Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[event log] use require_alias when indexing event log documents #93971

Closed
pmuellr opened this issue Mar 8, 2021 · 1 comment · Fixed by #130332
Closed

[event log] use require_alias when indexing event log documents #93971

pmuellr opened this issue Mar 8, 2021 · 1 comment · Fixed by #130332
Assignees
@mikecote
Labels
estimate:small Small Estimated Level of Effort Feature:EventLog resilience Issues related to Platform resilience in terms of scale, performance & backwards compatibility Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)

Comments

@pmuellr
Copy link
Member

pmuellr commented Mar 8, 2021

In the past, when our event log bootstrapping code was not robust enough, we would occasionally have Kibana start with the event log alias not set up, and then subsequent indexing of events would end up writing the documents to an index with the name of the alias. Very problematic.

We've since made the bootstrapping code more robust, but as an additional safety check, we could use the require_alias option to make sure we never create an index with the name of the alias. I assume there is some way of using this with bulk requests ...
@pmuellr pmuellr added Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Feature:EventLog labels Mar 8, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-alerting-services (Team:Alerting Services)

@gmmorris gmmorris added loe:medium Medium Level of Effort resilience Issues related to Platform resilience in terms of scale, performance & backwards compatibility labels Jul 15, 2021
@gmmorris gmmorris added the estimate:small Small Estimated Level of Effort label Aug 18, 2021
@gmmorris gmmorris removed the loe:medium Medium Level of Effort label Sep 2, 2021
@kobelb kobelb added the needs-team Issues missing a team label label Jan 31, 2022
@botelastic botelastic bot removed the needs-team Issues missing a team label label Jan 31, 2022
@mikecote mikecote self-assigned this Apr 14, 2022
@mikecote mikecote mentioned this issue Apr 14, 2022
Merged
@mikecote mikecote moved this from Todo to In Progress in AppEx: ResponseOps - Execution & Connectors Apr 14, 2022
@mikecote mikecote moved this from In Progress to In Review in AppEx: ResponseOps - Execution & Connectors Apr 18, 2022
Repository owner moved this from In Review to Done in AppEx: ResponseOps - Execution & Connectors Apr 18, 2022
@ymao1 ymao1 mentioned this issue Sep 20, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mikecote mikecote

Labels
estimate:small Small Estimated Level of Effort Feature:EventLog resilience Issues related to Platform resilience in terms of scale, performance & backwards compatibility Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)
Projects
No open projects
AppEx: ResponseOps - Execution & Connectors
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add require_alias event log when indexing documents mikecote/kibana
5 participants
@pmuellr @gmmorris @kobelb @mikecote @elasticmachine