NON_TYPED;
 const ALERT_EVALUATION_VALUE: typeof ALERT_EVALUATION_VALUE_TYPED = ALERT_EVALUATION_VALUE_NON_TYPED;
-const ALERT_SEVERITY_LEVEL: typeof ALERT_SEVERITY_LEVEL_TYPED = ALERT_SEVERITY_LEVEL_NON_TYPED;
-const ALERT_SEVERITY_VALUE: typeof ALERT_SEVERITY_VALUE_TYPED = ALERT_SEVERITY_VALUE_NON_TYPED;
+const ALERT_SEVERITY: typeof ALERT_SEVERITY_TYPED = ALERT_SEVERITY_NON_TYPED;
 const ALERT_REASON: typeof ALERT_REASON_TYPED = ALERT_REASON_NON_TYPED;
 
 const paramsSchema = schema.object({
@@ -258,8 +255,7 @@ export function registerTransactionDurationAnomalyAlertType({
  ...getEnvironmentEsField(environment),
  [TRANSACTION_TYPE]: transactionType,
  [PROCESSOR_EVENT]: ProcessorEvent.transaction,
- [ALERT_SEVERITY_LEVEL]: severityLevel,
- [ALERT_SEVERITY_VALUE]: score,
+ [ALERT_SEVERITY]: severityLevel,
  [ALERT_EVALUATION_VALUE]: score,
  [ALERT_EVALUATION_THRESHOLD]: threshold,
  [ALERT_REASON]: formatTransactionDurationAnomalyReason({

x-pack/plugins/observability/public/pages/alerts/example_data.ts

@@ -9,8 +9,7 @@ import {
  ALERT_DURATION,
  ALERT_END,
  ALERT_ID,
- ALERT_SEVERITY_LEVEL,
- ALERT_SEVERITY_VALUE,
+ ALERT_SEVERITY,
  ALERT_RULE_TYPE_ID,
  ALERT_START,
  ALERT_STATUS,
@@ -28,7 +27,7 @@ export const apmAlertResponseExample = [
  [ALERT_RULE_NAME]: ['Error count threshold | opbeans-java (smith test)'],
  [ALERT_DURATION]: [180057000],
  [ALERT_STATUS]: ['open'],
- [ALERT_SEVERITY_LEVEL]: ['warning'],
+ [ALERT_SEVERITY]: ['warning'],
  tags: ['apm', 'service.name:opbeans-java'],
  [ALERT_UUID]: ['0175ec0a-a3b1-4d41-b557-e21c2d024352'],
  [ALERT_RULE_UUID]: ['474920d0-93e9-11eb-ac86-0b455460de81'],
@@ -123,21 +122,13 @@ export const dynamicIndexPattern = {
  readFromDocValues: true,
  },
  {
- name: ALERT_SEVERITY_LEVEL,
+ name: ALERT_SEVERITY,
  type: 'string',
  esTypes: ['keyword'],
  searchable: true,
  aggregatable: true,
  readFromDocValues: true,
  },
- {
- name: ALERT_SEVERITY_VALUE,
- type: 'number',
- esTypes: ['long'],
- searchable: true,
- aggregatable: true,
- readFromDocValues: true,
- },
  {
  name: ALERT_START,
  type: 'date',

x-pack/plugins/observability/public/pages/alerts/render_cell_value.tsx

@@ -14,13 +14,13 @@ import React, { useEffect } from 'react';
  */
 import type {
  ALERT_DURATION as ALERT_DURATION_TYPED,
- ALERT_SEVERITY_LEVEL as ALERT_SEVERITY_LEVEL_TYPED,
+ ALERT_SEVERITY as ALERT_SEVERITY_TYPED,
  ALERT_STATUS as ALERT_STATUS_TYPED,
  ALERT_RULE_NAME as ALERT_RULE_NAME_TYPED,
 } from '@kbn/rule-data-utils';
 import {
  ALERT_DURATION as ALERT_DURATION_NON_TYPED,
- ALERT_SEVERITY_LEVEL as ALERT_SEVERITY_LEVEL_NON_TYPED,
+ ALERT_SEVERITY as ALERT_SEVERITY_NON_TYPED,
  ALERT_STATUS as ALERT_STATUS_NON_TYPED,
  ALERT_RULE_NAME as ALERT_RULE_NAME_NON_TYPED,
  TIMESTAMP,
@@ -36,7 +36,7 @@ import { parseAlert } from './parse_alert';
 import { usePluginContext } from '../../hooks/use_plugin_context';
 
 const ALERT_DURATION: typeof ALERT_DURATION_TYPED = ALERT_DURATION_NON_TYPED;
-const ALERT_SEVERITY_LEVEL: typeof ALERT_SEVERITY_LEVEL_TYPED = ALERT_SEVERITY_LEVEL_NON_TYPED;
+const ALERT_SEVERITY: typeof ALERT_SEVERITY_TYPED = ALERT_SEVERITY_NON_TYPED;
 const ALERT_STATUS: typeof ALERT_STATUS_TYPED = ALERT_STATUS_NON_TYPED;
 const ALERT_RULE_NAME: typeof ALERT_RULE_NAME_TYPED = ALERT_RULE_NAME_NON_TYPED;
 
