diff --git a/docs/user/alerting/action-types.asciidoc b/docs/user/alerting/action-types.asciidoc index 599cce3a03cd9..586feeb032cb4 100644 --- a/docs/user/alerting/action-types.asciidoc +++ b/docs/user/alerting/action-types.asciidoc @@ -1,6 +1,6 @@ [role="xpack"] [[action-types]] -== Action and connector types +== Actions and connectors Actions are Kibana services or integrations with third-party systems that run as background tasks on the Kibana server when alert conditions are met. {kib} provides the following types of actions: diff --git a/docs/user/alerting/alert-types.asciidoc b/docs/user/alerting/alert-types.asciidoc index 4da42e9d6bd5f..ea8d46834c408 100644 --- a/docs/user/alerting/alert-types.asciidoc +++ b/docs/user/alerting/alert-types.asciidoc @@ -1,6 +1,6 @@ [role="xpack"] [[alert-types]] -== Alert types +== Alerts {kib} supplies alert types in two ways: some are built into {kib} (these are known as stack alerts), while domain-specific alert types are registered by {kib} apps. @@ -26,6 +26,3 @@ For domain-specific alerts, refer to the documentation for that app. * {security-guide}/prebuilt-rules.html[Security alerts] * <> * <> - -include::stack-alerts/index-threshold.asciidoc[] -include::stack-alerts/es-query.asciidoc[] diff --git a/x-pack/plugins/event_log/server/routes/get_events_summary_by_saved_object_ids.ts b/x-pack/plugins/event_log/server/routes/get_events_summary_by_saved_object_ids.ts new file mode 100644 index 0000000000000..f052443645a20 --- /dev/null +++ b/x-pack/plugins/event_log/server/routes/get_events_summary_by_saved_object_ids.ts @@ -0,0 +1,92 @@ +/* + * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one + * or more contributor license agreements. Licensed under the Elastic License + * 2.0; you may not use this file except in compliance with the Elastic License + * 2.0. + */ + +import { schema, TypeOf } from '@kbn/config-schema'; +import type { + KibanaRequest, + IKibanaResponse, + KibanaResponseFactory, + Logger, +} from 'src/core/server'; +import type { EventLogRouter, EventLogRequestHandlerContext } from '../types'; + +import { BASE_EVENT_LOG_API_PATH } from '../../common'; + +const optionalDateFieldSchema = schema.maybe( + schema.string({ + validate(value) { + if (isNaN(Date.parse(value))) { + return 'Invalid Date'; + } + }, + }) +); + +const optionsSchema = schema.object({ + start: optionalDateFieldSchema, + end: optionalDateFieldSchema, +}); + +const paramSchema = schema.object({ + type: schema.string(), +}); + +const bodySchema = schema.object({ + ids: schema.arrayOf(schema.string(), { defaultValue: [] }), + aggs: schema.recordOf(schema.string(), schema.any()), +}); + +export const getEventsSummaryBySavedObjectIdsRoute = ( + router: EventLogRouter, + systemLogger: Logger +) => { + router.post( + { + path: `${BASE_EVENT_LOG_API_PATH}/{type}/saved_object_summary`, + validate: { + params: paramSchema, + query: optionsSchema, + body: bodySchema, + }, + }, + router.handleLegacyErrors(async function ( + context: EventLogRequestHandlerContext, + req: KibanaRequest< + TypeOf, + TypeOf | undefined, + TypeOf + >, + res: KibanaResponseFactory + ): Promise { + if (!context.eventLog) { + return res.badRequest({ body: 'RouteHandlerContext is not registered for eventLog' }); + } + const eventLogClient = context.eventLog.getEventLogClient(); + const { + params: { type }, + body: { ids, aggs }, + query, + } = req; + + try { + return res.ok({ + body: await eventLogClient.getEventsSummaryBySavedObjectIds( + type, + ids, + aggs, + query?.start, + query?.end + ), + }); + } catch (err) { + const call = `getEventsSummaryBySavedObjectIdsRoute([${ids}], ${JSON.stringify(query)})`; + systemLogger.debug(`error calling eventLog ${call}: ${err.message}`); + return res.notFound(); + } + }) + ); +};