Open cnasikas opened 3 weeks ago
Pinging @elastic/response-ops (Team:ResponseOps)
Not clear to me how the existing rule errors are found today. But here's how you can find action errors related to specific rules.
It seems odd to me that we only have the rule id in kibana.saved_objects[*]
, and not somewhere else like rule.id
. Because the kibana.saved_objects
field is nested, and the query dsl is a little more complcated. I opened https://github.com/elastic/kibana/issues/195589 to track.
The idea is though that you will need to rule ids to search for these, not quite sure how that's being done today, to populate the rule errors.
If the rule id was in a "normal" field (not nested), you could use a terms
query against the rules you want to query over, but I'm not sure that sort of query is available with nested. May get kinda ugly.
On the rules list page, we inform users regarding rule errors. The errors are related only to the execution of the rule and not the execution of the connectors used by the rule. Informing users about connector errors will be beneficial and will help them mitigate the issues faster.
Related: https://github.com/elastic/kibana/issues/171351