[OAS] Add more Elasticsearch query rule examples #164386
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
lcawl
added
Feature:Alerting
release_note:skip
🤖 GitHub commentsExpand to view the GitHub comments
Just comment with:
|
💛 Build succeeded, but was flaky
Failed CI StepsMetrics [docs]
To update your PR or re-run it, just comment with: |
|
Pinging @elastic/response-ops (Team:ResponseOps) |
lcawl
added
v8.10.0
and removed
backport:skip
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Aug 28, 2023
(cherry picked from commit eaf9269)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Aug 28, 2023
…65031) # Backport This will backport the following commits from `main` to `8.10`: - [[OAS] Add more Elasticsearch query rule examples (#164386)](#164386) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Lisa Cawley","email":"[email protected]"},"sourceCommit":{"committedDate":"2023-08-28T18:25:53Z","message":"[OAS] Add more Elasticsearch query rule examples (#164386)","sha":"eaf9269667db66a5b69eb137e3444830b8b33cb6","branchLabelMapping":{"^v8.11.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:Alerting","release_note:skip","Team:ResponseOps","docs","v8.10.0","v8.11.0"],"number":164386,"url":"https://github.com/elastic/kibana/pull/164386","mergeCommit":{"message":"[OAS] Add more Elasticsearch query rule examples (#164386)","sha":"eaf9269667db66a5b69eb137e3444830b8b33cb6"}},"sourceBranch":"main","suggestedTargetBranches":["8.10"],"targetPullRequestStates":[{"branch":"8.10","label":"v8.10.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.11.0","labelRegex":"^v8.11.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/164386","number":164386,"mergeCommit":{"message":"[OAS] Add more Elasticsearch query rule examples (#164386)","sha":"eaf9269667db66a5b69eb137e3444830b8b33cb6"}}]}] BACKPORT--> Co-authored-by: Lisa Cawley <[email protected]>
jloleysens
added a commit
to jloleysens/kibana
that referenced
this pull request
Aug 29, 2023
* main: (40 commits) Adjust migrations and elasticsearch service settings for serverless. (elastic#165050) [Security Solution] expandable flyout - add investigate in timeline f… (elastic#165025) [SecuritySolution] Hide create dashboard button from listing (elastic#164476) Construct HTTP log message only if needed (elastic#165057) [Security Solution] expandable flyout - add no data message in entities details and entities overview components (elastic#164955) Add functional tests for serverless security management UIs (elastic#164886) [api-docs] 2023-08-29 Daily api_docs build (elastic#165056) [Cloud Security][CIS GCP]cis gcp now use updated gcp field name + small last minute changes (elastic#164792) [Security Solution] Expandable flyout - update risk classification ui in entities overview (elastic#165022) [Security Solution] Fixes Preconfigured Connectors not working with Assistant (elastic#164900) [Security Solution] Coverage Overview follow-up 2 (elastic#164986) [DOCS] Add cross-link for other encryption key settings (elastic#165014) chore(slo): general enhancement (elastic#164723) Revert "[SOR] Allow optionally downgrading documents with a higher version model in API READ methods" (elastic#164991) [OAS] Add more Elasticsearch query rule examples (elastic#164386) [security_solution_cypress] Add support for options in EsArchiver.load (elastic#164988) [Event Log] Skip setting assets to hidden in serverless (elastic#164767) remove unneeded usages of isErrorResponse (elastic#164609) [Enterprise Search] Make network drive connector platinum (elastic#165007) [RAM] update api key to become public (elastic#164883) ...
This was referenced Oct 1, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Relates to #161685
This PR adds a second example of creating an Elasticsearch query rule. In this case, it uses query DSL and has two actions that use a server log connector. The purpose of the latter is to demonstrate that Elasticsearch query rules support alert summaries.