Add Alert Management Alert table to database
Problem to solve
As stated in the parent epic, processing alerts during a fire-fight requires responders to coordinate across multiple tools to evaluate different data sources. All of this is manual work that is time-consuming and challenging which leads to alert fatigue, increased stress, and low morale. A single interface that aggregate IT alerts will streamline triage workflows and shorten time to find root causes. The first step in building this interface is to add alerts to the database so that they can be surfaced in GitLab.
Intended Users
Further details
This work supports the direction of the Alert Management product category.
Proposal
Create a new database table called Alerts. Table needs to include the following columns: (assigned engineer can propose different columns as they see fit)
- ID (should be a big int)
- IID (Internal ID - unique per project)
- Alert (= title) (this is the description/summary/title etc)
- Fields we are expecting as a part of generic alerts:
- title
- description
- service
- monitoring_tool
- host
- issue_id - (Will be used for linking GitLab issues with alerts) (A new discussion starts here)
- project_id (NOT NULL)-
We probably need a(We have to haveproject_id
field, that can help to query large tables. (TODO: Add link to GitLab best practices here)project_id
because should filter alerts by project, and not every alert will haveissue_id
) - Severity
- Start time
- End time
- Events
- Status
- Fingerprint - (It will be used to identify alert uniqueness for grouping and auto-resolving. Check the spike issue for more details.)
- Payload (this is the json blob for the alert) (Why JSONB? See Peter's suggestion here)
Indexes
The columns which will be used for sorting and filtering should have indexes. Those fields (based on the mockup) are:
- Severity
- Start time
- End time
- Alert (title)
- Events
- Status
- Fingerprint
- issue_id
- project_id