* eui to 18.2.2
* Homepage adjustment to match new icons
* Homepage adjustment to match new icons
* i18n fix
* i18n fix
Co-authored-by: dave.snider@gmail.com <dave.snider@gmail.com>
* [SIEM] Overview page feedback (#56261)
## [SIEM] Overview page feedback
Implements feedback and fixes to the Overview page
### Overview (default theme)
### Overview (dark theme)
## Highlights
* The new order of widgets is Signals, Alerts, Events, Host Events, Network events, per https://github.com/elastic/siem-team/issues/494
* Changed the default `External alerts count` `Stack by` to `event.module` https://github.com/elastic/siem-team/issues/491
* Added `event.module` to the `Events count` histogram https://github.com/elastic/siem-team/issues/491
* Widget titles will no longer include the currently selected `Stack by option`. The widgets will use the same static title text that appears on the other pages (i.e.. `Signals count`, `External alerts count`, and `Events count`) https://github.com/elastic/siem-team/issues/491
* The `Signals count` includes a `Stack by` that defaults to `signal.rule.threat.tatic.name`
* Standardized on a 300px widget height for all histograms in the app (thanks @MichaelMarcialis for paring on this!)
* The `Open as duplicate timeline` action is `Recent timelines` is now only shown when hovering over a recent timeline
## Loading States
* The `Recent timelines` and `Security news` widgets now use the horizontal bar loading indicator
* The `Host events` and `Network events` widgets now use the horizontal bar loading indicator
* The `Host events` and `Network events` Showing _n_ events subtitles are now hidden on initial load
* The counts in the `Host events` and `Network events` Showing _n_ events subtitles are now hidden on initial load
* We no longer hide some histogram subtitles after initial load, to prevent shifting of content when a user makes a `Stack by` selection
## News Feed Error State
* Fixed an issue where the `Security news` header was hidden when an invalid URL is configured
* Added a space between the word `via` and the `SIEM advanced settings` link
* Removed the capital “N” from "News" in the error message
## Misc Visual Changes
* Fixed text truncation of the `Severity` column in the `Detections` page's `Signals` table
* Added the “showing” subtitle to the `Signals count` histogram on the Detections page
* Increased the `Stack by` histogram selector and the `View signals | alerts | events' buttons from 8 to 24px
* Tweaked the border rendering in the Overview `Host Events` and `Network events` widget headers
* Added 8px of spacing between the Overview `Host Events` and `Network events` widget accordion headers and their contents
* Fixed an issue where the `Host events` and `Networ events` widgets didn't render in ie11 https://github.com/elastic/siem-team/issues/499
## Non-Visual Fixes
* Removed an incorrect usage of `usememo`
* Removed the placeholder client-side username query from `x-pack/legacy/plugins/siem/public/components/recent_timelines/index.tsx`
* Updated the query of the Overview `Host events` widget to filter by "host.name exists"
* Updated the query of the Overview `Network events` widget to filter by "source.ip exists or destination.ip : exists"
* Removed the following unused translations that were failing the i18n Compatibility Checks:
```
xpack.siem.overview.alertsCountByTitle
xpack.siem.overview.eventsCountByTitle
xpack.siem.overview.signalsByCategoryTitle
```
The following files were updated:
* `x-pack/plugins/translations/translations/zh-CN.json`
* `x-pack/plugins/translations/translations/ja-JP.json`
* An exception when refreshing fields of an selected index pattern caused Discover to load incompletely
* Remove throw Exception code
* Add index ID + Title to the error message
## [SIEM] Overview Page "1.5"
A redesigned SIEM Overview page that includes `Recent timelines`, a `Security news` feed, visualizations, and rolled-up event counts
### Overview enhancements
- Added the global Search bar and Date picker to the Overview page
- New `Recent timelines` widget affords quick access to favorite and recently modified timelines
- New `Security news` widget
- New Kibana advanced settings (toggle switch) for enabling or disabling the news widget and configuring the news URL
- New `Events count by dataset` widget
- Updated the `Host Events` and `Network Events` widgets to integrate with the Search bar and date picker input
- Enhanced the `Host Events` and `Network Events` widgets to use an accordion paradigm that summarizes stats by source (e.g. `Auditbeat`, `Endgame`)
- Enhanced the `Host Events` and `Network Events` widgets to visualize relative percentages of events collected as progress bars