@@ -108,7 +108,7 @@ export const getRenderCellValue = ({
  return <TimestampTooltip time={new Date(value ?? '').getTime()} timeUnit="milliseconds" />;
  case ALERT_DURATION:
  return asDuration(Number(value));
- case ALERT_SEVERITY_LEVEL:
+ case ALERT_SEVERITY:
  return <SeverityBadge severityLevel={value ?? undefined} />;
  case ALERT_RULE_NAME:
  const dataFieldEs = data.reduce((acc, d) => ({ ...acc, [d.field]: d.value }), {});

x-pack/plugins/rule_registry/common/assets/field_maps/technical_rule_field_map.ts

@@ -25,8 +25,7 @@ export const technicalRuleFieldMap = {
  [Fields.ALERT_START]: { type: 'date' },
  [Fields.ALERT_END]: { type: 'date' },
  [Fields.ALERT_DURATION]: { type: 'long' },
- [Fields.ALERT_SEVERITY_LEVEL]: { type: 'keyword' },
- [Fields.ALERT_SEVERITY_VALUE]: { type: 'long' },
+ [Fields.ALERT_SEVERITY]: { type: 'keyword' },
  [Fields.ALERT_STATUS]: { type: 'keyword' },
  [Fields.ALERT_EVALUATION_THRESHOLD]: { type: 'scaled_float', scaling_factor: 100 },
  [Fields.ALERT_EVALUATION_VALUE]: { type: 'scaled_float', scaling_factor: 100 },

x-pack/plugins/uptime/server/lib/alerts/duration_anomaly.test.ts

@@ -5,8 +5,7 @@
  * 2.0.
  */
 import {
- ALERT_SEVERITY_LEVEL,
- ALERT_SEVERITY_VALUE,
+ ALERT_SEVERITY,
  ALERT_EVALUATION_VALUE,
  ALERT_EVALUATION_THRESHOLD,
  ALERT_REASON,
@@ -171,8 +170,7 @@ describe('duration anomaly alert', () => {
  'observer.geo.name': anomaly.entityValue,
  [ALERT_EVALUATION_VALUE]: anomaly.actualSort,
  [ALERT_EVALUATION_THRESHOLD]: anomaly.typicalSort,
- [ALERT_SEVERITY_LEVEL]: getSeverityType(anomaly.severity),
- [ALERT_SEVERITY_VALUE]: anomaly.severity,
+ [ALERT_SEVERITY]: getSeverityType(anomaly.severity),
  [ALERT_REASON]: `Abnormal (${getSeverityType(
  anomaly.severity
  )} level) response time detected on uptime-monitor with url ${

x-pack/plugins/uptime/server/lib/alerts/duration_anomaly.ts

@@ -8,8 +8,7 @@ import { KibanaRequest, SavedObjectsClientContract } from 'kibana/server';
 import moment from 'moment';
 import { schema } from '@kbn/config-schema';
 import {
- ALERT_SEVERITY_LEVEL,
- ALERT_SEVERITY_VALUE,
+ ALERT_SEVERITY,
  ALERT_EVALUATION_VALUE,
  ALERT_EVALUATION_THRESHOLD,
  ALERT_REASON,
@@ -135,8 +134,7 @@ export const durationAnomalyAlertFactory: UptimeAlertTypeFactory<ActionGroupIds>
  'anomaly.bucket_span.minutes': summary.bucketSpan,
  [ALERT_EVALUATION_VALUE]: anomaly.actualSort,
  [ALERT_EVALUATION_THRESHOLD]: anomaly.typicalSort,
- [ALERT_SEVERITY_LEVEL]: summary.severity,
- [ALERT_SEVERITY_VALUE]: summary.severityScore,
+ [ALERT_SEVERITY]: summary.severity,
  [ALERT_REASON]: generateAlertMessage(
  CommonDurationAnomalyTranslations.defaultActionMessage,
  summary

