[Response Ops][Alerting] Do not copy latest rule configuration into recovered alerts.#195946
Merged
ymao1 merged 2 commits intoelastic:mainfrom Oct 24, 2024
Merged
[Response Ops][Alerting] Do not copy latest rule configuration into recovered alerts.#195946ymao1 merged 2 commits intoelastic:mainfrom
ymao1 merged 2 commits intoelastic:mainfrom
Conversation
575d84e to
a337dea
Compare
a337dea to
40e93db
Compare
40e93db to
c1a375a
Compare
Contributor
|
Pinging @elastic/response-ops (Team:ResponseOps) |
maryam-saeidi
approved these changes
Oct 24, 2024
Member
maryam-saeidi
left a comment
There was a problem hiding this comment.
Worked as expected, thanks!
pmuellr
approved these changes
Oct 24, 2024
Contributor
pmuellr
left a comment
There was a problem hiding this comment.
LGTM, but left a comment about the change from flattened to non-flattened alert data.
| timestamp: '2023-03-29T12:27:28.159Z', | ||
| }) | ||
| ).toEqual({ | ||
| ...alertRule, |
Contributor
There was a problem hiding this comment.
alertRule is an object with "flattened" properties:
But is being replaced with non-flattened properties, below.
I'm thinking this is ok because we always end up flattening, in the end?
Contributor
Author
|
@elasticmachine merge upstream |
Contributor
💚 Build Succeeded
Metrics [docs]
History
cc @ymao1 |
Contributor
|
Starting backport for target branches: 8.x |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Oct 24, 2024
…ecovered alerts. (elastic#195946) (cherry picked from commit df270ca)
Contributor
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Oct 24, 2024
…into recovered alerts. (#195946) (#197741) # Backport This will backport the following commits from `main` to `8.x`: - [[Response Ops][Alerting] Do not copy latest rule configuration into recovered alerts. (#195946)](#195946) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Ying Mao","email":"ying.mao@elastic.co"},"sourceCommit":{"committedDate":"2024-10-24T22:12:51Z","message":"[Response Ops][Alerting] Do not copy latest rule configuration into recovered alerts. (#195946)","sha":"df270ca6cdefde229ea32f1e9668710b03457a57","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:Alerting","release_note:skip","Team:ResponseOps","v9.0.0","backport:prev-minor","v8.17.0"],"title":"[Response Ops][Alerting] Do not copy latest rule configuration into recovered alerts.","number":195946,"url":"https://github.com/elastic/kibana/pull/195946","mergeCommit":{"message":"[Response Ops][Alerting] Do not copy latest rule configuration into recovered alerts. (#195946)","sha":"df270ca6cdefde229ea32f1e9668710b03457a57"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195946","number":195946,"mergeCommit":{"message":"[Response Ops][Alerting] Do not copy latest rule configuration into recovered alerts. (#195946)","sha":"df270ca6cdefde229ea32f1e9668710b03457a57"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Ying Mao <ying.mao@elastic.co>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Resolves #181828
Summary
Do not update recovered alerts with the current rule configuration. This allows recovered alerts to preserver the configuration of the rule at the time the alert was last active. This makes sense because it is possible that a change to the rule configuration caused any existing alerts to recover so it is a confusing user experience to see a recovered alert include the latest rule configuration.
To Verify