Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ES Query] Fix saving ECS group by fields for query DSL rule #203769

Merged
merged 7 commits into from
Dec 16, 2024
Merged

[ES Query] Fix saving ECS group by fields for query DSL rule #203769

merged 7 commits into from
Dec 16, 2024

Conversation

maryam-saeidi
Copy link
Member

@maryam-saeidi maryam-saeidi commented Dec 11, 2024
edited by kibanamachine
Loading

Fixes #203472

Summary

Rule Group info
image image

@elastic/response-ops What sort of test do you suggest to add for this case?

🧪 How to run test

Deployment agnostic

  • Test on MKI
// Server
node scripts/functional_tests_server --config x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts

// Test
node scripts/functional_test_runner --config=x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts --grep="ElasticSearch query rule"

@maryam-saeidi maryam-saeidi self-assigned this Dec 11, 2024
@maryam-saeidi maryam-saeidi requested a review from a team as a code owner December 11, 2024 11:51
@maryam-saeidi maryam-saeidi added release_note:fix backport:prev-major Backport to (8.x, 8.17, 8.16) the previous major branch and other branches in development backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) ci:project-deploy-observability Create an Observability project and removed backport:prev-major Backport to (8.x, 8.17, 8.16) the previous major branch and other branches in development labels Dec 11, 2024
@github-actions GitHub Actions
Copy link
Contributor

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

  • /oblt-deploy : Deploy a Kibana instance using the Observability test environments.
  • run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

@maryam-saeidi maryam-saeidi requested a review from a team as a code owner December 12, 2024 10:56
maryam-saeidi
maryam-saeidi commented Dec 12, 2024
View reviewed changes
...egration/deployment_agnostic/apis/observability/alerting/es_query/query_dsl_with_group_by.ts
ruleId,
});

expect(resp.hits.hits[0]._source).property('host.name', 'host-0');
Copy link
Member Author

@maryam-saeidi maryam-saeidi Dec 12, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This part of the test fails without this fix.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh wow. I thought the change would just be to some grouping properties. I guess that termField also has some play in the "extra" properties we create, like host.name.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, right, this fix is related to the logic that was added in this PR.

Regarding adding group-by information to the alert document, I will create a separate PR. This one only focuses on fixing the bug.

@maryam-saeidi maryam-saeidi added backport:version Backport to applied version labels v9.0.0 v8.18.0 v8.16.3 v8.17.1 and removed ci:project-deploy-observability Create an Observability project backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) labels Dec 12, 2024
@kibanamachine
Copy link
Contributor

Flaky Test Runner Stats

🟠 Some tests failed. - kibana-flaky-test-suite-runner#7589

[✅] x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts: 25/25 tests passed.
[✅] x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group3/config.ts: 25/25 tests passed.
[❌] x-pack/test/api_integration/deployment_agnostic/configs/stateful/oblt.stateful.config.ts: 0/25 tests passed.

see run history

pmuellr
pmuellr approved these changes Dec 12, 2024
View reviewed changes
Copy link
Member

@pmuellr pmuellr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

I'd like to get one more (quick!) set of eyes from ResponseOps though ...

...egration/deployment_agnostic/apis/observability/alerting/es_query/query_dsl_with_group_by.ts
ruleId,
});

expect(resp.hits.hits[0]._source).property('host.name', 'host-0');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh wow. I thought the change would just be to some grouping properties. I guess that termField also has some play in the "extra" properties we create, like host.name.

@pmuellr
Copy link
Member

pmuellr commented Dec 12, 2024

I'd like to get one more (quick!) set of eyes from ResponseOps though ...

Checked with team, LGTU (looks good to us)

@maryam-saeidi
Copy link
Member Author

Flaky Test Runner Stats

🟠 Some tests failed. - kibana-flaky-test-suite-runner#7589

[✅] x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts: 25/25 tests passed.
[✅] x-pack/test/alerting_api_integration/spaces_only/tests/alerting/group3/config.ts: 25/25 tests passed.
[❌] x-pack/test/api_integration/deployment_agnostic/configs/stateful/oblt.stateful.config.ts: 0/25 tests passed.

see run history

This test failure is not related to the test added in this PR:

image

@kibanamachine
Copy link
Contributor

Flaky Test Runner Stats

🟠 Some tests failed. - kibana-flaky-test-suite-runner#7594

[❌] x-pack/test/api_integration/deployment_agnostic/configs/stateful/oblt.stateful.config.ts: 10/25 tests passed.