x-pack/plugins/uptime/server/lib/alerts/status_check.test.ts

@@ -4,7 +4,7 @@
  * 2.0; you may not use this file except in compliance with the Elastic License
  * 2.0.
  */
-import { ALERT_REASON, ALERT_SEVERITY_WARNING, ALERT_SEVERITY_LEVEL } from '@kbn/rule-data-utils';
+import { ALERT_REASON, ALERT_SEVERITY_WARNING, ALERT_SEVERITY } from '@kbn/rule-data-utils';
 import {
  generateFilterDSL,
  hasFilters,
@@ -75,7 +75,7 @@ const mockStatusAlertDocument = (
  [ALERT_REASON]: `Monitor first with url ${monitorInfo?.url?.full} is down from ${
  monitorInfo.observer?.geo?.name
  }. The latest error message is ${monitorInfo.error?.message || ''}`,
- [ALERT_SEVERITY_LEVEL]: ALERT_SEVERITY_WARNING,
+ [ALERT_SEVERITY]: ALERT_SEVERITY_WARNING,
  },
  id: getInstanceId(
  monitorInfo,
@@ -96,7 +96,7 @@ const mockAvailabilityAlertDocument = (monitor: GetMonitorAvailabilityResult) =>
  )}% availability expected is 99.34% from ${
  monitorInfo.observer?.geo?.name
  }. The latest error message is ${monitorInfo.error?.message || ''}`,
- [ALERT_SEVERITY_LEVEL]: ALERT_SEVERITY_WARNING,
+ [ALERT_SEVERITY]: ALERT_SEVERITY_WARNING,
  },
  id: getInstanceId(monitorInfo, `${monitorInfo?.monitor.id}-${monitorInfo.observer?.geo?.name}`),
  };

x-pack/plugins/uptime/server/lib/alerts/status_check.ts

@@ -7,7 +7,7 @@
 import { min } from 'lodash';
 import datemath from '@elastic/datemath';
 import { schema } from '@kbn/config-schema';
-import { ALERT_SEVERITY_WARNING, ALERT_SEVERITY_LEVEL } from '@kbn/rule-data-utils';
+import { ALERT_SEVERITY_WARNING, ALERT_SEVERITY } from '@kbn/rule-data-utils';
 import { i18n } from '@kbn/i18n';
 import { JsonObject } from '@kbn/utility-types';
 import { fromKueryExpression, toElasticsearchQuery } from '@kbn/es-query';
@@ -159,7 +159,7 @@ export const getMonitorAlertDocument = (monitorSummary: Record<string, string |
  'observer.geo.name': monitorSummary.observerLocation,
  'error.message': monitorSummary.latestErrorMessage,
  'agent.name': monitorSummary.observerHostname,
- [ALERT_SEVERITY_LEVEL]: ALERT_SEVERITY_WARNING,
+ [ALERT_SEVERITY]: ALERT_SEVERITY_WARNING,
  [ALERT_REASON]: monitorSummary.reason,
 });
 

x-pack/plugins/uptime/server/lib/alerts/tls.test.ts

@@ -5,7 +5,7 @@
  * 2.0.
  */
 import moment from 'moment';
-import { ALERT_SEVERITY_WARNING, ALERT_SEVERITY_LEVEL } from '@kbn/rule-data-utils';
+import { ALERT_SEVERITY_WARNING, ALERT_SEVERITY } from '@kbn/rule-data-utils';
 import { tlsAlertFactory, getCertSummary, DEFAULT_SIZE } from './tls';
 import { TLS } from '../../../common/constants/alerts';
 import { CertResult, DynamicSettings } from '../../../common/runtime_types';
@@ -116,7 +116,7 @@ describe('tls alert', () => {
  'tls.server.x509.not_after': cert.not_after,
  'tls.server.x509.not_before': cert.not_before,
  'tls.server.hash.sha256': cert.sha256,
- [ALERT_SEVERITY_LEVEL]: ALERT_SEVERITY_WARNING,
+ [ALERT_SEVERITY]: ALERT_SEVERITY_WARNING,
  }),
  id: `${cert.common_name}-${cert.issuer?.replace(/\s/g, '_')}-${cert.sha256}`,
  });

x-pack/plugins/uptime/server/lib/alerts/tls.ts

@@ -6,7 +6,7 @@
  */
 import moment from 'moment';
 import { schema } from '@kbn/config-schema';
-import { ALERT_REASON, ALERT_SEVERITY_WARNING, ALERT_SEVERITY_LEVEL } from '@kbn/rule-data-utils';
+import { ALERT_REASON, ALERT_SEVERITY_WARNING, ALERT_SEVERITY } from '@kbn/rule-data-utils';
 import { UptimeAlertTypeFactory } from './types';
 import { updateState, generateAlertMessage } from './common';
 import { TLS } from '../../../common/constants/alerts';
@@ -172,7 +172,7 @@ export const tlsAlertFactory: UptimeAlertTypeFactory<ActionGroupIds> = (_server,
  'tls.server.x509.not_after': cert.not_after,
  'tls.server.x509.not_before': cert.not_before,
  'tls.server.hash.sha256': cert.sha256,
- [ALERT_SEVERITY_LEVEL]: ALERT_SEVERITY_WARNING,
+ [ALERT_SEVERITY]: ALERT_SEVERITY_WARNING,
  [ALERT_REASON]: generateAlertMessage(TlsTranslations.defaultActionMessage, summary),
  },
  });