* Throw an error to stop execution if IM rule has exceeded its interval
* Extract and unit test our timeout validation
* Add integration test around timeout behavior
Configures a very slow rule to trigger a timeout and assert the
corresponding failure.
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
**Ticket:** https://github.com/elastic/kibana/issues/107068
**Follow-up after:** https://github.com/elastic/kibana/pull/114585
## Summary
The existing migration function `legacyMigrateRuleAlertIdSOReferences` that migrates `alertId` fields to SO references array did not include all the other attributes of a `siem-detection-engine-rule-status` doc being migrated to the resulting doc.
This PR includes a fix and an integration test for that.
## Run the test
To run the test, in one terminal execute:
```
cd ${KIBANA_HOME} && node scripts/functional_tests_server --config x-pack/test/detection_engine_api_integration/security_and_spaces/config.ts
```
In another terminal execute:
```
cd ${KIBANA_HOME} && node scripts/functional_test_runner --config x-pack/test/detection_engine_api_integration/security_and_spaces/config.ts --include=x-pack/test/detection_engine_api_integration/security_and_spaces/tests/migrations.ts
```
### Checklist
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
This creates an APM API endpoint that fetches data for the latency distribution chart in the trace samples tab on the transactions page. Previously, this data was fetched via the custom Kibana search strategies used for APM Correlations which causes issues in load balancing setups.
* [Snapshot % Restore] Added server side pagination and sorting to get snapshots route, refactored snapshots table to use EuiBasicTable with controlled pagination instead of EuiInMemoryTable
* [Snapshot & Restore] Added server side sorting by shards and failed shards counts
* [Snapshot & Restore] Fixed i18n errors
* [Snapshot & Restore] Added server side sorting by repository
* [Snapshot & Restore] Implemented server side search request for snapshot, repository and policy name
* [Snapshot & Restore] Fixed eslint errors
* [Snapshot & Restore] Removed uncommented code
* [Snapshot & Restore] Fixed pagination/search bug
* [Snapshot & Restore] Fixed pagination/search bug
* [Snapshot & Restore] Fixed text truncate bug
* [Snapshot & Restore] Fixed non existent repository search error
* Update x-pack/plugins/snapshot_restore/public/application/sections/home/snapshot_list/components/snapshot_search_bar.tsx
Co-authored-by: CJ Cenizal <cj@cenizal.com>
* Update x-pack/plugins/snapshot_restore/public/application/sections/home/snapshot_list/components/snapshot_empty_prompt.tsx
Co-authored-by: James Rodewig <40268737+jrodewig@users.noreply.github.com>
* [Snapshot & Restore] Fixed missing i18n and no snapshots callout
* [Snapshot & Restore] Moved "getSnapshotSearchWildcard" to a separate file and added unit tests
* [Snapshot & Restore] Added api integration tests for "get snapshots" endpoint (pagination, sorting, search)
* [Snapshot & Restore] Renamed SnapshotSearchOptions/SnapshotTableOptions to -Params and added the link to the specs issue
* [Snapshot & Restore] Fixed search wildcard to also match string in the middle of the value, not only starting with the string. Also updated the tests following the code review suggestions to make them more readable.
* [Snapshot & Restore] Added incremental search back to snapshots list and a debounce of 500ms
* [Snapshot & Restore] Updated snapshot search debounce value and extracted it into a constant
* [Snapshot & Restore] Renamed debounceValue to cachedListParams and added a comment why debounce is used
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: CJ Cenizal <cj@cenizal.com>
Co-authored-by: James Rodewig <40268737+jrodewig@users.noreply.github.com>
* Replacing EuiPopover with EuiComboBox
* The combobox will help alleviate issues when the list of options is very long
* Refactoring the Combobox to listen for change events
* Added an onChange handler
* Renamed the method to render the combobox
* Commented out additional blocks of code before final refactor
* Finished refactoring the Request Selector to use EUI Combobox
* Removed three helper methods for the EUIPopover.
* `togglePopover()`
* `closePopover()`
* `renderRequestDropdownItem()`
* Removed the local state object and interface (no longer needed)
* Renamed the const `options` to `selectedOptions` in `handleSelectd()`
method to better reflect where the options array was coming from.
* Updating tests and translations
* Fixed the inspector functional test to use comboBox service
* Removed two unused translations
* Updating Combobox options to pass data-test-sub string
* Updated two tests for Combobox single option
* Updated the test expectations to the default string
* Both tests were looking for a named string instead of a default
message
* Adding error handling to Inspector combobox
* Checking for the item status code
* Adding a " (failed)" message if the status code returns `2`
* Updating test to look for "Chart_data" instead of "Chartdata"
* Updating two tests to validate single combobox options
* Added helper method to check default text against combobox options
* Added helper method to get the selected combobox option
* Checking two inspector instances using helpers
* Adding a defensive check to helper method.