see run history

@elasticmachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

✅ unchanged

History

cc @maryam-saeidi

@maryam-saeidi maryam-saeidi merged commit a0fe4e6 into elastic:main Dec 16, 2024
9 checks passed
@maryam-saeidi maryam-saeidi deleted the 203472-save-ecs-groups-in-aad-query-dsl branch December 16, 2024 08:16
@kibanamachine
Copy link
Contributor

Starting backport for target branches: 8.16, 8.17, 8.x

https://github.com/elastic/kibana/actions/runs/12348532675

@kibanamachine
Copy link
Contributor

💔 All backports failed

Status Branch Result
8.16 Backport failed because of merge conflicts
8.17 Backport failed because of merge conflicts
8.x Backport failed because of merge conflicts

Manual backport

To create the backport manually run:

node scripts/backport --pr 203769

Questions ?

Please refer to the Backport tool documentation

This was referenced Dec 16, 2024
Merged
Merged
maryam-saeidi added a commit to maryam-saeidi/kibana that referenced this pull request Dec 16, 2024
@maryam-saeidi
[ES Query] Fix saving ECS group by fields for query DSL rule (elastic…
c4fd1dc 
…#203769)

Fixes elastic#203472

## Summary

|Rule|Group info|
|---|---|

|![image](https://github.com/user-attachments/assets/fc17c630-d7c2-4615-8056-5e04209b71e6)|![image](https://github.com/user-attachments/assets/55328973-d585-4148-a74f-d2c275b9989d)|

@elastic/response-ops What sort of test do you suggest to add for this
case?

### 🧪 How to run test

#### Deployment agnostic
- [x] Test on MKI
```
// Server
node scripts/functional_tests_server --config x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts

// Test
node scripts/functional_test_runner --config=x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts --grep="ElasticSearch query rule"
```

(cherry picked from commit a0fe4e6)

# Conflicts:
#	x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/index.ts
maryam-saeidi added a commit to maryam-saeidi/kibana that referenced this pull request Dec 16, 2024
@maryam-saeidi
[ES Query] Fix saving ECS group by fields for query DSL rule (elastic…
e8bf07e 
…#203769)

Fixes elastic#203472

## Summary

|Rule|Group info|
|---|---|

|![image](https://github.com/user-attachments/assets/fc17c630-d7c2-4615-8056-5e04209b71e6)|![image](https://github.com/user-attachments/assets/55328973-d585-4148-a74f-d2c275b9989d)|

@elastic/response-ops What sort of test do you suggest to add for this
case?

### 🧪 How to run test

#### Deployment agnostic
- [x] Test on MKI
```
// Server
node scripts/functional_tests_server --config x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts

// Test
node scripts/functional_test_runner --config=x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts --grep="ElasticSearch query rule"
```

(cherry picked from commit a0fe4e6)

# Conflicts:
#	x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/index.ts
@maryam-saeidi maryam-saeidi mentioned this pull request Dec 16, 2024
Merged
@maryam-saeidi
Copy link
Member Author

💚 All backports created successfully

Status Branch Result
8.x
8.17
8.16

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation

maryam-saeidi added a commit to maryam-saeidi/kibana that referenced this pull request Dec 16, 2024
@maryam-saeidi
[ES Query] Fix saving ECS group by fields for query DSL rule (elastic…
7ca6237 
…#203769)

Fixes elastic#203472

## Summary

|Rule|Group info|
|---|---|

|![image](https://github.com/user-attachments/assets/fc17c630-d7c2-4615-8056-5e04209b71e6)|![image](https://github.com/user-attachments/assets/55328973-d585-4148-a74f-d2c275b9989d)|

@elastic/response-ops What sort of test do you suggest to add for this
case?

### 🧪 How to run test

#### Deployment agnostic
- [x] Test on MKI
```
// Server
node scripts/functional_tests_server --config x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts

// Test
node scripts/functional_test_runner --config=x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts --grep="ElasticSearch query rule"
```

(cherry picked from commit a0fe4e6)

