[Upgrade Assistant] logsdb callout #207196
Conversation
jloleysens
added
Team:Core
|
Pinging @elastic/kibana-core (Team:Core) |
...ivate/upgrade_assistant/public/application/components/overview/upgrade_step/upgrade_step.tsx
Outdated
Show resolved
Hide resolved
jloleysens
changed the title
...ivate/upgrade_assistant/public/application/components/overview/upgrade_step/upgrade_step.tsx
Outdated
Show resolved
Hide resolved
...ivate/upgrade_assistant/public/application/components/overview/upgrade_step/upgrade_step.tsx
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
This looks good to me overall. One question about the version of the docs that we link to. Also I think the decision to enable logsdb by default is being revisited again by the ES team, if it's not enabled by default then we won't need this warning - so we can delay merging or potentially revert later.
src/platform/packages/shared/kbn-doc-links/src/get_doc_links.ts
Outdated
Show resolved
Hide resolved
|
@marshallmain , I don't mind waiting before merging this. Is there an issue/place where the discussion is happening so I can follow along? |
|
Changes LGTM - we can iterate for 8.19 to find a better place for this. |
There was a problem hiding this comment.
We're still working on the final decision for whether logsdb will be pushed as default for all clusters upgrading to 9.0 or only for new clusters. If the latter, you may not need this at all. If you keep this notice, I made some suggestions to the proposed text. If this will be shown to all upgrading users I'd like to make it clear we're only suggesting they "disable" (aka "don't enable") if they're not already using it.
| <EuiCallOut title={i18nTexts.securitySolnLogsDBCalloutTitle}> | ||
| <FormattedMessage | ||
| id="xpack.upgradeAssistant.overview.securitySolutionLogsDBCalloutBody" | ||
| defaultMessage="We recommend that Elastic Security users disable logsdb index mode before upgrading ({logsDataStreamDocs}). The logsdb index mode requires extra CPU capacity during the data indexing process. To avoid timeouts and errors for your data ingestion backups and security detection rules, you should disable the logsdb index mode unless you are sure enough additional hot data tier CPU capacity has been provisioned. You can enable it again after the upgrade ({indexModeWithSecuritySoln})." |
There was a problem hiding this comment.
| defaultMessage="We recommend that Elastic Security users disable logsdb index mode before upgrading ({logsDataStreamDocs}). The logsdb index mode requires extra CPU capacity during the data indexing process. To avoid timeouts and errors for your data ingestion backups and security detection rules, you should disable the logsdb index mode unless you are sure enough additional hot data tier CPU capacity has been provisioned. You can enable it again after the upgrade ({indexModeWithSecuritySoln})." | |
| defaultMessage="We recommend that Elastic Security users disable logsdb index mode before upgrading ({logsDataStreamDocs}), if not already using logsdb. The logsdb index mode requires extra CPU capacity during the data indexing process. To avoid timeouts and errors for your security detection rules and/or data ingestion backups, you should disable the logsdb index mode unless you are sure enough additional hot data tier CPU capacity has been provisioned. You can enable it again later after the upgrade ({indexModeWithSecuritySoln})." |
|
++ that sounds good to me @tylerperk. I'm a little concerned that showing this to all users is suboptimal. I'm hoping we can conditionally show this to users who have this setting enabled. I'm not super familiar with the functionality, but if we do want to go ahead is there a simple way for us to check for that setting? |
|
@jloleysens - updated copy below for the callout however we will need to update the percent metrics prior to release as these numbers aren't solidified (aligned with @uric, cc: @MikePaquette, @florent-leborgne for review) @martijnvg @florent-leborgne - is there existing documentation/instructions for how to disable
|
@shainaraskas would you know? |
|
We'll have instructions for disabling in the security solution docs (elastic/security-docs#6409), but having it documented elsewhere would be beneficial too imo. I described one way to disable the setting in the linked issue. |
|
We don't have this documented, as far as I can tell. I think the most appropriate home would be the logs data stream docs. As an aside, it looks like we don't have |
|
We also have this security-specific doc https://www.elastic.co/guide/en/security/current/detections-logsdb-index-mode-impact.html |
jloleysens
changed the title
| <EuiCallOut title={i18nTexts.securitySolnLogsDBCalloutTitle}> | ||
| <FormattedMessage | ||
| id="xpack.upgradeAssistant.overview.securitySolutionLogsDBCalloutBody" | ||
| defaultMessage="Logsdb is a new index mode ({logsDataStreamDocs}) that is applied to {logsPattern} data streams by default in Elasticsearch 9.0. Logsdb index mode results in significant storage savings (up to 70%) however adds up to X% CPU overhead during data ingestion. In 9.0, logsdb will be applied to newly ingested logs data . If your cluster's hot tier CPU utilization is high (more than Y% on average), it is recommended that you disable this default behavior prior to upgrading to avoid maxing out your hot tier CPU and the downstream issues it may cause. To disable, {indexModeWithSecuritySoln}. This setting can be changed after upgrade if desired." |
There was a problem hiding this comment.
Updated copy based on latest feedback. Still need values for X and Y.
@bitzandeb The setting enable or disable logsdb is called |
💚 Build Succeeded
Metrics [docs]Async chunks
Page load bundle
History
cc @jloleysens |
Summary
Close https://github.com/elastic/kibana-team/issues/1358
Last step in the Upgrade Assistant has additional calllout: