github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-22 08:49:27 -04:00
Code Issues Projects Releases Packages Wiki Activity
70331 commits 433 branches 496 tags 22 GiB
Commit graph

28598 commits

Author SHA1 Message Date
Tim Sullivan
3657395805
[8.12] [Reporting] update logs and docs on headless browser connection (#179882) (#179951) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Reporting] update logs and docs on headless browser connection
(#179882)](https://github.com/elastic/kibana/pull/179882)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Tim
Sullivan","email":"tsullivan@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-04-03T15:15:12Z","message":"[Reporting]
update logs and docs on headless browser connection (#179882)\n\n##
Summary\r\n\r\nThis resolves some issues we've seen over confusion on
configuration and\r\nrefused access to Kibana while generating a PNG/PDF
report.","sha":"982303882ed979add12b5f60288ef46975446869","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","docs","v8.11.0","v8.12.0","v8.13.0","v8.14.0"],"number":179882,"url":"https://github.com/elastic/kibana/pull/179882","mergeCommit":{"message":"[Reporting]
update logs and docs on headless browser connection (#179882)\n\n##
Summary\r\n\r\nThis resolves some issues we've seen over confusion on
configuration and\r\nrefused access to Kibana while generating a PNG/PDF
report.","sha":"982303882ed979add12b5f60288ef46975446869"}},"sourceBranch":"main","suggestedTargetBranches":["8.11","8.12","8.13"],"targetPullRequestStates":[{"branch":"8.11","label":"v8.11.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.12","label":"v8.12.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.13","label":"v8.13.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.14.0","labelRegex":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/179882","number":179882,"mergeCommit":{"message":"[Reporting]
update logs and docs on headless browser connection (#179882)\n\n##
Summary\r\n\r\nThis resolves some issues we've seen over confusion on
configuration and\r\nrefused access to Kibana while generating a PNG/PDF
report.","sha":"982303882ed979add12b5f60288ef46975446869"}}]}]
BACKPORT-->

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
 2024-04-23 04:25:49 +01:00
Kibana Machine
523d3154e9
[8.12] [Security Solution][Threat Intelligence] - fix broken KQL bar (#179153) (#179427) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Security Solution][Threat Intelligence] - fix broken KQL bar
(#179153)](https://github.com/elastic/kibana/pull/179153)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Philippe
Oberti","email":"philippe.oberti@elastic.co"},"sourceCommit":{"committedDate":"2024-03-26T12:23:36Z","message":"[Security
Solution][Threat Intelligence] - fix broken KQL bar
(#179153)","sha":"98f0cfe7ddb0e0c6d23f97b733f62766f52a101d","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Threat
Hunting:Investigations","v8.11.5","v8.14.0","v8.12.3","v8.13.1"],"title":"[Security
Solution][Threat Intelligence] - fix broken KQL
bar","number":179153,"url":"https://github.com/elastic/kibana/pull/179153","mergeCommit":{"message":"[Security
Solution][Threat Intelligence] - fix broken KQL bar
(#179153)","sha":"98f0cfe7ddb0e0c6d23f97b733f62766f52a101d"}},"sourceBranch":"main","suggestedTargetBranches":["8.11","8.12","8.13"],"targetPullRequestStates":[{"branch":"8.11","label":"v8.11.5","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.14.0","branchLabelMappingKey":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/179153","number":179153,"mergeCommit":{"message":"[Security
Solution][Threat Intelligence] - fix broken KQL bar
(#179153)","sha":"98f0cfe7ddb0e0c6d23f97b733f62766f52a101d"}},{"branch":"8.12","label":"v8.12.3","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.13","label":"v8.13.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Philippe Oberti <philippe.oberti@elastic.co>
 2024-03-27 06:31:32 -07:00
Kibana Machine
8716575154
[8.12] [Upgrade Assistant] Add missing cluster privilege check (#179033) (#179371) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Upgrade Assistant] Add missing cluster privilege check
(#179033)](https://github.com/elastic/kibana/pull/179033)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Ignacio
Rivas","email":"rivasign@gmail.com"},"sourceCommit":{"committedDate":"2024-03-25T17:06:22Z","message":"[Upgrade
Assistant] Add missing cluster privilege check
(#179033)","sha":"4961e52bdfc39f59ac9ce3f767204c3be537ba45","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Kibana
Management","release_note:skip","Feature:Upgrade
Assistant","v8.14.0","v8.12.3","v8.13.1"],"title":"[Upgrade Assistant]
Add missing cluster privilege
check","number":179033,"url":"https://github.com/elastic/kibana/pull/179033","mergeCommit":{"message":"[Upgrade
Assistant] Add missing cluster privilege check
(#179033)","sha":"4961e52bdfc39f59ac9ce3f767204c3be537ba45"}},"sourceBranch":"main","suggestedTargetBranches":["8.12","8.13"],"targetPullRequestStates":[{"branch":"main","label":"v8.14.0","branchLabelMappingKey":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/179033","number":179033,"mergeCommit":{"message":"[Upgrade
Assistant] Add missing cluster privilege check
(#179033)","sha":"4961e52bdfc39f59ac9ce3f767204c3be537ba45"}},{"branch":"8.12","label":"v8.12.3","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.13","label":"v8.13.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Ignacio Rivas <rivasign@gmail.com>
 2024-03-25 11:34:41 -07:00
Quynh Nguyen (Quinn)
7d1cc16f30
[8.12] [ML] Fixes Single Metric Viewer's zoom settings in URL are not restored if URL specifies a forecast ID (#176969) (#177124) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[ML] Fixes Single Metric Viewer's zoom settings in URL are not
restored if URL specifies a forecast ID
(#176969)](https://github.com/elastic/kibana/pull/176969)

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
 2024-03-21 08:48:43 -06:00
Zacqary Adam Xeper
d5201bd757
[8.12] [RAM] Fix bug where select all rules bypasses filters (#176962) (#177096) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[RAM] Fix bug where select all rules bypasses filters
(#176962)](https://github.com/elastic/kibana/pull/176962)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Zacqary Adam
Xeper","email":"Zacqary@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-15T18:30:08Z","message":"[RAM]
Fix bug where select all rules bypasses filters (#176962)\n\n##
Summary\r\n\r\nFixes #176867 \r\n\r\nA bug introduced in
https://github.com/elastic/kibana/pull/174954\r\nbypassed most filters
when using Select All on the Rules List. This was\r\nbecause the names
of the filter properties changed, and no longer\r\nmatched what the
`useBulkEditSelect` hook was expecting.\r\n\r\nBecause all of these
types were optional, it didn't trigger any type\r\nerrors.\r\n\r\nThis
syncs up the type definitions with the new filter store hook,
and\r\nadds a functional test to make sure filters are working on bulk
actions\r\nwhen clicking the select all button.\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"e136a9318215d5913a5e957aec5d9ad0b8132506","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:ResponseOps","Feature:Alerting/RulesManagement","v8.13.0","v8.12.2","v8.14.0"],"number":176962,"url":"https://github.com/elastic/kibana/pull/176962","mergeCommit":{"message":"[RAM]
Fix bug where select all rules bypasses filters (#176962)\n\n##
Summary\r\n\r\nFixes #176867 \r\n\r\nA bug introduced in
https://github.com/elastic/kibana/pull/174954\r\nbypassed most filters
when using Select All on the Rules List. This was\r\nbecause the names
of the filter properties changed, and no longer\r\nmatched what the
`useBulkEditSelect` hook was expecting.\r\n\r\nBecause all of these
types were optional, it didn't trigger any type\r\nerrors.\r\n\r\nThis
syncs up the type definitions with the new filter store hook,
and\r\nadds a functional test to make sure filters are working on bulk
actions\r\nwhen clicking the select all button.\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"e136a9318215d5913a5e957aec5d9ad0b8132506"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"8.13","label":"v8.13.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/177063","number":177063,"state":"MERGED","mergeCommit":{"sha":"4e45baaef0134a39c624b0bf770eb7b51a7725c9","message":"[8.13]
[RAM] Fix bug where select all rules bypasses filters (#176962)
(#177063)\n\n# Backport\n\nThis will backport the following commits from
`main` to `8.13`:\n- [[RAM] Fix bug where select all rules bypasses
filters\n(#176962)](https://github.com/elastic/kibana/pull/176962)\n\n<!---
Backport version: 9.4.3 -->\n\n### Questions ?\nPlease refer to the
[Backport
tool\ndocumentation](https://github.com/sqren/backport)\n\n<!--BACKPORT
[{\"author\":{\"name\":\"Zacqary
Adam\nXeper\",\"email\":\"Zacqary@users.noreply.github.com\"},\"sourceCommit\":{\"committedDate\":\"2024-02-15T18:30:08Z\",\"message\":\"[RAM]\nFix
bug where select all rules bypasses filters
(#176962)\\n\\n##\nSummary\\r\\n\\r\\nFixes #176867 \\r\\n\\r\\nA bug
introduced
in\nhttps://github.com/elastic/kibana/pull/174954\\r\\nbypassed most
filters\nwhen using Select All on the Rules List. This was\\r\\nbecause
the names\nof the filter properties changed, and no longer\\r\\nmatched
what the\n`useBulkEditSelect` hook was expecting.\\r\\n\\r\\nBecause all
of these\ntypes were optional, it didn't trigger any
type\\r\\nerrors.\\r\\n\\r\\nThis\nsyncs up the type definitions with
the new filter store hook,\nand\\r\\nadds a functional test to make sure
filters are working on bulk\nactions\\r\\nwhen clicking the select all
button.\\r\\n\\r\\n###\nChecklist\\r\\n\\r\\n- [x] [Unit
or\nfunctional\\r\\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\\r\\nwere\nupdated
or added to match the most
common\nscenarios\",\"sha\":\"e136a9318215d5913a5e957aec5d9ad0b8132506\",\"branchLabelMapping\":{\"^v8.14.0$\":\"main\",\"^v(\\\\d+).(\\\\d+).\\\\d+$\":\"$1.$2\"}},\"sourcePullRequest\":{\"labels\":[\"release_note:fix\",\"Team:ResponseOps\",\"Feature:Alerting/RulesManagement\",\"v8.13.0\",\"v8.12.2\",\"v8.14.0\"],\"title\":\"[RAM]\nFix
bug where select all rules
bypasses\nfilters\",\"number\":176962,\"url\":\"https://github.com/elastic/kibana/pull/176962\",\"mergeCommit\":{\"message\":\"[RAM]\nFix
bug where select all rules bypasses filters
(#176962)\\n\\n##\nSummary\\r\\n\\r\\nFixes #176867 \\r\\n\\r\\nA bug
introduced
in\nhttps://github.com/elastic/kibana/pull/174954\\r\\nbypassed most
filters\nwhen using Select All on the Rules List. This was\\r\\nbecause
the names\nof the filter properties changed, and no longer\\r\\nmatched
what the\n`useBulkEditSelect` hook was expecting.\\r\\n\\r\\nBecause all
of these\ntypes were optional, it didn't trigger any
type\\r\\nerrors.\\r\\n\\r\\nThis\nsyncs up the type definitions with
the new filter store hook,\nand\\r\\nadds a functional test to make sure
filters are working on bulk\nactions\\r\\nwhen clicking the select all
button.\\r\\n\\r\\n###\nChecklist\\r\\n\\r\\n- [x] [Unit
or\nfunctional\\r\\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\\r\\nwere\nupdated
or added to match the most
common\nscenarios\",\"sha\":\"e136a9318215d5913a5e957aec5d9ad0b8132506\"}},\"sourceBranch\":\"main\",\"suggestedTargetBranches\":[\"8.13\",\"8.12\"],\"targetPullRequestStates\":[{\"branch\":\"8.13\",\"label\":\"v8.13.0\",\"branchLabelMappingKey\":\"^v(\\\\d+).(\\\\d+).\\\\d+$\",\"isSourceBranch\":false,\"state\":\"NOT_CREATED\"},{\"branch\":\"8.12\",\"label\":\"v8.12.2\",\"branchLabelMappingKey\":\"^v(\\\\d+).(\\\\d+).\\\\d+$\",\"isSourceBranch\":false,\"state\":\"NOT_CREATED\"},{\"branch\":\"main\",\"label\":\"v8.14.0\",\"branchLabelMappingKey\":\"^v8.14.0$\",\"isSourceBranch\":true,\"state\":\"MERGED\",\"url\":\"https://github.com/elastic/kibana/pull/176962\",\"number\":176962,\"mergeCommit\":{\"message\":\"[RAM]\nFix
bug where select all rules bypasses filters
(#176962)\\n\\n##\nSummary\\r\\n\\r\\nFixes #176867 \\r\\n\\r\\nA bug
introduced
in\nhttps://github.com/elastic/kibana/pull/174954\\r\\nbypassed most
filters\nwhen using Select All on the Rules List. This was\\r\\nbecause
the names\nof the filter properties changed, and no longer\\r\\nmatched
what the\n`useBulkEditSelect` hook was expecting.\\r\\n\\r\\nBecause all
of these\ntypes were optional, it didn't trigger any
type\\r\\nerrors.\\r\\n\\r\\nThis\nsyncs up the type definitions with
the new filter store hook,\nand\\r\\nadds a functional test to make sure
filters are working on bulk\nactions\\r\\nwhen clicking the select all
button.\\r\\n\\r\\n###\nChecklist\\r\\n\\r\\n- [x] [Unit
or\nfunctional\\r\\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\\r\\nwere\nupdated
or added to match the most
common\nscenarios\",\"sha\":\"e136a9318215d5913a5e957aec5d9ad0b8132506\"}}]}]\nBACKPORT-->\n\nCo-authored-by:
Zacqary Adam Xeper
<Zacqary@users.noreply.github.com>"}},{"branch":"8.12","label":"v8.12.2","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.14.0","labelRegex":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176962","number":176962,"mergeCommit":{"message":"[RAM]
Fix bug where select all rules bypasses filters (#176962)\n\n##
Summary\r\n\r\nFixes #176867 \r\n\r\nA bug introduced in
https://github.com/elastic/kibana/pull/174954\r\nbypassed most filters
when using Select All on the Rules List. This was\r\nbecause the names
of the filter properties changed, and no longer\r\nmatched what the
`useBulkEditSelect` hook was expecting.\r\n\r\nBecause all of these
types were optional, it didn't trigger any type\r\nerrors.\r\n\r\nThis
syncs up the type definitions with the new filter store hook,
and\r\nadds a functional test to make sure filters are working on bulk
actions\r\nwhen clicking the select all button.\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"e136a9318215d5913a5e957aec5d9ad0b8132506"}}]}]
BACKPORT-->

---------

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
 2024-03-18 16:07:11 -07:00
Tiago Costa
adad7d9d11
skip flaky suite (#177669) 2024-03-18 21:31:01 +00:00
Tiago Costa
8a799374b9
skip flaky suite (#177672) 2024-03-18 21:30:38 +00:00
Tiago Costa
8d799b84f2
skip flaky suite (#177671) 2024-03-18 21:29:48 +00:00
Tiago Costa
dd504446f1
skip flaky suite (#177670) 2024-03-18 21:28:28 +00:00
Lisa Cawley
44832c5467
[8.12] [OAS] Add details for running Slack connector actions (#169712) (#176876) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[OAS] Add details for running Slack connector actions
(#169712)](https://github.com/elastic/kibana/pull/169712)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Lisa
Cawley","email":"lcawley@elastic.co"},"sourceCommit":{"committedDate":"2024-02-13T23:00:15Z","message":"[OAS]
Add details for running Slack connector actions
(#169712)","sha":"1b65592c0e77b71f897d83660f2c0a6e1c688a90","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:ResponseOps","docs","Feature:Actions/ConnectorTypes","backport:prev-minor","v8.12.1","v8.13.0"],"number":169712,"url":"https://github.com/elastic/kibana/pull/169712","mergeCommit":{"message":"[OAS]
Add details for running Slack connector actions
(#169712)","sha":"1b65592c0e77b71f897d83660f2c0a6e1c688a90"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"8.12","label":"v8.12.1","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.13.0","labelRegex":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/169712","number":169712,"mergeCommit":{"message":"[OAS]
Add details for running Slack connector actions
(#169712)","sha":"1b65592c0e77b71f897d83660f2c0a6e1c688a90"}}]}]
BACKPORT-->
 2024-03-08 12:19:18 +00:00
Dario Gieselaar
9dc1ed15d9
[8.12] [Obs AI Assistant] More lenient parsing of suggestion scores (#177898) (#178178) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Obs AI Assistant] More lenient parsing of suggestion scores
(#177898)](https://github.com/elastic/kibana/pull/177898)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Dario
Gieselaar","email":"dario.gieselaar@elastic.co"},"sourceCommit":{"committedDate":"2024-03-04T08:39:26Z","message":"[Obs
AI Assistant] More lenient parsing of suggestion scores
(#177898)\n\nCloses #177855. Also adds the scores to `data` for easier
debugging.","sha":"0fd880be2ba63da78505465a999f3102f1ded714","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","v8.13.0","v8.14.0","v8.12.3"],"number":177898,"url":"https://github.com/elastic/kibana/pull/177898","mergeCommit":{"message":"[Obs
AI Assistant] More lenient parsing of suggestion scores
(#177898)\n\nCloses #177855. Also adds the scores to `data` for easier
debugging.","sha":"0fd880be2ba63da78505465a999f3102f1ded714"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"8.13","label":"v8.13.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/178152","number":178152,"state":"OPEN"},{"branch":"main","label":"v8.14.0","labelRegex":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/177898","number":177898,"mergeCommit":{"message":"[Obs
AI Assistant] More lenient parsing of suggestion scores
(#177898)\n\nCloses #177855. Also adds the scores to `data` for easier
debugging.","sha":"0fd880be2ba63da78505465a999f3102f1ded714"}},{"branch":"8.12","label":"v8.12.3","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
 2024-03-07 02:11:24 -07:00
Kibana Machine
f5eb91ee6a
[8.12] [Synthetics] Fixes pending count filtering (#177499) (#177507) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Synthetics] Fixes pending count filtering
(#177499)](https://github.com/elastic/kibana/pull/177499)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT
[{"author":{"name":"Shahzad","email":"shahzad31comp@gmail.com"},"sourceCommit":{"committedDate":"2024-02-21T19:25:57Z","message":"[Synthetics]
Fixes pending count filtering (#177499)\n\n## Summary\r\n\r\nFixes
pending count filtering !!\r\n\r\nFollow up to
https://github.com/elastic/kibana/pull/177406\r\n\r\n<img width=\"1728\"
alt=\"image\"\r\nsrc=\"3dea1684-d6a9-44ab-b9a7-ad6c60079542\">","sha":"1f8bfae21c14c5d4dfe259691e9f71b366cdfc92","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport:prev-minor","Team:obs-ux-infra_services","v8.13.0","v8.12.2","v8.14.0"],"title":"[Synthetics]
Fixes pending count
filtering","number":177499,"url":"https://github.com/elastic/kibana/pull/177499","mergeCommit":{"message":"[Synthetics]
Fixes pending count filtering (#177499)\n\n## Summary\r\n\r\nFixes
pending count filtering !!\r\n\r\nFollow up to
https://github.com/elastic/kibana/pull/177406\r\n\r\n<img width=\"1728\"
alt=\"image\"\r\nsrc=\"3dea1684-d6a9-44ab-b9a7-ad6c60079542\">","sha":"1f8bfae21c14c5d4dfe259691e9f71b366cdfc92"}},"sourceBranch":"main","suggestedTargetBranches":["8.13","8.12"],"targetPullRequestStates":[{"branch":"8.13","label":"v8.13.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.12","label":"v8.12.2","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.14.0","branchLabelMappingKey":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/177499","number":177499,"mergeCommit":{"message":"[Synthetics]
Fixes pending count filtering (#177499)\n\n## Summary\r\n\r\nFixes
pending count filtering !!\r\n\r\nFollow up to
https://github.com/elastic/kibana/pull/177406\r\n\r\n<img width=\"1728\"
alt=\"image\"\r\nsrc=\"3dea1684-d6a9-44ab-b9a7-ad6c60079542\">","sha":"1f8bfae21c14c5d4dfe259691e9f71b366cdfc92"}}]}]
BACKPORT-->

