Skip to content

Enables the EventLog Client to query across ILM versions of the .event-log index #81920

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Oct 29, 2020
Merged

Enables the EventLog Client to query across ILM versions of the .event-log index #81920

merged 4 commits into from
Oct 29, 2020

Conversation

@gmmorris
Copy link
Contributor

@gmmorris gmmorris commented Oct 28, 2020
edited
Loading

Summary

closes #81274

Fixes a bug in the EventLog client which caused it to query for events created in the current version instead of querying across versions.

Checklist

Delete any items that are not applicable to this PR.

For maintainers

@gmmorris gmmorris added Feature:EventLog release_note:fix Team:ResponseOps Platform ResponseOps team (formerly the Cases and Alerting teams) t// v7.11.0 v8.0.0 labels Oct 28, 2020
@gmmorris gmmorris changed the title use indexPattern in place of alias enables the EventLog Client to query across ILM versions of the .event-log index Oct 28, 2020
@gmmorris gmmorris marked this pull request as ready for review October 28, 2020 16:56
@gmmorris gmmorris requested a review from a team as a code owner October 28, 2020 16:56
@elasticmachine
Copy link
Contributor

elasticmachine commented Oct 28, 2020

Pinging @elastic/kibana-alerting-services (Team:Alerting Services)

@gmmorris gmmorris changed the title enables the EventLog Client to query across ILM versions of the .event-log index Enables the EventLog Client to query across ILM versions of the .event-log index Oct 28, 2020
pmuellr
pmuellr approved these changes Oct 28, 2020
View reviewed changes
Copy link
Member

@pmuellr pmuellr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM; made a comment about the yuge mappings that got added. Main worry is what happens to this over time, but I think it's basically fixed in time, so ... go for now; if we have a non-trivial change to the event_log over time we need to account for, that would be more work anyway ...

x-pack/test/functional/es_archives/event_log_multiple_indicies/mappings.json
@@ -0,0 +1,2685 @@
{
Copy link
Member

@pmuellr pmuellr Oct 28, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yikes! you'd think there would be something smaller you could do, heh.

Is this needed because the test is using the `event_log_test_ saved object fixture type? We could probably change that, or create a different test, that used alerts instead, if it would avoid having to pull in this massive wad.

Copy link
Contributor Author

@gmmorris gmmorris Oct 28, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, it's a pain... esArchiver isn't the esasiest to debug when it just decides not to load the archive anymoe so left it as is.

I've now pruned a bunch of the mappings... 🤞 lets hope it passes

Copy link
Member

@pmuellr pmuellr Oct 28, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not a big deal, wouldn't spend a lot of time on it. This will always just be testing the 7.9 -> 8.0 cross-over, so it doesn't seem like it will ever need to change in the future.

YulNaumenko
YulNaumenko approved these changes Oct 28, 2020
View reviewed changes
Copy link
Contributor

@YulNaumenko YulNaumenko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@gmmorris
Copy link
Contributor Author

gmmorris commented Oct 29, 2020

@elasticmachine merge upstream

@kibanamachine
Copy link
Contributor

kibanamachine commented Oct 29, 2020

💚 Build Succeeded

Metrics [docs]

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@gmmorris gmmorris merged commit 13fe95b into elastic:master Oct 29, 2020
gmmorris added a commit to gmmorris/kibana that referenced this pull request Oct 29, 2020
@gmmorris
Enables the EventLog Client to query across ILM versions of the `.eve…
e093a06 
…nt-log` index (elastic#81920)

Fixes a bug in the EventLog client which caused it to query for events created in the current version instead of querying across versions.
@gmmorris gmmorris mentioned this pull request Oct 29, 2020
Merged
gmmorris added a commit that referenced this pull request Oct 29, 2020
@gmmorris
Enables the EventLog Client to query across ILM versions of the `.eve…
e5066ba 
…nt-log` index (#81920) (#81998)

Fixes a bug in the EventLog client which caused it to query for events created in the current version instead of querying across versions.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pmuellr pmuellr pmuellr approved these changes

@YulNaumenko YulNaumenko YulNaumenko approved these changes

Assignees

No one assigned

Labels

Feature:EventLog release_note:fix Team:ResponseOps Platform ResponseOps team (formerly the Cases and Alerting teams) t// v7.11.0 v8.0.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[event log] query should be over all version indices, not just the current version indices

5 participants

@gmmorris @elasticmachine @kibanamachine @pmuellr @YulNaumenko