Onboard Synthetics Monitor Status rule type with FAAD #186214
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
/ci |
doakalexi
changed the title
doakalexi
changed the title
doakalexi
added
Team:ResponseOps
|
Pinging @elastic/response-ops (Team:ResponseOps) |
botelastic
bot
added
ci:project-deploy-observability
|
Pinging @elastic/obs-ux-infra_services-team (Team:obs-ux-infra_services) |
umbopepato
approved these changes
Jun 18, 2024
pmuellr
approved these changes
Jun 18, 2024
There was a problem hiding this comment.
code LGTM, but unable to test locally. I got stopped at trying to add an agent, that wanted me to install a fleet server. Looks like it wants something (Fleet server) installed, which requires Elastic Agent to be installed - I gave up after that.
LMK if there's an easy way to test locally, or maybe it's possible to point to a Fleet server in the cloud or something?
|
I was holding Kibana wrong, Alexi showed me the correct way, and was able to verify with the instructions above. Hint - go to Synthetics from the main left nav, not from within the o11y app, as that led me astray, trying to set up Fleet before I could do anything else. |
💚 Build Succeeded
Metrics [docs]History
To update your PR or re-run it, just comment with: |
bhapas
pushed a commit
to bhapas/kibana
that referenced
this pull request
Jun 24, 2024
Towards: elastic#169867 This PR onboards the Synthetics Monitor Status rule type with FAAD. ### To verify I can't get the rule to alert, so I modified the status check to report the monitor as down. If you know of an easier way pls let me know 🙂 1. Create a [monitor](http://localhost:5601/app/synthetics/monitors), by default creating a monitor creates a rule. 2. Click on the monitor and grab the id and locationId from the url 3. Go to [the status check code](https://github.com/elastic/kibana/blob/main/x-pack/plugins/observability_solution/synthetics/server/queries/query_monitor_status.ts#L208) and replace the object that is returned with the following using the id and locationId you got from the monitor. ``` { up: 0, down: 1, pending: 0, upConfigs: {}, pendingConfigs: {}, downConfigs: { '${id}-${locationId}': { configId: '${id}', monitorQueryId: '${id}', status: 'down', locationId: '${locationId}', ping: { '@timestamp': new Date().toISOString(), state: { id: 'test-state', }, monitor: { name: 'test-monitor', }, observer: { name: 'test-monitor', }, } as any, timestamp: new Date().toISOString(), }, }, enabledMonitorQueryIds: ['${id}'], }; ``` 5. Your rule should create an alert and should saved it in `.internal.alerts-observability.uptime.alerts-default-000001` Example: ``` GET .internal.alerts-*/_search ``` 6. Recover repeating step 3 using ``` { up: 1, down: 0, pending: 0, downConfigs: {}, pendingConfigs: {}, upConfigs: { '${id}-${locationId}': { configId: '${id}', monitorQueryId: '${id}', status: 'down', locationId: '${locationId}', ping: { '@timestamp': new Date().toISOString(), state: { id: 'test-state', }, monitor: { name: 'test-monitor', }, observer: { name: 'test-monitor', }, } as any, timestamp: new Date().toISOString(), }, }, enabledMonitorQueryIds: ['${id}'], }; ``` 8. The alert should be recovered and the AAD in the above index should be updated `kibana.alert.status: recovered`.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Towards: #169867
This PR onboards the Synthetics Monitor Status rule type with FAAD.
To verify
I can't get the rule to alert, so I modified the status check to report the monitor as down. If you know of an easier way pls let me know 🙂
.internal.alerts-observability.uptime.alerts-default-000001Example:
kibana.alert.status: recovered.