# Conflicts:
#	x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/es_query/query_dsl.ts
#	x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/es_query_rule.ts
#	x-pack/test/api_integration/deployment_agnostic/apis/observability/alerting/index.ts
#	x-pack/test_serverless/api_integration/test_suites/observability/es_query_rule/es_query_rule.ts
@kibanamachine kibanamachine mentioned this pull request Dec 16, 2024
Merged
maryam-saeidi added a commit that referenced this pull request Dec 16, 2024
@maryam-saeidi
[8.x] [ES Query] Fix saving ECS group by fields for query DSL rule (#…
138dc26 
…203769) (#204342)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[ES Query] Fix saving ECS group by fields for query DSL rule
(#203769)](#203769)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Maryam
Saeidi","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-12-16T08:16:43Z","message":"[ES
Query] Fix saving ECS group by fields for query DSL rule
(#203769)\n\nFixes #203472\r\n\r\n## Summary\r\n\r\n|Rule|Group
info|\r\n|---|---|\r\n\r\n|![image](https://github.com/user-attachments/assets/fc17c630-d7c2-4615-8056-5e04209b71e6)|![image](https://github.com/user-attachments/assets/55328973-d585-4148-a74f-d2c275b9989d)|\r\n\r\n@elastic/response-ops
What sort of test do you suggest to add for this\r\ncase?\r\n\r\n### 🧪
How to run test\r\n\r\n#### Deployment agnostic\r\n- [x] Test on
MKI\r\n```\r\n// Server\r\nnode scripts/functional_tests_server --config
x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts\r\n\r\n//
Test\r\nnode scripts/functional_test_runner
--config=x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts
--grep=\"ElasticSearch query
rule\"\r\n```","sha":"a0fe4e698a031cb36b9dc0c2f8450561f9ea888e","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","v9.0.0","backport:version","v8.18.0","v8.16.3","v8.17.1"],"number":203769,"url":"https://github.com/elastic/kibana/pull/203769","mergeCommit":{"message":"[ES
Query] Fix saving ECS group by fields for query DSL rule
(#203769)\n\nFixes #203472\r\n\r\n## Summary\r\n\r\n|Rule|Group
info|\r\n|---|---|\r\n\r\n|![image](https://github.com/user-attachments/assets/fc17c630-d7c2-4615-8056-5e04209b71e6)|![image](https://github.com/user-attachments/assets/55328973-d585-4148-a74f-d2c275b9989d)|\r\n\r\n@elastic/response-ops
What sort of test do you suggest to add for this\r\ncase?\r\n\r\n### 🧪
How to run test\r\n\r\n#### Deployment agnostic\r\n- [x] Test on
MKI\r\n```\r\n// Server\r\nnode scripts/functional_tests_server --config
x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts\r\n\r\n//
Test\r\nnode scripts/functional_test_runner
--config=x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts
--grep=\"ElasticSearch query
rule\"\r\n```","sha":"a0fe4e698a031cb36b9dc0c2f8450561f9ea888e"}},"sourceBranch":"main","suggestedTargetBranches":["8.x","8.16","8.17"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/203769","number":203769,"mergeCommit":{"message":"[ES
Query] Fix saving ECS group by fields for query DSL rule
(#203769)\n\nFixes #203472\r\n\r\n## Summary\r\n\r\n|Rule|Group
info|\r\n|---|---|\r\n\r\n|![image](https://github.com/user-attachments/assets/fc17c630-d7c2-4615-8056-5e04209b71e6)|![image](https://github.com/user-attachments/assets/55328973-d585-4148-a74f-d2c275b9989d)|\r\n\r\n@elastic/response-ops
What sort of test do you suggest to add for this\r\ncase?\r\n\r\n### 🧪
How to run test\r\n\r\n#### Deployment agnostic\r\n- [x] Test on
MKI\r\n```\r\n// Server\r\nnode scripts/functional_tests_server --config
x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts\r\n\r\n//
Test\r\nnode scripts/functional_test_runner
--config=x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts
--grep=\"ElasticSearch query
rule\"\r\n```","sha":"a0fe4e698a031cb36b9dc0c2f8450561f9ea888e"}},{"branch":"8.x","label":"v8.18.0","labelRegex":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.16","label":"v8.16.3","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.17","label":"v8.17.1","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
maryam-saeidi added a commit that referenced this pull request Dec 16, 2024
@maryam-saeidi
[8.17] [ES Query] Fix saving ECS group by fields for query DSL rule (#…
fa8bf6b 
…203769) (#204343)

