Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Fleet] Agent logs UI #83356

Merged
merged 23 commits into from
Nov 20, 2020
Merged

[Fleet] Agent logs UI #83356

merged 23 commits into from
Nov 20, 2020

Conversation

jen-huang
Copy link
Contributor

@jen-huang jen-huang commented Nov 12, 2020
edited
Loading

Summary

Resolves #77189

  • Added new agent logs UI as Logs tab in agent details page that shows logs for that agent; the previous Activity log tab and related code was removed
  • The new logs UI uses Infra's <LogStream> component, controlled by a query bar, dropdown filters, and date picker
    • By default when user enters this UI, they will see all logs from the past 1 day from elastic_agent dataset
    • User can filter on any number of elastic_agent.* datasets to view logs from, the options are populated from existing logs data
    • User can filter on any number of log levels, the options are populated from existing logs data
    • The log entries shown does not update automatically with new data, the user will need to change their queries/filters/date range to update the entries, or click Apply in the Quick select interface of the date picker
    • When user clicks View in Logs, they will be taken to Logs UI with the current state of their view, that is: current agent ID + selected datasets + selected log levels + date picker range

Nov-12-2020 15-21-51

Development notes

  • Restructured plugin start dependencies to consolidate them, rename useCore to useStartServices and replace usage of useStartDeps (removed useSetupDeps that was never used)
  • Added additional flexbox styling to app layout so that page content takes up the full height between header and beta messaging, this was done so that the LogStream component can automatically expand to the available height
  • Moved some local APM typings to top-level x-pack/typings folder to resolve type check errors, the local APM module declarations are unreadable during x-pack/test type check due to some messy dependency trees 😭
    • cytoscape_dagre.d.ts and react_vis.d.ts were moved
    • x-pack/test/plugin_functional/plugins/resolver_test imports from -> x-pack/plugins/security_solution -> x-pack/plugins/fleet/public -> x-pack/plugins/infra/public (added in this PR) -> x-pack/plugins/infra/public
    • Attempting to install @types/react-vis failed with Unsupported URL Type "link:": link:../elastic-safer-lodash-set and @types/cytoscape-dagre doesn't exist, so moving the declaration files seemed to be the cleanest solution

Follow up work

Screenshots

image

image

image

@jen-huang jen-huang self-assigned this Nov 12, 2020
@jen-huang jen-huang changed the title [Fleet] Agent logs UI using [Fleet] Agent logs UI Nov 12, 2020
@jen-huang jen-huang added Feature:Fleet Fleet team's agent central management project release_note:enhancement Team:Fleet Team label for Observability Data Collection Fleet team v7.11.0 v8.0.0 labels Nov 12, 2020
@jen-huang
Copy link
Contributor Author

@elasticmachine merge upstream

@ph
Copy link
Contributor

ph commented Nov 16, 2020

@jen-huang You moved it to review, but it still in draft?

@jen-huang
Copy link
Contributor Author

jen-huang commented Nov 16, 2020
edited
Loading

@ph Yes, this PR is ready for review but it's in draft to avoid triggering codeowners for changes to /infra files that came from merging an outstanding LogStream bug fix (linked in description).

@ph
Copy link
Contributor

ph commented Nov 16, 2020

@EricDavisX @kevinlog FYI this should include endpoint log too.

@EricDavisX
Copy link
Contributor

@jen-huang is it too late to make any suggestions while you're in the code? It would be a slight step back for users who have very little Agent activity going on to have to select something to see the last activity (if it wasn't within the last 15 minutes) - could we show some special default 'hybrid' mode where we show up to 10 items or the last 15 minutes if there are more than 10? I know I may be asking you to change a UI component, lol, just citing a common use case that may have additional clicks in it now.

Also, would love to do an 'automation and feature coverage' review with you! We are finalizing a process guideline, I will send you the draft and we can chat it. Thank you.

@jen-huang
Copy link
Contributor Author

@EricDavisX Unfortunately the <LogStream> components requires finite start and end timestamps to load log entries from. Note that as long as the agent is connected to Fleet, we'll always get FleetGateway entries periodically by default. The quick select option of the date picker also makes it very easy to select a larger range:
image

I think it's worth discussing what a good default date range is, though. That is easy to change, I think Logs UI actually uses last 1 day by default. WDYT? cc @hbharding

@EricDavisX
Copy link
Contributor

I think 'last 1 Day' would suffice, thanks for the discourse

@EricDavisX EricDavisX mentioned this pull request Nov 17, 2020
Closed
16 tasks
@hbharding hbharding mentioned this pull request Nov 17, 2020
Open
@jen-huang jen-huang mentioned this pull request Nov 18, 2020
Merged
1 task
@jen-huang jen-huang force-pushed the ingest/agent-logstream branch from 062083f to c3325e7 Compare November 18, 2020 22:26
This was referenced Nov 18, 2020
Closed
Closed
@jen-huang jen-huang marked this pull request as ready for review November 18, 2020 22:42
@jen-huang jen-huang requested a review from a team as a code owner November 18, 2020 22:42
@jen-huang jen-huang requested a review from a team November 18, 2020 22:42
@elasticmachine
Copy link
Contributor

Pinging @elastic/ingest-management (Feature:Fleet)

smith
smith approved these changes Nov 18, 2020
View reviewed changes
Copy link
Contributor

@smith smith left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

APM changes look good.

@jasonrhodes
Copy link
Member

I'm not reviewing this but I just wanted to say that this looks amazing and it makes me very happy. :D

@nchaulet
Copy link
Member

I am curious to know a little more on the refactoring of useCore to useStartService what are the reasons behind?

@jen-huang
Copy link
Contributor Author

jen-huang commented Nov 19, 2020
edited
Loading

@nchaulet Good question, here are my reasons:

  1. Previously, we had useCore, useStartDeps, useSetupDeps. These are locked down to Kibana core, and Fleet's start and setup dependency plugins. For this PR, I needed to introduce a storage service that the data plugin component assumes is part of the KibanaContextProvider. This storage service is not part of Kibana core, nor is it an external plugin dependency. Combining the three into a single useStartServices allows us to instantiate services like these into our app context.
  2. I think it's not very important to differentiate between a service from core/start/setup from a dev view, we just want to get an outside service from "somewhere". Combining everything into useStartServices removes that overhead.
  3. While I was looking at how to get storage into the app context, I saw that this pattern of combining core/start/all other services is being used by other apps now: security solution example, visualize example

nchaulet
nchaulet approved these changes Nov 19, 2020
View reviewed changes
Copy link
Member

@nchaulet nchaulet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few comments but nothing really blocking, I tested locally working really well 🚀

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
fleet 418 433 +15

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
fleet 1.1MB 1.1MB +23.0KB

Distributable file count

id before after diff
default 42942 42943 +1

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
fleet 373.0KB 374.6KB +1.6KB

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@nchaulet nchaulet mentioned this pull request Nov 20, 2020
Merged
@jen-huang jen-huang merged commit a8913d3 into elastic:master Nov 20, 2020
@jen-huang jen-huang deleted the ingest/agent-logstream branch November 20, 2020 18:49
@jen-huang jen-huang mentioned this pull request Nov 20, 2020
Merged
jen-huang added a commit that referenced this pull request Nov 20, 2020
@jen-huang
[Fleet] Agent logs UI (#83356) (#83961)
68a916e 
* Initial agent log table

* Add data and storage services to Kibana context, rename useCore to useStartServices and replace usage of useStartDeps

* Initial attempt at adding query bar for log stream

* Adjust app layout to allow page content to be full height

* Dataset and log level filters, split into smaller files

* Use data plugin's `QueryStringInput` component for query bar

* Add open in Logs UI link

* Clean up unused storage dependency

* Remove agent activity log and related dead code

* Clean up i18n

* Clean up plugin deps, fix routing

* Add back storage dependency that data plugin components need

* Remove dependency on infra for logs UI link

* Change default date range to last one day

* Adjust panel padding

* Add comment

* Move module declarations to top-level x-pack/typings

* Fix missed renaming

* Remove unused path

* Move building of log stream query into separate service with unit tests

* Adjust test conditions
@jen-huang jen-huang mentioned this pull request Nov 23, 2020
Merged
@EricDavisX EricDavisX mentioned this pull request Nov 23, 2020
Closed
12 tasks
@amolnater-qasource amolnater-qasource mentioned this pull request Jan 27, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hbharding hbharding hbharding left review comments

@nchaulet nchaulet nchaulet approved these changes

@smith smith smith approved these changes

Assignees

@jen-huang jen-huang

Labels
Feature:Fleet Fleet team's agent central management project release_note:enhancement Team:Fleet Team label for Observability Data Collection Fleet team v7.11.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Fleet] Integrate the <LogStream /> component in the Agent details page.
9 participants
@jen-huang @ph @EricDavisX @elasticmachine @jasonrhodes @nchaulet @kibanamachine @smith @hbharding