diff --git a/packages/mongodb/changelog.yml b/packages/mongodb/changelog.yml index dfdaa14bd09..e89fbd281f5 100644 --- a/packages/mongodb/changelog.yml +++ b/packages/mongodb/changelog.yml @@ -1,3 +1,8 @@ +- version: "1.23.0" + changes: + - description: Package Alerting Rule Template. + type: enhancement + link: https://github.com/elastic/integrations/pull/99999 - version: "1.22.0" changes: - description: Allow @custom pipeline access to event.original without setting preserve_original_event. diff --git a/packages/mongodb/data_stream/log/elasticsearch/ingest_pipeline/pipeline-json.yml b/packages/mongodb/data_stream/log/elasticsearch/ingest_pipeline/pipeline-json.yml index 579ca7d604e..0a81c14d63f 100644 --- a/packages/mongodb/data_stream/log/elasticsearch/ingest_pipeline/pipeline-json.yml +++ b/packages/mongodb/data_stream/log/elasticsearch/ingest_pipeline/pipeline-json.yml @@ -49,6 +49,11 @@ processors: - mongodb.log.truncated - mongodb.log.size ignore_missing: true +- remove: + field: message + ignore_missing: true + if: 'ctx.event?.original != null' + description: 'The `message` field is no longer required if the document has an `event.original` field.' on_failure: - set: field: error.message diff --git a/packages/mongodb/kibana/alerting_rule_template/mongodb-cache-usage-high.json b/packages/mongodb/kibana/alerting_rule_template/mongodb-cache-usage-high.json new file mode 100644 index 00000000000..394ec6eac5a --- /dev/null +++ b/packages/mongodb/kibana/alerting_rule_template/mongodb-cache-usage-high.json @@ -0,0 +1,36 @@ +{ + "id": "mongodb-cache-usage-high", + "type": "alerting_rule_template", + "attributes": { + "name": "[MongoDB Resources] WiredTiger cache pressure", + "tags": ["MongoDB", "Resources"], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "1m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "threshold": [0], + "thresholdComparator": ">", + "size": 100, + "esqlQuery": { + "esql": "FROM metrics-mongodb.status-default\n| STATS cache_used = AVG(`mongodb.status.wired_tiger.cache.used.bytes`),\n cache_max = AVG(`mongodb.status.wired_tiger.cache.maximum.bytes`) BY `service.address`\n| EVAL cache_usage_pct = (cache_used / cache_max) * 100\n| WHERE cache_usage_pct > 85" + }, + "aggType": "count", + "groupBy": "row", + "termSize": 5, + "sourceFields": [], + "timeField": "@timestamp", + "excludeHitsFromPreviousRun": true + }, + "alertDelay": { + "active": 1 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} + diff --git a/packages/mongodb/kibana/alerting_rule_template/mongodb-connection-usage-high.json b/packages/mongodb/kibana/alerting_rule_template/mongodb-connection-usage-high.json new file mode 100644 index 00000000000..587a8e971ef --- /dev/null +++ b/packages/mongodb/kibana/alerting_rule_template/mongodb-connection-usage-high.json @@ -0,0 +1,36 @@ +{ + "id": "mongodb-connection-usage-high", + "type": "alerting_rule_template", + "attributes": { + "name": "[MongoDB Availability] High connection usage", + "tags": ["MongoDB", "Availability"], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "1m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "threshold": [0], + "thresholdComparator": ">", + "size": 100, + "esqlQuery": { + "esql": "FROM metrics-mongodb.status-default\n| STATS current_conn = AVG(`mongodb.status.connections.current`),\n available_conn = AVG(`mongodb.status.connections.available`) BY `service.address`\n| EVAL connection_usage_pct = (current_conn / (current_conn + available_conn)) * 100\n| WHERE connection_usage_pct > 80" + }, + "aggType": "count", + "groupBy": "row", + "termSize": 5, + "sourceFields": [], + "timeField": "@timestamp", + "excludeHitsFromPreviousRun": true + }, + "alertDelay": { + "active": 1 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} + diff --git a/packages/mongodb/kibana/alerting_rule_template/mongodb-oplog-headroom-critical.json b/packages/mongodb/kibana/alerting_rule_template/mongodb-oplog-headroom-critical.json new file mode 100644 index 00000000000..a93e532adf2 --- /dev/null +++ b/packages/mongodb/kibana/alerting_rule_template/mongodb-oplog-headroom-critical.json @@ -0,0 +1,36 @@ +{ + "id": "mongodb-oplog-headroom-critical", + "type": "alerting_rule_template", + "attributes": { + "name": "[MongoDB Replication] Oplog headroom critically low", + "tags": ["MongoDB", "Replication"], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "1m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "threshold": [0], + "thresholdComparator": ">", + "size": 100, + "esqlQuery": { + "esql": "FROM metrics-mongodb.replstatus-default\n| STATS oplog_headroom_min = MIN(`mongodb.replstatus.headroom.min`) BY `mongodb.replstatus.set_name`\n| WHERE oplog_headroom_min < 3600000" + }, + "aggType": "count", + "groupBy": "row", + "termSize": 5, + "sourceFields": [], + "timeField": "@timestamp", + "excludeHitsFromPreviousRun": true + }, + "alertDelay": { + "active": 1 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} + diff --git a/packages/mongodb/kibana/alerting_rule_template/mongodb-replica-member-down.json b/packages/mongodb/kibana/alerting_rule_template/mongodb-replica-member-down.json new file mode 100644 index 00000000000..e412dacbe54 --- /dev/null +++ b/packages/mongodb/kibana/alerting_rule_template/mongodb-replica-member-down.json @@ -0,0 +1,36 @@ +{ + "id": "mongodb-replica-member-down", + "type": "alerting_rule_template", + "attributes": { + "name": "[MongoDB Replication] Replica member down", + "tags": ["MongoDB", "Replication"], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "1m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "threshold": [0], + "thresholdComparator": ">", + "size": 100, + "esqlQuery": { + "esql": "FROM metrics-mongodb.replstatus-default\n| STATS members_down = MAX(`mongodb.replstatus.members.down.count`) BY `mongodb.replstatus.set_name`, `service.address`\n| WHERE members_down > 0" + }, + "aggType": "count", + "groupBy": "row", + "termSize": 5, + "sourceFields": [], + "timeField": "@timestamp", + "excludeHitsFromPreviousRun": true + }, + "alertDelay": { + "active": 1 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} + diff --git a/packages/mongodb/kibana/alerting_rule_template/mongodb-replica-members-rollback.json b/packages/mongodb/kibana/alerting_rule_template/mongodb-replica-members-rollback.json new file mode 100644 index 00000000000..000d5a14674 --- /dev/null +++ b/packages/mongodb/kibana/alerting_rule_template/mongodb-replica-members-rollback.json @@ -0,0 +1,36 @@ +{ + "id": "mongodb-replica-members-rollback", + "type": "alerting_rule_template", + "attributes": { + "name": "[MongoDB Replication] Members in rollback state", + "tags": ["MongoDB", "Replication"], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "1m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "threshold": [0], + "thresholdComparator": ">", + "size": 100, + "esqlQuery": { + "esql": "FROM metrics-mongodb.replstatus-default\n| STATS rollback_members = MAX(`mongodb.replstatus.members.rollback.count`) BY `mongodb.replstatus.set_name`\n| WHERE rollback_members > 0" + }, + "aggType": "count", + "groupBy": "row", + "termSize": 5, + "sourceFields": [], + "timeField": "@timestamp", + "excludeHitsFromPreviousRun": true + }, + "alertDelay": { + "active": 1 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} + diff --git a/packages/mongodb/kibana/alerting_rule_template/mongodb-replication-lag-high.json b/packages/mongodb/kibana/alerting_rule_template/mongodb-replication-lag-high.json new file mode 100644 index 00000000000..2a1c27a3e05 --- /dev/null +++ b/packages/mongodb/kibana/alerting_rule_template/mongodb-replication-lag-high.json @@ -0,0 +1,36 @@ +{ + "id": "mongodb-replication-lag-high", + "type": "alerting_rule_template", + "attributes": { + "name": "[MongoDB Replication] High replication lag", + "tags": ["MongoDB", "Replication"], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "1m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "threshold": [0], + "thresholdComparator": ">", + "size": 100, + "esqlQuery": { + "esql": "FROM metrics-mongodb.replstatus-default\n| STATS replication_lag = MAX(`mongodb.replstatus.lag.max`) BY `mongodb.replstatus.set_name`\n| WHERE replication_lag > 10000" + }, + "aggType": "count", + "groupBy": "row", + "termSize": 5, + "sourceFields": [], + "timeField": "@timestamp", + "excludeHitsFromPreviousRun": true + }, + "alertDelay": { + "active": 1 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} + diff --git a/packages/mongodb/kibana/alerting_rule_template/mongodb-unhealthy-replica-members.json b/packages/mongodb/kibana/alerting_rule_template/mongodb-unhealthy-replica-members.json new file mode 100644 index 00000000000..37a609e9af2 --- /dev/null +++ b/packages/mongodb/kibana/alerting_rule_template/mongodb-unhealthy-replica-members.json @@ -0,0 +1,36 @@ +{ + "id": "mongodb-unhealthy-replica-members", + "type": "alerting_rule_template", + "attributes": { + "name": "[MongoDB Replication] Unhealthy replica members", + "tags": ["MongoDB", "Replication"], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "1m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "threshold": [0], + "thresholdComparator": ">", + "size": 100, + "esqlQuery": { + "esql": "FROM metrics-mongodb.replstatus-default\n| STATS unhealthy_members = MAX(`mongodb.replstatus.members.unhealthy.count`) BY `mongodb.replstatus.set_name`\n| WHERE unhealthy_members > 0" + }, + "aggType": "count", + "groupBy": "row", + "termSize": 5, + "sourceFields": [], + "timeField": "@timestamp", + "excludeHitsFromPreviousRun": true + }, + "alertDelay": { + "active": 1 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} + diff --git a/packages/mongodb/kibana/alerting_rule_template/mongodb-write-tickets-low.json b/packages/mongodb/kibana/alerting_rule_template/mongodb-write-tickets-low.json new file mode 100644 index 00000000000..4ef242d6d1e --- /dev/null +++ b/packages/mongodb/kibana/alerting_rule_template/mongodb-write-tickets-low.json @@ -0,0 +1,36 @@ +{ + "id": "mongodb-write-tickets-low", + "type": "alerting_rule_template", + "attributes": { + "name": "[MongoDB Performance] Low write tickets available", + "tags": ["MongoDB", "Performance"], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "1m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "threshold": [0], + "thresholdComparator": ">", + "size": 100, + "esqlQuery": { + "esql": "FROM metrics-mongodb.status-default\n| STATS write_tickets_available = AVG(`mongodb.status.wired_tiger.concurrent_transactions.write.available`) BY `service.address`\n| WHERE write_tickets_available < 10" + }, + "aggType": "count", + "groupBy": "row", + "termSize": 5, + "sourceFields": [], + "timeField": "@timestamp", + "excludeHitsFromPreviousRun": true + }, + "alertDelay": { + "active": 1 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} + diff --git a/packages/mongodb/manifest.yml b/packages/mongodb/manifest.yml index 5f404a85eaf..b92e24c6352 100644 --- a/packages/mongodb/manifest.yml +++ b/packages/mongodb/manifest.yml @@ -1,6 +1,6 @@ name: mongodb title: MongoDB -version: "1.22.0" +version: "1.23.0" description: Collect logs and metrics from MongoDB instances with Elastic Agent. type: integration categories: @@ -11,7 +11,7 @@ icons: title: logo mongodb size: 32x32 type: image/svg+xml -format_version: "3.0.2" +format_version: "3.5.0" conditions: kibana: version: "^8.13.0 || ^9.0.0"