# Backport

This will backport the following commits from `main` to `8.17`:
- [[ES Query] Fix saving ECS group by fields for query DSL rule
(#203769)](#203769)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Maryam
Saeidi","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-12-16T08:16:43Z","message":"[ES
Query] Fix saving ECS group by fields for query DSL rule
(#203769)\n\nFixes #203472\r\n\r\n## Summary\r\n\r\n|Rule|Group
info|\r\n|---|---|\r\n\r\n|![image](https://github.com/user-attachments/assets/fc17c630-d7c2-4615-8056-5e04209b71e6)|![image](https://github.com/user-attachments/assets/55328973-d585-4148-a74f-d2c275b9989d)|\r\n\r\n@elastic/response-ops
What sort of test do you suggest to add for this\r\ncase?\r\n\r\n### 🧪
How to run test\r\n\r\n#### Deployment agnostic\r\n- [x] Test on
MKI\r\n```\r\n// Server\r\nnode scripts/functional_tests_server --config
x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts\r\n\r\n//
Test\r\nnode scripts/functional_test_runner
--config=x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts
--grep=\"ElasticSearch query
rule\"\r\n```","sha":"a0fe4e698a031cb36b9dc0c2f8450561f9ea888e","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","v9.0.0","backport:version","v8.18.0","v8.16.3","v8.17.1"],"number":203769,"url":"https://github.com/elastic/kibana/pull/203769","mergeCommit":{"message":"[ES
Query] Fix saving ECS group by fields for query DSL rule
(#203769)\n\nFixes #203472\r\n\r\n## Summary\r\n\r\n|Rule|Group
info|\r\n|---|---|\r\n\r\n|![image](https://github.com/user-attachments/assets/fc17c630-d7c2-4615-8056-5e04209b71e6)|![image](https://github.com/user-attachments/assets/55328973-d585-4148-a74f-d2c275b9989d)|\r\n\r\n@elastic/response-ops
What sort of test do you suggest to add for this\r\ncase?\r\n\r\n### 🧪
How to run test\r\n\r\n#### Deployment agnostic\r\n- [x] Test on
MKI\r\n```\r\n// Server\r\nnode scripts/functional_tests_server --config
x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts\r\n\r\n//
Test\r\nnode scripts/functional_test_runner
--config=x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts
--grep=\"ElasticSearch query
rule\"\r\n```","sha":"a0fe4e698a031cb36b9dc0c2f8450561f9ea888e"}},"sourceBranch":"main","suggestedTargetBranches":["8.x","8.16","8.17"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/203769","number":203769,"mergeCommit":{"message":"[ES
Query] Fix saving ECS group by fields for query DSL rule
(#203769)\n\nFixes #203472\r\n\r\n## Summary\r\n\r\n|Rule|Group
info|\r\n|---|---|\r\n\r\n|![image](https://github.com/user-attachments/assets/fc17c630-d7c2-4615-8056-5e04209b71e6)|![image](https://github.com/user-attachments/assets/55328973-d585-4148-a74f-d2c275b9989d)|\r\n\r\n@elastic/response-ops
What sort of test do you suggest to add for this\r\ncase?\r\n\r\n### 🧪
How to run test\r\n\r\n#### Deployment agnostic\r\n- [x] Test on
MKI\r\n```\r\n// Server\r\nnode scripts/functional_tests_server --config
x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts\r\n\r\n//
Test\r\nnode scripts/functional_test_runner
--config=x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts
--grep=\"ElasticSearch query
rule\"\r\n```","sha":"a0fe4e698a031cb36b9dc0c2f8450561f9ea888e"}},{"branch":"8.x","label":"v8.18.0","labelRegex":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.16","label":"v8.16.3","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.17","label":"v8.17.1","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
maryam-saeidi added a commit that referenced this pull request Dec 17, 2024
@maryam-saeidi
[8.16] [ES Query] Fix saving ECS group by fields for query DSL rule (#…
c4961a4 
…203769) (#204345)

