Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[RAC] [Observability] Use simpler alert severity level mapping #109068

Merged
merged 8 commits into from
Aug 18, 2021
Merged

[RAC] [Observability] Use simpler alert severity level mapping #109068

merged 8 commits into from
Aug 18, 2021

Conversation

mgiota
Copy link
Contributor

@mgiota mgiota commented Aug 18, 2021
edited
Loading

📝 Summary

Fixes #109075

In order to comply with the Alerts-as-Data-Schema-Fields, we are removing kibana.alert.severity.level and kibana.alert.severity.value and keep only kibana.alert.severity.

Acceptance criteria

  • ALERT_SEVERITY_VALUE and all usages are removed for now
  • ALERT_SEVERITY_LEVEL is renamed to ALERT_SEVERITY and it will be a keyword field called kibana.alert.severity
  • the severity field will be hidden from the obs alert table and flyout (part of this PR [RAC][Observability] temporarily hide severity column #109004)
  • the discussion about storing the severity value will be deferred until we have time to gather wider input about the use-cases

Notes

  • This also lets us keep the schema consistent with existing security signals where they use signal.rule.severity and they would like to alias that field as kibana.alert.severity (as opposed to aliasing it as kibana.alert.severity.level).

@mgiota mgiota changed the title Severity column [RAC][Observability] Index Severity for inventory threshold rule type Aug 18, 2021
@mgiota mgiota mentioned this pull request Aug 18, 2021
Merged
@mgiota mgiota force-pushed the severity_column branch 2 times, most recently from 0700540 to 1743e6e Compare August 18, 2021 10:53
@mgiota mgiota changed the title [RAC][Observability] Index Severity for inventory threshold rule type [RAC][Observability] Use kibana.alert.severity instead of kibana.alert.severity.level Aug 18, 2021
@mgiota mgiota marked this pull request as ready for review August 18, 2021 11:11
@mgiota mgiota requested review from a team as code owners August 18, 2021 11:11
@mgiota mgiota added the Team:Infra Monitoring UI - DEPRECATED DEPRECATED - Label for the Infra Monitoring UI team. Use Team:obs-ux-infra_services label Aug 18, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/logs-metrics-ui (Team:logs-metrics-ui)

@mgiota mgiota added Theme: rac label obsolete v7.15.0 v8.0.0 auto-backport Deprecated - use backport:version if exact versions are needed labels Aug 18, 2021
@mgiota mgiota changed the title [RAC][Observability] Use kibana.alert.severity instead of kibana.alert.severity.level [RAC][Observability] Comply with the Alerts-as-Data-Schema-Fields Aug 18, 2021
@mgiota mgiota changed the title [RAC][Observability] Comply with the Alerts-as-Data-Schema-Fields [RAC][Observability] Comply with Alerts-as-Data-Schema-Fields spreadsheet Aug 18, 2021
@mgiota mgiota changed the title [RAC][Observability] Comply with Alerts-as-Data-Schema-Fields spreadsheet [RAC][Observability] Comply with the Alerts-as-Data-Schema-Fields spreadsheet Aug 18, 2021
@mgiota mgiota added the release_note:skip Skip the PR/issue when compiling release notes label Aug 18, 2021
@weltenwort weltenwort mentioned this pull request Aug 18, 2021
Closed
52 tasks
@mgiota mgiota self-assigned this Aug 18, 2021
@weltenwort weltenwort changed the title [RAC][Observability] Comply with the Alerts-as-Data-Schema-Fields spreadsheet [RAC] [Observability] Use simpler alert severity level mapping Aug 18, 2021
@mgiota mgiota mentioned this pull request Aug 18, 2021
Closed
dominiqueclarke
dominiqueclarke approved these changes Aug 18, 2021
View reviewed changes
Copy link
Contributor

@dominiqueclarke dominiqueclarke left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Uptime changes LGTM

@botelastic botelastic bot added Team:APM All issues that need APM UI Team support Team:Uptime - DEPRECATED Synthetics & RUM sub-team of Application Observability labels Aug 18, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/apm-ui (Team:apm)

@elasticmachine
Copy link
Contributor

Pinging @elastic/uptime (Team:uptime)

@mgiota
Copy link
Contributor Author

mgiota commented Aug 18, 2021

@elasticmachine merge upstream

@mgiota mgiota enabled auto-merge (squash) August 18, 2021 15:06
justinkambic
justinkambic reviewed Aug 18, 2021
View reviewed changes
Copy link
Contributor

@justinkambic justinkambic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, there's a commented line we should remove.

x-pack/plugins/uptime/server/lib/alerts/duration_anomaly.test.ts Outdated Show resolved Hide resolved
@mistic mistic added v7.16.0 and removed v7.15.0 labels Aug 18, 2021
@weltenwort weltenwort added bug Fixes for quality problems that affect the customer experience v7.15.0 labels Aug 18, 2021
smith
smith approved these changes Aug 18, 2021
View reviewed changes
Copy link
Contributor

@smith smith left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

APM changes look good.