Co-authored-by: Shahzad <shahzad31comp@gmail.com>
 2024-02-21 13:52:54 -07:00
Kibana Machine
3d70becbe0
[8.12] [Infra] Fixing Derivative aggregation on kubernetes pods (#177295) (#177366) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Infra] Fixing Derivative aggregation on kubernetes pods
(#177295)](https://github.com/elastic/kibana/pull/177295)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Cauê
Marcondes","email":"55978943+cauemarcondes@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-20T19:05:23Z","message":"[Infra]
Fixing Derivative aggregation on kubernetes pods (#177295)\n\ncloses
https://github.com/elastic/kibana/issues/177294\r\n\r\n<img
width=\"398\" alt=\"Screenshot 2024-02-20 at 14 00
41\"\r\nsrc=\"5a7851b2-79ef-45c3-8e67-2610012a3d06\">\r\n\r\nHow
to test:\r\n- Open Inventory page\r\n- Filter by Kubernetes pods\r\n-
Hover over any
pod","sha":"4bf3e772388cf2d93e9441f0082aa634425bc1d9","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","v8.12.0","v8.13.0","v8.14.0"],"title":"[Infra]
Fixing Derivative aggregation on kubernetes
pods","number":177295,"url":"https://github.com/elastic/kibana/pull/177295","mergeCommit":{"message":"[Infra]
Fixing Derivative aggregation on kubernetes pods (#177295)\n\ncloses
https://github.com/elastic/kibana/issues/177294\r\n\r\n<img
width=\"398\" alt=\"Screenshot 2024-02-20 at 14 00
41\"\r\nsrc=\"5a7851b2-79ef-45c3-8e67-2610012a3d06\">\r\n\r\nHow
to test:\r\n- Open Inventory page\r\n- Filter by Kubernetes pods\r\n-
Hover over any
pod","sha":"4bf3e772388cf2d93e9441f0082aa634425bc1d9"}},"sourceBranch":"main","suggestedTargetBranches":["8.12","8.13"],"targetPullRequestStates":[{"branch":"8.12","label":"v8.12.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.13","label":"v8.13.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.14.0","branchLabelMappingKey":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/177295","number":177295,"mergeCommit":{"message":"[Infra]
Fixing Derivative aggregation on kubernetes pods (#177295)\n\ncloses
https://github.com/elastic/kibana/issues/177294\r\n\r\n<img
width=\"398\" alt=\"Screenshot 2024-02-20 at 14 00
41\"\r\nsrc=\"5a7851b2-79ef-45c3-8e67-2610012a3d06\">\r\n\r\nHow
to test:\r\n- Open Inventory page\r\n- Filter by Kubernetes pods\r\n-
Hover over any
pod","sha":"4bf3e772388cf2d93e9441f0082aa634425bc1d9"}}]}] BACKPORT-->

Co-authored-by: Cauê Marcondes <55978943+cauemarcondes@users.noreply.github.com>
 2024-02-21 03:30:08 -07:00
Maxim Palenov
a687b96184
[8.12] [Security Solution] Fix not complete existing rule overwrite when importing rules (#176166) (#177270) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Security Solution] Fix not complete existing rule overwrite when
importing rules
(#176166)](https://github.com/elastic/kibana/pull/176166)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)
 2024-02-20 17:07:57 +01:00
Cristina Amico
6536da7fb1
[8.12] [Fleet] Fix inactive popover tour not resetting (#176929) (#177172) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Fleet] Fix inactive popover tour not resetting
(#176929)](https://github.com/elastic/kibana/pull/176929)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Cristina
Amico","email":"criamico@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-19T10:25:20Z","message":"[Fleet]
Fix inactive popover tour not resetting (#176929)\n\nFixes
https://github.com/elastic/kibana/issues/176124\r\n\r\n## Summary\r\nThe
[inactive
popover](https://github.com/elastic/kibana/pull/149226)\r\nthat appears
the first time after agents become inactive was broken\r\n(probably
because of a EUi upgrade) and wasn't dismissable anymore.\r\n\r\nI'm
adding a footer with button that makes it easily
dismissable.\r\n\r\n![Screenshot 2024-02-14 at 16
15\r\n36](b4029aa2-e0f7-42d4-afe1-e810b7e88d23)\r\n\r\n###
Testing \r\n- In dev tools console, run the following. This removes from
the local\r\nstorage the key that signals that the tour was already ran
once.\r\n```\r\n
localStorage.removeItem(\"fleet.inactiveAgentsCalloutHasBeenDismissed\")\r\n```\r\n-
Enroll some agents and wait that at least one becomes inactive\r\n- The
popover should be visible and it should be possible to dismiss it\r\nby
clicking \"got it\".\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"851657c6f9fd0113f3a5900c100ce0f3e151841f","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Fleet","v8.13.0","v8.12.2","v8.14.0"],"number":176929,"url":"https://github.com/elastic/kibana/pull/176929","mergeCommit":{"message":"[Fleet]
Fix inactive popover tour not resetting (#176929)\n\nFixes
https://github.com/elastic/kibana/issues/176124\r\n\r\n## Summary\r\nThe
[inactive
popover](https://github.com/elastic/kibana/pull/149226)\r\nthat appears
the first time after agents become inactive was broken\r\n(probably
because of a EUi upgrade) and wasn't dismissable anymore.\r\n\r\nI'm
adding a footer with button that makes it easily
dismissable.\r\n\r\n![Screenshot 2024-02-14 at 16
15\r\n36](b4029aa2-e0f7-42d4-afe1-e810b7e88d23)\r\n\r\n###
Testing \r\n- In dev tools console, run the following. This removes from
the local\r\nstorage the key that signals that the tour was already ran
once.\r\n```\r\n
localStorage.removeItem(\"fleet.inactiveAgentsCalloutHasBeenDismissed\")\r\n```\r\n-
Enroll some agents and wait that at least one becomes inactive\r\n- The
popover should be visible and it should be possible to dismiss it\r\nby
clicking \"got it\".\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"851657c6f9fd0113f3a5900c100ce0f3e151841f"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"8.13","label":"v8.13.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/177161","number":177161,"state":"OPEN"},{"branch":"8.12","label":"v8.12.2","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.14.0","labelRegex":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176929","number":176929,"mergeCommit":{"message":"[Fleet]
Fix inactive popover tour not resetting (#176929)\n\nFixes
https://github.com/elastic/kibana/issues/176124\r\n\r\n## Summary\r\nThe
[inactive
popover](https://github.com/elastic/kibana/pull/149226)\r\nthat appears
the first time after agents become inactive was broken\r\n(probably
because of a EUi upgrade) and wasn't dismissable anymore.\r\n\r\nI'm
adding a footer with button that makes it easily
dismissable.\r\n\r\n![Screenshot 2024-02-14 at 16
15\r\n36](b4029aa2-e0f7-42d4-afe1-e810b7e88d23)\r\n\r\n###
Testing \r\n- In dev tools console, run the following. This removes from
the local\r\nstorage the key that signals that the tour was already ran
once.\r\n```\r\n
localStorage.removeItem(\"fleet.inactiveAgentsCalloutHasBeenDismissed\")\r\n```\r\n-
Enroll some agents and wait that at least one becomes inactive\r\n- The
popover should be visible and it should be possible to dismiss it\r\nby
clicking \"got it\".\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"851657c6f9fd0113f3a5900c100ce0f3e151841f"}}]}]
BACKPORT-->
 2024-02-20 15:31:26 +01:00
Georgii Gorbachev
1b457956ed
[8.12] [Security Solution] Fix rule filters on the Rule Details page (#177081) (#177260) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Security Solution] Fix rule filters on the Rule Details page
(#177081)](https://github.com/elastic/kibana/pull/177081)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)
 2024-02-20 04:18:18 -07:00
Kibana Machine
1200cf30d6
[8.12] [Fleet] Fix package showing &#x27;Needs authorization&#x27; warning even after transform assets were authorized successfully (#176647) (#177236) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Fleet] Fix package showing &#x27;Needs authorization&#x27; warning
even after transform assets were authorized successfully
(#176647)](https://github.com/elastic/kibana/pull/176647)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Quynh Nguyen
(Quinn)","email":"43350163+qn895@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-19T19:12:17Z","message":"[Fleet]
Fix package showing 'Needs authorization' warning even after transform
assets were authorized successfully
(#176647)","sha":"4e10d1c70b30cf1c6d8eec8a87a9badc6ad422cb","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix",":ml","Feature:Transforms","Team:Fleet","v8.13.0","v8.12.2","v8.14.0"],"title":"[Fleet]
Fix package showing 'Needs authorization' warning even after transform
assets were authorized
successfully","number":176647,"url":"https://github.com/elastic/kibana/pull/176647","mergeCommit":{"message":"[Fleet]
Fix package showing 'Needs authorization' warning even after transform
assets were authorized successfully
(#176647)","sha":"4e10d1c70b30cf1c6d8eec8a87a9badc6ad422cb"}},"sourceBranch":"main","suggestedTargetBranches":["8.13","8.12"],"targetPullRequestStates":[{"branch":"8.13","label":"v8.13.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.12","label":"v8.12.2","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.14.0","branchLabelMappingKey":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176647","number":176647,"mergeCommit":{"message":"[Fleet]
Fix package showing 'Needs authorization' warning even after transform
assets were authorized successfully
(#176647)","sha":"4e10d1c70b30cf1c6d8eec8a87a9badc6ad422cb"}}]}]
BACKPORT-->

Co-authored-by: Quynh Nguyen (Quinn) <43350163+qn895@users.noreply.github.com>
 2024-02-19 13:32:14 -07:00
Kibana Machine
0763a057d3
[8.12] [Synthetics] Simplify write access default behavior (#177088) (#177227) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Synthetics] Simplify write access default behavior
(#177088)](https://github.com/elastic/kibana/pull/177088)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Justin
Kambic","email":"jk@elastic.co"},"sourceCommit":{"committedDate":"2024-02-19T18:11:03Z","message":"[Synthetics]
Simplify write access default behavior (#177088)\n\n##
Summary\r\n\r\nSimplifies the override functionality. Now, `writeAccess`
is the only\r\nflag controlling this. All non-GET routes are defaulted
to requiring\r\nwrite access. Also applies write access restriction to
the trigger\r\nroute, which is a GET.\r\n\r\n## Testing
instructions\r\n\r\nTest the override routes, and the default
behavior.\r\n\r\n```shell\r\n# Create a test user with user/pass:
testuser/testuser\r\n\r\n# Override: trigger route should return
403\r\ncurl -X GET
http://localhost:5601/internal/synthetics/service/monitors/trigger/{monitorId}
-u testuser:testuser \r\n\r\n# Override: enablement route should work
for read user\r\ncurl -X PUT
http://localhost:5601/internal/synthetics/service/enablement -u
testuser:testuser -H \"kbn-xsrf: true\"\r\n\r\n# Override: screenshot
blocks should work\r\ncurl -X POST
http://localhost:5601/internal/synthetics/journey/screenshot/block -u
testuser:testuser -H \"kbn-xsrf: true\"\r\n\r\n# a normal GET route
returns 200\r\ncurl -X GET
http://localhost:5601/internal/synthetics/service/monitor/{monitorId} -u
testuser:testuser \r\n\r\n# a normal non-GET route returns 403\r\ncurl
-X POST
http://localhost:5601/internal/synthetics/enable_default_alerting -u
testuser:testuser -H \"kbn-xsrf:
true\"\r\n```","sha":"b8cdae452ef9e7c83b49832b07d30f69a56b5698","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","Team:obs-ux-infra_services","v8.13.0","v8.12.2","v8.14.0"],"title":"[Synthetics]
Simplify write access default
behavior","number":177088,"url":"https://github.com/elastic/kibana/pull/177088","mergeCommit":{"message":"[Synthetics]
Simplify write access default behavior (#177088)\n\n##
Summary\r\n\r\nSimplifies the override functionality. Now, `writeAccess`
is the only\r\nflag controlling this. All non-GET routes are defaulted
to requiring\r\nwrite access. Also applies write access restriction to
the trigger\r\nroute, which is a GET.\r\n\r\n## Testing
instructions\r\n\r\nTest the override routes, and the default
behavior.\r\n\r\n```shell\r\n# Create a test user with user/pass:
testuser/testuser\r\n\r\n# Override: trigger route should return
403\r\ncurl -X GET
http://localhost:5601/internal/synthetics/service/monitors/trigger/{monitorId}
-u testuser:testuser \r\n\r\n# Override: enablement route should work
for read user\r\ncurl -X PUT
http://localhost:5601/internal/synthetics/service/enablement -u
testuser:testuser -H \"kbn-xsrf: true\"\r\n\r\n# Override: screenshot
blocks should work\r\ncurl -X POST
http://localhost:5601/internal/synthetics/journey/screenshot/block -u
testuser:testuser -H \"kbn-xsrf: true\"\r\n\r\n# a normal GET route
returns 200\r\ncurl -X GET
http://localhost:5601/internal/synthetics/service/monitor/{monitorId} -u
testuser:testuser \r\n\r\n# a normal non-GET route returns 403\r\ncurl
-X POST
http://localhost:5601/internal/synthetics/enable_default_alerting -u
testuser:testuser -H \"kbn-xsrf:
true\"\r\n```","sha":"b8cdae452ef9e7c83b49832b07d30f69a56b5698"}},"sourceBranch":"main","suggestedTargetBranches":["8.13","8.12"],"targetPullRequestStates":[{"branch":"8.13","label":"v8.13.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.12","label":"v8.12.2","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.14.0","branchLabelMappingKey":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/177088","number":177088,"mergeCommit":{"message":"[Synthetics]
Simplify write access default behavior (#177088)\n\n##
Summary\r\n\r\nSimplifies the override functionality. Now, `writeAccess`
is the only\r\nflag controlling this. All non-GET routes are defaulted
to requiring\r\nwrite access. Also applies write access restriction to
the trigger\r\nroute, which is a GET.\r\n\r\n## Testing
instructions\r\n\r\nTest the override routes, and the default
behavior.\r\n\r\n```shell\r\n# Create a test user with user/pass:
testuser/testuser\r\n\r\n# Override: trigger route should return
403\r\ncurl -X GET
http://localhost:5601/internal/synthetics/service/monitors/trigger/{monitorId}
-u testuser:testuser \r\n\r\n# Override: enablement route should work
for read user\r\ncurl -X PUT
http://localhost:5601/internal/synthetics/service/enablement -u
testuser:testuser -H \"kbn-xsrf: true\"\r\n\r\n# Override: screenshot
blocks should work\r\ncurl -X POST
http://localhost:5601/internal/synthetics/journey/screenshot/block -u
testuser:testuser -H \"kbn-xsrf: true\"\r\n\r\n# a normal GET route
returns 200\r\ncurl -X GET
http://localhost:5601/internal/synthetics/service/monitor/{monitorId} -u
testuser:testuser \r\n\r\n# a normal non-GET route returns 403\r\ncurl
-X POST
http://localhost:5601/internal/synthetics/enable_default_alerting -u
testuser:testuser -H \"kbn-xsrf:
true\"\r\n```","sha":"b8cdae452ef9e7c83b49832b07d30f69a56b5698"}}]}]
BACKPORT-->

Co-authored-by: Justin Kambic <jk@elastic.co>
 2024-02-19 12:33:17 -07:00
Kibana Machine
f5bd489c5f
[8.12] [Bug][Investigations] - Fix slow timeline queries (#176838) (#176956) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Bug][Investigations] - Fix slow timeline queries
(#176838)](https://github.com/elastic/kibana/pull/176838)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Michael
Olorunnisola","email":"michael.olorunnisola@elastic.co"},"sourceCommit":{"committedDate":"2024-02-14T21:02:20Z","message":"[Bug][Investigations]
- Fix slow timeline queries (#176838)\n\n## Summary\r\n\r\n**Version
Affected: 8.11.x, 8.12.0, 8.12.1**\r\n\r\n### Background\r\n\r\nThe ID
field necessary to track long running timeline search
strategy\r\nqueries was no longer being passed to ES search after work
in 8.11. This\r\nled to what looked like long running timeline queries,
but in reality\r\nwere queries being repeated due to the ID not being
tracked. This pr\r\nre-introduces the ID field necessary for long
running timeline search\r\nstrategies in security
solution\r\n\r\n**Views Affected:**\r\n - Timeline tabs (query,
correlation, pinned)\r\n - Explore events tables (hosts, users,
network)\r\n - Rule preview table\r\n \r\n\r\nPre-fix:\r\n\r\nObserver
the changing ID's for the `timelineSearchStrategy`
`eventsAll`\r\nqueries.\r\n\r\n\r\n5731d310-d3ed-452d-8c34-783b2cfe76e1\r\n\r\n\r\nPost-fix:\r\n\r\nObserver
the same ID for the `timelineSearchStrategy`
`eventsAll`\r\nqueries.\r\n\r\n\r\na20d4b28-2748-4475-a257-96133bb8efc7\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"68bdd7cb275bdcbc41c0b6bba86a56d954fd5496","branchLabelMapping":{"^v8.14.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","Team:Threat
Hunting:Investigations","v8.12.2","v8.14.0"],"title":"[Bug][Investigations]
- Fix slow timeline
queries","number":176838,"url":"https://github.com/elastic/kibana/pull/176838","mergeCommit":{"message":"[Bug][Investigations]
- Fix slow timeline queries (#176838)\n\n## Summary\r\n\r\n**Version
Affected: 8.11.x, 8.12.0, 8.12.1**\r\n\r\n### Background\r\n\r\nThe ID
field necessary to track long running timeline search
strategy\r\nqueries was no longer being passed to ES search after work
in 8.11. This\r\nled to what looked like long running timeline queries,
but in reality\r\nwere queries being repeated due to the ID not being
tracked. This pr\r\nre-introduces the ID field necessary for long
running timeline search\r\nstrategies in security
solution\r\n\r\n**Views Affected:**\r\n - Timeline tabs (query,
correlation, pinned)\r\n - Explore events tables (hosts, users,
network)\r\n - Rule preview table\r\n \r\n\r\nPre-fix:\r\n\r\nObserver
the changing ID's for the `timelineSearchStrategy`
`eventsAll`\r\nqueries.\r\n\r\n\r\n5731d310-d3ed-452d-8c34-783b2cfe76e1\r\n\r\n\r\nPost-fix:\r\n\r\nObserver
the same ID for the `timelineSearchStrategy`
`eventsAll`\r\nqueries.\r\n\r\n\r\na20d4b28-2748-4475-a257-96133bb8efc7\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"68bdd7cb275bdcbc41c0b6bba86a56d954fd5496"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"8.12","label":"v8.12.2","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.14.0","branchLabelMappingKey":"^v8.14.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176838","number":176838,"mergeCommit":{"message":"[Bug][Investigations]
- Fix slow timeline queries (#176838)\n\n## Summary\r\n\r\n**Version
Affected: 8.11.x, 8.12.0, 8.12.1**\r\n\r\n### Background\r\n\r\nThe ID
field necessary to track long running timeline search
strategy\r\nqueries was no longer being passed to ES search after work
in 8.11. This\r\nled to what looked like long running timeline queries,
but in reality\r\nwere queries being repeated due to the ID not being
tracked. This pr\r\nre-introduces the ID field necessary for long
running timeline search\r\nstrategies in security
solution\r\n\r\n**Views Affected:**\r\n - Timeline tabs (query,
correlation, pinned)\r\n - Explore events tables (hosts, users,
network)\r\n - Rule preview table\r\n \r\n\r\nPre-fix:\r\n\r\nObserver
the changing ID's for the `timelineSearchStrategy`
`eventsAll`\r\nqueries.\r\n\r\n\r\n5731d310-d3ed-452d-8c34-783b2cfe76e1\r\n\r\n\r\nPost-fix:\r\n\r\nObserver
the same ID for the `timelineSearchStrategy`
`eventsAll`\r\nqueries.\r\n\r\n\r\na20d4b28-2748-4475-a257-96133bb8efc7\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<42973632+kibanamachine@users.noreply.github.com>","sha":"68bdd7cb275bdcbc41c0b6bba86a56d954fd5496"}}]}]
BACKPORT-->

Co-authored-by: Michael Olorunnisola <michael.olorunnisola@elastic.co>
 2024-02-14 15:46:40 -07:00
Kibana Machine
e446672754
[8.12] [Discover][Alerts] Fix Discover results when alert excludes matches from previous runs (#176690) (#176931) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Discover][Alerts] Fix Discover results when alert excludes matches
from previous runs
(#176690)](https://github.com/elastic/kibana/pull/176690)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Julia
Rechkunova","email":"julia.rechkunova@elastic.co"},"sourceCommit":{"committedDate":"2024-02-14T16:44:40Z","message":"[Discover][Alerts]
Fix Discover results when alert excludes matches from previous runs
(#176690)\n\n- Closes
https://github.com/elastic/kibana/issues/148282\r\n\r\n##
Summary\r\n\r\nIn case if user creates a rule and enables \"Exclude
matches from\r\nprevious runs\", Discover link will now include a time
filter to filter\r\nprevious results out.\r\n\r\n<img width=\"500\"
alt=\"Screenshot 2024-02-12 at 14 02
18\"\r\nsrc=\"89ae9bb1-5fe7-4366-a3db-6ed3b8ae7545\">\r\n\r\nFor
testing:\r\n- Open Discover with an index which has documents before and
after\r\ncurrent time (e.g. a freshly installed Kibana Sample Data
Logs)\r\n- Create a new rule \r\n - Enable/disable \"Exclude matches
from previous runs\" switch\r\n - Define an index connector with a
link\r\n```\r\n {\r\n \"rule_id\": \"\",\r\n \"rule_name\": \"\",\r\n
\"alert_id\": \"\",\r\n \"context_message\": \"\",\r\n \"link\":
\"\"\r\n}\r\n```\r\n- Now navigate to Discover, create a data view for
the connector index\r\n- Copy locator links from the appearing alerts
and open Discover with\r\nthem in another tab\r\n\r\n<img width=\"300\"
alt=\"Screenshot 2024-02-12 at 15 19
24\"\r\nsrc=\"0e5c3718-b16a-4360-a213-490479f85088\">\r\n\r\n\r\nIf
\"Exclude matches from previous runs\" was enabled, then an
additional\r\nfilter will show up on Discover page for the locator
link.\r\n\r\nCheck that Discover total count is the same as the one
mentioned in\r\n`context_message`
field.","sha":"7e3a9f8fbe7c5513e4a4b74939593779d9ba4b24","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Feature:Alerting","Team:DataDiscovery","backport:prev-minor","v8.13.0"],"title":"[Discover][Alerts]
Fix Discover results when alert excludes matches from previous
runs","number":176690,"url":"https://github.com/elastic/kibana/pull/176690","mergeCommit":{"message":"[Discover][Alerts]
Fix Discover results when alert excludes matches from previous runs
(#176690)\n\n- Closes
https://github.com/elastic/kibana/issues/148282\r\n\r\n##
Summary\r\n\r\nIn case if user creates a rule and enables \"Exclude
matches from\r\nprevious runs\", Discover link will now include a time
filter to filter\r\nprevious results out.\r\n\r\n<img width=\"500\"
alt=\"Screenshot 2024-02-12 at 14 02
18\"\r\nsrc=\"89ae9bb1-5fe7-4366-a3db-6ed3b8ae7545\">\r\n\r\nFor
testing:\r\n- Open Discover with an index which has documents before and
after\r\ncurrent time (e.g. a freshly installed Kibana Sample Data
Logs)\r\n- Create a new rule \r\n - Enable/disable \"Exclude matches
from previous runs\" switch\r\n - Define an index connector with a
link\r\n```\r\n {\r\n \"rule_id\": \"\",\r\n \"rule_name\": \"\",\r\n
\"alert_id\": \"\",\r\n \"context_message\": \"\",\r\n \"link\":
\"\"\r\n}\r\n```\r\n- Now navigate to Discover, create a data view for
the connector index\r\n- Copy locator links from the appearing alerts
and open Discover with\r\nthem in another tab\r\n\r\n<img width=\"300\"
alt=\"Screenshot 2024-02-12 at 15 19
24\"\r\nsrc=\"0e5c3718-b16a-4360-a213-490479f85088\">\r\n\r\n\r\nIf
\"Exclude matches from previous runs\" was enabled, then an
additional\r\nfilter will show up on Discover page for the locator
link.\r\n\r\nCheck that Discover total count is the same as the one
mentioned in\r\n`context_message`
field.","sha":"7e3a9f8fbe7c5513e4a4b74939593779d9ba4b24"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176690","number":176690,"mergeCommit":{"message":"[Discover][Alerts]
Fix Discover results when alert excludes matches from previous runs
(#176690)\n\n- Closes
https://github.com/elastic/kibana/issues/148282\r\n\r\n##
Summary\r\n\r\nIn case if user creates a rule and enables \"Exclude
matches from\r\nprevious runs\", Discover link will now include a time
filter to filter\r\nprevious results out.\r\n\r\n<img width=\"500\"
alt=\"Screenshot 2024-02-12 at 14 02
18\"\r\nsrc=\"89ae9bb1-5fe7-4366-a3db-6ed3b8ae7545\">\r\n\r\nFor
testing:\r\n- Open Discover with an index which has documents before and
after\r\ncurrent time (e.g. a freshly installed Kibana Sample Data
Logs)\r\n- Create a new rule \r\n - Enable/disable \"Exclude matches
from previous runs\" switch\r\n - Define an index connector with a
link\r\n```\r\n {\r\n \"rule_id\": \"\",\r\n \"rule_name\": \"\",\r\n
\"alert_id\": \"\",\r\n \"context_message\": \"\",\r\n \"link\":
\"\"\r\n}\r\n```\r\n- Now navigate to Discover, create a data view for
the connector index\r\n- Copy locator links from the appearing alerts
and open Discover with\r\nthem in another tab\r\n\r\n<img width=\"300\"
alt=\"Screenshot 2024-02-12 at 15 19
24\"\r\nsrc=\"0e5c3718-b16a-4360-a213-490479f85088\">\r\n\r\n\r\nIf
\"Exclude matches from previous runs\" was enabled, then an
additional\r\nfilter will show up on Discover page for the locator
link.\r\n\r\nCheck that Discover total count is the same as the one
mentioned in\r\n`context_message`
field.","sha":"7e3a9f8fbe7c5513e4a4b74939593779d9ba4b24"}}]}]
BACKPORT-->

Co-authored-by: Julia Rechkunova <julia.rechkunova@elastic.co>
 2024-02-14 11:07:49 -07:00
Kibana Machine
4884e48e60
[8.12] [Security Solution] Fix broken Rule Filters components when content is extremely long and when alias is present (#176590) (#176928) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Security Solution] Fix broken Rule Filters components when content
is extremely long and when alias is present
(#176590)](https://github.com/elastic/kibana/pull/176590)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Juan Pablo
Djeredjian","email":"jpdjeredjian@gmail.com"},"sourceCommit":{"committedDate":"2024-02-14T15:13:07Z","message":"[Security
Solution] Fix broken Rule Filters components when content is extremely
long and when alias is present (#176590)\n\nFixes:
https://github.com/elastic/kibana/issues/145076\r\nFixes:
https://github.com/elastic/kibana/issues/162543\r\n\r\n##
Summary\r\n\r\nThis PR solves two separate issues in the Filters
component, used in the\r\nRule Details page.\r\n\r\n1. **when rule
filter is extremely long, the component would break the\r\nlayout of the
whole page**: fixed by adding a styled wrapper component\r\nto our
About, Definition and Schedule section, [that allows wrapping
of\r\nextremely long
text\r\n`anywhere`](https://developer.mozilla.org/en-US/docs/Web/CSS/overflow-wrap).\r\nThis
was precisely the issue that was breaking our layout when the\r\nfilters
were extremely long, with the aggravating factor that the\r\nfilters
were async loaded, and populated the component after the css
was\r\nloaded.\r\n2. **when a rule filter had a name (alias) that should
have been\r\ndisplayed as a label instead of the actual filter**. This
was like this\r\nbefore 8.8, but was apparently lost during some
refactoring. This PR\r\nreintroduces that logic.\r\n\r\n##
Screenshots\r\n\r\n### Broken page with long filters\r\n\r\n####
Before\r\n\r\n![image](928f642d-fce2-4bd7-b0ee-2f318109777a)\r\n\r\n####
After\r\n\r\n\r\n![image](a2ef0f17-2cab-49d9-99bd-0a9d3a712a2d)\r\n\r\n\r\n####
Alias not showing as name\r\n\r\n###
Before\r\n\r\n![image](d68c7569-2f86-4f58-8b45-d67ee53e6821)\r\n###
After\r\n\r\n\r\n![image](f4f24427-8e82-4abe-9fa2-dbc8690dbb51)\r\n\r\n\r\n##
Browser compatibility\r\n\r\n- Above screenshots are **Chrome**\r\n-
**Firefox**\r\n\r\n![image](e2ab0221-bfde-4544-afb2-6f5e1a4db0ff)\r\n\r\n-
**Safari**\r\n\r\n![image](962dd314-1ba9-4aa2-81c1-955c1c1f9036)\r\n\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [x] Any UI touched in this PR does not create any new axe
failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[x] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[x] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n###
For maintainers\r\n\r\n- [ ] This was checked for breaking API changes
and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
Georgii Gorbachev
<georgii.gorbachev@elastic.co>","sha":"532ac0604651dc7be83361653ddfb8d4682780c2","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Detections
and Resp","Team: SecuritySolution","Team:Detection Rule
Management","Feature:Rule Details","8.13
candidate","v8.13.0","v8.12.2"],"title":"[Security Solution] Fix broken
Rule Filters components when content is extremely long and when alias is
present","number":176590,"url":"https://github.com/elastic/kibana/pull/176590","mergeCommit":{"message":"[Security
Solution] Fix broken Rule Filters components when content is extremely
long and when alias is present (#176590)\n\nFixes:
https://github.com/elastic/kibana/issues/145076\r\nFixes:
https://github.com/elastic/kibana/issues/162543\r\n\r\n##
Summary\r\n\r\nThis PR solves two separate issues in the Filters
component, used in the\r\nRule Details page.\r\n\r\n1. **when rule
filter is extremely long, the component would break the\r\nlayout of the
whole page**: fixed by adding a styled wrapper component\r\nto our
About, Definition and Schedule section, [that allows wrapping
of\r\nextremely long
text\r\n`anywhere`](https://developer.mozilla.org/en-US/docs/Web/CSS/overflow-wrap).\r\nThis
was precisely the issue that was breaking our layout when the\r\nfilters
were extremely long, with the aggravating factor that the\r\nfilters
were async loaded, and populated the component after the css
was\r\nloaded.\r\n2. **when a rule filter had a name (alias) that should
have been\r\ndisplayed as a label instead of the actual filter**. This
was like this\r\nbefore 8.8, but was apparently lost during some
refactoring. This PR\r\nreintroduces that logic.\r\n\r\n##
Screenshots\r\n\r\n### Broken page with long filters\r\n\r\n####
Before\r\n\r\n![image](928f642d-fce2-4bd7-b0ee-2f318109777a)\r\n\r\n####
After\r\n\r\n\r\n![image](a2ef0f17-2cab-49d9-99bd-0a9d3a712a2d)\r\n\r\n\r\n####
Alias not showing as name\r\n\r\n###
Before\r\n\r\n![image](d68c7569-2f86-4f58-8b45-d67ee53e6821)\r\n###
After\r\n\r\n\r\n![image](f4f24427-8e82-4abe-9fa2-dbc8690dbb51)\r\n\r\n\r\n##
Browser compatibility\r\n\r\n- Above screenshots are **Chrome**\r\n-
**Firefox**\r\n\r\n![image](e2ab0221-bfde-4544-afb2-6f5e1a4db0ff)\r\n\r\n-
**Safari**\r\n\r\n![image](962dd314-1ba9-4aa2-81c1-955c1c1f9036)\r\n\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [x] Any UI touched in this PR does not create any new axe
failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[x] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[x] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n###
For maintainers\r\n\r\n- [ ] This was checked for breaking API changes
and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
Georgii Gorbachev
<georgii.gorbachev@elastic.co>","sha":"532ac0604651dc7be83361653ddfb8d4682780c2"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176590","number":176590,"mergeCommit":{"message":"[Security
Solution] Fix broken Rule Filters components when content is extremely
long and when alias is present (#176590)\n\nFixes:
https://github.com/elastic/kibana/issues/145076\r\nFixes:
https://github.com/elastic/kibana/issues/162543\r\n\r\n##
Summary\r\n\r\nThis PR solves two separate issues in the Filters
component, used in the\r\nRule Details page.\r\n\r\n1. **when rule
filter is extremely long, the component would break the\r\nlayout of the
whole page**: fixed by adding a styled wrapper component\r\nto our
About, Definition and Schedule section, [that allows wrapping
of\r\nextremely long
text\r\n`anywhere`](https://developer.mozilla.org/en-US/docs/Web/CSS/overflow-wrap).\r\nThis
was precisely the issue that was breaking our layout when the\r\nfilters
were extremely long, with the aggravating factor that the\r\nfilters
were async loaded, and populated the component after the css
was\r\nloaded.\r\n2. **when a rule filter had a name (alias) that should
have been\r\ndisplayed as a label instead of the actual filter**. This
was like this\r\nbefore 8.8, but was apparently lost during some
refactoring. This PR\r\nreintroduces that logic.\r\n\r\n##
Screenshots\r\n\r\n### Broken page with long filters\r\n\r\n####
Before\r\n\r\n![image](928f642d-fce2-4bd7-b0ee-2f318109777a)\r\n\r\n####
After\r\n\r\n\r\n![image](a2ef0f17-2cab-49d9-99bd-0a9d3a712a2d)\r\n\r\n\r\n####
Alias not showing as name\r\n\r\n###
Before\r\n\r\n![image](d68c7569-2f86-4f58-8b45-d67ee53e6821)\r\n###
After\r\n\r\n\r\n![image](f4f24427-8e82-4abe-9fa2-dbc8690dbb51)\r\n\r\n\r\n##
Browser compatibility\r\n\r\n- Above screenshots are **Chrome**\r\n-
**Firefox**\r\n\r\n![image](e2ab0221-bfde-4544-afb2-6f5e1a4db0ff)\r\n\r\n-
**Safari**\r\n\r\n![image](962dd314-1ba9-4aa2-81c1-955c1c1f9036)\r\n\r\n\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [x] Any UI touched in this PR does not create any new axe
failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[x] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[x] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n###
For maintainers\r\n\r\n- [ ] This was checked for breaking API changes
and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
Georgii Gorbachev
<georgii.gorbachev@elastic.co>","sha":"532ac0604651dc7be83361653ddfb8d4682780c2"}},{"branch":"8.12","label":"v8.12.2","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Juan Pablo Djeredjian <jpdjeredjian@gmail.com>
 2024-02-14 09:31:12 -07:00
Maxim Palenov
78cb16c595
[8.12] [Security Solution] Fix importing rules referencing preconfigured connectors (#176284) (#176887) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Security Solution] Fix importing rules referencing preconfigured
connectors (#176284)](https://github.com/elastic/kibana/pull/176284)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Maxim
Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2024-02-13T15:30:25Z","message":"[Security
Solution] Fix importing rules referencing preconfigured connectors
(#176284)\n\n**Fixes:**
https://github.com/elastic/kibana/issues/157253\r\n\r\n##
Summary\r\n\r\nThis PR fixes rules import with
`overwrite_action_connectors` set to true when ndjson contains rules
with actions referencing preconfigured action connectors.\r\n\r\n##
Details\r\n\r\nA user can preconfigure action connectors as described
[here](https://www.elastic.co/guide/en/kibana/current/pre-configured-connectors.html).
At the same time Elastic Could instances have Elastic-cloud-SMTP
connector preconfigured. In particular import doesn't work as expected
in Elastic Cloud for rules having actions referencing the preconfigured
Elastic-cloud-SMTP connector.\r\n\r\nThis is fixed by filtering out
preconfigured connector ids so importing logic only handles custom
action connectors.\r\n\r\nOn top of this functional tests have been
added to make sure the problem won't come back.\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios\r\n- [x]
[Ran](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5139)
in Flaky test runner for ESS and Serverless and no flakiness has been
revealed","sha":"934a06ccf7c599685e04469ff0801e461ee9c2d5","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","impact:medium","Team:Detections
and Resp","Team: SecuritySolution","Feature:Rule
Actions","Team:Detection Rule Management","Feature:Rule
Import/Export","v8.13.0","v8.12.2"],"number":176284,"url":"https://github.com/elastic/kibana/pull/176284","mergeCommit":{"message":"[Security
Solution] Fix importing rules referencing preconfigured connectors
(#176284)\n\n**Fixes:**
https://github.com/elastic/kibana/issues/157253\r\n\r\n##
Summary\r\n\r\nThis PR fixes rules import with
`overwrite_action_connectors` set to true when ndjson contains rules
with actions referencing preconfigured action connectors.\r\n\r\n##
Details\r\n\r\nA user can preconfigure action connectors as described
[here](https://www.elastic.co/guide/en/kibana/current/pre-configured-connectors.html).
At the same time Elastic Could instances have Elastic-cloud-SMTP
connector preconfigured. In particular import doesn't work as expected
in Elastic Cloud for rules having actions referencing the preconfigured
Elastic-cloud-SMTP connector.\r\n\r\nThis is fixed by filtering out
preconfigured connector ids so importing logic only handles custom
action connectors.\r\n\r\nOn top of this functional tests have been
added to make sure the problem won't come back.\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios\r\n- [x]
[Ran](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5139)
in Flaky test runner for ESS and Serverless and no flakiness has been
revealed","sha":"934a06ccf7c599685e04469ff0801e461ee9c2d5"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","labelRegex":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176284","number":176284,"mergeCommit":{"message":"[Security
Solution] Fix importing rules referencing preconfigured connectors
(#176284)\n\n**Fixes:**
https://github.com/elastic/kibana/issues/157253\r\n\r\n##
Summary\r\n\r\nThis PR fixes rules import with
`overwrite_action_connectors` set to true when ndjson contains rules
with actions referencing preconfigured action connectors.\r\n\r\n##
Details\r\n\r\nA user can preconfigure action connectors as described
[here](https://www.elastic.co/guide/en/kibana/current/pre-configured-connectors.html).
At the same time Elastic Could instances have Elastic-cloud-SMTP
connector preconfigured. In particular import doesn't work as expected
in Elastic Cloud for rules having actions referencing the preconfigured
Elastic-cloud-SMTP connector.\r\n\r\nThis is fixed by filtering out
preconfigured connector ids so importing logic only handles custom
action connectors.\r\n\r\nOn top of this functional tests have been
added to make sure the problem won't come back.\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios\r\n- [x]
[Ran](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5139)
in Flaky test runner for ESS and Serverless and no flakiness has been
revealed","sha":"934a06ccf7c599685e04469ff0801e461ee9c2d5"}},{"branch":"8.12","label":"v8.12.2","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
 2024-02-14 13:54:51 +01:00
Maxim Palenov
fd2f4ee908
[8.12] [Security Solution] Fix losing data upon prebuilt rule upgrade to a new version in which the rule's type is different (#176421) (#176811) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Security Solution] Fix losing data upon prebuilt rule upgrade to a
new version in which the rule's type is different
(#176421)](https://github.com/elastic/kibana/pull/176421)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Maxim
Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2024-02-12T13:09:23Z","message":"[Security
Solution] Fix losing data upon prebuilt rule upgrade to a new version in
which the rule's type is different (#176421)\n\n**Fixes:**
https://github.com/elastic/kibana/issues/169480\r\n\r\n##
Summary\r\n\r\nThis PR fixes losing the following rule data upon
prebuilt rule upgrade to a new version in which the rule's type is
different\r\n\r\n- Saved Object id\r\n- exceptions list (default and
shared)\r\n- Timeline id\r\n- Timeline title\r\n\r\n##
Details\r\n\r\nThe problem occurs when user upgrades a prebuilt rule to
a newer version which has a different rule type.\r\n\r\nChecking the
code it's not so hard to find
[`upgradeRule()`](https://github.com/elastic/kibana/blob/main/x-pack/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/rule_objects/upgrade_prebuilt_rules.ts#L49)
function which performs prebuilt rule upgrade. It has the following
comment\r\n\r\n> If we're trying to change the type of a prepackaged
rule, we need to delete the old one and replace it with the new rule,
keeping the enabled setting, actions, throttle, id, and exception lists
from the old rule.\r\n\r\nLooking below in the code it's clear that only
enabled state and actions get restored upon rule upgrade. Missing to
restore `exceptions lists` leads to disappearing exceptions upon rule
upgrade.\r\n\r\nOn top of this `execution results` and `execution
events` also get lost due to missing to restore saved object `id`.
Execution log isn't gone anywhere but can't be bound to a new id. Direct
links to rule details page won't work neither after upgrade.\r\n\r\nThis
PR fixes the problem by restoring rule bound data after
upgrade.\r\n\r\nFTR tests were restructured to accommodate extra tests
to cover this bug fix. \r\n\r\n### Checklist\r\n\r\n- [x] [Unit or
functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common
scenarios","sha":"ffdcc34d0d4f05aad8ad979775e8b0f503af313d","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","impact:high","Team:Detections
and Resp","Team: SecuritySolution","Team:Detection Rule
Management","Feature:Prebuilt Detection
Rules","v8.13.0","v8.12.2"],"number":176421,"url":"https://github.com/elastic/kibana/pull/176421","mergeCommit":{"message":"[Security
Solution] Fix losing data upon prebuilt rule upgrade to a new version in
which the rule's type is different (#176421)\n\n**Fixes:**
https://github.com/elastic/kibana/issues/169480\r\n\r\n##
Summary\r\n\r\nThis PR fixes losing the following rule data upon
prebuilt rule upgrade to a new version in which the rule's type is
different\r\n\r\n- Saved Object id\r\n- exceptions list (default and
shared)\r\n- Timeline id\r\n- Timeline title\r\n\r\n##
Details\r\n\r\nThe problem occurs when user upgrades a prebuilt rule to
a newer version which has a different rule type.\r\n\r\nChecking the
code it's not so hard to find
[`upgradeRule()`](https://github.com/elastic/kibana/blob/main/x-pack/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/rule_objects/upgrade_prebuilt_rules.ts#L49)
function which performs prebuilt rule upgrade. It has the following
comment\r\n\r\n> If we're trying to change the type of a prepackaged
rule, we need to delete the old one and replace it with the new rule,
keeping the enabled setting, actions, throttle, id, and exception lists
from the old rule.\r\n\r\nLooking below in the code it's clear that only
enabled state and actions get restored upon rule upgrade. Missing to
restore `exceptions lists` leads to disappearing exceptions upon rule
upgrade.\r\n\r\nOn top of this `execution results` and `execution
events` also get lost due to missing to restore saved object `id`.
Execution log isn't gone anywhere but can't be bound to a new id. Direct
links to rule details page won't work neither after upgrade.\r\n\r\nThis
PR fixes the problem by restoring rule bound data after
upgrade.\r\n\r\nFTR tests were restructured to accommodate extra tests
to cover this bug fix. \r\n\r\n### Checklist\r\n\r\n- [x] [Unit or
functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common
scenarios","sha":"ffdcc34d0d4f05aad8ad979775e8b0f503af313d"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","labelRegex":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176421","number":176421,"mergeCommit":{"message":"[Security
Solution] Fix losing data upon prebuilt rule upgrade to a new version in
which the rule's type is different (#176421)\n\n**Fixes:**
https://github.com/elastic/kibana/issues/169480\r\n\r\n##
Summary\r\n\r\nThis PR fixes losing the following rule data upon
prebuilt rule upgrade to a new version in which the rule's type is
different\r\n\r\n- Saved Object id\r\n- exceptions list (default and
shared)\r\n- Timeline id\r\n- Timeline title\r\n\r\n##
Details\r\n\r\nThe problem occurs when user upgrades a prebuilt rule to
a newer version which has a different rule type.\r\n\r\nChecking the
code it's not so hard to find
[`upgradeRule()`](https://github.com/elastic/kibana/blob/main/x-pack/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/logic/rule_objects/upgrade_prebuilt_rules.ts#L49)
function which performs prebuilt rule upgrade. It has the following
comment\r\n\r\n> If we're trying to change the type of a prepackaged
rule, we need to delete the old one and replace it with the new rule,
keeping the enabled setting, actions, throttle, id, and exception lists
from the old rule.\r\n\r\nLooking below in the code it's clear that only
enabled state and actions get restored upon rule upgrade. Missing to
restore `exceptions lists` leads to disappearing exceptions upon rule
upgrade.\r\n\r\nOn top of this `execution results` and `execution
events` also get lost due to missing to restore saved object `id`.
Execution log isn't gone anywhere but can't be bound to a new id. Direct
links to rule details page won't work neither after upgrade.\r\n\r\nThis
PR fixes the problem by restoring rule bound data after
upgrade.\r\n\r\nFTR tests were restructured to accommodate extra tests
to cover this bug fix. \r\n\r\n### Checklist\r\n\r\n- [x] [Unit or
functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common
scenarios","sha":"ffdcc34d0d4f05aad8ad979775e8b0f503af313d"}},{"branch":"8.12","label":"v8.12.2","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
 2024-02-13 14:23:32 +01:00
Kibana Machine
111062883f
[8.12] [Fleet] Fix wrong policy_id in dev tools flyout request (#176729) (#176800) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Fleet] Fix wrong policy_id in dev tools flyout request
(#176729)](https://github.com/elastic/kibana/pull/176729)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Cristina
Amico","email":"criamico@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-13T10:02:20Z","message":"[Fleet]
Fix wrong policy_id in dev tools flyout request (#176729)\n\nFixes
https://github.com/elastic/kibana/issues/172798\r\n\r\n##
Summary\r\nSmall bug fix: when adding a new integration, the `policy_id`
in dev\r\ntools flyout request was not correct\r\n\r\nSteps to
reproduce:\r\n\r\n- Add one agent policy to the stack\r\n- Go to any
integration and navigate to `add integration` page\r\n- Switch to
`Existing hosts` and select an existing policy. \r\n- Open `Preview API
request`. The policy id in the preview should be the\r\none from the
selected policy\r\n- Switch back to `New hosts`\r\n- Open `Preview API
request`. The policy id should be\r\n`<agent_policy_id>` again (not the
one from the previously selected\r\npolicy)\r\n\r\n![Screenshot
2024-02-12 at 17
56\r\n45](6f2e5085-7418-4fef-ac4e-79b57d551722)","sha":"466a05ae843f3aeefaa035121dbb9e642bd0eed6","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","backport:prev-minor","v8.13.0"],"title":"[Fleet]
Fix wrong policy_id in dev tools flyout
request","number":176729,"url":"https://github.com/elastic/kibana/pull/176729","mergeCommit":{"message":"[Fleet]
Fix wrong policy_id in dev tools flyout request (#176729)\n\nFixes
https://github.com/elastic/kibana/issues/172798\r\n\r\n##
Summary\r\nSmall bug fix: when adding a new integration, the `policy_id`
in dev\r\ntools flyout request was not correct\r\n\r\nSteps to
reproduce:\r\n\r\n- Add one agent policy to the stack\r\n- Go to any
integration and navigate to `add integration` page\r\n- Switch to
`Existing hosts` and select an existing policy. \r\n- Open `Preview API
request`. The policy id in the preview should be the\r\none from the
selected policy\r\n- Switch back to `New hosts`\r\n- Open `Preview API
request`. The policy id should be\r\n`<agent_policy_id>` again (not the
one from the previously selected\r\npolicy)\r\n\r\n![Screenshot
2024-02-12 at 17
56\r\n45](6f2e5085-7418-4fef-ac4e-79b57d551722)","sha":"466a05ae843f3aeefaa035121dbb9e642bd0eed6"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176729","number":176729,"mergeCommit":{"message":"[Fleet]
Fix wrong policy_id in dev tools flyout request (#176729)\n\nFixes
https://github.com/elastic/kibana/issues/172798\r\n\r\n##
Summary\r\nSmall bug fix: when adding a new integration, the `policy_id`
in dev\r\ntools flyout request was not correct\r\n\r\nSteps to
reproduce:\r\n\r\n- Add one agent policy to the stack\r\n- Go to any
integration and navigate to `add integration` page\r\n- Switch to
`Existing hosts` and select an existing policy. \r\n- Open `Preview API
request`. The policy id in the preview should be the\r\none from the
selected policy\r\n- Switch back to `New hosts`\r\n- Open `Preview API
request`. The policy id should be\r\n`<agent_policy_id>` again (not the
one from the previously selected\r\npolicy)\r\n\r\n![Screenshot
2024-02-12 at 17
56\r\n45](6f2e5085-7418-4fef-ac4e-79b57d551722)","sha":"466a05ae843f3aeefaa035121dbb9e642bd0eed6"}}]}]
BACKPORT-->

Co-authored-by: Cristina Amico <criamico@users.noreply.github.com>
 2024-02-13 04:30:51 -07:00
Tomasz Ciecierski
81529e2870
[EDR Workflows] Add technical preview badge to S1 flyout (#176581) 2024-02-13 01:41:44 -07:00
Kibana Machine
bea3819ebe
[8.12] Fix PIT issue (#176699) (#176747) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [Fix PIT issue
(#176699)](https://github.com/elastic/kibana/pull/176699)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Sebastián
Zaffarano","email":"sebastian.zaffarano@elastic.co"},"sourceCommit":{"committedDate":"2024-02-12T19:09:40Z","message":"Fix
PIT issue
(#176699)","sha":"e17f2f1b766fc727b9d972a7808b01a10a478782","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Feature:Telemetry","release_note:skip","Team:
SecuritySolution","backport:prev-minor","v8.13.0","v8.12.2"],"title":"Fix
PIT
issue","number":176699,"url":"https://github.com/elastic/kibana/pull/176699","mergeCommit":{"message":"Fix
PIT issue
(#176699)","sha":"e17f2f1b766fc727b9d972a7808b01a10a478782"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176699","number":176699,"mergeCommit":{"message":"Fix
PIT issue
(#176699)","sha":"e17f2f1b766fc727b9d972a7808b01a10a478782"}},{"branch":"8.12","label":"v8.12.2","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Sebastián Zaffarano <sebastian.zaffarano@elastic.co>
 2024-02-12 13:37:01 -07:00
Kibana Machine
867e4b54b5
[8.12] [Fleet] Add documentation about transforms/authorize endpoint in openapi (#176610) (#176688) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Fleet] Add documentation about transforms/authorize endpoint in
openapi (#176610)](https://github.com/elastic/kibana/pull/176610)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Cristina
Amico","email":"criamico@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-12T11:56:06Z","message":"[Fleet]
Add documentation about transforms/authorize endpoint in openapi
(#176610)\n\n## Summary\r\n\r\nPR to address missing openapi docs about
thie following endpoint - it\r\nwas added a while ago but we forgot to
update the
docs.\r\n\r\n```\r\napi/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize\r\n{\r\n
\"transforms\": [\r\n {\r\n \"transformId\": <transform_id>\r\n }\r\n
]\r\n}\r\n```\r\n\r\n\r\n### Checklist\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or
tutorials\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"87de70fd581fa5a0916d43854a2366eb85e3460a","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","backport:prev-minor","v8.13.0"],"title":"[Fleet]
Add documentation about transforms/authorize endpoint in
openapi","number":176610,"url":"https://github.com/elastic/kibana/pull/176610","mergeCommit":{"message":"[Fleet]
Add documentation about transforms/authorize endpoint in openapi
(#176610)\n\n## Summary\r\n\r\nPR to address missing openapi docs about
thie following endpoint - it\r\nwas added a while ago but we forgot to
update the
docs.\r\n\r\n```\r\napi/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize\r\n{\r\n
\"transforms\": [\r\n {\r\n \"transformId\": <transform_id>\r\n }\r\n
]\r\n}\r\n```\r\n\r\n\r\n### Checklist\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or
tutorials\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"87de70fd581fa5a0916d43854a2366eb85e3460a"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176610","number":176610,"mergeCommit":{"message":"[Fleet]
Add documentation about transforms/authorize endpoint in openapi
(#176610)\n\n## Summary\r\n\r\nPR to address missing openapi docs about
thie following endpoint - it\r\nwas added a while ago but we forgot to
update the
docs.\r\n\r\n```\r\napi/fleet/epm/packages/{pkgName}/{pkgVersion}/transforms/authorize\r\n{\r\n
\"transforms\": [\r\n {\r\n \"transformId\": <transform_id>\r\n }\r\n
]\r\n}\r\n```\r\n\r\n\r\n### Checklist\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or
tutorials\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"87de70fd581fa5a0916d43854a2366eb85e3460a"}}]}]
BACKPORT-->

Co-authored-by: Cristina Amico <criamico@users.noreply.github.com>
 2024-02-12 06:20:53 -07:00
Kibana Machine
bf9b01ddc4
[8.12] [EDR Workflows] [Osquery] Change query ID regex pattern (#176507) (#176677) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[EDR Workflows] [Osquery] Change query ID regex pattern
(#176507)](https://github.com/elastic/kibana/pull/176507)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Tomasz
Ciecierski","email":"tomasz.ciecierski@elastic.co"},"sourceCommit":{"committedDate":"2024-02-12T10:56:35Z","message":"[EDR
Workflows] [Osquery] Change query ID regex pattern
(#176507)","sha":"45f554d734f3ee973c3b20a9bbdf24b7bf602f6a","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Defend
Workflows","Feature:Osquery","v8.13.0","v8.12.2"],"title":"[EDR
Workflows] [Osquery] Change query ID regex
pattern","number":176507,"url":"https://github.com/elastic/kibana/pull/176507","mergeCommit":{"message":"[EDR
Workflows] [Osquery] Change query ID regex pattern
(#176507)","sha":"45f554d734f3ee973c3b20a9bbdf24b7bf602f6a"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176507","number":176507,"mergeCommit":{"message":"[EDR
Workflows] [Osquery] Change query ID regex pattern
(#176507)","sha":"45f554d734f3ee973c3b20a9bbdf24b7bf602f6a"}},{"branch":"8.12","label":"v8.12.2","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Tomasz Ciecierski <tomasz.ciecierski@elastic.co>
 2024-02-12 05:24:28 -07:00
Ash
3bc819083b
[8.12] [SentinelOne] Fix Agent status on Timeline Alert details (#176210) (#176663) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[SentinelOne] Fix Agent status on Timeline Alert details
(#176210)](https://github.com/elastic/kibana/pull/176210)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Patryk
Kopyciński","email":"contact@patrykkopycinski.com"},"sourceCommit":{"committedDate":"2024-02-10T12:28:32Z","message":"[SentinelOne]
Fix Agent status on Timeline Alert details (#176210)\n\n## Summary\r\n
\r\nFixes https://github.com/elastic/kibana/issues/174235 \r\n\r\n<img
width=\"1906\" alt=\"Zrzut ekranu 2024-02-5 o 11 54
15\"\r\nsrc=\"5f40dc64-c0fc-4fbf-b4b9-d8ee6e75c890\">\r\n\r\n<img
width=\"1910\" alt=\"Zrzut ekranu 2024-02-5 o 11 53
53\"\r\nsrc=\"425efd0b-242e-4bb7-b034-13b34c1dde44\">\r\n\r\nCo-authored-by:
Ash
<1849116+ashokaditya@users.noreply.github.com>","sha":"361398cd9d8af89210dfb8c70dd0631e22ec5beb","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","OLM
Sprint","v8.13.0","v8.12.2"],"number":176210,"url":"https://github.com/elastic/kibana/pull/176210","mergeCommit":{"message":"[SentinelOne]
Fix Agent status on Timeline Alert details (#176210)\n\n## Summary\r\n
\r\nFixes https://github.com/elastic/kibana/issues/174235 \r\n\r\n<img
width=\"1906\" alt=\"Zrzut ekranu 2024-02-5 o 11 54
15\"\r\nsrc=\"5f40dc64-c0fc-4fbf-b4b9-d8ee6e75c890\">\r\n\r\n<img
width=\"1910\" alt=\"Zrzut ekranu 2024-02-5 o 11 53
53\"\r\nsrc=\"425efd0b-242e-4bb7-b034-13b34c1dde44\">\r\n\r\nCo-authored-by:
Ash
<1849116+ashokaditya@users.noreply.github.com>","sha":"361398cd9d8af89210dfb8c70dd0631e22ec5beb"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","labelRegex":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176210","number":176210,"mergeCommit":{"message":"[SentinelOne]
Fix Agent status on Timeline Alert details (#176210)\n\n## Summary\r\n
\r\nFixes https://github.com/elastic/kibana/issues/174235 \r\n\r\n<img
width=\"1906\" alt=\"Zrzut ekranu 2024-02-5 o 11 54
15\"\r\nsrc=\"5f40dc64-c0fc-4fbf-b4b9-d8ee6e75c890\">\r\n\r\n<img
width=\"1910\" alt=\"Zrzut ekranu 2024-02-5 o 11 53
53\"\r\nsrc=\"425efd0b-242e-4bb7-b034-13b34c1dde44\">\r\n\r\nCo-authored-by:
Ash
<1849116+ashokaditya@users.noreply.github.com>","sha":"361398cd9d8af89210dfb8c70dd0631e22ec5beb"}},{"branch":"8.12","label":"v8.12.2","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Patryk Kopyciński <contact@patrykkopycinski.com>
 2024-02-12 11:49:44 +01:00
Kibana Machine
916aaf6c31
[8.12] [Security Solution] Disable installation button for users with Security:Read privileges (#176598) (#176616) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Security Solution] Disable installation button for users with
Security:Read privileges
(#176598)](https://github.com/elastic/kibana/pull/176598)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Juan Pablo
Djeredjian","email":"jpdjeredjian@gmail.com"},"sourceCommit":{"committedDate":"2024-02-09T16:47:13Z","message":"[Security
Solution] Disable installation button for users with Security:Read
privileges (#176598)\n\nFixes:
https://github.com/elastic/kibana/issues/161543\r\n\r\n##
Summary\r\n\r\nOriginal bug issue reported an infinite loading state in
the **Add\r\nElastic rules** page when user doesn't have write
privileges, i.e. has\r\n`Security: Read`.\r\n\r\nHowever, that seems to
have been fixed already, as the list of rules to\r\ninstall is shown,
but no individual \"Install button\" for each row is\r\nshowed. **This
is expected
behaviour**.\r\n\r\n\r\n![image](f57adc2b-9073-4019-a15e-8c05e48f1b9d)\r\n\r\nHowever,
when displaying the Rule Details flyout, the button for\r\nInstallation
in the flyout is still enabled due to missing checks. This\r\nPR fixes
that and now displays a disabled button for users with
no\r\nprivileges.\r\n\r\n\r\n![image](70a6b209-59bb-4199-99f9-f2222fb78d68)\r\n\r\n###
For maintainers\r\n\r\n- [ ] This was checked for breaking API changes
and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"c3c1b667c1de1aa36955528098ce0be15e7272b1","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Detections
and Resp","Team: SecuritySolution","Team:Detection Rule
Management","Feature:Prebuilt Detection Rules","v8.12.0","8.13
candidate","v8.13.0"],"title":"[Security Solution] Disable installation
button for users with Security:Read
privileges","number":176598,"url":"https://github.com/elastic/kibana/pull/176598","mergeCommit":{"message":"[Security
Solution] Disable installation button for users with Security:Read
privileges (#176598)\n\nFixes:
https://github.com/elastic/kibana/issues/161543\r\n\r\n##
Summary\r\n\r\nOriginal bug issue reported an infinite loading state in
the **Add\r\nElastic rules** page when user doesn't have write
privileges, i.e. has\r\n`Security: Read`.\r\n\r\nHowever, that seems to
have been fixed already, as the list of rules to\r\ninstall is shown,
but no individual \"Install button\" for each row is\r\nshowed. **This
is expected
behaviour**.\r\n\r\n\r\n![image](f57adc2b-9073-4019-a15e-8c05e48f1b9d)\r\n\r\nHowever,
when displaying the Rule Details flyout, the button for\r\nInstallation
in the flyout is still enabled due to missing checks. This\r\nPR fixes
that and now displays a disabled button for users with
no\r\nprivileges.\r\n\r\n\r\n![image](70a6b209-59bb-4199-99f9-f2222fb78d68)\r\n\r\n###
For maintainers\r\n\r\n- [ ] This was checked for breaking API changes
and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"c3c1b667c1de1aa36955528098ce0be15e7272b1"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"8.12","label":"v8.12.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176598","number":176598,"mergeCommit":{"message":"[Security
Solution] Disable installation button for users with Security:Read
privileges (#176598)\n\nFixes:
https://github.com/elastic/kibana/issues/161543\r\n\r\n##
Summary\r\n\r\nOriginal bug issue reported an infinite loading state in
the **Add\r\nElastic rules** page when user doesn't have write
privileges, i.e. has\r\n`Security: Read`.\r\n\r\nHowever, that seems to
have been fixed already, as the list of rules to\r\ninstall is shown,
but no individual \"Install button\" for each row is\r\nshowed. **This
is expected
behaviour**.\r\n\r\n\r\n![image](f57adc2b-9073-4019-a15e-8c05e48f1b9d)\r\n\r\nHowever,
when displaying the Rule Details flyout, the button for\r\nInstallation
in the flyout is still enabled due to missing checks. This\r\nPR fixes
that and now displays a disabled button for users with
no\r\nprivileges.\r\n\r\n\r\n![image](70a6b209-59bb-4199-99f9-f2222fb78d68)\r\n\r\n###
For maintainers\r\n\r\n- [ ] This was checked for breaking API changes
and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"c3c1b667c1de1aa36955528098ce0be15e7272b1"}}]}]
BACKPORT-->

Co-authored-by: Juan Pablo Djeredjian <jpdjeredjian@gmail.com>
 2024-02-09 11:26:05 -07:00
Dario Gieselaar
eebc33007e
[8.12] [Obs AI Assistant] Improve recall speed (#176428) (#176561) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Obs AI Assistant] Improve recall speed
(#176428)](https://github.com/elastic/kibana/pull/176428)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Dario
Gieselaar","email":"dario.gieselaar@elastic.co"},"sourceCommit":{"committedDate":"2024-02-08T16:27:24Z","message":"[Obs
AI Assistant] Improve recall speed (#176428)\n\nImproves recall speed by
outputting as CSV with zero-indexed document\r\n\"ids\". Previously, it
was a JSON object, with the real document ids.\r\nThis causes the LLM to
\"think\" for longer, for whatever reason. I didn't\r\nactually see a
difference in completion speed, but emitting the first\r\nvalue took
significantly less time when using the CSV output. I also\r\ntried
sending a single document per request using the old format, and\r\nwhile
that certainly improves things, the slowest request becomes
the\r\nbottleneck. These are results from about 10 tries per strategy
(I'd love\r\nto see others reproduce at least the `batch` vs `csv`
strategy results):\r\n\r\n`batch`: 24.7s\r\n`chunk`: 10s\r\n`csv`:
4.9s\r\n\r\n---------\r\n\r\nCo-authored-by: Søren Louv-Jansen
<sorenlouv@gmail.com>\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"fc58a0d3a71dd946fb24a75050930030c002d2a4","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","v8.13.0","v8.12.2"],"number":176428,"url":"https://github.com/elastic/kibana/pull/176428","mergeCommit":{"message":"[Obs
AI Assistant] Improve recall speed (#176428)\n\nImproves recall speed by
outputting as CSV with zero-indexed document\r\n\"ids\". Previously, it
was a JSON object, with the real document ids.\r\nThis causes the LLM to
\"think\" for longer, for whatever reason. I didn't\r\nactually see a
difference in completion speed, but emitting the first\r\nvalue took
significantly less time when using the CSV output. I also\r\ntried
sending a single document per request using the old format, and\r\nwhile
that certainly improves things, the slowest request becomes
the\r\nbottleneck. These are results from about 10 tries per strategy
(I'd love\r\nto see others reproduce at least the `batch` vs `csv`
strategy results):\r\n\r\n`batch`: 24.7s\r\n`chunk`: 10s\r\n`csv`:
4.9s\r\n\r\n---------\r\n\r\nCo-authored-by: Søren Louv-Jansen
<sorenlouv@gmail.com>\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"fc58a0d3a71dd946fb24a75050930030c002d2a4"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","labelRegex":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176428","number":176428,"mergeCommit":{"message":"[Obs
AI Assistant] Improve recall speed (#176428)\n\nImproves recall speed by
outputting as CSV with zero-indexed document\r\n\"ids\". Previously, it
was a JSON object, with the real document ids.\r\nThis causes the LLM to
\"think\" for longer, for whatever reason. I didn't\r\nactually see a
difference in completion speed, but emitting the first\r\nvalue took
significantly less time when using the CSV output. I also\r\ntried
sending a single document per request using the old format, and\r\nwhile
that certainly improves things, the slowest request becomes
the\r\nbottleneck. These are results from about 10 tries per strategy
(I'd love\r\nto see others reproduce at least the `batch` vs `csv`
strategy results):\r\n\r\n`batch`: 24.7s\r\n`chunk`: 10s\r\n`csv`:
4.9s\r\n\r\n---------\r\n\r\nCo-authored-by: Søren Louv-Jansen
<sorenlouv@gmail.com>\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"fc58a0d3a71dd946fb24a75050930030c002d2a4"}},{"branch":"8.12","label":"v8.12.2","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
 2024-02-09 13:34:54 +01:00
Paul Tavares
20f8b18501
[8.12] [Security Solution][Endpoint] Fix Manifest Manger so that it works with large (>10k) (#174411) (#176531) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Security Solution][Endpoint] Fix Manifest Manger so that it works
with large (>10k)
(#174411)](https://github.com/elastic/kibana/pull/174411)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Paul
Tavares","email":"56442535+paul-tavares@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-06T21:48:12Z","message":"[Security
Solution][Endpoint] Fix Manifest Manger so that it works with large
(>10k) (#174411)\n\n## Summary\r\n\r\n### Fleet Changes:\r\n\r\n- Two
new utilities that return `AsyncIterator`'s:\r\n - one for working with
ElasticSearch `.search()` method\r\n - one for working with SavedObjects
`.find()` method\r\n- NOTE: although the `SavedObjects` client already
supports getting back\r\nan `find` interface that returns an
`AysncIterable`, I was not\r\nconvenient to use in our use cases where
we are returning the data from\r\nthe SO back to an external consumer
(services exposed by Fleet). We need\r\nto be able to first process the
data out of the SO before returning it\r\nto the consumer, thus having
this utility facilitates that.\r\n- both handle looping through ALL data
in a given query (even if >10k)\r\n- new `fetchAllArtifacts()` method in
`ArtifactsClient`: Returns an\r\n`AsyncIterator` enabling one to loop
through all artifacts (even if\r\n>10k)\r\n- new `fetchAllItemIds()`
method in `PackagePolicyService`: return an\r\n`AsyncIterator` enabling
one to loop through all item IDs (even if >10k)\r\n- new
`fetchAllItems()` method in `PackagePolicyService`: returns
an\r\n`AsyncIterator` enabling one to loop through all package policies
(even\r\nif >10k)\r\n\r\n\r\n### Endpoint Changes:\r\n\r\n- Retrieval of
existing artifacts as well as list of all policies and\r\npolicy IDs now
use new methods introduced into fleet services (above)\r\n- Added new
config property -\r\n`xpack.securitySolution.packagerTaskTimeout` - to
enable customer to\r\nadjust the timeout value for how long the artifact
packager task can\r\nrun. Default has been set to `20m`\r\n-
Efficiencies around batch processing of updates to Policies
and\r\nartifact creation\r\n- improved logging\r\n\r\n\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"9150f9fa2f110bcd54f90f21554bad5e6d92fd0f","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","Team:Defend
Workflows","ci:cloud-deploy","v8.13.0","v8.12.2"],"number":174411,"url":"https://github.com/elastic/kibana/pull/174411","mergeCommit":{"message":"[Security
Solution][Endpoint] Fix Manifest Manger so that it works with large
(>10k) (#174411)\n\n## Summary\r\n\r\n### Fleet Changes:\r\n\r\n- Two
new utilities that return `AsyncIterator`'s:\r\n - one for working with
ElasticSearch `.search()` method\r\n - one for working with SavedObjects
`.find()` method\r\n- NOTE: although the `SavedObjects` client already
supports getting back\r\nan `find` interface that returns an
`AysncIterable`, I was not\r\nconvenient to use in our use cases where
we are returning the data from\r\nthe SO back to an external consumer
(services exposed by Fleet). We need\r\nto be able to first process the
data out of the SO before returning it\r\nto the consumer, thus having
this utility facilitates that.\r\n- both handle looping through ALL data
in a given query (even if >10k)\r\n- new `fetchAllArtifacts()` method in
`ArtifactsClient`: Returns an\r\n`AsyncIterator` enabling one to loop
through all artifacts (even if\r\n>10k)\r\n- new `fetchAllItemIds()`
method in `PackagePolicyService`: return an\r\n`AsyncIterator` enabling
one to loop through all item IDs (even if >10k)\r\n- new
`fetchAllItems()` method in `PackagePolicyService`: returns
an\r\n`AsyncIterator` enabling one to loop through all package policies
(even\r\nif >10k)\r\n\r\n\r\n### Endpoint Changes:\r\n\r\n- Retrieval of
existing artifacts as well as list of all policies and\r\npolicy IDs now
use new methods introduced into fleet services (above)\r\n- Added new
config property -\r\n`xpack.securitySolution.packagerTaskTimeout` - to
enable customer to\r\nadjust the timeout value for how long the artifact
packager task can\r\nrun. Default has been set to `20m`\r\n-
Efficiencies around batch processing of updates to Policies
and\r\nartifact creation\r\n- improved logging\r\n\r\n\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"9150f9fa2f110bcd54f90f21554bad5e6d92fd0f"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","labelRegex":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/174411","number":174411,"mergeCommit":{"message":"[Security
Solution][Endpoint] Fix Manifest Manger so that it works with large
(>10k) (#174411)\n\n## Summary\r\n\r\n### Fleet Changes:\r\n\r\n- Two
new utilities that return `AsyncIterator`'s:\r\n - one for working with
ElasticSearch `.search()` method\r\n - one for working with SavedObjects
`.find()` method\r\n- NOTE: although the `SavedObjects` client already
supports getting back\r\nan `find` interface that returns an
`AysncIterable`, I was not\r\nconvenient to use in our use cases where
we are returning the data from\r\nthe SO back to an external consumer
(services exposed by Fleet). We need\r\nto be able to first process the
data out of the SO before returning it\r\nto the consumer, thus having
this utility facilitates that.\r\n- both handle looping through ALL data
in a given query (even if >10k)\r\n- new `fetchAllArtifacts()` method in
`ArtifactsClient`: Returns an\r\n`AsyncIterator` enabling one to loop
through all artifacts (even if\r\n>10k)\r\n- new `fetchAllItemIds()`
method in `PackagePolicyService`: return an\r\n`AsyncIterator` enabling
one to loop through all item IDs (even if >10k)\r\n- new
`fetchAllItems()` method in `PackagePolicyService`: returns
an\r\n`AsyncIterator` enabling one to loop through all package policies
(even\r\nif >10k)\r\n\r\n\r\n### Endpoint Changes:\r\n\r\n- Retrieval of
existing artifacts as well as list of all policies and\r\npolicy IDs now
use new methods introduced into fleet services (above)\r\n- Added new
config property -\r\n`xpack.securitySolution.packagerTaskTimeout` - to
enable customer to\r\nadjust the timeout value for how long the artifact
packager task can\r\nrun. Default has been set to `20m`\r\n-
Efficiencies around batch processing of updates to Policies
and\r\nartifact creation\r\n- improved logging\r\n\r\n\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"9150f9fa2f110bcd54f90f21554bad5e6d92fd0f"}},{"branch":"8.12","label":"v8.12.2","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
 2024-02-09 10:43:48 +01:00
Kibana Machine
e49980a4f7
[8.12] [ML][Field Statistics] Fix Zero for items in Top Values # (#176328) (#176441) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[ML][Field Statistics] Fix Zero for items in Top Values #
(#176328)](https://github.com/elastic/kibana/pull/176328)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Quynh Nguyen
(Quinn)","email":"43350163+qn895@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-07T20:22:01Z","message":"[ML][Field
Statistics] Fix Zero for items in Top Values # (#176328)\n\n##
Summary\r\n\r\nThis PR fixes
https://github.com/elastic/kibana/issues/174084.\r\nPreviously, we
calculated the doc count based on the sampled count from\r\nthe random
sampler in order to accurately estimate the right percentage\r\nof docs
sampled in the Field Stats. However, this should only apply to\r\nwhen
random sampler was actually used (where sampler probability <
1).\r\nThis PR fixes
that.\r\n\r\nBefore\r\n\r\n![image](88eee6ec-f884-4cf9-baae-0daf4ec2b79c)\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"968a5aa348b2301de3ae4497fa7c48f8b15eb8fc","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix",":ml","Feature:File
and Index Data Viz","v8.13.0","v8.12.2"],"title":"[ML][Field Statistics]
Fix Zero for items in Top Values
#","number":176328,"url":"https://github.com/elastic/kibana/pull/176328","mergeCommit":{"message":"[ML][Field
Statistics] Fix Zero for items in Top Values # (#176328)\n\n##
Summary\r\n\r\nThis PR fixes
https://github.com/elastic/kibana/issues/174084.\r\nPreviously, we
calculated the doc count based on the sampled count from\r\nthe random
sampler in order to accurately estimate the right percentage\r\nof docs
sampled in the Field Stats. However, this should only apply to\r\nwhen
random sampler was actually used (where sampler probability <
1).\r\nThis PR fixes
that.\r\n\r\nBefore\r\n\r\n![image](88eee6ec-f884-4cf9-baae-0daf4ec2b79c)\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"968a5aa348b2301de3ae4497fa7c48f8b15eb8fc"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176328","number":176328,"mergeCommit":{"message":"[ML][Field
Statistics] Fix Zero for items in Top Values # (#176328)\n\n##
Summary\r\n\r\nThis PR fixes
https://github.com/elastic/kibana/issues/174084.\r\nPreviously, we
calculated the doc count based on the sampled count from\r\nthe random
sampler in order to accurately estimate the right percentage\r\nof docs
sampled in the Field Stats. However, this should only apply to\r\nwhen
random sampler was actually used (where sampler probability <
1).\r\nThis PR fixes
that.\r\n\r\nBefore\r\n\r\n![image](88eee6ec-f884-4cf9-baae-0daf4ec2b79c)\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [ ] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [ ] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ ] Any UI touched in this PR is
usable by keyboard only (learn more\r\nabout [keyboard
accessibility](https://webaim.org/techniques/keyboard/))\r\n- [ ] Any UI
touched in this PR does not create any new axe failures\r\n(run axe in
browser:\r\n[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),\r\n[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))\r\n-
[ ] If a plugin configuration key changed, check if it needs to
be\r\nallowlisted in the cloud and added to the
[docker\r\nlist](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)\r\n-
[ ] This renders correctly on smaller devices using a
responsive\r\nlayout. (You can test this [in
your\r\nbrowser](https://www.browserstack.com/guide/responsive-testing-on-local-server))\r\n-
[ ] This was checked for
[cross-browser\r\ncompatibility](https://www.elastic.co/support/matrix#matrix_browsers)\r\n\r\n\r\n###
Risk Matrix\r\n\r\nDelete this section if it is not applicable to this
PR.\r\n\r\nBefore closing this PR, invite QA, stakeholders, and other
developers to\r\nidentify risks that should be tested prior to the
change/feature\r\nrelease.\r\n\r\nWhen forming the risk matrix, consider
some of the following examples\r\nand how they may potentially impact
the change:\r\n\r\n| Risk | Probability | Severity | Mitigation/Notes
|\r\n\r\n|---------------------------|-------------|----------|-------------------------|\r\n|
Multiple Spaces&mdash;unexpected behavior in non-default Kibana
Space.\r\n| Low | High | Integration tests will verify that all features
are still\r\nsupported in non-default Kibana Space and when user
switches between\r\nspaces. |\r\n| Multiple nodes&mdash;Elasticsearch
polling might have race conditions\r\nwhen multiple Kibana nodes are
polling for the same tasks. | High | Low\r\n| Tasks are idempotent, so
executing them multiple times will not result\r\nin logical error, but
will degrade performance. To test for this case we\r\nadd plenty of unit
tests around this logic and document manual testing\r\nprocedure. |\r\n|
Code should gracefully handle cases when feature X or plugin Y
are\r\ndisabled. | Medium | High | Unit tests will verify that any
feature flag\r\nor plugin combination still results in our service
operational. |\r\n| [See more potential
risk\r\nexamples](https://github.com/elastic/kibana/blob/main/RISK_MATRIX.mdx)
|\r\n\r\n\r\n### For maintainers\r\n\r\n- [ ] This was checked for
breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\r\n\r\n---------\r\n\r\nCo-authored-by:
Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"968a5aa348b2301de3ae4497fa7c48f8b15eb8fc"}},{"branch":"8.12","label":"v8.12.2","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Quynh Nguyen (Quinn) <43350163+qn895@users.noreply.github.com>
 2024-02-08 12:12:37 -07:00
Kibana Machine
014ef995ae
[8.12] [Fleet] Allow back previously disabled bulk actions (#176485) (#176512) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Fleet] Allow back previously disabled bulk actions
(#176485)](https://github.com/elastic/kibana/pull/176485)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Cristina
Amico","email":"criamico@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-08T14:59:23Z","message":"[Fleet]
Allow back previously disabled bulk actions (#176485)\n\nPatch for
https://github.com/elastic/kibana/issues/171914\r\n\r\n## Summary\r\nIn
https://github.com/elastic/kibana/pull/175318 I had disabled the
bulk\r\nactions when the count was incorrect (negative). This was not a
good\r\nidea, since some of those actions could still be applied
(like\r\nunenrolling) even if the shown count is not correct. Here I'm
removing\r\nthat check.\r\n\r\n\r\n\r\n### Checklist\r\n\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"b62011026850bf968a90c403cae11c453c4e9130","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","backport:prev-minor","v8.13.0"],"title":"[Fleet]
Allow back previously disabled bulk
actions","number":176485,"url":"https://github.com/elastic/kibana/pull/176485","mergeCommit":{"message":"[Fleet]
Allow back previously disabled bulk actions (#176485)\n\nPatch for
https://github.com/elastic/kibana/issues/171914\r\n\r\n## Summary\r\nIn
https://github.com/elastic/kibana/pull/175318 I had disabled the
bulk\r\nactions when the count was incorrect (negative). This was not a
good\r\nidea, since some of those actions could still be applied
(like\r\nunenrolling) even if the shown count is not correct. Here I'm
removing\r\nthat check.\r\n\r\n\r\n\r\n### Checklist\r\n\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"b62011026850bf968a90c403cae11c453c4e9130"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176485","number":176485,"mergeCommit":{"message":"[Fleet]
Allow back previously disabled bulk actions (#176485)\n\nPatch for
https://github.com/elastic/kibana/issues/171914\r\n\r\n## Summary\r\nIn
https://github.com/elastic/kibana/pull/175318 I had disabled the
bulk\r\nactions when the count was incorrect (negative). This was not a
good\r\nidea, since some of those actions could still be applied
(like\r\nunenrolling) even if the shown count is not correct. Here I'm
removing\r\nthat check.\r\n\r\n\r\n\r\n### Checklist\r\n\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"b62011026850bf968a90c403cae11c453c4e9130"}}]}]
BACKPORT-->

Co-authored-by: Cristina Amico <criamico@users.noreply.github.com>
 2024-02-08 09:17:36 -07:00
christineweng
6cfaf54ea8
[8.12] [Security Solution][Flyout] - fix analyzer preview loading and update hover actions in rule preview (#175282) (#176243) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Security Solution][Flyout] - fix analyzer preview loading and update
hover actions in rule preview
(#175282)](https://github.com/elastic/kibana/pull/175282)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT
[{"author":{"name":"christineweng","email":"18648970+christineweng@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-01-29T23:16:30Z","message":"[Security
Solution][Flyout] - fix analyzer preview loading and update hover
actions in rule preview (#175282)\n\n## Summary\r\n\r\n- Fixed a bug
introduced by\r\nhttps://github.com/elastic/kibana/pull/174651: analyzer
preview is stuck\r\nin loading state because `_id` is not in the index
for a preview alert.\r\nAdded back `kibana.alert.ancestor.id` when
flyout is open in alert\r\npreview.\r\n\r\n- Refactor the use of
security hover actions in flyout. The hover action\r\nwrapper checks the
type of document/scope (whether it is an alert, or in\r\na preview) to
determine what actions to show on hover. Most hover\r\nactions should
behave consistently when flyout is in rule preview (do\r\nnot show
filter options)\r\n - Related:
https://github.com/elastic/kibana/issues/173608 \r\n- Not included in
this pr: 1) hover actions in alert reason preview, 2)\r\nhover actions
in left panel entity details as the component is owned by\r\na different
team and required greater refactor effort\r\n\r\n- Fixed a UI bug on
assignees breaking into multiple
lines\r\n\r\n![image](96d909e3-b6bd-4a46-bc86-fbb473ce3b62)\r\n
\r\n### Checklist\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"d51fddb332f824889c24c6a8278c81259ad445ae","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport
missing","Team:Threat Hunting","Team:Threat
Hunting:Investigations","v8.12.1","v8.13.0"],"number":175282,"url":"https://github.com/elastic/kibana/pull/175282","mergeCommit":{"message":"[Security
Solution][Flyout] - fix analyzer preview loading and update hover
actions in rule preview (#175282)\n\n## Summary\r\n\r\n- Fixed a bug
introduced by\r\nhttps://github.com/elastic/kibana/pull/174651: analyzer
preview is stuck\r\nin loading state because `_id` is not in the index
for a preview alert.\r\nAdded back `kibana.alert.ancestor.id` when
flyout is open in alert\r\npreview.\r\n\r\n- Refactor the use of
security hover actions in flyout. The hover action\r\nwrapper checks the
type of document/scope (whether it is an alert, or in\r\na preview) to
determine what actions to show on hover. Most hover\r\nactions should
behave consistently when flyout is in rule preview (do\r\nnot show
filter options)\r\n - Related:
https://github.com/elastic/kibana/issues/173608 \r\n- Not included in
this pr: 1) hover actions in alert reason preview, 2)\r\nhover actions
in left panel entity details as the component is owned by\r\na different
team and required greater refactor effort\r\n\r\n- Fixed a UI bug on
assignees breaking into multiple
lines\r\n\r\n![image](96d909e3-b6bd-4a46-bc86-fbb473ce3b62)\r\n
\r\n### Checklist\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"d51fddb332f824889c24c6a8278c81259ad445ae"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"8.12","label":"v8.12.1","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.13.0","labelRegex":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/175282","number":175282,"mergeCommit":{"message":"[Security
Solution][Flyout] - fix analyzer preview loading and update hover
actions in rule preview (#175282)\n\n## Summary\r\n\r\n- Fixed a bug
introduced by\r\nhttps://github.com/elastic/kibana/pull/174651: analyzer
preview is stuck\r\nin loading state because `_id` is not in the index
for a preview alert.\r\nAdded back `kibana.alert.ancestor.id` when
flyout is open in alert\r\npreview.\r\n\r\n- Refactor the use of
security hover actions in flyout. The hover action\r\nwrapper checks the
type of document/scope (whether it is an alert, or in\r\na preview) to
determine what actions to show on hover. Most hover\r\nactions should
behave consistently when flyout is in rule preview (do\r\nnot show
filter options)\r\n - Related:
https://github.com/elastic/kibana/issues/173608 \r\n- Not included in
this pr: 1) hover actions in alert reason preview, 2)\r\nhover actions
in left panel entity details as the component is owned by\r\na different
team and required greater refactor effort\r\n\r\n- Fixed a UI bug on
assignees breaking into multiple
lines\r\n\r\n![image](96d909e3-b6bd-4a46-bc86-fbb473ce3b62)\r\n
\r\n### Checklist\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n-
[x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"d51fddb332f824889c24c6a8278c81259ad445ae"}}]}]
BACKPORT-->
 2024-02-07 17:54:21 -06:00
Kibana Machine
7e6bb7d9e6
[8.12] [RAM][BUG] Fix bug where bulk untrack wasn&#x27;t removing alerts from task runner (#176268) (#176438) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[RAM][BUG] Fix bug where bulk untrack wasn&#x27;t removing alerts
from task runner
(#176268)](https://github.com/elastic/kibana/pull/176268)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Jiawei
Wu","email":"74562234+JiaweiWu@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-07T18:59:35Z","message":"[RAM][BUG]
Fix bug where bulk untrack wasn't removing alerts from task runner
(#176268)\n\n## Summary\r\n\r\nResolves:
https://github.com/elastic/kibana/issues/176267\r\n\r\nFixes a bug where
we were not removing untracked alerts from the task\r\nrunner. This is
because the `es.client.search` query we used was
not\r\ncorrect.\r\n\r\n\r\n### Checklist\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"fb30f37afca46b4abbd8ce12174c1e46c0272500","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:ResponseOps","Feature:Alerting/RulesManagement","v8.12.0","v8.13.0"],"title":"[RAM][BUG]
Fix bug where bulk untrack wasn't removing alerts from task
runner","number":176268,"url":"https://github.com/elastic/kibana/pull/176268","mergeCommit":{"message":"[RAM][BUG]
Fix bug where bulk untrack wasn't removing alerts from task runner
(#176268)\n\n## Summary\r\n\r\nResolves:
https://github.com/elastic/kibana/issues/176267\r\n\r\nFixes a bug where
we were not removing untracked alerts from the task\r\nrunner. This is
because the `es.client.search` query we used was
not\r\ncorrect.\r\n\r\n\r\n### Checklist\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"fb30f37afca46b4abbd8ce12174c1e46c0272500"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"8.12","label":"v8.12.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176268","number":176268,"mergeCommit":{"message":"[RAM][BUG]
Fix bug where bulk untrack wasn't removing alerts from task runner
(#176268)\n\n## Summary\r\n\r\nResolves:
https://github.com/elastic/kibana/issues/176267\r\n\r\nFixes a bug where
we were not removing untracked alerts from the task\r\nrunner. This is
because the `es.client.search` query we used was
not\r\ncorrect.\r\n\r\n\r\n### Checklist\r\n- [x] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"fb30f37afca46b4abbd8ce12174c1e46c0272500"}}]}]
BACKPORT-->

Co-authored-by: Jiawei Wu <74562234+JiaweiWu@users.noreply.github.com>
 2024-02-07 13:16:38 -07:00
Mykola Harmash
aa102263c2
[8.12] [Profiling,Infra,APM] Disable Profiling integration by default (#175201) (#176406) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Profiling,Infra,APM] Disable Profiling integration by default
(#175201)](https://github.com/elastic/kibana/pull/175201)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Mykola
Harmash","email":"mykola.harmash@gmail.com"},"sourceCommit":{"committedDate":"2024-01-24T11:44:26Z","message":"[Profiling,Infra,APM]
Disable Profiling integration by default (#175201)\n\nCloses
https://github.com/elastic/kibana/issues/175016\r\n\r\n##
Summary\r\n\r\nThis PR disables the Profiling integration in Infra and
APM by default\r\non the plugin configuration level because this
integration require users\r\nto first configure the main `profiling`
plugin. On-prem users will have\r\nto manually enable both integrations
once they enabled the Universal\r\nProfiling for their hosts. Cloud
users will have Infra and APM\r\nintegrations enabled by default because
on Cloud instances Universal\r\nProfiling is already configured. A PR
for the default Cloud settings\r\nwill follow after this one is
merged.\r\n\r\nChanges I've made:\r\n* Disabled the Infra integration be
default\r\n* Introduced a new APM feature flag for the Profiling
integration\r\n* Made sure all the places in APM that rely on Profiling
integration\r\nrespect the new feature flag\r\n* Fixed a bug in APM when
Universal Profiling was shown even though the\r\nintegration was
disabled in UI
settings\r\n\r\n\r\n65dfbb5b-1850-4d18-a92a-6ad59e0436a3\r\n\r\n##
How To Test\r\n\r\n1. Checkout locally\r\n2. Make sure you don't have
`xpack.infra.featureFlags.profilingEnabled`\r\nalready enabled in
`kibana.yml`\r\n3. Open kibana and make sure you don't see \"Universal
Profiling\" tab in\r\nHost and Service details\r\n4. Enabled both flags
in `kibana.yml`:\r\n`xpack.infra.featureFlags.profilingEnabled`
and\r\n`xpack.apm.featureFlags.profilingIntegrationAvailable:
true`\r\n5. Check that now you see \"Universal Profiling\" tab in the
details\r\nscreens in both Infra and APM\r\n6. Go to Infra settings view
and disable the Profiling integration, make\r\nsure the tab
disappears\r\n7. 6. Go to APM settings view and disable the Profiling
integration,\r\nmake sure the tab
disappears\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"abd3515dda40d48bd0c59f7d2861ffa86db133c1","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport
missing","Team:obs-ux-infra_services","v8.12.1","v8.13.0"],"number":175201,"url":"https://github.com/elastic/kibana/pull/175201","mergeCommit":{"message":"[Profiling,Infra,APM]
Disable Profiling integration by default (#175201)\n\nCloses
https://github.com/elastic/kibana/issues/175016\r\n\r\n##
Summary\r\n\r\nThis PR disables the Profiling integration in Infra and
APM by default\r\non the plugin configuration level because this
integration require users\r\nto first configure the main `profiling`
plugin. On-prem users will have\r\nto manually enable both integrations
once they enabled the Universal\r\nProfiling for their hosts. Cloud
users will have Infra and APM\r\nintegrations enabled by default because
on Cloud instances Universal\r\nProfiling is already configured. A PR
for the default Cloud settings\r\nwill follow after this one is
merged.\r\n\r\nChanges I've made:\r\n* Disabled the Infra integration be
default\r\n* Introduced a new APM feature flag for the Profiling
integration\r\n* Made sure all the places in APM that rely on Profiling
integration\r\nrespect the new feature flag\r\n* Fixed a bug in APM when
Universal Profiling was shown even though the\r\nintegration was
disabled in UI
settings\r\n\r\n\r\n65dfbb5b-1850-4d18-a92a-6ad59e0436a3\r\n\r\n##
How To Test\r\n\r\n1. Checkout locally\r\n2. Make sure you don't have
`xpack.infra.featureFlags.profilingEnabled`\r\nalready enabled in
`kibana.yml`\r\n3. Open kibana and make sure you don't see \"Universal
Profiling\" tab in\r\nHost and Service details\r\n4. Enabled both flags
in `kibana.yml`:\r\n`xpack.infra.featureFlags.profilingEnabled`
and\r\n`xpack.apm.featureFlags.profilingIntegrationAvailable:
true`\r\n5. Check that now you see \"Universal Profiling\" tab in the
details\r\nscreens in both Infra and APM\r\n6. Go to Infra settings view
and disable the Profiling integration, make\r\nsure the tab
disappears\r\n7. 6. Go to APM settings view and disable the Profiling
integration,\r\nmake sure the tab
disappears\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"abd3515dda40d48bd0c59f7d2861ffa86db133c1"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"8.12","label":"v8.12.1","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.13.0","labelRegex":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/175201","number":175201,"mergeCommit":{"message":"[Profiling,Infra,APM]
Disable Profiling integration by default (#175201)\n\nCloses
https://github.com/elastic/kibana/issues/175016\r\n\r\n##
Summary\r\n\r\nThis PR disables the Profiling integration in Infra and
APM by default\r\non the plugin configuration level because this
integration require users\r\nto first configure the main `profiling`
plugin. On-prem users will have\r\nto manually enable both integrations
once they enabled the Universal\r\nProfiling for their hosts. Cloud
users will have Infra and APM\r\nintegrations enabled by default because
on Cloud instances Universal\r\nProfiling is already configured. A PR
for the default Cloud settings\r\nwill follow after this one is
merged.\r\n\r\nChanges I've made:\r\n* Disabled the Infra integration be
default\r\n* Introduced a new APM feature flag for the Profiling
integration\r\n* Made sure all the places in APM that rely on Profiling
integration\r\nrespect the new feature flag\r\n* Fixed a bug in APM when
Universal Profiling was shown even though the\r\nintegration was
disabled in UI
settings\r\n\r\n\r\n65dfbb5b-1850-4d18-a92a-6ad59e0436a3\r\n\r\n##
How To Test\r\n\r\n1. Checkout locally\r\n2. Make sure you don't have
`xpack.infra.featureFlags.profilingEnabled`\r\nalready enabled in
`kibana.yml`\r\n3. Open kibana and make sure you don't see \"Universal
Profiling\" tab in\r\nHost and Service details\r\n4. Enabled both flags
in `kibana.yml`:\r\n`xpack.infra.featureFlags.profilingEnabled`
and\r\n`xpack.apm.featureFlags.profilingIntegrationAvailable:
true`\r\n5. Check that now you see \"Universal Profiling\" tab in the
details\r\nscreens in both Infra and APM\r\n6. Go to Infra settings view
and disable the Profiling integration, make\r\nsure the tab
disappears\r\n7. 6. Go to APM settings view and disable the Profiling
integration,\r\nmake sure the tab
disappears\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"abd3515dda40d48bd0c59f7d2861ffa86db133c1"}}]}]
BACKPORT-->
 2024-02-07 08:29:37 -07:00
Pablo Machado
5a4ad2651f
[8.12] [Security Solution] Only query security alerts with the current user (#175903) (#176395) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Security Solution] Only query security alerts with the current user
(#175903)](https://github.com/elastic/kibana/pull/175903)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Pablo
Machado","email":"pablo.nevesmachado@elastic.co"},"sourceCommit":{"committedDate":"2024-02-02T11:24:34Z","message":"[Security
Solution] Only query security alerts with the current user
(#175903)\n\n## Summary\r\n\r\nFix risk score query to only search
security alerts with the
current\r\nuser.\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"5b5df2e58b6dc0a6e3e734688b8c2591f42312c4","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","impact:low","backport
missing","Team: SecuritySolution","v8.12.1","Team:Entity
Analytics","v8.13.0"],"number":175903,"url":"https://github.com/elastic/kibana/pull/175903","mergeCommit":{"message":"[Security
Solution] Only query security alerts with the current user
(#175903)\n\n## Summary\r\n\r\nFix risk score query to only search
security alerts with the
current\r\nuser.\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"5b5df2e58b6dc0a6e3e734688b8c2591f42312c4"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"8.12","label":"v8.12.1","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.13.0","labelRegex":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/175903","number":175903,"mergeCommit":{"message":"[Security
Solution] Only query security alerts with the current user
(#175903)\n\n## Summary\r\n\r\nFix risk score query to only search
security alerts with the
current\r\nuser.\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"5b5df2e58b6dc0a6e3e734688b8c2591f42312c4"}}]}]
BACKPORT-->
 2024-02-07 15:52:15 +01:00
Kibana Machine
0be4e96091
[8.12] [Exceptions][Value Lists] Add file type and size constraints to value list uploads (#8507) (#176074) (#176375) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Exceptions][Value Lists] Add file type and size constraints to value
list uploads (#8507)
(#176074)](https://github.com/elastic/kibana/pull/176074)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Ievgen
Sorokopud","email":"ievgen.sorokopud@elastic.co"},"sourceCommit":{"committedDate":"2024-02-07T09:22:19Z","message":"[Exceptions][Value
Lists] Add file type and size constraints to value list uploads (#8507)
(#176074)\n\n## Summary\r\n\r\nAddresses
https://github.com/elastic/security-team/issues/8507\r\n\r\nWith these
changes we address the issue where users can upload any file\r\nto be
imported as a value list.\r\n\r\nThe restrictions are:\r\n* Users should
be limited to uploading .txt or .csv. All other file\r\ntypes should
return a 415.\r\n* Users should be limited to uploading files of 9K
bytes size. Files\r\nlarger than that should return a 413.\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [x] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [x] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ESS
97\r\ntimes](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5019)\r\n-
[Serverless
97\r\ntimes](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5020)","sha":"c38410affe0bccd61884b58a41b7bda48c78d86f","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:
SecuritySolution","Team:Detection Engine","8.13
candidate","v8.13.0","v8.12.2","v7.17.19"],"title":"[Exceptions][Value
Lists] Add file type and size constraints to value list uploads
(#8507)","number":176074,"url":"https://github.com/elastic/kibana/pull/176074","mergeCommit":{"message":"[Exceptions][Value
Lists] Add file type and size constraints to value list uploads (#8507)
(#176074)\n\n## Summary\r\n\r\nAddresses
https://github.com/elastic/security-team/issues/8507\r\n\r\nWith these
changes we address the issue where users can upload any file\r\nto be
imported as a value list.\r\n\r\nThe restrictions are:\r\n* Users should
be limited to uploading .txt or .csv. All other file\r\ntypes should
return a 415.\r\n* Users should be limited to uploading files of 9K
bytes size. Files\r\nlarger than that should return a 413.\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [x] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [x] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ESS
97\r\ntimes](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5019)\r\n-
[Serverless
97\r\ntimes](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5020)","sha":"c38410affe0bccd61884b58a41b7bda48c78d86f"}},"sourceBranch":"main","suggestedTargetBranches":["8.12","7.17"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176074","number":176074,"mergeCommit":{"message":"[Exceptions][Value
Lists] Add file type and size constraints to value list uploads (#8507)
(#176074)\n\n## Summary\r\n\r\nAddresses
https://github.com/elastic/security-team/issues/8507\r\n\r\nWith these
changes we address the issue where users can upload any file\r\nto be
imported as a value list.\r\n\r\nThe restrictions are:\r\n* Users should
be limited to uploading .txt or .csv. All other file\r\ntypes should
return a 415.\r\n* Users should be limited to uploading files of 9K
bytes size. Files\r\nlarger than that should return a 413.\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [x] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common scenarios\r\n- [x] [Flaky
Test\r\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\r\nused on any tests changed\r\n- [ESS
97\r\ntimes](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5019)\r\n-
[Serverless
97\r\ntimes](https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/5020)","sha":"c38410affe0bccd61884b58a41b7bda48c78d86f"}},{"branch":"8.12","label":"v8.12.2","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"7.17","label":"v7.17.19","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Ievgen Sorokopud <ievgen.sorokopud@elastic.co>
 2024-02-07 03:48:18 -07:00
Kibana Machine
faa93cbb60
[8.12] [Ent Search] Connector client copy cleanup (#176290) (#176331) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Ent Search] Connector client copy cleanup
(#176290)](https://github.com/elastic/kibana/pull/176290)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Liam
Thompson","email":"32779855+leemthompo@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-06T17:31:55Z","message":"[Ent
Search] Connector client copy cleanup (#176290)\n\nAdditional fixes
missed in https://github.com/elastic/kibana/pull/173366\r\n\r\n- The
deployment first paragraph was outdated and irrelevant to the
user\r\nworkflow\r\n- Some of step headings were
vague","sha":"87a66f24898d9d0ad20b357f62cdc9ea407ad27b","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:EnterpriseSearch","v8.13.0","v8.12.2"],"title":"[Ent
Search] Connector client copy
cleanup","number":176290,"url":"https://github.com/elastic/kibana/pull/176290","mergeCommit":{"message":"[Ent
Search] Connector client copy cleanup (#176290)\n\nAdditional fixes
missed in https://github.com/elastic/kibana/pull/173366\r\n\r\n- The
deployment first paragraph was outdated and irrelevant to the
user\r\nworkflow\r\n- Some of step headings were
vague","sha":"87a66f24898d9d0ad20b357f62cdc9ea407ad27b"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176290","number":176290,"mergeCommit":{"message":"[Ent
Search] Connector client copy cleanup (#176290)\n\nAdditional fixes
missed in https://github.com/elastic/kibana/pull/173366\r\n\r\n- The
deployment first paragraph was outdated and irrelevant to the
user\r\nworkflow\r\n- Some of step headings were
vague","sha":"87a66f24898d9d0ad20b357f62cdc9ea407ad27b"}},{"branch":"8.12","label":"v8.12.2","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Liam Thompson <32779855+leemthompo@users.noreply.github.com>
 2024-02-06 11:55:38 -07:00
Kibana Machine
ea7b6c4247
[8.12] [Fleet] Logstash Output - being compliant to RFC-952 (#176298) (#176323) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Fleet] Logstash Output - being compliant to RFC-952
(#176298)](https://github.com/elastic/kibana/pull/176298)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Alex
S","email":"Terilia@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-06T16:33:56Z","message":"[Fleet]
Logstash Output - being compliant to RFC-952 (#176298)\n\n##
Summary\r\n\r\nThe logstash output in fleet was not following
the\r\n[RFC-952](https://www.rfc-editor.org/rfc/rfc952) correctly,
only\r\naccepting lowercase url's for the hostname, even though
according to the\r\nstandard, this should be
irrelevant.\r\n\r\nAdditionally added two new unit tests, to check that
this behaviour is\r\ncompliant in the future as well.\r\n\r\n\r\n## Fix
explanation\r\n\r\nThe issue was in the past that the URL Type in nodejs
is automatically\r\nlowercase, and then the value of the form is or the
string provided is\r\nchecked against this url type. The types behaviour
is explained
here:\r\nhttps://nodejs.org/api/url.html#the-whatwg-url-api\r\n\r\nAs we
would like to be case insensitive, in the check, the value is
also\r\nlowerecased with: val.toLowerCase() to pass the check\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [X] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"55429179ba30ca3a922f6daf44ce17f8d5f19507","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Fleet","backport:prev-minor","v8.13.0"],"title":"[Fleet]
Logstash Output - being compliant to
RFC-952","number":176298,"url":"https://github.com/elastic/kibana/pull/176298","mergeCommit":{"message":"[Fleet]
Logstash Output - being compliant to RFC-952 (#176298)\n\n##
Summary\r\n\r\nThe logstash output in fleet was not following
the\r\n[RFC-952](https://www.rfc-editor.org/rfc/rfc952) correctly,
only\r\naccepting lowercase url's for the hostname, even though
according to the\r\nstandard, this should be
irrelevant.\r\n\r\nAdditionally added two new unit tests, to check that
this behaviour is\r\ncompliant in the future as well.\r\n\r\n\r\n## Fix
explanation\r\n\r\nThe issue was in the past that the URL Type in nodejs
is automatically\r\nlowercase, and then the value of the form is or the
string provided is\r\nchecked against this url type. The types behaviour
is explained
here:\r\nhttps://nodejs.org/api/url.html#the-whatwg-url-api\r\n\r\nAs we
would like to be case insensitive, in the check, the value is
also\r\nlowerecased with: val.toLowerCase() to pass the check\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [X] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"55429179ba30ca3a922f6daf44ce17f8d5f19507"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176298","number":176298,"mergeCommit":{"message":"[Fleet]
Logstash Output - being compliant to RFC-952 (#176298)\n\n##
Summary\r\n\r\nThe logstash output in fleet was not following
the\r\n[RFC-952](https://www.rfc-editor.org/rfc/rfc952) correctly,
only\r\naccepting lowercase url's for the hostname, even though
according to the\r\nstandard, this should be
irrelevant.\r\n\r\nAdditionally added two new unit tests, to check that
this behaviour is\r\ncompliant in the future as well.\r\n\r\n\r\n## Fix
explanation\r\n\r\nThe issue was in the past that the URL Type in nodejs
is automatically\r\nlowercase, and then the value of the form is or the
string provided is\r\nchecked against this url type. The types behaviour
is explained
here:\r\nhttps://nodejs.org/api/url.html#the-whatwg-url-api\r\n\r\nAs we
would like to be case insensitive, in the check, the value is
also\r\nlowerecased with: val.toLowerCase() to pass the check\r\n\r\n###
Checklist\r\n\r\nDelete any items that are not applicable to this
PR.\r\n\r\n- [X] [Unit or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios","sha":"55429179ba30ca3a922f6daf44ce17f8d5f19507"}}]}]
BACKPORT-->

Co-authored-by: Alex S <Terilia@users.noreply.github.com>
 2024-02-06 11:32:18 -07:00
Kibana Machine
9c1c90b350
[8.12] [ML] Anomaly Detection: Fix &#x60;values-dots&#x60; colors (#176303) (#176326) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[ML] Anomaly Detection: Fix &#x60;values-dots&#x60; colors
(#176303)](https://github.com/elastic/kibana/pull/176303)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Walter
Rafelsberger","email":"walter.rafelsberger@elastic.co"},"sourceCommit":{"committedDate":"2024-02-06T16:45:19Z","message":"[ML]
Anomaly Detection: Fix `values-dots` colors (#176303)\n\n##
Summary\r\n\r\nFixes the colors of \"value dots\", the dots that are
shown in the Single\r\nMetric Viewer when theres sparse data and not a
continuous line.\r\n\r\nBefore:\r\n\r\n<img width=\"1112\"
alt=\"image\"\r\nsrc=\"7844bfa0-3a50-4088-869a-5a6fc366c0cd\">\r\n\r\nAfter:\r\n\r\n<img
width=\"1112\"
alt=\"image\"\r\nsrc=\"28fcaa1e-eed9-497b-8c1a-c824effd7c31\">\r\n\r\n###
Checklist\r\n\r\n- [x] This was checked for breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"1a5384558d272da8d4c1441191609f626c251456","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix",":ml","Feature:Anomaly
Detection","v8.13.0","v8.12.2"],"title":"[ML] Anomaly Detection: Fix
`values-dots`
colors","number":176303,"url":"https://github.com/elastic/kibana/pull/176303","mergeCommit":{"message":"[ML]
Anomaly Detection: Fix `values-dots` colors (#176303)\n\n##
Summary\r\n\r\nFixes the colors of \"value dots\", the dots that are
shown in the Single\r\nMetric Viewer when theres sparse data and not a
continuous line.\r\n\r\nBefore:\r\n\r\n<img width=\"1112\"
alt=\"image\"\r\nsrc=\"7844bfa0-3a50-4088-869a-5a6fc366c0cd\">\r\n\r\nAfter:\r\n\r\n<img
width=\"1112\"
alt=\"image\"\r\nsrc=\"28fcaa1e-eed9-497b-8c1a-c824effd7c31\">\r\n\r\n###
Checklist\r\n\r\n- [x] This was checked for breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"1a5384558d272da8d4c1441191609f626c251456"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176303","number":176303,"mergeCommit":{"message":"[ML]
Anomaly Detection: Fix `values-dots` colors (#176303)\n\n##
Summary\r\n\r\nFixes the colors of \"value dots\", the dots that are
shown in the Single\r\nMetric Viewer when theres sparse data and not a
continuous line.\r\n\r\nBefore:\r\n\r\n<img width=\"1112\"
alt=\"image\"\r\nsrc=\"7844bfa0-3a50-4088-869a-5a6fc366c0cd\">\r\n\r\nAfter:\r\n\r\n<img
width=\"1112\"
alt=\"image\"\r\nsrc=\"28fcaa1e-eed9-497b-8c1a-c824effd7c31\">\r\n\r\n###
Checklist\r\n\r\n- [x] This was checked for breaking API changes and was
[labeled\r\nappropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)","sha":"1a5384558d272da8d4c1441191609f626c251456"}},{"branch":"8.12","label":"v8.12.2","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Walter Rafelsberger <walter.rafelsberger@elastic.co>
 2024-02-06 11:27:02 -07:00
Kibana Machine
a94310fc91
[8.12] [Fleet] Fix assets being unintentionally moved to the default space during Fleet setup (#176173) (#176250) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Fleet] Fix assets being unintentionally moved to the default space
during Fleet setup
(#176173)](https://github.com/elastic/kibana/pull/176173)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Kyle
Pollich","email":"kyle.pollich@elastic.co"},"sourceCommit":{"committedDate":"2024-02-05T18:55:49Z","message":"[Fleet]
Fix assets being unintentionally moved to the default space during Fleet
setup (#176173)\n\n## Summary\r\n\r\nFixes
https://github.com/elastic/kibana/issues/175173\r\n\r\nUse a scoped SO
client when importing assets to prevent always importing\r\nassets into
the default space during Fleet setup.\r\n\r\n## To do\r\n\r\nAdd
tests?\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"c07ee4ad0f9ca0912d88d4cccf85474f1811e8dc","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Fleet","backport:prev-minor","v8.13.0"],"title":"[Fleet]
Fix assets being unintentionally moved to the default space during Fleet
setup","number":176173,"url":"https://github.com/elastic/kibana/pull/176173","mergeCommit":{"message":"[Fleet]
Fix assets being unintentionally moved to the default space during Fleet
setup (#176173)\n\n## Summary\r\n\r\nFixes
https://github.com/elastic/kibana/issues/175173\r\n\r\nUse a scoped SO
client when importing assets to prevent always importing\r\nassets into
the default space during Fleet setup.\r\n\r\n## To do\r\n\r\nAdd
tests?\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"c07ee4ad0f9ca0912d88d4cccf85474f1811e8dc"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176173","number":176173,"mergeCommit":{"message":"[Fleet]
Fix assets being unintentionally moved to the default space during Fleet
setup (#176173)\n\n## Summary\r\n\r\nFixes
https://github.com/elastic/kibana/issues/175173\r\n\r\nUse a scoped SO
client when importing assets to prevent always importing\r\nassets into
the default space during Fleet setup.\r\n\r\n## To do\r\n\r\nAdd
tests?\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"c07ee4ad0f9ca0912d88d4cccf85474f1811e8dc"}}]}]
BACKPORT-->

