[Elastic Obs AI Assistant] Issue with Obs AI Assistant Kibana Alerting Connector

[Danouchka]

Kibana version: 8.15.2

Elasticsearch version: 8.15.2

Server OS version: Elastic Cloud on GCP Belgium

Browser version: Version 129.0.6668.71 (Build officiel) (arm64)

Browser OS version: Mac OS X Sonoma 14.6.1 (23G93) Apple M2 MacBook Pro LLM used is Azure GPT 4O

Describe the bug: In the documentation at https://www.elastic.co/guide/en/kibana/current/obs-ai-assistant-action-type.html#obs-ai-assistant-connector-configuration, it is written that we can use that kind of instructions for the AI Assistant in the connector

 High error count alert has triggered. Execute the following steps:
  - create a graph of the error count for the service impacted by the alert
  for the last 24h
  - to help troubleshoot, recall past occurrences of this alert, plus any
  other active alerts. Generate a report with all the found information
  and send it to the Slack connector as a single message. Also include
  the link to this conversation in the report.

The sending of the report and graph and past occurrences by the AI Assistant over my Slack connector is not reliable

• Slack connector is not always find despite I had one
• the graph is not copied as an image and does not appear in the slack message when we get it
• Slack has not same markdown formatting but a specific one. For instance * is on Slack
• The execute command is not always generated in the good way
• The link to the conversation ID is not space aware

I had to change the instructions as follow to be very very precise:

Alerte sur nombre élevées de connexions rejetées par le proxy. Exécute les étapes suivantes:

 a) create a graph showing the number of squid connections rejected per minute, ie having squid.status_code >= 400 on the last 2 hours. Break it per the top 10 source.geo.country_name. Indice to look into is logs-squid.log-* . The query to use is  "FROM logs-squid.log-* 
| WHERE squid.status_code >= 400 AND @timestamp >=(NOW() - 2 hours)
| STATS count = COUNT() BY date_histogram = DATE_TRUNC(1 minute, @timestamp),source.geo.country_name
| SORT count DESC
| LIMIT 1200"
The graph must be a stacked bar graph

 b) To help troubleshoot,  Generate a report, in French, that includes a list of past occurrences of this alert plus the current active alert, and send it as a single message to the Slack connector. Include in the report the link to this converstion. The report must use markdown syntax for Slack. For bold, always use one single '*' character before and after titles, sub titles. The conversation link URL must always be  "https://sa-da-ec-gcp-clus-02.kb.europe-west1.gcp.cloud.es.io:9243/s/ia-d-mo-/app/observabilityAIAssistant/conversations" to which the conversion id is appended. 
To send to the Slack connector, you need the following arguments:
- the "id" of the connector that is 5b621c20-29e7-473b-badc-6a935f1d8f21
- the "params" parameter that you will fill with the message

Steps to reproduce:

1. Create an alert with Elastic AI Obs Assistant action with the instructions mentionned in the documentation
2. Trigger the Alert
3. Check if you receive or not the slack message and how it is formatted

Expected behavior:

• Not precising the connector ID but maybe only the name
• a markdown formatting adapted to Slack
• Not precising that the message that has to be sent to slack must have the message field inside a 'params' field
• the link to the conversation id must be space aware which is not the case so far

[elasticmachine]

Pinging @elastic/obs-ai-assistant (Team:Obs AI Assistant)