elastic · lcawl · Feb 7, 2023 · Feb 1, 2023 · Feb 2, 2023 · Feb 2, 2023
@@ -1,104 +1,107 @@
-[role="xpack"]
 [[index-action-type]]
-=== Index connector and action
+== Index connector and action
 ++++
 <titleabbrev>Index</titleabbrev>
 ++++
 
-The index connector will index a document into {es}. See also the 
-{ref}/indices-create-index.html[create index API].
+An index connector indexes a document into {es}.
+
+You can create index connectors in {kib} or by using the
+<<create-connector-api,create connector API>>. Alternatively, you can use the <<preconfigured-connector-alert-history,preconfigured alert history {es} index connector>>.
+If you are running {kib} on-prem, you can also create more preconfigured index
+connectors.
 
 [float]
 [[index-connector-configuration]]
-==== Connector configuration
-
-Index connectors have the following configuration properties.
-
-Name::
-The name of the connector. The name is used to identify a connector in the 
-management UI connector listing, or in the connector list when configuring an 
-action.
+=== Connector configuration
 
-Index::
-The {es} index to be written to.
+Index connectors must have a name and an {es} index. You can optionally set the
+{ref}/docs-refresh.html[refresh] policy and the time field, which contains the
+details about when each alert condition was detected.
 
-Refresh::
-Setting for the {ref}/docs-refresh.html[refresh] policy for the write request.
+[float]
+[[define-index-ui]]
+=== Create connectors in {kib}
 
-Execution time field:: 
-This field will be automatically set to the time the alert condition was 
-detected.
+You can create connectors in *{stack-manage-app} > {connectors-ui}*
+or as needed when you're creating a rule. For example:
 
+[role="screenshot"]
+image::management/connectors/images/index-connector.png[Index connector]
+// NOTE: This is an autogenerated screenshot. Do not edit it directly.
 
 [float]
-[[Preconfigured-index-configuration]]
-==== Preconfigured connector type
+[[preconfigured-index-configuration]]
+=== Create preconfigured connectors
+
+If you are running {kib} on-prem, you can define connectors by
+adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
+For example:
 
 [source,text]
 --
- my-index:
-   name: preconfigured-index-connector-type
-   actionTypeId: .index
-   config:
-     index: .kibana
-     refresh: true
-     executionTimeField: somedate
+xpack.actions.preconfigured:
+  my-index:
+    name: preconfigured-index-connector-type
+    actionTypeId: .index
+    config:
+      index: .kibana
+      refresh: true <1>
+      executionTimeField: my-field
 --
+<1> By default, the {ref}/docs-refresh.html[refresh] policy is `false`.
 
-Config defines information for the connector type.
+For more information, go to <<pre-configured-connectors>>.
 
-`index`::
-A string that corresponds to *Index*.
-
-`refresh`::
-A boolean that corresponds to *Refresh*. Defaults to `false`.
+[float]
+[[preconfigured-connector-alert-history]]
+==== Preconfigured alert history {es} index connector
 
-`executionTimeField`::
-A string that corresponds to *Execution time field*.
+preview::[]
 
+{kib} offers a preconfigured index connector to facilitate indexing active alert
+data into {es}.
 
-[float]
-[[define-index-ui]]
-==== Define connector in {stack-manage-app}
+To use this connector, set
+<<action-settings,`xpack.actions.preconfiguredAlertHistoryEsIndex`>> to `true`.
 
-Define Index connector properties.
+When you subsequently create rules, you can use the
+`Alert history Elasticsearch index (preconfigured)` connector.
 
 [role="screenshot"]
-image::management/connectors/images/index-connector.png[Index connector]
-
-Test Index action parameters.
+image::images/pre-configured-alert-history-connector.png[Select pre-configured alert history connectors]
 
-[role="screenshot"]
-image::management/connectors/images/index-params-test.png[Index params test]
+Documents are indexed using a preconfigured schema that captures the 
+<<defining-rules-actions-variables,action variables>> available for the rule. 
+By default, these documents are indexed into the `kibana-alert-history-default` 
+index, but you can specify a different index. Index names must start with 
+`kibana-alert-history-` to take advantage of the preconfigured alert history 
+index template.
 
