Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ResponseOps][Alerts] DSL query filters does not work properly when using the alerts KQL filter bar #183908

Open
cnasikas opened this issue May 21, 2024 · 1 comment · May be fixed by #184002
Open

[ResponseOps][Alerts] DSL query filters does not work properly when using the alerts KQL filter bar #183908

cnasikas opened this issue May 21, 2024 · 1 comment · May be fixed by #184002
Assignees
@cnasikas
Labels
bug Fixes for quality problems that affect the customer experience Feature:Alerting/RulesManagement Issues related to the Rules Management UX Feature:Alerting Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) v8.15.0

Comments

@cnasikas
Copy link
Member

cnasikas commented May 21, 2024
edited

The AlertsSearchBar component exposed by the @kbn/alerts-ui-shared package is used by various solutions to filter alerts using KQL. Underneath the component use the SearchBar component exposed by the unifiedSearch plugin. The DSL filters are not working properly. The UI shows filter value is invalid or incomplete for DSL filters even though they are valid. This is because the AlertsSearchBar overrides the default behavior of the component by passing the onFiltersUpdated prop. This bug applies to all solutions using the AlertsSearchBar. Also, the MW throws an error if you use a wildcard DSL query. Example:

{
  "wildcard": {
    "kibana.alert.instance.id": {
      "value": "development*"
    }
  }
}
Screen.Recording.2024-05-21.at.3.06.43.PM.mov
@cnasikas cnasikas added bug Fixes for quality problems that affect the customer experience Feature:Alerting Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Feature:Alerting/RulesManagement Issues related to the Rules Management UX v8.15.0 labels May 21, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops (Team:ResponseOps)

This was referenced May 21, 2024
Closed
Draft
@cnasikas cnasikas self-assigned this May 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cnasikas cnasikas

Labels
bug Fixes for quality problems that affect the customer experience Feature:Alerting/RulesManagement Issues related to the Rules Management UX Feature:Alerting Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) v8.15.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[ResponseOps][Alerts] Fix DSL filters in alerts KQL search bar cnasikas/kibana
2 participants
@cnasikas @elasticmachine