Skip to content

[APM] Add kibana.alert.grouping to error count threshold alerts#254894

Open
fkanout wants to merge 4 commits intoelastic:mainfrom
fkanout:224901-apm-error-count-grouping-field
Open

[APM] Add kibana.alert.grouping to error count threshold alerts#254894
fkanout wants to merge 4 commits intoelastic:mainfrom
fkanout:224901-apm-error-count-grouping-field

Conversation

@fkanout
Copy link
Contributor

@fkanout fkanout commented Feb 25, 2026

Summary

Fixes #224901

Implements kibana.alert.grouping for the APM Error count threshold rule (apm.error_rate) as part of the Observability grouping initiative.

What changed

  • Added kibana.alert.grouping to active alert payloads in the error count executor.
  • Updated recovered alert context to prefer kibana.alert.grouping from the recovered alert document, with a backward-compatible fallback to reconstructed grouping for older alerts.
  • Added dynamic template mapping for kibana.alert.grouping.* (string fields as keyword) in APM rule alert mappings.
  • Updated unit and deployment-agnostic API integration tests to validate grouping behavior.
Screenshot 2026-02-25 at 12 33 43

Why

This makes grouping first-class in alert documents for filtering/search/autocomplete and aligns recovered context.grouping behavior with the expected source of truth (kibana.alert.grouping).

Test plan

  • yarn test:jest x-pack/solutions/observability/plugins/apm/server/routes/alerts/rule_types/error_count/register_error_count_rule_type.test.ts
  • yarn test:ftr --config x-pack/solutions/observability/test/api_integration_deployment_agnostic/configs/stateful/oblt.apm.stateful.config.ts --grep "error count threshold alert"

Validation results

  • Unit test suite: PASS (9/9)
  • Deployment-agnostic APM API integration scenario: PASS (11 passing)

Notes

  • No saved object migration required.
  • Mapping change is additive and scoped to kibana.alert.grouping.*.

@fkanout fkanout self-assigned this Feb 25, 2026
@fkanout fkanout added the release_note:skip Skip the PR/issue when compiling release notes label Feb 25, 2026
@fkanout fkanout requested a review from a team as a code owner February 25, 2026 11:41
@fkanout fkanout added Team:actionable-obs Formerly "obs-ux-management", responsible for SLO, o11y alerting, significant events, & synthetics. backport:version Backport to applied version labels v9.2.0 v9.3.0 v9.4.0 labels Feb 25, 2026
@botelastic botelastic bot added the Team:obs-presentation Focus: APM UI, Infra UI, Hosts UI, Universal Profiling, Obs Overview and left Navigation label Feb 25, 2026
@elasticmachine
Copy link
Contributor

elasticmachine commented Feb 25, 2026

Pinging @elastic/actionable-obs-team (Team:actionable-obs)

@elasticmachine
Copy link
Contributor

elasticmachine commented Feb 25, 2026

Pinging @elastic/obs-presentation-team (Team:obs-presentation)

@github-actions github-actions bot added the author:actionable-obs PRs authored by the actionable obs team label Feb 25, 2026
@fkanout fkanout requested a review from a team as a code owner February 25, 2026 14:09
@elasticmachine
Copy link
Contributor

elasticmachine commented Feb 25, 2026
edited
Loading

💔 Build Failed

Failed CI Steps

Test Failures

  • [job] [logs] Jest Tests #1 / Condition entry input selecting Hash md5, sha1, or sha256 should call onChange with process.hash.*
  • [job] [logs] Jest Tests #1 / TextareaInputArgument component should only send user input for display (valueText) to console when popup is closed

Metrics [docs]

‼️ ERROR: no builds found for mergeBase sha [48ac43a]

History

cc @fkanout

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@fkanout fkanout

Labels

author:actionable-obs PRs authored by the actionable obs team backport:version Backport to applied version labels release_note:skip Skip the PR/issue when compiling release notes Team:actionable-obs Formerly "obs-ux-management", responsible for SLO, o11y alerting, significant events, & synthetics. Team:obs-presentation Focus: APM UI, Infra UI, Hosts UI, Universal Profiling, Obs Overview and left Navigation v9.2.0 v9.3.0 v9.4.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[APM Error count rule] Add kibana.alert.grouping field

2 participants

@fkanout @elasticmachine