+[IMPORTANT]
+====
+* To write documents to the preconfigured index, you must have `all` or `write` 
+privileges to the `kibana-alert-history-*` indices. Refer to 
+<<kibana-role-management>> for more information.
+* The `kibana-alert-history-*` indices are not configured to use ILM so they must 
+be maintained manually. If the index size grows large, consider using the 
+{ref}/docs-delete-by-query.html[delete by query] API to clean up older documents 
+in the index.
+====
 
 [float]
 [[index-action-configuration]]
-==== Action configuration
-
-Index actions have the following properties.
+=== Test connectors
 
-Document::
-The document to index in JSON format.
+You can test connectors with the <<execute-connector-api,run connector API>> or
+as you're creating or editing the connector in {kib}. For example:
 
+[role="screenshot"]
+image::management/connectors/images/index-params-test.png[Index params test]
+// NOTE: This is an autogenerated screenshot. Do not edit it directly.
 
-[float]
-[[index-action-example]]
-==== Example
-
-Example of the index document for Index Threshold rule:
-
-[source,text]
---------------------------------------------------
-{
-    "rule_id": "{{rule.id}}",
-    "rule_name": "{{rule.name}}",
-    "alert_id": "{{alert.id}}",
-    "context_message": "{{context.message}}"
-}
---------------------------------------------------
-
-Example of creating a test index using the API.
+Index connector actions contain a document in JSON format. For example, if you
+have an index with the following properties:
 
 [source,text]
 --------------------------------------------------
@@ -118,51 +121,14 @@ PUT test
 }
 --------------------------------------------------
 
+Your test document could contain the following properties and variables:
 
-[float]
-[[preconfigured-connector-alert-history]]
-=== Alert history {es} index connector
-
-experimental[] {kib} offers a preconfigured index connector to facilitate indexing active alert data into {es}.
-
-[WARNING]
-==================================================
-This functionality is in technical preview and may be changed or removed 
-completely in a future release.
-==================================================
-
-To use this connector, set the 
-<<action-settings, `xpack.actions.preconfiguredAlertHistoryEsIndex`>> 
-configuration to `true`.
-
-```js
-  xpack.actions.preconfiguredAlertHistoryEsIndex: true
-```
-
-When creating a new rule, add an <<index-action-type, Index action>> and select 
-the `Alert history Elasticsearch index (preconfigured)` connector.
-
-[role="screenshot"]
-image::images/pre-configured-alert-history-connector.png[Select pre-configured alert history connectors]
-
-Documents are indexed using a preconfigured schema that captures the 
-<<defining-rules-actions-variables, action variables>> available for the rule. 
-By default, these documents are indexed into the `kibana-alert-history-default` 
-index, but you can specify a different index. Index names must start with 
-`kibana-alert-history-` to take advantage of the preconfigured alert history 
-index template.
-
-[IMPORTANT]
-==============================================
-To write documents to the preconfigured index, you must have `all` or `write` 
-privileges to the `kibana-alert-history-*` indices. Refer to 
-<<kibana-role-management>> for more information.
-==============================================
-
-[NOTE]
-==================================================
-The `kibana-alert-history-*` indices are not configured to use ILM so they must 
-be maintained manually. If the index size grows large, consider using the 
-{ref}/docs-delete-by-query.html[delete by query] API to clean up older documents 
-in the index.
-==================================================
+[source,text]
+--------------------------------------------------
+{
+    "rule_id": "{{rule.id}}",
+    "rule_name": "{{rule.name}}",
+    "alert_id": "{{alert.id}}",
+    "context_message": "{{context.message}}"
+}
+--------------------------------------------------
@@ -6,9 +6,9 @@
 
 A server log connector writes an entry to the {kib} server log.
 
-You can create a server log connector in {kib} or by using the
+You can create a server log connectors in {kib} or by using the
 <<create-connector-api,create connector API>>. If you are running {kib}
-on-prem, you can also create a preconfigured server log connector.
+on-prem, you can also create preconfigured server log connectors.
 
 [float]
 [[server-log-connector-configuration]]
@@ -18,9 +18,9 @@ Server log connectors do not have any configuration properties other than a name
 
 [float]
 [[define-serverlog-ui]]
-=== Create a connector in {kib}
+=== Create connectors in {kib}
 
-You can create a server log connector in *{stack-manage-app} > {connectors-ui}*
+You can create connectors in *{stack-manage-app} > {connectors-ui}*
 or as needed when you're creating a rule. For example:
 
 [role="screenshot"]
@@ -29,11 +29,10 @@ image::management/connectors/images/serverlog-connector.png[Server log connector
 
 [float]
 [[preconfigured-server-log-configuration]]
-=== Create a preconfigured connector
+=== Create preconfigured connectors
 
-If you are running {kib} on-prem, you can define a server log connector by
-adding `xpack.actions.preconfigured` settings to your `kibana.yml` file.
-For example:
+If you are running {kib} on-prem, you can define connectors by adding
+`xpack.actions.preconfigured` settings to your `kibana.yml` file. For example:
 
 [source,text]
 --
@@ -47,18 +46,15 @@ For more information, go to <<pre-configured-connectors>>.
 
