Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Doc level queries issues #1296

Closed
eirsep opened this issue Nov 2, 2023 · 2 comments
Closed

[BUG] Doc level queries issues #1296

eirsep opened this issue Nov 2, 2023 · 2 comments
Labels
bug Something isn't working v2.11.1 Issues targeting release v2.11.1 v2.12.0 Issues targeting release v2.12.0

Comments

@eirsep
Copy link
Member

eirsep commented Nov 2, 2023
edited
Loading

  • The mappings are not being created correctly. i createad a doc level monitor quering on indices b* with one query "query": "f1:\"abc\"" (only one index b1 is present with 2 text fields f1 and f2). It created 7 doc level queries :
{
  "took": 17,
  "timed_out": false,
  "_shards": {
    "total": 5,
    "successful": 5,
    "skipped": 0,
    "failed": 0
  },
  "hits": {
    "total": {
      "value": 7,
      "relation": "eq"
    },
    "max_score": 4.5849676,
    "hits": [
      {
        "_index": ".opensearch-alerting-queries-000001",
        "_id": "0924b123-b357-47f2-82fa-79eb0135c52a_b__",
        "_score": 4.5849676,
        "_source": {
          "query": {
            "query_string": {
              "query": "f1_b__:\"abc\""
            }
          },
          "monitor_id": "",
          "index": "b_"
        }
      },
      {
        "_index": ".opensearch-alerting-queries-000001",
        "_id": "47fbdaba-4060-4599-b770-b32a717ce3ce_b__",
        "_score": 2.2335923,
        "_source": {
          "query": {
            "query_string": {
              "query": "f1_b__:\"a\""
            }
          },
          "monitor_id": "",
          "index": "b_"
        }
      },
      {
        "_index": ".opensearch-alerting-queries-000001",
        "_id": "584e9986-691c-4ea9-bd5f-398a6592dfbe_b__",
        "_score": 1.0296195,
        "_source": {
          "query": {
            "query_string": {
              "query": "f1_b__:\"a\""
            }
          },
          "monitor_id": "",
          "index": "b_"
        }
      },
      {
        "_index": ".opensearch-alerting-queries-000001",
        "_id": "304eb495-ea79-47bc-830d-e4b628ee0710_b__",
        "_score": 1.0296195,
        "_source": {
          "query": {
            "query_string": {
              "query": "f1_b__:\"ab\""
            }
          },
          "monitor_id": "",
          "index": "b_"
        }
      },
      {
        "_index": ".opensearch-alerting-queries-000001",
        "_id": "47ef73c1-5acb-40b2-9e7d-f2447c7cc31a_b__",
        "_score": 0.61618614,
        "_source": {
          "query": {
            "query_string": {
              "query": "f1_b__:\"ab\""
            }
          },
          "monitor_id": "",
          "index": "b_"
        }
      },
      {
        "_index": ".opensearch-alerting-queries-000001",
        "_id": "f8050eb5-bc9f-4d10-9a91-ce20ed194841_b__",
        "_score": 0.61618614,
        "_source": {
          "query": {
            "query_string": {
              "query": "f1_b__:\"abc\""
            }
          },
          "monitor_id": "",
          "index": "b_"
        }
      },
      {
        "_index": ".opensearch-alerting-queries-000001",
        "_id": "dbeb4e4e-7b70-4d46-8947-adcf87797311_b__9zWfj4sBq2_gVOCf0CIc",
        "_score": 0.61618614,
        "_source": {
          "query": {
            "query_string": {
              "query": "f1_b__9zWfj4sBq2_gVOCf0CIc:\"abc\""
            }
          },
          "monitor_id": "9zWfj4sBq2_gVOCf0CIc",
          "index": "b_"
        }
      }
    ]
  }
}
  • When we delete doc level monitor quering on index pattern , doc level queries are not being deleted.
  • There are doc level queries where some are created with monitor_id as "" and some with actual monitor_id. Why is monitor_id not being set in some of the queries?
  • Index field in doc level query is shown as b_ instead of b* What is the reason for doing this? Can we escape the * and use a better representation?
  • the optimization works only when the query fields with same name in different indices has the same. once the field types are different. for each new index, there is a new document
@eirsep eirsep added bug Something isn't working untriaged v2.12.0 Issues targeting release v2.12.0 v2.11.1 Issues targeting release v2.11.1 and removed untriaged labels Nov 2, 2023
@jowg-amazon
Copy link
Collaborator

How to reproduce these steps:

  1. Create an alerting doc level monitor from the UI
  2. Do a search call into the .opensearch-alerting-queries index

Ex.
POST /.opensearch-alerting-queries-000001/_search
{
"query":
{
"match_all": {}
}
}

@jowg-amazon
Copy link
Collaborator

In the front end when we type any character into the value field for a doc level monitor, it also sends an execute monitor to the back end because of the alerting preview query functionality. It essentially does a monitor dry run at every key press. The queries are then indexed into the query index for the dry run but is not cleaned up afterwards. This is why there are multiple queries being created and why some queries don’t have monitor ids.

@jowg-amazon jowg-amazon mentioned this issue Feb 15, 2024
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working v2.11.1 Issues targeting release v2.11.1 v2.12.0 Issues targeting release v2.12.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@eirsep @praveensameneni @jowg-amazon