* Revert "[Infra UI] Clean up Docker and Kubernetes fields for ECS (#31175)"
This reverts commit cb3dad1317.
* Revert "[Infra UI] Fixing group by labels by fixing the field names (post ECS migration) (#30416) (#31012)"
This reverts commit 6bd74e0abd.
* Revert "[Infra UI] ECS Migration (#28205) (#29965)"
This reverts commit fe9748583e.
* Fixing tests
* Fixing tests
* Adding test data for docker and some basic sanity checks to ensure ids and names work correctly with real data
* updating fields
* Migrate to ESC event.dataset
* Migragte fields to ECS fields
* renaming variable
* Reverting back to host.name
* Changing from Top Hits to Terms Agg for getting node name; change host.name back to host.hostname for name.
* Changing back to host.name
* Moving from using the document source to an aggregation for node name
* Updating tests with new data format and data.
* removing unused fields
* adding test data for docker 6.6.0
* Adding docker tests for 6.6.0
* Fixing jest tests
* Fixing tests
* Adding the most critical line of code in the entire project
* Fix ECS-compatible apache rules and restore old ones
* Fix ECS-compatible nginx rules and restore old ones
* Add tests for apache2 in ECS and pre-ECS format
* Add tests for nginx in ECS and pre-ECS format
* removing console.log
* Fixing tests
This adds a configuration UI to change various properties of an infrastructure data source. The properties that can be currently changed are:
* name
* index pattern for metrics
* index pattern for logs
* fields like the timestamp, container/host/pod identification
It is meant as a basis for providing configurability for other source properties like outgoing links and formatting rules in the future.
* Addding initial table implimentation
* Moving waffle map to seperate component; adding contextual menu to nodes; adding filter to groups; adding pagination; adding sorting
* Fixing EUI types for EuiInMemoryTable to work for EVERYONE
* Adding server plugin for tslint for VIM; Fixing tests
* Adding the view switcher
* removing dependency
* updating yarn.lock
* Change padding to use EUI rules
* Rename waffle/index to nodes_overview; move table to nodes_overview
* Adding missed files in last commit
* Adding textOnly to the columns that need special truncation because they are buttons
* Fixed an error in the merge
* Fixing merge issues
* Adding flyout to log viewer
* Adding filtering
* Fixing typescript errors
* Adding a test for graphql; fixing test data for 7.0.0
* Adding terminate_after:1 to logItem request
* fixing test data
* Switching back to old data
* Fixing data for tests
* Adding i18n translations
* changing label from add to set
* Make flyout call more robust; fixing typings
* Adding loading screen to flyout
* Fixing linting errors
* Update x-pack/plugins/infra/public/components/logging/log_flyout.tsx
Co-Authored-By: simianhacker <chris@chriscowan.us>
* Fixing visible mis-spelling
* Fixing types
* Change withLogFlyout to be conditional; Add icon instead of onClick for flyout
* Adding dark mode support
* Adding user-select:none to icon div
* Removing remnants of a failed experiment
* Adding aria-label to view details button
* Fixing padding on date element
* Removing unused variable that somehow got past the linters
* Fixing empty_kibana
* Fixing data for infra
* Fixing merge weirdness
* [Infra UI] Add Support for Grouping By Custom Field
* fixiing typescript errors
* Serializing custom options to url so they persist accross reloads
* Fixing more errors
* removing label; moving custom field to top of menu
* fixing typescript error
* Adding intl formatMessage to strings
* Updates to format
* Uppercasing Syslog
* Change prefixes for syslog to system
Co-Authored-By: simianhacker <chris@chriscowan.us>
* Change prefixes for syslog to system
Co-Authored-By: simianhacker <chris@chriscowan.us>
* Change prefixes for syslog to system
Co-Authored-By: simianhacker <chris@chriscowan.us>
* Change prefixes for syslog to system
Co-Authored-By: simianhacker <chris@chriscowan.us>
Previously, the Logs UI assumes that the index mapping of the logs indices has a default date format including `epoch_millis` configured for the timestamp field. If that is not the case queries can fail, leaving parsing exceptions in the Elasticsearch logs.
This PR fixes the Elasticsearch queries related to the Logs UI to explicitly specify the `epoch_millis` format for date range queries and aggregations.
fixeselastic/kibana#27554
* Adding AuditD rules for SYSCALL and MAC_IPSEC_EVENT events
* Adding catch all rule
* Adding catchall for events without msg
* Adding boolean to LogEntryDocumentFields
* Standardizing prefix format
* Adding id and name to metadata response
* Adding name to response
* update to types
* Adding support for displayNames to waffle map
* fixing a bug when _source is missing
* Fixing tests
* making the metadata response manditory
* Fixes from PR review
* Fixing typing errors related to displayName being required part of path
* Changing 'Loading data for xxx' to 'Loading data'
* Changing InfraNodePath.displayName to InfraNodePath.label
* Change groups to use the label instead of value
* Fixing merge changes
