[8.19] [Response Ops] [Dashboard] Create a rule from a dashboard ES|QL visualization (#217719)#220719
Merged
Zacqary merged 1 commit intoelastic:8.19from May 11, 2025
Merged
Conversation
…lization (elastic#217719) ## Summary Closes elastic#208854 This adds a tooltip action and a context menu action to the **ES|QL** panel type allowing the user to create an Elasticsearch Query rule from the visualization on the panel. Lens panels are currently not supported. ### Tooltip action <img width="1081" alt="Screenshot 2025-04-09 at 11 06 25 AM" src="https://github.com/user-attachments/assets/3315cd9f-6dda-44b0-8e7c-eb295c08b89f" /> Prefill the time field from the chart, and the alert window from the dashboard's current displayed time range: <img width="588" alt="Screenshot 2025-04-09 at 11 06 46 AM" src="https://github.com/user-attachments/assets/c06a99ab-ce67-4c88-b4ff-dd6edd9e864a" /> Add an extra clause to the end of the visualization's ES|QL query to set an alert threshold based on the data point that the user clicked on: <img width="562" alt="Screenshot 2025-04-09 at 11 06 55 AM" src="https://github.com/user-attachments/assets/27a6552b-b5be-4cb7-80aa-74c683b93ae4" /> ### Context menu action <img width="1107" alt="Screenshot 2025-04-09 at 11 07 41 AM" src="https://github.com/user-attachments/assets/fe6d7f76-68e6-4345-b2a8-e47d1363d7d8" /> Creating a rule from the context menu instead of from a tooltip doesn't give us a pre-filled threshold value, so we ask the user to specify it: <img width="563" alt="Screenshot 2025-04-09 at 11 07 48 AM" src="https://github.com/user-attachments/assets/83a7f51b-bb87-4637-b602-b169b3f0a375" /> ### Supported cases #### Breakdowns and split values: <img width="1077" alt="Screenshot 2025-04-09 at 11 14 47 AM" src="https://github.com/user-attachments/assets/d691d247-27af-45d1-82ac-b50aaa20e9f9" /> <img width="556" alt="Screenshot 2025-04-09 at 11 14 56 AM" src="https://github.com/user-attachments/assets/3b97f08d-00b5-464d-8700-59d6d4a4d473" /> #### Escaping column names <img width="668" alt="Screenshot 2025-04-09 at 11 18 08 AM" src="https://github.com/user-attachments/assets/ad98cb2a-d167-4175-acd5-bc81822a2d1c" /> <img width="574" alt="Screenshot 2025-04-09 at 11 18 42 AM" src="https://github.com/user-attachments/assets/d6805e93-2592-4a66-b59e-7ceffca579c7" /> ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) ## Release note Adds the Create alert rule action to ES|QL dashboard panels, usable from the panel context menu or by right-clicking a data point on the visualization. This allows you to generate an alert when the data on the chart crosses a certain threshold. --------- Co-authored-by: mbondyra <marta.bondyra@elastic.co> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Stratoula Kalafateli <efstratia.kalafateli@elastic.co> Co-authored-by: Marco Vettorello <vettorello.marco@gmail.com> Co-authored-by: Marco Liberati <dej611@users.noreply.github.com> Co-authored-by: dej611 <dej611@gmail.com> (cherry picked from commit 7e5c774) # Conflicts: # src/platform/plugins/shared/chart_expressions/expression_xy/public/expression_renderers/xy_chart_renderer.tsx # src/platform/plugins/shared/chart_expressions/expression_xy/tsconfig.json # x-pack/platform/plugins/shared/lens/kibana.jsonc # x-pack/platform/plugins/shared/lens/public/react_embeddable/initializers/initialize_edit.tsx
botelastic
bot
added
the
Feature:ExpressionLanguage
3 tasks
Contributor
💚 Build Succeeded
Metrics [docs]Module Count
Public APIs missing comments
Async chunks
Public APIs missing exports
Page load bundle
Unknown metric groupsAPI count
async chunk count
miscellaneous assets size
|
cnasikas
approved these changes
May 11, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport
This will backport the following commits from
mainto8.19:Questions ?
Please refer to the Backport tool documentation