# Backport

This will backport the following commits from `main` to `8.16`:
- [[ES Query] Fix saving ECS group by fields for query DSL rule
(#203769)](#203769)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Maryam
Saeidi","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-12-16T08:16:43Z","message":"[ES
Query] Fix saving ECS group by fields for query DSL rule
(#203769)\n\nFixes #203472\r\n\r\n## Summary\r\n\r\n|Rule|Group
info|\r\n|---|---|\r\n\r\n|![image](https://github.com/user-attachments/assets/fc17c630-d7c2-4615-8056-5e04209b71e6)|![image](https://github.com/user-attachments/assets/55328973-d585-4148-a74f-d2c275b9989d)|\r\n\r\n@elastic/response-ops
What sort of test do you suggest to add for this\r\ncase?\r\n\r\n### 🧪
How to run test\r\n\r\n#### Deployment agnostic\r\n- [x] Test on
MKI\r\n```\r\n// Server\r\nnode scripts/functional_tests_server --config
x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts\r\n\r\n//
Test\r\nnode scripts/functional_test_runner
--config=x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts
--grep=\"ElasticSearch query
rule\"\r\n```","sha":"a0fe4e698a031cb36b9dc0c2f8450561f9ea888e","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","v9.0.0","backport:version","v8.18.0","v8.16.3","v8.17.1"],"number":203769,"url":"https://github.com/elastic/kibana/pull/203769","mergeCommit":{"message":"[ES
Query] Fix saving ECS group by fields for query DSL rule
(#203769)\n\nFixes #203472\r\n\r\n## Summary\r\n\r\n|Rule|Group
info|\r\n|---|---|\r\n\r\n|![image](https://github.com/user-attachments/assets/fc17c630-d7c2-4615-8056-5e04209b71e6)|![image](https://github.com/user-attachments/assets/55328973-d585-4148-a74f-d2c275b9989d)|\r\n\r\n@elastic/response-ops
What sort of test do you suggest to add for this\r\ncase?\r\n\r\n### 🧪
How to run test\r\n\r\n#### Deployment agnostic\r\n- [x] Test on
MKI\r\n```\r\n// Server\r\nnode scripts/functional_tests_server --config
x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts\r\n\r\n//
Test\r\nnode scripts/functional_test_runner
--config=x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts
--grep=\"ElasticSearch query
rule\"\r\n```","sha":"a0fe4e698a031cb36b9dc0c2f8450561f9ea888e"}},"sourceBranch":"main","suggestedTargetBranches":["8.x","8.16","8.17"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/203769","number":203769,"mergeCommit":{"message":"[ES
Query] Fix saving ECS group by fields for query DSL rule
(#203769)\n\nFixes #203472\r\n\r\n## Summary\r\n\r\n|Rule|Group
info|\r\n|---|---|\r\n\r\n|![image](https://github.com/user-attachments/assets/fc17c630-d7c2-4615-8056-5e04209b71e6)|![image](https://github.com/user-attachments/assets/55328973-d585-4148-a74f-d2c275b9989d)|\r\n\r\n@elastic/response-ops
What sort of test do you suggest to add for this\r\ncase?\r\n\r\n### 🧪
How to run test\r\n\r\n#### Deployment agnostic\r\n- [x] Test on
MKI\r\n```\r\n// Server\r\nnode scripts/functional_tests_server --config
x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts\r\n\r\n//
Test\r\nnode scripts/functional_test_runner
--config=x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts
--grep=\"ElasticSearch query
rule\"\r\n```","sha":"a0fe4e698a031cb36b9dc0c2f8450561f9ea888e"}},{"branch":"8.x","label":"v8.18.0","labelRegex":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.16","label":"v8.16.3","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.17","label":"v8.17.1","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
@mistic
Copy link
Member

mistic commented Dec 17, 2024

This PR didn't make it on time to be in the latest 8.16.2 BC. Updating the labels.

@mistic mistic removed the v8.16.2 label Dec 17, 2024
CAWilson94 pushed a commit to CAWilson94/kibana that referenced this pull request Jan 13, 2025
@maryam-saeidi @CAWilson94
[ES Query] Fix saving ECS group by fields for query DSL rule (elastic…
3e716a0 
…#203769)

Fixes elastic#203472

## Summary

|Rule|Group info|
|---|---|

|![image](https://github.com/user-attachments/assets/fc17c630-d7c2-4615-8056-5e04209b71e6)|![image](https://github.com/user-attachments/assets/55328973-d585-4148-a74f-d2c275b9989d)|

@elastic/response-ops What sort of test do you suggest to add for this
case?

### 🧪 How to run test

#### Deployment agnostic
- [x] Test on MKI
```
// Server
node scripts/functional_tests_server --config x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts

// Test
node scripts/functional_test_runner --config=x-pack/test/api_integration/deployment_agnostic/configs/serverless/oblt.serverless.config.ts --grep="ElasticSearch query rule"
```
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fkanout fkanout fkanout approved these changes

@pmuellr pmuellr pmuellr approved these changes

Assignees

@maryam-saeidi maryam-saeidi

Labels
backport:version Backport to applied version labels release_note:fix v8.16.3 v8.17.1 v8.18.0 v9.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[ES Query] Fix saving ECS group by fields at the root level for Query DSL
6 participants
@maryam-saeidi @kibanamachine @pmuellr @elasticmachine @mistic @fkanout