[Event Log] add rel=primary to saved objects for query targets #64615
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pmuellr
added
Feature:Alerting
v8.0.0
release_note:skip
|
Pinging @elastic/kibana-alerting-services (Team:Alerting Services) |
resolves elastic#62668 Adds a property named `rel` to the nested saved objects in the event documents, whose value should not be set, or set to `primary`. The query by saved object function changes to only match event documents with that saved objects if it has the `rel: primary` value. This is used to limit searching alerting's executeAction event document with only the alert saved object, and not the action saved object (this document has an alert and action saved object). The alert saved object has the `rel: primary` field set, and the action does not. Previously, those documents were returned with a query of the action saved object.
pmuellr
force-pushed
the
eventLog/auth-on-sos
branch
from
6313a5e to
b8626b1
Compare
mikecote
approved these changes
Apr 28, 2020
|
@elasticmachine merge upstream |
💚 Build SucceededHistory
To update your PR or re-run it, just comment with: |
pmuellr
added a commit
to pmuellr/kibana
that referenced
this pull request
Apr 30, 2020
…ic#64615) resolves elastic#62668 Adds a property named `rel` to the nested saved objects in the event documents, whose value should not be set, or set to `primary`. The query by saved object function changes to only match event documents with that saved objects if it has the `rel: primary` value. This is used to limit searching alerting's executeAction event document with only the alert saved object, and not the action saved object (this document has an alert and action saved object). The alert saved object has the `rel: primary` field set, and the action does not. Previously, those documents were returned with a query of the action saved object.
pmuellr
added a commit
that referenced
this pull request
Apr 30, 2020
… (#64866) resolves #62668 Adds a property named `rel` to the nested saved objects in the event documents, whose value should not be set, or set to `primary`. The query by saved object function changes to only match event documents with that saved objects if it has the `rel: primary` value. This is used to limit searching alerting's executeAction event document with only the alert saved object, and not the action saved object (this document has an alert and action saved object). The alert saved object has the `rel: primary` field set, and the action does not. Previously, those documents were returned with a query of the action saved object.
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Apr 30, 2020
* master: (42 commits) [Ingest] Allow aggent to send metadata compliant with ECS (elastic#64452) [Endpoint] Remove todos, urls to issues (elastic#64833) [Uptime] Remove hard coded value for monitor states histograms (elastic#64396) Feature/send feedback link (elastic#64845) [ML] Moving get filters capability to admin (elastic#64879) Remove edit alert button from alerts list (elastic#64643) [EPM] Handle constant_keyword type in KB index patterns and ES index templates (elastic#64876) [ML] Disable data frame anaylics clone button based on permission (elastic#64830) Dashboard url generator to preserve saved filters from destination dashboard (elastic#64767) add generic typings for SavedObjectMigrationFn (elastic#63943) Allow to define and update a defaultPath for applications (elastic#64498) [Event Log] add rel=primary to saved objects for query targets (elastic#64615) [Lens] Use a size of 5 for first string field in visualization (elastic#64726) [SIEM][Lists] Removes plugin dependencies, adds more unit tests, fixes more TypeScript types [Ingest] Edit datasource UI (elastic#64727) [Lens] Bind all time fields to the time picker (elastic#63874) [Lens] Use suggestion system in chart switcher for subtypes (elastic#64613) Improve alpha messaging (elastic#64692) [Ingest] Allow to enable monitoring of elastic agent (elastic#63598) [Metrics UI] Fix alerting when a filter query is present (elastic#64575) ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
resolves #62668
Adds a property named
relto the nested saved objects in the eventdocuments, whose value should not be set, or set to
primary.The query by saved object function changes to only match event documents
with that saved objects if it has the
rel: primaryvalue.This is used to limit searching alerting's executeAction event document
with only the alert saved object, and not the action saved object (this
document has an alert and action saved object). The alert saved object
has the
rel: primaryfield set, and the action does not. Previously,those documents were returned with a query of the action saved object.
Summary
Summarize your PR. If it involves visual changes include a screenshot or gif.
Checklist
Delete any items that are not applicable to this PR.
For maintainers