diff --git a/packages/azure_ai_foundry/changelog.yml b/packages/azure_ai_foundry/changelog.yml index a5a4a7b3c0a..85e1a577fc5 100644 --- a/packages/azure_ai_foundry/changelog.yml +++ b/packages/azure_ai_foundry/changelog.yml @@ -1,3 +1,8 @@ +- version: "0.7.0" + changes: + - description: Add Alerting Rule Templates. + type: enhancement + link: https://github.com/elastic/integrations/pull/15411 - version: "0.6.1" changes: - description: Update overview and guardrails dashboard panel to use donut chart and fix protected_material_code filter. diff --git a/packages/azure_ai_foundry/kibana/alerting_rule_template/azure_ai_foundry-latency-spike.json b/packages/azure_ai_foundry/kibana/alerting_rule_template/azure_ai_foundry-latency-spike.json new file mode 100644 index 00000000000..e55df02ca57 --- /dev/null +++ b/packages/azure_ai_foundry/kibana/alerting_rule_template/azure_ai_foundry-latency-spike.json @@ -0,0 +1,28 @@ +{ + "id": "azure_ai_foundry-latency-spike", + "type": "alerting_rule_template", + "attributes": { + "name": "[Azure AI Foundry] Latency high", + "tags": ["Azure AI Foundry"], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "5m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 10, + "timeWindowUnit": "m", + "esqlQuery": { + "esql": "// Alert triggers when the response latency exceeds the recommended threshold value {5000ms} within the look back time window.\n// The alert is grouped by Model Deployment Name.\n// You can adjust the threshold value by modifying the time_to_response in the WHERE clause, which is specified in milliseconds.\nFROM metrics-azure.ai_foundry-default\n| KEEP azure.ai_foundry.time_to_response.avg, azure.dimensions.model_deployment_name, @timestamp\n| WHERE azure.dimensions.model_deployment_name IS NOT NULL\n| STATS time_to_response = MAX(azure.ai_foundry.time_to_response.avg) BY azure.dimensions.model_deployment_name\n| WHERE time_to_response > 5000\n| EVAL time_to_response = ROUND(time_to_response, 2)\n| SORT time_to_response DESC" + }, + "groupBy": "row", + "timeField": "@timestamp" + }, + "alertDelay": { + "active": 2 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} \ No newline at end of file diff --git a/packages/azure_ai_foundry/kibana/alerting_rule_template/azure_ai_foundry-model-availability.json b/packages/azure_ai_foundry/kibana/alerting_rule_template/azure_ai_foundry-model-availability.json new file mode 100644 index 00000000000..65c6be4dc06 --- /dev/null +++ b/packages/azure_ai_foundry/kibana/alerting_rule_template/azure_ai_foundry-model-availability.json @@ -0,0 +1,28 @@ +{ + "id": "azure_ai_foundry-model-availability", + "type": "alerting_rule_template", + "attributes": { + "name": "[Azure AI Foundry] Model Availability above threshold", + "tags": ["Azure AI Foundry"], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "5m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 10, + "timeWindowUnit": "m", + "esqlQuery": { + "esql": "// Alert triggers when the model availability is less than the recommended threshold value {99%} within the look back time window.\n// The alert is grouped by Model Deployment Name.\n// You can adjust the threshold value by modifying the model_availability in the WHERE clause, which is specified in percent.\nFROM metrics-azure.ai_foundry-default\n| KEEP azure.ai_foundry.model_availability_rate.avg, azure.dimensions.model_deployment_name, @timestamp\n| WHERE azure.dimensions.model_deployment_name IS NOT NULL\n| STATS model_availability = MIN(azure.ai_foundry.model_availability_rate.avg) * 100 BY azure.dimensions.model_deployment_name\n| WHERE model_availability < 99\n| EVAL model_availability = ROUND(model_availability, 2)\n| SORT model_availability ASC" + }, + "groupBy": "row", + "timeField": "@timestamp" + }, + "alertDelay": { + "active": 3 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} \ No newline at end of file diff --git a/packages/azure_ai_foundry/kibana/alerting_rule_template/azure_ai_foundry-provisioned-utilization.json b/packages/azure_ai_foundry/kibana/alerting_rule_template/azure_ai_foundry-provisioned-utilization.json new file mode 100644 index 00000000000..798823574eb --- /dev/null +++ b/packages/azure_ai_foundry/kibana/alerting_rule_template/azure_ai_foundry-provisioned-utilization.json @@ -0,0 +1,28 @@ +{ + "id": "azure_ai_foundry-provisioned-utilization", + "type": "alerting_rule_template", + "attributes": { + "name": "[Azure AI Foundry] Provisioned Utilization above threshold", + "tags": ["Azure AI Foundry"], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "5m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 10, + "timeWindowUnit": "m", + "esqlQuery": { + "esql": "// Alert triggers when the provisioned utilization exceeds the recommended threshold value {85%} within the look back time window.\n// The alert is grouped by Model Deployment Name.\n// You can adjust the threshold value by modifying the provisioned_utilization in the WHERE clause, which is specified in percent.\nFROM metrics-azure.ai_foundry-default\n| KEEP azure.ai_foundry.provisioned_utilization.avg, azure.dimensions.model_deployment_name, @timestamp\n| WHERE azure.dimensions.model_deployment_name IS NOT NULL\n| STATS provisioned_utilization = MAX(azure.ai_foundry.provisioned_utilization.avg) * 100 BY azure.dimensions.model_deployment_name\n| WHERE provisioned_utilization > 85\n| EVAL provisioned_utilization = ROUND(provisioned_utilization, 2)\n| SORT provisioned_utilization DESC" + }, + "groupBy": "row", + "timeField": "@timestamp" + }, + "alertDelay": { + "active": 2 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} \ No newline at end of file diff --git a/packages/azure_ai_foundry/manifest.yml b/packages/azure_ai_foundry/manifest.yml index a83678a34da..e1865b455d3 100644 --- a/packages/azure_ai_foundry/manifest.yml +++ b/packages/azure_ai_foundry/manifest.yml @@ -1,7 +1,7 @@ -format_version: 3.3.2 +format_version: 3.4.0 name: azure_ai_foundry title: "Azure AI Foundry" -version: "0.6.1" +version: "0.7.0" source: license: "Elastic-2.0" description: "Collects Azure AI Foundry logs and metrics" @@ -14,7 +14,7 @@ categories: - security conditions: kibana: - version: "^9.0.0" + version: "^9.2.1" elastic: subscription: "basic" vars: