Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
OpenSearch 2.4.1 (docker hub image)
OpenSearch dashboards 2.4.1 (docker hub image)
Browser: firefox 108.0.1, edge 108.0.1462.54
Describe the issue:
The alert window only shows the last alert and hides the historic alerts. After selecting a different number of rows per page twice, it updates and shows the full alert history. Is this a known bug or not and do I have to report this somewhere else but here?
Configuration:
{
"name": "Outlook service status",
"type": "monitor",
"monitor_type": "query_level_monitor",
"enabled": false,
"schedule": {
"period": {
"unit": "MINUTES",
"interval": 1
}
},
"inputs": [
{
"search": {
"indices": [
"metricbeat-2023.01.04"
],
"query": {
"size": 0,
"aggregations": {},
"query": {
"bool": {
"filter": [
{
"range": {
"@timestamp": {
"gte": "{{period_end}}||-3m",
"lte": "{{period_end}}",
"format": "epoch_millis"
}
}
},
{
"query_string": {
"query": "*OUTLOOK*",
"default_field": "process.name"
}
}
]
}
}
}
}
}
],
"triggers": [
{
"query_level_trigger": {
"id": "7T9gfIUBB0aKSVo3-pUv",
"name": "Outlook service is offline",
"severity": "1",
"condition": {
"script": {
"source": "ctx.results[0].hits.total.value < 1",
"lang": "painless"
}
},
"actions": [
{
"id": "7j9gfIUBB0aKSVo3-pUw",
"name": "Mail alert",
"destination_id": "UPZNfIUBzA9Hl0abJhmB",
"message_template": {
"source": "Monitor {{ctx.monitor.name}} just entered alert status. Please investigate the issue.\n - Trigger: {{ctx.trigger.name}}\n - Severity: {{ctx.trigger.severity}}\n - Period start: {{ctx.periodStart}}\n - Period end: {{ctx.periodEnd}}",
"lang": "mustache"
},
"throttle_enabled": false,
"subject_template": {
"source": "Outlook service status alert",
"lang": "mustache"
}
}
]
}
}
],
"ui_metadata": {
"schedule": {
"timezone": null,
"frequency": "interval",
"period": {
"unit": "MINUTES",
"interval": 1
},
"daily": 0,
"weekly": {
"tue": false,
"wed": false,
"thur": false,
"sat": false,
"fri": false,
"mon": false,
"sun": false
},
"monthly": {
"type": "day",
"day": 1
},
"cronExpression": "0 */1 * * *"
},
"monitor_type": "query_level_monitor",
"search": {
"searchType": "graph",
"timeField": "@timestamp",
"aggregations": [],
"groupBy": [],
"bucketValue": 3,
"bucketUnitOfTime": "m",
"where": {
"fieldName": [
{
"label": "process.name",
"type": "text"
}
],
"fieldRangeEnd": 0,
"fieldRangeStart": 0,
"fieldValue": "OUTLOOK",
"operator": "contains"
}
}
}
}
Relevant Logs or Screenshots:
Only after selecting “rows per page: 20” twice, the full alert history is shown.