@mgiota mgiota removed the request for review from justinkambic August 18, 2021 18:09
justinkambic
justinkambic approved these changes Aug 18, 2021
View reviewed changes
Copy link
Contributor

@justinkambic justinkambic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
apm 4.4MB 4.4MB -366.0B
observability 490.5KB 490.0KB -542.0B
securitySolution 6.5MB 6.5MB -176.0B
timelines 437.5KB 436.8KB -704.0B
total -1.7KB

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
apm 46.5KB 46.3KB -194.0B
infra 149.7KB 149.5KB -176.0B
uptime 36.6KB 36.5KB -176.0B
total -546.0B

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @mgiota

@mgiota mgiota merged commit 8c8dca6 into elastic:master Aug 18, 2021
@kibanamachine kibanamachine mentioned this pull request Aug 18, 2021
Merged
kibanamachine added a commit to kibanamachine/kibana that referenced this pull request Aug 18, 2021
@mgiota @kibanamachine
[RAC] [Observability] Use simpler alert severity level mapping (elast…
b12367c 
…ic#109068)

* [RAC][Observability] remove severity fields from mapping keep only ALERT_SEVERITY

* temporarily remove severity value occurences

* remove ALERT_SEVERITY_VALUE occurences, this value is not being read and shown in the Observability alerts table

* remove duplicate ALERT_SEVERITY identifier

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
kibanamachine added a commit to kibanamachine/kibana that referenced this pull request Aug 18, 2021
@mgiota @kibanamachine
[RAC] [Observability] Use simpler alert severity level mapping (elast…
539664b 
…ic#109068)

* [RAC][Observability] remove severity fields from mapping keep only ALERT_SEVERITY

* temporarily remove severity value occurences

* remove ALERT_SEVERITY_VALUE occurences, this value is not being read and shown in the Observability alerts table

* remove duplicate ALERT_SEVERITY identifier

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
@kibanamachine kibanamachine mentioned this pull request Aug 18, 2021
Merged
@kibanamachine
Copy link
Contributor

💚 Backport successful

Status Branch Result
7.15
7.x

The backport PRs will be merged automatically after passing CI.

kibanamachine added a commit that referenced this pull request Aug 18, 2021
@kibanamachine @mgiota
[RAC] [Observability] Use simpler alert severity level mapping (#109068
6ef22be 
…) (#109172)

* [RAC][Observability] remove severity fields from mapping keep only ALERT_SEVERITY

* temporarily remove severity value occurences

* remove ALERT_SEVERITY_VALUE occurences, this value is not being read and shown in the Observability alerts table

* remove duplicate ALERT_SEVERITY identifier

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>

Co-authored-by: mgiota <giota85@gmail.com>
kibanamachine added a commit that referenced this pull request Aug 19, 2021
@kibanamachine @mgiota
[RAC] [Observability] Use simpler alert severity level mapping (#109068
41c0a45 
…) (#109171)

* [RAC][Observability] remove severity fields from mapping keep only ALERT_SEVERITY

* temporarily remove severity value occurences

* remove ALERT_SEVERITY_VALUE occurences, this value is not being read and shown in the Observability alerts table

* remove duplicate ALERT_SEVERITY identifier

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>

Co-authored-by: mgiota <giota85@gmail.com>
@mgiota mgiota deleted the severity_column branch January 4, 2022 10:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smith smith smith approved these changes

@dominiqueclarke dominiqueclarke dominiqueclarke approved these changes

@justinkambic justinkambic justinkambic approved these changes

Assignees

@mgiota mgiota

Labels
auto-backport Deprecated - use backport:version if exact versions are needed bug Fixes for quality problems that affect the customer experience release_note:skip Skip the PR/issue when compiling release notes Team:APM All issues that need APM UI Team support Team:Infra Monitoring UI - DEPRECATED DEPRECATED - Label for the Infra Monitoring UI team. Use Team:obs-ux-infra_services Team:Uptime - DEPRECATED Synthetics & RUM sub-team of Application Observability Theme: rac label obsolete v7.15.0 v7.16.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[RAC][Observability] Use simpler alert severity level mapping
8 participants
@mgiota @elasticmachine @kibanamachine @smith @dominiqueclarke @justinkambic @weltenwort @mistic