- New `Alerts count by category` widget
- New `Signals count by MITRE ATT&CK™ category` widget
- New `View events`, `View alerts`, and `View signals` navigation buttons for their respective visualizations
### FTUE enhancements
- FTUE "no data" view design refresh
- When the FTUE "no data" page is displayed, hide all global navigation links (i.e. `Hosts`, `Network`, `Detection engine`), such that only `Overview` appears in the global nav
- App Help popover design refresh
- Removed the `Beta` badge and `Security Information & Event Management with the Elastic Stack` from the Overview header
- Tested in Chrome `79.0.3945.117`, Firefox `72.0.1`, and Safari `13.0.4`
## Known issues
- The `siem:newsFeedUrl` advanced setting is defaulted to `https://feeds.elastic.co/kibana`
- The `Signals count by MITRE ATT&CK™ category` visualization does not display all categories
- The `Signals count by MITRE ATT&CK™ category` visualization may require a different index pattern
- `EuiButtonGroup` throwing a `Can't perform a React state update on an unmounted component` warning when switching from the Overview tab
https://github.com/elastic/siem-team/issues/484
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Today, apps rely on AppState and GlobalState in the ui/state_management module to deal with internal (app) and shared (global) state. These classes give apps an ability to read/write state, when is then synced to the URL as well as sessionStorage. They also react to changes in the URL and automatically update state & emit events when changes occur.
This PR introduces new state synching utilities, which together with state containers src/plugins/kibana_utils/public/state_containers will be a replacement for AppState and GlobalState in New Platform.
Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* [ML] Display anomaly actual in chart tooltip when model plot enabled
* [ML] Fixes translations for chart tooltip fixes
* [ML] Edits to chart tooltip div following review
This PR optimizes both the snapshot component and the monitor list on the overview page by using the new monitor.timespan field from elastic/beats#14778. Note that the functionality here will work with heartbeats lacking that patch, but the performance improvements will be absent.
This PR adapts the snapshot tests to use synthetically generated data which should be easier to maintain. As a result some of that code is refactored as well.
See #52433 parent issue as well.
* Update button styles, page panel and page title
* Add getJobCreatorTitle function for human readable job type name
* Add formatMessage to Create job title
* Fix translation test
* Update tests
* Add a new platform embeddable example plugin
* Remove extra hello world test impl.
* cleanup
* code review updates
* Change example to highlight and have parent filter out children
* Fix deep comparison of embeddable prop
* adjust help text
* Adding initial code for EC2
* Removing obsolute files; Adding EC2;
* Removing currentTimerange and replacing it with currentTime; Timerange will now be calcuated on the server
* Fixing AWS.s3 with Metrics Explorer
* Auto calculating timerange and interval based on metricset.period
* Adding S3 metricset
* Inital addition of RDS metrics
* Adding SQS and fixing a few things
* Fixing typescript error
* Adding RDS; Adjusting fields for S3; adding new formatter
* Return 60 seconds by detault
* Fixing types
* Removing i18n
* Fixing tests
* Fixing translations
* Fixes from merge
* Removing IDX from code not covered by #52354
* fixing tests
* Adding controls for crossliking; consolidating display name
* remove obsolete import
* Adding drop_last_bucket_support to TSVB models
* Changing type
* Fixing value per type
* remvoing obsolete translation
* Removing duplicate lines
* Removing icons from switcher
* Reducing boilerplate in Toolbar Items
* Changing file name
* wip: create classification results page + table and evaluate panel
* enable view link for classification jobs
* wip: fetch classification eval data
* wip: display confusion matrix in datagrid
* evaluate panel: add heatmap for cells and doc count
* Update use of loadEvalData in expanded row component
* Add metric type for evaluate endpoint and fix localization error
* handle no incorrect prediction classes case for confusion matrix. remove unused translation
* setCellProps needs to be called from a lifecycle method - wrap in useEffect
* TypeScript improvements
* fix datagrid column resize affecting results table
* allow custom prediction field for classification jobs
* ensure values are rounded correctly and add tooltip
* temp workaroun for datagrid width issues
