Surya Sashank Nistala

icon indicating a website link https://opendistro.github.io/for-elasticsearch/ icon indicating an email [email protected]

icon company @opensearch-project icon location Bangalore, India icon location SDE at AWS Opensearch

Results 25 issues of Surya Sashank Nistala

[FEATURE] Create dedicated threadpool for alerting plugin operations for better control on resource consumption

**Is your feature request related to a problem?** A clear and concise description of what the problem is, e.g. _I'm always frustrated when [...]_ **What solution would you like?** A...

enhancement

Doc level monitor should query all docs in each shard ingested since previous execution even if >10k docs per shard

If cluster ingests more than 10k docs per shard per minute, monitor lags behind the ingestion rate and will not be generating findings eventually (lag increases as ingestion keeps increasing)...

enhancement
v2.12.0

[FEATURE] re-model monitor executions as a cancellable task

1 comment

Today Alerting execution is not tracked by Opensearch task manager because it is executed as a Job Scheduler job. This renders us without any control over long runnign monitor exceutions...

enhancement

[FEATURE] Monitor indices for occurences of malicious IPs/domains etc stored in high cardinality threat intelligence feeds

1 comment

**Is your feature request related to a problem?** Customers have constant streams of threat intel feeds which contain millions of malicious IPs or DNS or other Indicators of Compromise (IoCs)....

enhancement

Revisit how get alerts API deals with AUDIT state alerts

1 comment

All correlations are executing on the same node as the executing doc level monitor

1 comment

**Is your feature request related to a problem?** - Make correlations pub-sub model and not keep it push based. - publish/subscribe findings should be distributed to different nodes **What solution...

Percolate query optimization: Fetch fields mentioned in queries instead of entire doc and batch percolate query by heap-based threshold

3 comment

*Issue #, if available:* #1353 #1367 *Description of changes:* This PR optimizes scalability of percolate query performed in doc level monitors. Status quo behaviour - The behaviour is to query...

[FEATURE]Add node_id,latest_run_timestamp in workflow and monitor metadata.

1 comment

Helps with better tracking of monitors and workflows executions and tracing the executions

enhancement

If doc monitor execution fails for certain errors, log error alert, update seq no and ensure further data is seen in next execution

- We could create a boolean flag `createErrorAlertsAndMoveOn` which is true by default - create a list that holds exceptions from following operations --- **If percolate query fails, on one...

v2.9.1
v2.19.0

Doc level monitor optimization: Fetch only relevant fields instead of the entire source.

*Issue #, if available:* *Description of changes:* *CheckList:* - [ ] Commits are signed per the DCO using --signoff By submitting this pull request, I confirm that my contribution is...