-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[RAC][Rule Registry] Rules that generate over 10K alerts cause an exception in the Kibana logs #122288
Comments
Pinging @elastic/kibana-alerting-services (Team:Alerting Services) |
Thanks Chris, I can't think of anything in the alerting plugin that would do that (as alerts aren't queryable docs at that level), I suspect Rule Registry is most likely doing this 🤔 We'll triage this and look into it 👍 @marshallmain @mikecote - any thoughts? @kobelb - wrt the conversation we were having about circuit breakers yesterday, if we find that we have a recurring failure at a certain number by default (in this case 10k), would it make sense to set a circuit breaker at that level sooner? Rather than wait on telemetry? |
The error might be coming from here:
|
Thanks @simianhacker ! :elasticheart: |
Kibana version:
main
Elasticsearch version:
main
Original install method (e.g. download page, yum, from source, etc.):
source
Describe the bug:
While working on a PR (#121904) to increase the composite size and performance improvements for the Metric Threshold rule type, I stumbled across an exception in the Kibana logs. It looks like there is a query that uses the number of Alerts as the size. When the number of alerts generated is over 10K it throws the following error:
Steps to reproduce:
EVENTS_PER_CYCLE
to50000
andPAYLOAD_SIZE
to10000
Expected behavior:
It should paginate the request by 10K and not throw an exception.
The text was updated successfully, but these errors were encountered: