[PoC] Dashboard queries API #173416
Draft
[PoC] Dashboard queries API #173416
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was referenced Jan 24, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This "move fast and break things" PoC adds an HTTP endpoint for reporting queries that will be run when a particular dashboard is loaded.
Example request
Example response
{ "panels": [ { "title": "Records over time", "queries": [ { "query": "from kibana_sample_data_logs | limit 10 | EVAL timestamp=DATE_TRUNC(30 second, @timestamp) | stats rows = count(*) by timestamp | rename timestamp as `@timestamp every 30 second`", "locale": "en", "filter": { "bool": { "must": [], "filter": [], "should": [], "must_not": [] } } } ] }, { "title": "Bytes by host", "queries": [ { "aggs": { "0": { "terms": { "field": "agent.keyword", "order": { "1": "desc" }, "size": 2, "shard_size": 25 }, "aggs": { "1": { "sum": { "field": "bytes" } } } } }, "size": 0, "fields": [ { "field": "@timestamp", "format": "date_time" }, { "field": "timestamp", "format": "date_time" }, { "field": "utc_time", "format": "date_time" } ], "script_fields": {}, "stored_fields": [ "*" ], "runtime_mappings": { "hour_of_day": { "type": "long", "script": { "source": "emit(doc['timestamp'].value.getHour());" } } }, "_source": { "excludes": [] }, "query": { "bool": { "must": [], "filter": [], "should": [], "must_not": [] } } }, { "aggs": { "other-filter": { "aggs": { "1": { "sum": { "field": "bytes" } } }, "filters": { "filters": { "": { "bool": { "must": [], "filter": [ { "exists": { "field": "agent.keyword" } } ], "should": [], "must_not": [ { "match_phrase": { "agent.keyword": "Mozilla/5.0 (X11; Linux x86_64; rv:6.0a1) Gecko/20110421 Firefox/6.0a1" } }, { "match_phrase": { "agent.keyword": "Mozilla/5.0 (X11; Linux i686) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.50 Safari/534.24" } } ] } } } } } }, "size": 0, "fields": [ { "field": "@timestamp", "format": "date_time" }, { "field": "timestamp", "format": "date_time" }, { "field": "utc_time", "format": "date_time" } ], "script_fields": {}, "stored_fields": [ "*" ], "runtime_mappings": { "hour_of_day": { "type": "long", "script": { "source": "emit(doc['timestamp'].value.getHour());" } } }, "_source": { "excludes": [] }, "query": { "bool": { "must": [], "filter": [], "should": [], "must_not": [] } } } ] } ] }Video
Screen.Recording.2023-12-14.at.11.43.43.AM.mov
Technical analysis
Key files
RequestAdapter.Getting Lens code to run on the server
The most time-consuming part of this was preparing the Lens code that creates the expressions to run on the server. Currently, Lens liberally mixes browser-dependent code with env-agnostic code. For example, the datasource and visualization classes, as well as all the operation definitions for the form-based datasource contain expression building logic, state manipulation, and UI components as methods.
The most low-impact way I found to make some of this logic available on the server was to define paired-down interfaces in the common context that only include the things that need to be used server-side and client-side. For example,
DatasourceCommonlooks like this:Then, the existing client-side interfaces can inherit from the common versions (on the implementation side, a spread operator does the trick).
This pattern could be repeated for the form-based datasource's operators.
Other panel types
Each panel type has a distinct architecture and will require a distinct amount of effort (e.g. extracting the query from Vega visualizations is trivial since it is stored in the configuration itself).
In the context of integrations, Lens is by-far the most important panel to support. However, it would be nice to expand. By usage, saved searches are the number-2 panel out of those that initiate a request.
Current PoC Limitations
None of these limitations are fundamental. They simply exist because I ran out of time. I expect most of them to be quite simple to resolve.
Hosting the route in the dashboard app creates a circular dependency with Lens (probably other panel types, too). Probably makes sense to host the route it its own plugin.no longer true as of [Lens] Cleanup, removes dashboard plugin dependency #179245