 [float]
 [[server-log-action-configuration]]
-=== Test the connector
+=== Test connectors
 
-You can test your server log connector with the
-<<execute-connector-api,run connector API>> or as you're creating or editing
-the connector in {kib}. For example:
+You can test connectors with the <<execute-connector-api,run connector API>> or
+as you're creating or editing the connector in {kib}. For example:
 
 [role="screenshot"]
 image::management/connectors/images/serverlog-params-test.png[Server log connector test]
 // NOTE: This is an autogenerated screenshot. Do not edit it directly.
 
-Server log actions have the following properties:
-
-Message::   The message to log.
-Level::     The log level of the message: `trace`, `debug`, `info`, `warn`, `error` or `fatal`. Defaults to `info`.
+Server log connector actions contain a message and a log level, which defaults to `info`. Valid log level values are `trace`, `debug`, `info`, `warn`, `error`,
+and `fatal`.
 
@@ -1,6 +1,6 @@
 include::action-types/email.asciidoc[]
 include::action-types/resilient.asciidoc[]
-include::action-types/index.asciidoc[]
+include::action-types/index.asciidoc[leveloffset=+1]
 include::action-types/jira.asciidoc[]
 include::action-types/teams.asciidoc[]
 include::action-types/opsgenie.asciidoc[]

@@ -13,14 +13,23 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) {
   const pageObjects = getPageObjects(['common', 'header']);
   const actions = getService('actions');
   const testSubjects = getService('testSubjects');
+  const comboBox = getService('comboBox');
+  const es = getService('es');
+  const testIndex = `test-index`;
+  const indexDocument =
+    `{\n` +
+    `"rule_id": "{{rule.id}}",\n` +
+    `"rule_name": "{{rule.name}}",\n` +
+    `"alert_id": "{{alert.id}}",\n` +
+    `"context_message": "{{context.message}}"\n`;
 
   describe('connector types', function () {
     beforeEach(async () => {
       await pageObjects.common.navigateToApp('connectors');
       await pageObjects.header.waitUntilLoadingHasFinished();
     });
 
-    it('serverlog connector screenshot', async () => {
+    it('server log connector screenshots', async () => {
       await pageObjects.common.navigateToApp('connectors');
       await pageObjects.header.waitUntilLoadingHasFinished();
       await actions.common.openNewConnectorForm('server-log');
@@ -32,5 +41,38 @@ export default function ({ getService, getPageObjects }: FtrProviderContext) {
       const flyOutCancelButton = await testSubjects.find('euiFlyoutCloseButton');
       await flyOutCancelButton.click();
     });
+
+    it('index connector screenshots', async () => {
+      await es.indices.create({
+        index: testIndex,
+        body: {
+          mappings: {
+            properties: {
+              date_updated: {
+                type: 'date',
+                format: 'epoch_millis',
+              },
+            },
+          },
+        },
+      });
+      await pageObjects.common.navigateToApp('connectors');
+      await pageObjects.header.waitUntilLoadingHasFinished();
+      await actions.common.openNewConnectorForm('index');
+      await testSubjects.setValue('nameInput', 'Index test connector');
+      await comboBox.set('connectorIndexesComboBox', testIndex);
+      const timeFieldToggle = await testSubjects.find('hasTimeFieldCheckbox');
+      await timeFieldToggle.click();
+      await commonScreenshots.takeScreenshot('index-connector', screenshotDirectories);
+      const saveTestButton = await testSubjects.find('create-connector-flyout-save-test-btn');
+      await saveTestButton.click();
+      await testSubjects.setValue('actionJsonEditor', indexDocument);
+      await commonScreenshots.takeScreenshot('index-params-test', screenshotDirectories);
+      const flyOutCancelButton = await testSubjects.find('euiFlyoutCloseButton');
+      await flyOutCancelButton.click();
+    });
+    after(async () => {
+      await es.indices.delete({ index: testIndex });
+    });
   });
 }