-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Alerting] allow a human-readable string to be associated with an instanceId #64268
Comments
Pinging @elastic/kibana-alerting-services (Team:Alerting Services) |
My first guess at an implementation would be to change the instance factory to take an optional name as an additional new parameter, in addition to kibana/x-pack/plugins/alerting/server/alert_instance/create_alert_instance_factory.ts Lines 9 to 17 in 4fc1c5f
If we think we might need more things later, we could make the second param an optional option "bag" with a Presumably this would be stored as a new instance field in the AlertIntance: kibana/x-pack/plugins/alerting/common/alert_instance.ts Lines 20 to 24 in 4fc1c5f
Not sure what else that will affect - saved object shapes? Certainly some external type used in the endpoint the UI calls to populate the alert details page. |
Starting to look into this issue, here's a survey of usages of instance ids in the product: kibana/x-pack/plugins/alerting_builtins/server/alert_types/index_threshold/alert_type.ts Lines 127 to 144 in 5992424
The instanceId is the value used for grouping,if grouping was requested, otherwise is the string 'all documents'. Eg, for a query where you group based on a field used to store host names, the instance id will be a host name. kibana/x-pack/plugins/apm/server/lib/alerts/register_error_rate_alert_type.ts Lines 122 to 124 in 5992424
instanceId: kibana/x-pack/plugins/apm/server/lib/alerts/register_transaction_duration_alert_type.ts Lines 163 to 165 in 5992424
instanceId: Line 57 in 5992424
Not clear what kibana/x-pack/plugins/infra/server/lib/alerting/log_threshold/log_threshold_executor.ts Line 91 in 5992424
kibana/x-pack/plugins/infra/server/lib/alerting/log_threshold/log_threshold_executor.ts Line 131 in 5992424
Not clear what kibana/x-pack/plugins/infra/server/lib/alerting/metric_threshold/metric_threshold_executor.ts Line 39 in 5992424
Not clear what
instanceId:
instanceId: Line 76 in 5992424
It appears this is the id of the alert, so a different fixed string should probably be used. Line 291 in 5992424
It appears this is the id of the alert, so a different fixed string should probably be used.
instanceId:
instanceId: |
resolves elastic#64268 Instances can now be retrieved/created via alertInstanceFactory('instance-id', { name: 'a nice name for this instance' }); Alert instances can use `getName()` to return the name, if set. Adds new context variables for all alerts with names `alertInstanceName` and `alertInstanceNameOrId`. The former may be `undefined`. The latter is `alertInstance.name || alertInstanceId`. ---- However, from existing usage as documented in that issue, I don't think we need this quite **yet**. I think a lot of the usages of alertIds in those instance ids aren't required or desired.
It seems like many of these instance id strings should be changed to something more useful, however, there IS a "migration" issue. Say you changed the instance id string in 7.9, any alerts from 7.8 will switch from using the old instance id to the new one, once Kibana is running. This means:
Some downsides, for sure, and I guess we need to factor these "instance id migrations" into our dev docs somehow. It's probably worth changing though, and it's possible you could recover the old state from 7.8 if you want (just access an instance with the old id). Muting will be hard, as the alert executor does not yet have access to the alert client (until I convince @mikecote of this! :-) ). |
I'm seeing this as another case that would seem easier if ever the alert state lived within the alert object. Saved object migrations would handle this no problem and we could allow alert types to migrate their ids this with #50216. We would also stop losing state whenever changing the enabled status of an alert. I'm sure there would be further complications with an approach like this, with the event log for example. |
#71335 and #71340 will resolve the |
I made another pass through the callers of The only obvious ones are with security solution, here: Lines 75 to 78 in 187a130
Lines 366 to 374 in 187a130
I'll contact the team off-line, in case they want to fix this - but I suspect they may not, since their usage of alerts is more of an implementation detail than exposing customer-facing alerts. |
I'm going to close this for now, as I've been treating this issue as a kind of meta issue to see if we can get human readable instance ids into the system directly for the current set of alertTypes in Kibana, instead of having both an instance id and name. We may want to revisit having an explicit name, as mentioned in #64268 (comment), but I think it's probably best to wait for some explicit solution or customer feedback to get more requirements. |
Currently the alerting framework uses strings as instanceIds, that an alert executor will use when scheduling action groups for execution. These instanceIds are then displayed in the alert details page, to show the state of the instances the executor has processed.
Sometimes, that works out nicely, if your instanceIds are human-readable:
But if they aren't, say they're UUIDs, it's a dog's breakfast:
We should figure out a way that an executor could supply a name when referencing an instanceId. And then make that available wherever instance information is available. That name should be the string displayed in the UI. If the name isn't supplied, then the instanceId would be displayed, as it is today.
The text was updated successfully, but these errors were encountered: