diff --git a/packages/mongodb/changelog.yml b/packages/mongodb/changelog.yml index dfdaa14bd09..d6eb2cc2648 100644 --- a/packages/mongodb/changelog.yml +++ b/packages/mongodb/changelog.yml @@ -1,3 +1,8 @@ +- version: "1.23.0" + changes: + - description: Add alerting rule templates. + type: enhancement + link: https://github.com/elastic/integrations/pull/15866 - version: "1.22.0" changes: - description: Allow @custom pipeline access to event.original without setting preserve_original_event. diff --git a/packages/mongodb/kibana/alerting_rule_template/mongodb-cache-usage-high.json b/packages/mongodb/kibana/alerting_rule_template/mongodb-cache-usage-high.json new file mode 100644 index 00000000000..0d1fa38ce9d --- /dev/null +++ b/packages/mongodb/kibana/alerting_rule_template/mongodb-cache-usage-high.json @@ -0,0 +1,31 @@ +{ + "id": "mongodb-cache-usage-high", + "type": "alerting_rule_template", + "attributes": { + "name": "[MongoDB] WiredTiger cache pressure", + "tags": [ + "MongoDB" + ], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "1m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "esqlQuery": { + "esql": "// Alert when WiredTiger cache utilization exceeds 85% over the configured time window.\n// Aggregates per instance (service.address) using averaged cache stats.\nFROM metrics-mongodb.status-*\n| STATS cache_used=AVG(mongodb.status.wired_tiger.cache.used.bytes),\n cache_max=AVG(mongodb.status.wired_tiger.cache.maximum.bytes) BY service.address\n| WHERE cache_max > 0\n| EVAL cache_usage_pct = (cache_used / cache_max) * 100\n| WHERE cache_usage_pct > 85" + }, + "groupBy": "row", + "termSize": 5, + "timeField": "@timestamp" + }, + "alertDelay": { + "active": 1 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} diff --git a/packages/mongodb/kibana/alerting_rule_template/mongodb-connection-usage-high.json b/packages/mongodb/kibana/alerting_rule_template/mongodb-connection-usage-high.json new file mode 100644 index 00000000000..6be4812b5eb --- /dev/null +++ b/packages/mongodb/kibana/alerting_rule_template/mongodb-connection-usage-high.json @@ -0,0 +1,31 @@ +{ + "id": "mongodb-connection-usage-high", + "type": "alerting_rule_template", + "attributes": { + "name": "[MongoDB Availability] High connection usage", + "tags": [ + "MongoDB" + ], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "1m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "esqlQuery": { + "esql": "// Alert when current connections exceed 80% of total available capacity.\n// Aggregates average current/available connections per service.address.\nFROM metrics-mongodb.status-*\n| STATS current_conn=AVG(mongodb.status.connections.current),\n available_conn=AVG(mongodb.status.connections.available) BY service.address\n| EVAL total_conn = current_conn + available_conn\n| WHERE total_conn > 0\n| EVAL connection_usage_pct = (current_conn / total_conn) * 100\n| WHERE connection_usage_pct > 80" + }, + "groupBy": "row", + "termSize": 5, + "timeField": "@timestamp" + }, + "alertDelay": { + "active": 1 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} diff --git a/packages/mongodb/kibana/alerting_rule_template/mongodb-oplog-headroom-critical.json b/packages/mongodb/kibana/alerting_rule_template/mongodb-oplog-headroom-critical.json new file mode 100644 index 00000000000..7c7ae65b2c7 --- /dev/null +++ b/packages/mongodb/kibana/alerting_rule_template/mongodb-oplog-headroom-critical.json @@ -0,0 +1,31 @@ +{ + "id": "mongodb-oplog-headroom-critical", + "type": "alerting_rule_template", + "attributes": { + "name": "[MongoDB] Oplog headroom critically low", + "tags": [ + "MongoDB" + ], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "1m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "esqlQuery": { + "esql": "// Alert when oplog headroom drops below 15 minutes, risking replication stalls.\n// Guards against negative values and groups by replica set name.\nFROM metrics-mongodb.replstatus-*\n| STATS oplog_headroom_min=MIN(mongodb.replstatus.headroom.min) BY mongodb.replstatus.set_name\n| WHERE oplog_headroom_min IS NOT NULL\n| EVAL oplog_headroom_min = CASE(oplog_headroom_min >= 0, oplog_headroom_min, 0)\n| EVAL oplog_headroom_minutes = TO_DOUBLE(oplog_headroom_min) / 60.0\n| WHERE oplog_headroom_minutes < 15" + }, + "groupBy": "row", + "termSize": 5, + "timeField": "@timestamp" + }, + "alertDelay": { + "active": 1 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} diff --git a/packages/mongodb/kibana/alerting_rule_template/mongodb-replica-member-down.json b/packages/mongodb/kibana/alerting_rule_template/mongodb-replica-member-down.json new file mode 100644 index 00000000000..efd76febf25 --- /dev/null +++ b/packages/mongodb/kibana/alerting_rule_template/mongodb-replica-member-down.json @@ -0,0 +1,31 @@ +{ + "id": "mongodb-replica-member-down", + "type": "alerting_rule_template", + "attributes": { + "name": "[MongoDB] Replica member down", + "tags": [ + "MongoDB" + ], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "1m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "esqlQuery": { + "esql": "// Alert when replica sets report members in the down state within the configured time window.\n// Groups by replica set name to isolate environments.\nFROM metrics-mongodb.replstatus-*\n| STATS members_down=MAX(mongodb.replstatus.members.down.count) BY mongodb.replstatus.set_name\n| WHERE members_down > 0" + }, + "groupBy": "row", + "termSize": 5, + "timeField": "@timestamp" + }, + "alertDelay": { + "active": 1 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} diff --git a/packages/mongodb/kibana/alerting_rule_template/mongodb-replication-lag-high.json b/packages/mongodb/kibana/alerting_rule_template/mongodb-replication-lag-high.json new file mode 100644 index 00000000000..45c8aa73b6a --- /dev/null +++ b/packages/mongodb/kibana/alerting_rule_template/mongodb-replication-lag-high.json @@ -0,0 +1,31 @@ +{ + "id": "mongodb-replication-lag-high", + "type": "alerting_rule_template", + "attributes": { + "name": "[MongoDB] High replication lag", + "tags": [ + "MongoDB" + ], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "1m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "esqlQuery": { + "esql": "// Alert when maximum replication lag exceeds 10 seconds for any replica set.\n// Aggregates per replica set name.\nFROM metrics-mongodb.replstatus-*\n| STATS replication_lag=MAX(mongodb.replstatus.lag.max) BY mongodb.replstatus.set_name\n| WHERE replication_lag > 10" + }, + "groupBy": "row", + "termSize": 5, + "timeField": "@timestamp" + }, + "alertDelay": { + "active": 1 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} diff --git a/packages/mongodb/kibana/alerting_rule_template/mongodb-unhealthy-replica-members.json b/packages/mongodb/kibana/alerting_rule_template/mongodb-unhealthy-replica-members.json new file mode 100644 index 00000000000..0d6cc564394 --- /dev/null +++ b/packages/mongodb/kibana/alerting_rule_template/mongodb-unhealthy-replica-members.json @@ -0,0 +1,31 @@ +{ + "id": "mongodb-unhealthy-replica-members", + "type": "alerting_rule_template", + "attributes": { + "name": "[MongoDB] Unhealthy replica members", + "tags": [ + "MongoDB" + ], + "ruleTypeId": ".es-query", + "schedule": { + "interval": "1m" + }, + "params": { + "searchType": "esqlQuery", + "timeWindowSize": 5, + "timeWindowUnit": "m", + "esqlQuery": { + "esql": "// Alert when replica sets report unhealthy members during the window.\n// Groups by replica set name for clarity.\nFROM metrics-mongodb.replstatus-*\n| STATS unhealthy_members=MAX(mongodb.replstatus.members.unhealthy.count) BY mongodb.replstatus.set_name\n| WHERE unhealthy_members > 0" + }, + "groupBy": "row", + "termSize": 5, + "timeField": "@timestamp" + }, + "alertDelay": { + "active": 1 + } + }, + "managed": true, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} diff --git a/packages/mongodb/manifest.yml b/packages/mongodb/manifest.yml index 5f404a85eaf..a129f2ab432 100644 --- a/packages/mongodb/manifest.yml +++ b/packages/mongodb/manifest.yml @@ -1,6 +1,6 @@ name: mongodb title: MongoDB -version: "1.22.0" +version: "1.23.0" description: Collect logs and metrics from MongoDB instances with Elastic Agent. type: integration categories: @@ -11,10 +11,10 @@ icons: title: logo mongodb size: 32x32 type: image/svg+xml -format_version: "3.0.2" +format_version: "3.4.0" conditions: kibana: - version: "^8.13.0 || ^9.0.0" + version: "^8.19.0 || ^9.2.1" elastic: subscription: basic screenshots: diff --git a/packages/mongodb/validation.yml b/packages/mongodb/validation.yml new file mode 100644 index 00000000000..07c6efea4c7 --- /dev/null +++ b/packages/mongodb/validation.yml @@ -0,0 +1,3 @@ +errors: + exclude_checks: + - JSE00001