alerting
alerting copied to clipboard
opensearch-project
Add Kibana Discover link to to the alert
Is your feature request related to a problem? Please describe. While investigating alerts it could be helpful to check logs that caused the alert triggering. Currently to do this it's needed to go to Kibana Discover and manually enter the same query as used in Monitor.
Describe the solution you'd like It may be helpful to add to the alert a link to Kibana Discover with the search query included so a user is able just to follow the link and investigate logs that caused an alert.
It would great to have a pre-built link to a discover url as allows an alert in slack to be actioned quicker.
I wonder if {{ctx.monitor.inputs}} contains enough information to build a link? A quick scan of the source code - it appears to be an instance of SearchInput (see below)
https://github.com/opendistro-for-elasticsearch/alerting/blob/7675df8f53f872d61f520d409b45ffed30063895/alerting/src/main/kotlin/com/amazon/opendistroforelasticsearch/alerting/MonitorRunner.kt#L277
and
https://github.com/opendistro-for-elasticsearch/alerting/blob/9f405c22f5f5e1e37c442935b3235e03cacf0762/alerting/src/test/kotlin/com/amazon/opendistroforelasticsearch/alerting/MonitorRunnerIT.kt#L68
+1 for this feature, for our alerts we include a link for the engineers to follow to get to the relevant data. We create the links using terraform using the same variables we use to create the alert with. We recently upgrade from OpenSearch 1.13 to 2.14 and it seems the dashboard is redirecting our prior links and I am assuming correcting for compatibility issues resulting in parts to the query to be dropped.
