Open jonathan-buttner opened 2 years ago
The useFetchAlertData hooks defined for security solution and observability will return Record<string, unknown> when this PR is merged: https://github.com/elastic/kibana/pull/123883
useFetchAlertData
Record<string, unknown>
Ideally we could help the recipient by returning a more definitive type. The issue is that security solution's implementation recursively breaks the results up into a nested object here: https://github.com/elastic/kibana/blob/main/x-pack/plugins/security_solution/public/cases/pages/use_fetch_alert_data.ts#L30 https://github.com/elastic/kibana/blob/main/x-pack/plugins/security_solution/public/common/utils/alerts.ts#L128
where as the observability function does not. It simply returns the data the way the alerts client sends it which looks more like:
Pinging @elastic/response-ops-cases (Feature:Cases)
Pinging @elastic/response-ops (Team:ResponseOps)
The
useFetchAlertData
hooks defined for security solution and observability will returnRecord<string, unknown>
when this PR is merged: https://github.com/elastic/kibana/pull/123883Ideally we could help the recipient by returning a more definitive type. The issue is that security solution's implementation recursively breaks the results up into a nested object here: https://github.com/elastic/kibana/blob/main/x-pack/plugins/security_solution/public/cases/pages/use_fetch_alert_data.ts#L30 https://github.com/elastic/kibana/blob/main/x-pack/plugins/security_solution/public/common/utils/alerts.ts#L128
where as the observability function does not. It simply returns the data the way the alerts client sends it which looks more like:
Alerts client response
``` { "took": 2, "timed_out": false, "_shards": { "total": 1, "successful": 1, "skipped": 0, "failed": 0 }, "hits": { "max_score": null, "hits": [ { "_index": ".internal.alerts-observability.metrics.alerts-default-000001", "_id": "662aba44-d24f-47f9-8933-0e0f81cae6df", "_seq_no": 696, "_primary_term": 1, "_score": null, "_source": { "kibana.alert.rule.category": "Metric threshold", "kibana.alert.rule.consumer": "infrastructure", "kibana.alert.rule.execution.uuid": "40cc6f59-1101-45b1-81df-fdb47f87fcc4", "kibana.alert.rule.name": "Jon rule", "kibana.alert.rule.producer": "infrastructure", "kibana.alert.rule.rule_type_id": "metrics.alert.threshold", "kibana.alert.rule.uuid": "325830a0-7eba-11ec-a3b9-350ed5c64d7e", "kibana.space_ids": [ "default" ], "kibana.alert.rule.tags": [], "@timestamp": "2022-01-26T22:37:20.409Z", "kibana.alert.reason": "Document count has reported no data over the past 1m for *", "kibana.alert.duration.us": 26767233000, "kibana.alert.instance.id": "*", "kibana.alert.start": "2022-01-26T15:11:13.176Z", "kibana.alert.uuid": "662aba44-d24f-47f9-8933-0e0f81cae6df", "kibana.alert.status": "active", "kibana.alert.workflow_status": "open", "event.kind": "signal", "event.action": "active", "kibana.version": "8.1.0", "tags": [] }, "fields": { "kibana.alert.rule.rule_type_id": [ "metrics.alert.threshold" ], "kibana.alert.workflow_status": [ "open" ], "kibana.space_ids": [ "default" ], "kibana.alert.rule.consumer": [ "infrastructure" ] }, "sort": [ 1643236640409 ] } ] } } ```Observability formatted result
``` { "<_id value>": { _id: