[ML] Adding job_type to job messages search (#45121)

* [ML] Adding job_type to job messages search * adding minimum_should_match
elastic · Sep 9, 2019 · b7aeaf5 · b7aeaf5
1 parent 2541850
commit b7aeaf5
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 7 deletions.
diff --git a/x-pack/legacy/plugins/ml/common/constants/index_patterns.ts b/x-pack/legacy/plugins/ml/common/constants/index_patterns.ts
@@ -9,5 +9,5 @@ export const ML_ANNOTATIONS_INDEX_ALIAS_WRITE = '.ml-annotations-write';
 export const ML_ANNOTATIONS_INDEX_PATTERN = '.ml-annotations-6';
 
 export const ML_RESULTS_INDEX_PATTERN = '.ml-anomalies-*';
-export const ML_NOTIFICATION_INDEX_PATTERN = '.ml-notifications';
+export const ML_NOTIFICATION_INDEX_PATTERN = '.ml-notifications*';
 export const ML_DF_NOTIFICATION_INDEX_PATTERN = '.data-frame-notifications-1';
diff --git a/x-pack/legacy/plugins/ml/public/services/job_messages_service.js b/x-pack/legacy/plugins/ml/public/services/job_messages_service.js
@@ -13,6 +13,30 @@
 import { ML_NOTIFICATION_INDEX_PATTERN } from 'plugins/ml/../common/constants/index_patterns';
 import { ml } from 'plugins/ml/services/ml_api_service';
 
+// filter to match job_type: 'anomaly_detector' or no job_type field at all
+// if no job_type field exist, we can assume the message is for an anomaly detector job
+const anomalyDetectorTypeFilter = {
+  bool: {
+    should: [
+      {
+        term: {
+          job_type: 'anomaly_detector'
+        }
+      },
+      {
+        bool: {
+          must_not: {
+            exists: {
+              field: 'job_type'
+            }
+          }
+        }
+      }
+    ],
+    minimum_should_match: 1
+  }
+};
+
 // search for audit messages, jobId is optional.
 // without it, all jobs will be listed.
 // fromRange should be a string formatted in ES time units. e.g. 12h, 1d, 7d
@@ -74,6 +98,7 @@ function getJobAuditMessages(fromRange, jobId) {
                   }
                 }
               },
+              anomalyDetectorTypeFilter,
               jobFilter,
               timeFilter
             ]
@@ -105,13 +130,16 @@ function getAuditMessagesSummary() {
       body: {
         query: {
           bool: {
-            filter: {
-              range: {
-                timestamp: {
-                  gte: 'now-1d'
+            filter: [
+              {
+                range: {
+                  timestamp: {
+                    gte: 'now-1d'
+                  }
                 }
-              }
-            }
+              },
+              anomalyDetectorTypeFilter
+            ]
           }
         },
         aggs: {