[Discuss] create Kibana alerts with expressions #50270
Comments
|
Pinging @elastic/kibana-stack-services (Team:Stack Services) |
bmcconaghy
added
Team:ResponseOps
|
Pinging @elastic/kibana-app-arch (Team:AppArch) |
lukeelmers
added
the
Feature:ExpressionLanguage
|
there are very few expression functions that can only run browser side and i think for those we could provide mocked version on the server side. for example the location function which gets location from your browser could accept a parameter defaultLocation, which would be used on the browser when user declined to share his location or on the server. we plan to change the data.search contracts so they will match on server and on the client. If they wouldn't we would need a different implementation of |
|
this seems like a duplicate of #46906 where we track the progress of server side expressions, please reopen if that is not correct |
|
This isn't a dup of issue #46906, but that issue is a blocker for this one. The idea for this issue is to allow customers to build alerts with expressions. Those expressions will need to be executed server-side, hence the blocker on #46906 . Beyond that, we don't yet know what else will be needed to be done, because we haven't really done too much thinking on this. Certainly we'll need to provide some additional expression functions related to alerting / actions. I'll go ahead and change this to a discuss as well, which I think was the original intention. |
pmuellr
changed the title
pmuellr
added
discuss
and removed
Feature:ExpressionLanguage
|
I removed labels not directly related to alerting, as at this state, this is all stuff alerting needs to figure out. I noticed the issue is in the kibana-app-arch project, but I'm hesitant to remove cards from other folk's projects - I think it can be removed from that project though ... |
|
I'm adding this issue back to triage for the alerting team. After a good chat with App Arch and Kibana App team, there is still a large effort to do on their side before accomplishing this and realistically not something that will be done until 8.x. This will probably be moved to Long Term in the project. |
gmmorris
added
the
Feature:Alerting/RuleTypes
gmmorris
added
the
loe:needs-research
gmmorris
added
enhancement
gmmorris
removed
the
loe:needs-research
|
Closing due to lack of activity and interest. |
Expression alerts
If we want to support expression alerts, we need to support running expressions server side. This has a lot of considerations.
What about expression functions that can only run browser side? How do they indicate that?
What about data fetching expression functions that use our search services. Our search services currently have a client side component that returns an observable and handles polling background searches and reporting progress. The server side search strategies return a promise and return partial results immediately.
What if the user wants to create an expression alert and get alerted when the search hits a certain progress? Is there any use case for this? Is progress only important client side?
Search strategies that can execute on server and client side
Considerations:
The text was updated successfully, but these errors were encountered: