search

elastic / terraform-provider-elasticstack

Terraform provider for Elastic Stack
https://registry.terraform.io/providers/elastic/elasticstack/latest/docs
Apache License 2.0
173 stars 93 forks source link

[Feature] Support "alert after N consecutive matches" in Alerting Rule Resource #651

Open lasobrinho opened 6 months ago

lasobrinho commented 6 months ago

Is your feature request related to a problem? Please describe. Currently I don't see a way to set the alerting rule to alert after N consecutive matches in terraform in the elasticstack_kibana_alerting_rule resource. This option is available via Kibana UI for some types of alerting rules, see screenshot below for a ESQL-type rule:

image

As seen in the alerting rules API, screenshot taken from Kibana Dev Tools console:

image

Describe the resource you would like to have implemented. I would like to be able to set the alerting rule to alert after N consecutive matches in terraform in the elasticstack_kibana_alerting_rule resource.

Describe the solution you'd like I'd like to see a new field to be added to the terraform schema for the elasticstack_kibana_alerting_rule, so we can set a value to alert after N consecutive matches. Open API spec for the field: https://github.com/elastic/kibana/blob/ee378ac938cc0407d9bf71e34fdd645389f13488/x-pack/plugins/alerting/docs/openapi/components/schemas/create_es_query_rule_request.yaml#L14

Describe alternatives you've considered The alternative is to set this value via Kibana UI. However it defeats the purpose of this terraform implementation, making it dificult to manually manages multiple rules.

Additional context Open API spec: https://github.com/elastic/kibana/blob/ee378ac938cc0407d9bf71e34fdd645389f13488/x-pack/plugins/alerting/docs/openapi/components/schemas/create_es_query_rule_request.yaml#L14

yh-kwak commented 5 months ago

I was very pleased to see the long-awaited feature added to the Kibana release notes. However, I’m quite disappointed that I cannot immediately utilize this feature, as we manage alert rules using Terraform.

lasobrinho commented 5 months ago

Same situation here in my team and other teams within my org/company. Most of the Kibana alerts we have created are hooked to on-call systems like PagerDuty and Grafana OnCall, so we are looking forward to use this feature and have more precise on call incidents, however still not possible via terraform.