* Correct a type error in test return
* Adding back translated failLabel
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Nathan L Smith <smith@nlsmith.com>
* [Lens] fix filters not being cleaned
* Update lens_slice.ts
* types
* do not reset persistedDoc on load
* [Lens] functional test for query, filters and time range
* snapshot update
* fix flakiness
* fix getting filters from refs
* simplify tests
* confirm modal
* Update persistent_context.ts
* load the file above
* Update persistent_context.ts
* shorten c4
* flaky test
* fix geo_field changing index pattern, remove non used data view
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
## Summary
Resolves (a portion of) https://github.com/elastic/kibana/issues/107068 for the `siem-detection-engine-rule-status` type by migrating the `alertId` to be within the `SO references[]`. Based on: https://github.com/elastic/kibana/pull/113577
* Migrates the legacy `siem-detection-engine-rule-status` `alertId` to saved object references array
* Adds an e2e test for `siem-detection-engine-rule-status`
* Breaks out `siem-detection-engine-rule-status` & `security-rule` SO's to their own dedicated files/directories, and cleaned up typings/imports
Before migration you can observe the existing data structure of `siem-detection-engine-rule-status` via Dev tools as follows:
```
GET .kibana/_search
{
"size": 10000,
"query": {
"term": {
"type": {
"value": "siem-detection-engine-rule-status"
}
}
}
}
```
``` JSON
{
"_index" : ".kibana-spong_8.0.0_001",
"_id" : "siem-detection-engine-rule-status:d580f1a0-2afe-11ec-8621-8d6bfcdfd75e",
"_score" : 2.150102,
"_source" : {
"siem-detection-engine-rule-status" : {
"alertId" : "d62d2980-27c4-11ec-92b0-f7b47106bb35", <-- alertId which we want in the references array and removed
"statusDate" : "2021-10-12T01:50:52.898Z",
"status" : "failed",
"lastFailureAt" : "2021-10-12T01:50:52.898Z",
"lastSuccessAt" : "2021-10-12T01:18:29.195Z",
"lastFailureMessage" : "6 minutes (385585ms) were not queried between this rule execution and the last execution, so signals may have been missed. Consider increasing your look behind time or adding more Kibana instances. name: \"I am the Host who Names!\" id: \"d62d2980-27c4-11ec-92b0-f7b47106bb35\" rule id: \"214ccef6-e98e-493a-98c5-5bcc2d497b79\" signals index: \".siem-signals-spong-default\"",
"lastSuccessMessage" : "succeeded",
"gap" : "6 minutes",
"lastLookBackDate" : "2021-10-07T23:43:27.961Z"
},
"type" : "siem-detection-engine-rule-status",
"references" : [ ],
"coreMigrationVersion" : "7.14.0",
"updated_at" : "2021-10-12T01:50:53.404Z"
}
}
```
Post migration the data structure should be updated as follows:
``` JSON
{
"_index": ".kibana-spong_8.0.0_001",
"_id": "siem-detection-engine-rule-status:d580f1a0-2afe-11ec-8621-8d6bfcdfd75e",
"_score": 2.1865466,
"_source": {
"siem-detection-engine-rule-status": {
"statusDate": "2021-10-12T01:50:52.898Z", <-- alertId is no more!
"status": "failed",
"lastFailureAt": "2021-10-12T01:50:52.898Z",
"lastSuccessAt": "2021-10-12T01:18:29.195Z",
"lastFailureMessage": "6 minutes (385585ms) were not queried between this rule execution and the last execution, so signals may have been missed. Consider increasing your look behind time or adding more Kibana instances. name: \"I am the Host who Names!\" id: \"d62d2980-27c4-11ec-92b0-f7b47106bb35\" rule id: \"214ccef6-e98e-493a-98c5-5bcc2d497b79\" signals index: \".siem-signals-spong-default\"",
"lastSuccessMessage": "succeeded",
"gap": "6 minutes",
"lastLookBackDate": "2021-10-07T23:43:27.961Z"
},
"type": "siem-detection-engine-rule-status",
"references": [
{
"id": "d62d2980-27c4-11ec-92b0-f7b47106bb35", <-- previous alertId has been converted to references[]
"type": "alert",
"name": "alert_0"
}
],
"migrationVersion": {
"siem-detection-engine-rule-status": "7.16.0"
},
"coreMigrationVersion": "8.0.0",
"updated_at": "2021-10-12T01:50:53.406Z"
}
},
```
#### Manual testing
---
There are e2e tests but for any manual testing or verification you can do the following:
##### Manual upgrade test
If you have a 7.15.0 system and can migrate it forward that is the most straight forward way to ensure this does migrate correctly. You should see that the `Rule Monitoring` table and Rule Details `Failure History` table continue to function without error.
##### Downgrade via script and test migration on kibana reboot
If you have a migrated `Rule Status SO` and want to test the migration, you can run the below script to downgrade the status SO then restart Kibana and observe the migration on startup.
Note: Since this PR removes the mapping, you would need to [update the SO mapping](https://github.com/elastic/kibana/pull/114585/files#r729386126) to include `alertId` again else you will receive a strict/dynamic mapping error.
```json
# Replace id w/ correct Rule Status SO id of existing migrated object
POST .kibana/_update/siem-detection-engine-rule-status:d580ca91-2afe-11ec-8621-8d6bfcdfd75e
{
"script" : {
"source": """
ctx._source.migrationVersion['siem-detection-engine-rule-status'] = "7.15.0";
ctx._source['siem-detection-engine-rule-status'].alertId = ctx._source.references[0].id;
ctx._source.references.remove(0);
""",
"lang": "painless"
}
}
```
Restart Kibana and now it should be migrated correctly and you shouldn't see any errors in your console. You should also see that the `Rule Monitoring` table and Rule Details `Failure History` table continue to function without error.
### Checklist
Delete any items that are not applicable to this PR.
- [ ] ~[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials~
- [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
### For maintainers
- [x] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [Alerting] Active alerts do not recover after re-enabling a rule
* created reusable lib file for generating event log object
* comment fix
* fixed tests
* fixed tests
* fixed typecheck
* fixed due to comments
* Apply suggestions from code review
Co-authored-by: ymao1 <ying.mao@elastic.co>
* fixed due to comments
* fixed due to comments
* fixed due to comments
* fixed tests
* Update disable.ts
* Update disable.ts
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: ymao1 <ying.mao@elastic.co>
## Summary
During the work here: https://github.com/elastic/kibana/pull/113577
I accidentally have introduced a bug where on migration I was deleting the attributes of `ruleThrottle` and `alertThrottle` because I was not using splat correctly.
Added unit and e2e tests to fix this.
### Checklist
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
* adds support for saved object based ml models
* adds es asset type and ml model install handler
* wip: handle top level pipeline install
* remove unnecessary mlModel savedObject type
* add package manifest license check
* get modelid from model path
* add fleet api test for ml model
* replace test mlModel for api test with smaller test model
* cleanup install/remove and ensure pipelines are retained when upgrading
* fix types - update test model id
* fix types
* remove hard coded ml category and check top level pipeline on upgrade
* update ml model test file
* ensure deduplicated asset refs are saved
* Fix api integration update test
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Nicolas Chaulet <nicolas.chaulet@elastic.co>
* 🐛 Add padding to the tick label to fit threshold markers
* 🐛 Better icon detection
* 🐛 Fix edge cases with no title or labels
* 📸 Update snapshots
* ✨ Make threshold fit into view automatically
* 🐛 do not compute axis threshold extends if no threshold is present
* ✅ One more fix for 0-based extends and tests
* ✨ Add icon placement flag
* ✨ Sync padding computation with marker positioning
* ✨ compute the default threshold based on data bounds
* 🐛 fix duplicate suggestion issue + missing over time
* 👌 Make disabled when no icon is selected
* ✨ First text on marker implementation
* 🐛 Fix some edge cases with auto positioning
* Update x-pack/plugins/lens/public/xy_visualization/xy_config_panel/threshold_panel.tsx
Co-authored-by: Michael Marcialis <michael@marcial.is>
* 🐛 Fix minor details
* 💄 Small tweak
* ✨ Reduce the padding if no icon is shown on the axis
* 🐛 Fix color fallback for different type of layers
* ✅ Fix broken unit tests
* 🐛 Fix multi layer types issue
* ✅ Fix test
* ✅ Fix other test
* 💄 Fix vertical text centering
* ✨ Rename to reference lines + few fixes
* 🚨 Fix linting issue
* 🐛 Fix issue
* 🐛 Fix computation bug for the initial static value
* ✅ Add new suite of test for static value computation
* 💄 Reorder panel inputs
* 💄 Move styling to sass
* 📝 Keeping up with the renaming
* ✅ Fix functional tests after renaming
* 🐛 Fix duplicate arg from conflict resolution
* 👌 Integrate some follow up feedback
* 📝 Fix typo
* 👌 Integrate feedback
* 🐛 Fix the quick functions transition bug
* 🐛 Fix label issue when updating value
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Michael Marcialis <michael@marcial.is>
* [RAC] create functional tests for add to case
* use observability test helpers for user creation
* basic tests for add to case options
* add two more cases
* test case for clicking on add to new case button
* remove unused expect statement
* clicking on add to existing case should open a modal
* move add to case functionality in a separate file
* address comments in the PR review
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* Adding execution duration to get alert instance summary
* Showing execution duration on rule details view
* Fixing unit tests
* Updating to match new mockup
* Fixing types
* Fixing functional test
* Removing unneeded max and min and adding tests
* Removing unneeded max and min and adding tests
* Fixing functional test
* Adding left axis
* PR feedback
* Reducing chart height
* PR feedback
* PR feedback
* PR feedback
* fixing throughput chart api
* change backends
* adding intervalString to the observability callback functions
* fixing transaction group detailed stats
* fixing tests
* fixing test
* fixing obs tests
* fixing tests
* adding tests
* fixing ci
* using data generator
* changing name
* fixing i18n
* updating opbs test to use data generator
* fixing api tests
* fixing tests
* using data generator to run the tests
* fixing tests
* fixing test
* 🐛 First attempt to close the inspector automatically on app unmount
* 👌 Integrate feedback
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
* [Reporting] Functional test structure & improvements
* show the error of the report generation failure in the test failure
* update snapshot
* remove import to non-existent functional app test
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
