initial commit for remote monitor support #1547
Conversation
Signed-off-by: Subhobrata Dey <[email protected]>
sbcd90
requested review from
lezzago,
AWSHurneyt,
eirsep,
getsaurabh02,
praveensameneni,
qreshi,
bowenlan-amzn,
rishabhmaurya,
engechas,
riysaxen-amzn and
jowg-amazon
as code owners
| } | ||
|
|
||
| @Override | ||
| public String getMonitorType() { |
There was a problem hiding this comment.
plugins should be allowed to add multiple types of monitors.
SAP itself probably will implement
- threat intel ioc scan monitor
- ueba monitor
- rules monitor
- bucket level monitor with findings and pipeline aggs
There was a problem hiding this comment.
| @@ -3,6 +3,7 @@ | |||
| * SPDX-License-Identifier: Apache-2.0 | |||
| */ | |||
|
|
|||
| import com.github.jengelman.gradle.plugins.shadow.ShadowPlugin | |||
There was a problem hiding this comment.
is this the same dependency used by jobscheduler or notification for shadow plugin?
sbcd90
force-pushed
the
remote_monitor
branch
2 times, most recently
from
8317f29
to
abcc7ce
Compare
| @@ -185,10 +187,16 @@ object MonitorMetadataService : | |||
|
|
|||
| suspend fun recreateRunContext(metadata: MonitorMetadata, monitor: Monitor): MonitorMetadata { | |||
| try { | |||
| val monitorIndex = if (monitor.monitorType == Monitor.MonitorType.DOC_LEVEL_MONITOR) | |||
| val monitorIndex = if ( | |||
| monitor.isMonitorOfStandardType() && | |||
There was a problem hiding this comment.
why not just check string value is doc level monitor?
There was a problem hiding this comment.
just want to use a single string constant, so just reusing the enum value.
| (monitor.inputs[0] as DocLevelMonitorInput).indices[0] | ||
| else null | ||
| val runContext = if (monitor.monitorType == Monitor.MonitorType.DOC_LEVEL_MONITOR && createWithRunContext) | ||
| val runContext = if ( | ||
| monitor.isMonitorOfStandardType() && |
There was a problem hiding this comment.
extract into method - isDocLevelMonitor()
There was a problem hiding this comment.
|
|
||
| import org.opensearch.alerting.spi.RemoteMonitorRunner | ||
|
|
||
| class RemoteMonitorRegistry(val monitorType: String, val monitorRunner: RemoteMonitorRunner) |
Signed-off-by: Subhobrata Dey <[email protected]>
Signed-off-by: Subhobrata Dey <[email protected]>
| @@ -185,10 +185,10 @@ object MonitorMetadataService : | |||
|
|
|||
| suspend fun recreateRunContext(metadata: MonitorMetadata, monitor: Monitor): MonitorMetadata { | |||
| try { | |||
| val monitorIndex = if (monitor.monitorType == Monitor.MonitorType.DOC_LEVEL_MONITOR) | |||
| val monitorIndex = if (monitor.monitorType.endsWith(Monitor.MonitorType.DOC_LEVEL_MONITOR.value)) | |||
There was a problem hiding this comment.
can we just have a separate flag instead of depending on name
check can be monitor.monitorType == Monitor.MonitorType.DOC_LEVEL_MONITOR || "use_doc_level_feature_bool" == true ?
| @@ -400,7 +402,9 @@ class TransportIndexWorkflowAction @Inject constructor( | |||
| log.warn("Metadata doc id:${monitorMetadata.id} exists, but it shouldn't!") | |||
| } | |||
|
|
|||
| if (monitor.monitorType == Monitor.MonitorType.DOC_LEVEL_MONITOR) { | |||
| if ( | |||
There was a problem hiding this comment.
can workflow add any kind of remote monitor?
Signed-off-by: Subhobrata Dey <[email protected]>
Signed-off-by: Subhobrata Dey <[email protected]>
|
how will index validate mapping of the custom trigger and custom input |
|
how will serialization work for custom trigger and custom input |
Signed-off-by: Subhobrata Dey <[email protected]>
| @@ -240,6 +241,7 @@ internal class AlertingPlugin : PainlessExtension, ActionPlugin, ScriptPlugin, R | |||
| ClusterMetricsInput.XCONTENT_REGISTRY, | |||
| DocumentLevelTrigger.XCONTENT_REGISTRY, | |||
| ChainedAlertTrigger.XCONTENT_REGISTRY, | |||
| RemoteMonitorTrigger.XCONTENT_REGISTRY, | |||
There was a problem hiding this comment.
do we also need RemoteMonitorInput xcontent registry?
if yes, can you add appropriate tests to serialize
There was a problem hiding this comment.
we dont need RemoteMonitorInput because in common-utils Input.parse doesn't use it. https://github.com/opensearch-project/common-utils/blob/main/src/main/kotlin/org/opensearch/commons/alerting/model/Input.kt#L30
however, in Trigger.parse it is used. https://github.com/opensearch-project/common-utils/blob/main/src/main/kotlin/org/opensearch/commons/alerting/model/Trigger.kt#L41
Signed-off-by: Subhobrata Dey <[email protected]>
responded here. #1547 (comment) |
Signed-off-by: Subhobrata Dey <[email protected]>
Signed-off-by: Subhobrata Dey <[email protected]>
Signed-off-by: Subhobrata Dey <[email protected]>
Signed-off-by: Subhobrata Dey <[email protected]>
|
all builds pass. merging pr. |
Signed-off-by: Subhobrata Dey <[email protected]>
Issue #, if available:
#1546
Description of changes:
CheckList:
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.