Co-authored-by: Kyle Pollich <kyle.pollich@elastic.co>
 2024-02-05 13:13:09 -07:00
Kibana Machine
43a6eb645d
[8.12] [Security Solution] Fix rule export for a large number of rules (#175979) (#176211) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Security Solution] Fix rule export for a large number of rules
(#175979)](https://github.com/elastic/kibana/pull/175979)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Maxim
Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2024-02-05T11:33:16Z","message":"[Security
Solution] Fix rule export for a large number of rules
(#175979)\n\n**Fixes:**
https://github.com/elastic/kibana/issues/170015\r\n\r\n##
Summary\r\n\r\nThis PR fixes inability to export a large number of
rules.\r\n\r\n## Details\r\n\r\nThe problem appears as 500 server error
shown by UI in attempt to export a large number of rules (1K or more).
In fact it boils down to `too_many_clauses` ES error. Server side
fetches rules by passing each `ruleId` in ES query. When the number of
`ruleIds` exceeds the limit `too_many_clauses` error is returned. The
limit is set via `indices.query.bool.max_clause_count` and the value is
[calculated
dynamically](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-settings.html)
with the minimum value `1024`.\r\n\r\nThe fix makes sure rules are
processed in chunks by 1024 to prevent `too_many_clauses` error and
guarantee it works in different environment.\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common
scenarios","sha":"576fe37b16db4fb6e1224387d5485ddb8fed6787","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","impact:high","Team:Detections
and Resp","Team: SecuritySolution","Team:Detection Rule
Management","Feature:Rule
Import/Export","v8.13.0","v8.12.2"],"title":"[Security Solution] Fix
rule export for a large number of
rules","number":175979,"url":"https://github.com/elastic/kibana/pull/175979","mergeCommit":{"message":"[Security
Solution] Fix rule export for a large number of rules
(#175979)\n\n**Fixes:**
https://github.com/elastic/kibana/issues/170015\r\n\r\n##
Summary\r\n\r\nThis PR fixes inability to export a large number of
rules.\r\n\r\n## Details\r\n\r\nThe problem appears as 500 server error
shown by UI in attempt to export a large number of rules (1K or more).
In fact it boils down to `too_many_clauses` ES error. Server side
fetches rules by passing each `ruleId` in ES query. When the number of
`ruleIds` exceeds the limit `too_many_clauses` error is returned. The
limit is set via `indices.query.bool.max_clause_count` and the value is
[calculated
dynamically](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-settings.html)
with the minimum value `1024`.\r\n\r\nThe fix makes sure rules are
processed in chunks by 1024 to prevent `too_many_clauses` error and
guarantee it works in different environment.\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common
scenarios","sha":"576fe37b16db4fb6e1224387d5485ddb8fed6787"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/175979","number":175979,"mergeCommit":{"message":"[Security
Solution] Fix rule export for a large number of rules
(#175979)\n\n**Fixes:**
https://github.com/elastic/kibana/issues/170015\r\n\r\n##
Summary\r\n\r\nThis PR fixes inability to export a large number of
rules.\r\n\r\n## Details\r\n\r\nThe problem appears as 500 server error
shown by UI in attempt to export a large number of rules (1K or more).
In fact it boils down to `too_many_clauses` ES error. Server side
fetches rules by passing each `ruleId` in ES query. When the number of
`ruleIds` exceeds the limit `too_many_clauses` error is returned. The
limit is set via `indices.query.bool.max_clause_count` and the value is
[calculated
dynamically](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-settings.html)
with the minimum value `1024`.\r\n\r\nThe fix makes sure rules are
processed in chunks by 1024 to prevent `too_many_clauses` error and
guarantee it works in different environment.\r\n\r\n###
Checklist\r\n\r\n- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common
scenarios","sha":"576fe37b16db4fb6e1224387d5485ddb8fed6787"}},{"branch":"8.12","label":"v8.12.2","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Maxim Palenov <maxim.palenov@elastic.co>
 2024-02-05 05:49:15 -07:00
Kibana Machine
c97a4a4c01
[8.12] [Security solution] Update default Bedrock api url (#176090) (#176176) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Security solution] Update default Bedrock api url
(#176090)](https://github.com/elastic/kibana/pull/176090)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Steph
Milovic","email":"stephanie.milovic@elastic.co"},"sourceCommit":{"committedDate":"2024-02-02T17:43:33Z","message":"[Security
solution] Update default Bedrock api url
(#176090)","sha":"3a4ad7725a28429f25acd3ce630fb43f45ecde1e","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:
SecuritySolution","ci:cloud-deploy","ci:cloud-redeploy","v8.13.0","Team:Security
Generative AI","v8.12.2"],"title":"[Security solution] Update default
Bedrock api
url","number":176090,"url":"https://github.com/elastic/kibana/pull/176090","mergeCommit":{"message":"[Security
solution] Update default Bedrock api url
(#176090)","sha":"3a4ad7725a28429f25acd3ce630fb43f45ecde1e"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176090","number":176090,"mergeCommit":{"message":"[Security
solution] Update default Bedrock api url
(#176090)","sha":"3a4ad7725a28429f25acd3ce630fb43f45ecde1e"}},{"branch":"8.12","label":"v8.12.2","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>
 2024-02-02 12:07:22 -07:00
Kibana Machine
8bff5996f2
[8.12] [Fleet] Fix categories labels in integration overview (#176141) (#176157) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Fleet] Fix categories labels in integration overview
(#176141)](https://github.com/elastic/kibana/pull/176141)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Cristina
Amico","email":"criamico@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-02T14:19:39Z","message":"[Fleet]
Fix categories labels in integration overview (#176141)\n\nCloses
https://github.com/elastic/kibana/issues/176031\r\n\r\n##
Summary\r\n\r\nFixing missing category label in Integration overwiew
page for\r\nsubintegrations. The category label was just showing the
parent\r\nIntegration label but not the own category. To fix it, I'm
adding the\r\ncategories in `integrationInfo` as well.\r\n\r\n###
Before\r\n![Screenshot 2024-02-02 at 12
37\r\n01](5170bb5d-fce3-400c-b6a5-3e39003f4158)\r\n\r\n\r\n###
After\r\n![Screenshot 2024-02-02 at 12
33\r\n06](14d475c8-ab02-4d50-883f-80924cd96b93)","sha":"e9dc10e97d0b0e89fe70ef4ff148e83e3f2e3c90","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Fleet","backport:prev-minor","v8.13.0"],"title":"[Fleet]
Fix categories labels in integration
overview","number":176141,"url":"https://github.com/elastic/kibana/pull/176141","mergeCommit":{"message":"[Fleet]
Fix categories labels in integration overview (#176141)\n\nCloses
https://github.com/elastic/kibana/issues/176031\r\n\r\n##
Summary\r\n\r\nFixing missing category label in Integration overwiew
page for\r\nsubintegrations. The category label was just showing the
parent\r\nIntegration label but not the own category. To fix it, I'm
adding the\r\ncategories in `integrationInfo` as well.\r\n\r\n###
Before\r\n![Screenshot 2024-02-02 at 12
37\r\n01](5170bb5d-fce3-400c-b6a5-3e39003f4158)\r\n\r\n\r\n###
After\r\n![Screenshot 2024-02-02 at 12
33\r\n06](14d475c8-ab02-4d50-883f-80924cd96b93)","sha":"e9dc10e97d0b0e89fe70ef4ff148e83e3f2e3c90"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176141","number":176141,"mergeCommit":{"message":"[Fleet]
Fix categories labels in integration overview (#176141)\n\nCloses
https://github.com/elastic/kibana/issues/176031\r\n\r\n##
Summary\r\n\r\nFixing missing category label in Integration overwiew
page for\r\nsubintegrations. The category label was just showing the
parent\r\nIntegration label but not the own category. To fix it, I'm
adding the\r\ncategories in `integrationInfo` as well.\r\n\r\n###
Before\r\n![Screenshot 2024-02-02 at 12
37\r\n01](5170bb5d-fce3-400c-b6a5-3e39003f4158)\r\n\r\n\r\n###
After\r\n![Screenshot 2024-02-02 at 12
33\r\n06](14d475c8-ab02-4d50-883f-80924cd96b93)","sha":"e9dc10e97d0b0e89fe70ef4ff148e83e3f2e3c90"}}]}]
BACKPORT-->

Co-authored-by: Cristina Amico <criamico@users.noreply.github.com>
 2024-02-02 08:56:20 -07:00
Cristina Amico
ad6180df31
[8.12] [Fleet] Prevent deletion of agent policies with inactive agents from UI (#175815) (#176131) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Fleet] Prevent deletion of agent policies with inactive agents from
UI (#175815)](https://github.com/elastic/kibana/pull/175815)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Cristina
Amico","email":"criamico@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-02-01T20:25:45Z","message":"[Fleet]
Prevent deletion of agent policies with inactive agents from UI
(#175815)\n\nFixes
https://github.com/elastic/kibana/issues/155925\r\n\r\n##
Summary\r\nPrevent deleting an agent policy that has inactive agents
assigned. The\r\nworkaround to fix existing \"orphaned\" agents is
outlined\r\n[here](https://github.com/elastic/kibana/issues/155925#issuecomment-1919250162).\r\n\r\n###
API\r\nAdding check for inactive agents to the agent policy \"delete\"
endpoint -\r\nIt will now fail if the policy has either active or
inactive agents:\r\n\r\n```\r\n POST
/api/fleet/agent_policies/delete\r\n {\r\n agentPolicyId: 1234534,\r\n
}\r\n```\r\n\r\n### UI \r\nWarning added to the \"delete\" action in the
UI when trying to delete a\r\npolicy that has active or inactive
agents.\r\n\r\n## Testing\r\n- Have a policy with many inactive agents
assigned to it\r\n- Try to delete it from the agent policy list or
settings\r\n- The deletion is prevented and a warning is
raised:\r\n\r\n![Screenshot 2024-01-31 at 12
03\r\n11](644c9e9e-9820-4251-81fb-58f74ab57377)\r\n\r\n\r\n\r\n###
Checklist\r\n\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"222e894b8a483cd4a22c81dfcd2bec633a45e421","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:Fleet","backport:prev-minor","v8.13.0"],"number":175815,"url":"https://github.com/elastic/kibana/pull/175815","mergeCommit":{"message":"[Fleet]
Prevent deletion of agent policies with inactive agents from UI
(#175815)\n\nFixes
https://github.com/elastic/kibana/issues/155925\r\n\r\n##
Summary\r\nPrevent deleting an agent policy that has inactive agents
assigned. The\r\nworkaround to fix existing \"orphaned\" agents is
outlined\r\n[here](https://github.com/elastic/kibana/issues/155925#issuecomment-1919250162).\r\n\r\n###
API\r\nAdding check for inactive agents to the agent policy \"delete\"
endpoint -\r\nIt will now fail if the policy has either active or
inactive agents:\r\n\r\n```\r\n POST
/api/fleet/agent_policies/delete\r\n {\r\n agentPolicyId: 1234534,\r\n
}\r\n```\r\n\r\n### UI \r\nWarning added to the \"delete\" action in the
UI when trying to delete a\r\npolicy that has active or inactive
agents.\r\n\r\n## Testing\r\n- Have a policy with many inactive agents
assigned to it\r\n- Try to delete it from the agent policy list or
settings\r\n- The deletion is prevented and a warning is
raised:\r\n\r\n![Screenshot 2024-01-31 at 12
03\r\n11](644c9e9e-9820-4251-81fb-58f74ab57377)\r\n\r\n\r\n\r\n###
Checklist\r\n\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"222e894b8a483cd4a22c81dfcd2bec633a45e421"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","labelRegex":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/175815","number":175815,"mergeCommit":{"message":"[Fleet]
Prevent deletion of agent policies with inactive agents from UI
(#175815)\n\nFixes
https://github.com/elastic/kibana/issues/155925\r\n\r\n##
Summary\r\nPrevent deleting an agent policy that has inactive agents
assigned. The\r\nworkaround to fix existing \"orphaned\" agents is
outlined\r\n[here](https://github.com/elastic/kibana/issues/155925#issuecomment-1919250162).\r\n\r\n###
API\r\nAdding check for inactive agents to the agent policy \"delete\"
endpoint -\r\nIt will now fail if the policy has either active or
inactive agents:\r\n\r\n```\r\n POST
/api/fleet/agent_policies/delete\r\n {\r\n agentPolicyId: 1234534,\r\n
}\r\n```\r\n\r\n### UI \r\nWarning added to the \"delete\" action in the
UI when trying to delete a\r\npolicy that has active or inactive
agents.\r\n\r\n## Testing\r\n- Have a policy with many inactive agents
assigned to it\r\n- Try to delete it from the agent policy list or
settings\r\n- The deletion is prevented and a warning is
raised:\r\n\r\n![Screenshot 2024-01-31 at 12
03\r\n11](644c9e9e-9820-4251-81fb-58f74ab57377)\r\n\r\n\r\n\r\n###
Checklist\r\n\r\n- [
]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas
added for features that require explanation or tutorials\r\n- [ ] [Unit
or
functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere
updated or added to match the most common
scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"222e894b8a483cd4a22c81dfcd2bec633a45e421"}}]}]
BACKPORT-->

---------

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
 2024-02-02 08:50:05 -07:00
David Sánchez
d6bbcfc7e8
[EDR Workflows] Unskip e2e tests due vagrant up error (#175780) 
## Summary
Re-enable skipped e2e tests due vagrant up error. This pr depends on
this change: https://github.com/elastic/kibana/pull/175755
Originally merged at main here:
https://github.com/elastic/kibana/pull/175754

fixes: https://github.com/elastic/kibana/issues/170811
fixes: https://github.com/elastic/kibana/issues/170674
fixes: https://github.com/elastic/kibana/issues/169343
fixes: https://github.com/elastic/kibana/issues/170601
fixes: https://github.com/elastic/kibana/issues/173464
fixes: https://github.com/elastic/kibana/issues/170667
fixes: https://github.com/elastic/kibana/issues/170812
fixes: https://github.com/elastic/kibana/issues/170604
fixes: https://github.com/elastic/kibana/issues/170373
fixes: https://github.com/elastic/kibana/issues/169958
fixes: https://github.com/elastic/kibana/issues/170814
fixes: https://github.com/elastic/kibana/issues/170424
fixes: https://github.com/elastic/kibana/issues/170706
fixes: https://github.com/elastic/kibana/issues/170563
fixes: https://github.com/elastic/kibana/issues/169689
fixes: https://github.com/elastic/kibana/issues/170817
fixes: https://github.com/elastic/kibana/issues/169821
fixes: https://github.com/elastic/kibana/issues/170816
fixes: https://github.com/elastic/kibana/issues/170794

### For maintainers

- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)

---------

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
 2024-02-02 12:41:35 +01:00
Kibana Machine
3066656a16
[8.12] [Fleet] Fix max agent for agent activity (#176081) (#176092) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Fleet] Fix max agent for agent activity
(#176081)](https://github.com/elastic/kibana/pull/176081)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Nicolas
Chaulet","email":"nicolas.chaulet@elastic.co"},"sourceCommit":{"committedDate":"2024-02-01T18:59:34Z","message":"[Fleet]
Fix max agent for agent activity
(#176081)","sha":"9872b70a84f61d75243064e81abea42afdf9a58f","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","Team:Fleet","backport:prev-minor","v8.13.0"],"title":"[Fleet]
Fix max agent for agent
activity","number":176081,"url":"https://github.com/elastic/kibana/pull/176081","mergeCommit":{"message":"[Fleet]
Fix max agent for agent activity
(#176081)","sha":"9872b70a84f61d75243064e81abea42afdf9a58f"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176081","number":176081,"mergeCommit":{"message":"[Fleet]
Fix max agent for agent activity
(#176081)","sha":"9872b70a84f61d75243064e81abea42afdf9a58f"}}]}]
BACKPORT-->

Co-authored-by: Nicolas Chaulet <nicolas.chaulet@elastic.co>
 2024-02-01 13:18:01 -07:00
Kibana Machine
3f4a7a561b
[8.12] [Response Ops][Actions] Adding configuration to override default MS Graph API Scope and Exchange URL values (#175812) (#176085) 
# Backport

This will backport the following commits from `main` to `8.12`:
- [[Response Ops][Actions] Adding configuration to override default MS
Graph API Scope and Exchange URL values
(#175812)](https://github.com/elastic/kibana/pull/175812)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Ying
Mao","email":"ying.mao@elastic.co"},"sourceCommit":{"committedDate":"2024-02-01T17:41:52Z","message":"[Response
Ops][Actions] Adding configuration to override default MS Graph API
Scope and Exchange URL values (#175812)\n\nResolves
https://github.com/elastic/kibana/issues/166064\r\n\r\n##
Summary\r\n\r\nAdds the following configurations to the `kibana.yml`
config:\r\n* `xpack.actions.microsoftGraphApiScope` - overrides the
default Graph\r\nAPI scope value of
`https://graph.microsoft.com/.default`\r\n*
`xpack.actions.microsoftExchangeUrl` - overrides the default value
of\r\n`https://login.microsoftonline.com`\r\n\r\nThis allows users in
different Azure environments to customize their\r\nendpoints as
needed.\r\n\r\n## To Verify\r\n\r\nWe are unable to test this in a
different environment but we can verify\r\nthat the config overrides the
defaults as expected by setting the config\r\nvalues to something
different and the logging out the params that are\r\nsent to
`getOAuthClientCredentialsAccessToken`
in\r\n`x-pack/plugins/stack_connectors/server/connector_types/email/send_email.ts`.\r\nThen
create an MS Exchange email connector and test it to see that
the\r\nlogged values are overridden as
expected.\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"f7e4f7a636763d46cb6a38b21a5eb6e67595ddfe","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Feature:Actions","Team:ResponseOps","backport:prev-minor","backport:prev-MAJOR","v8.13.0"],"title":"[Response
Ops][Actions] Adding configuration to override default MS Graph API
Scope and Exchange URL
values","number":175812,"url":"https://github.com/elastic/kibana/pull/175812","mergeCommit":{"message":"[Response
Ops][Actions] Adding configuration to override default MS Graph API
Scope and Exchange URL values (#175812)\n\nResolves
https://github.com/elastic/kibana/issues/166064\r\n\r\n##
Summary\r\n\r\nAdds the following configurations to the `kibana.yml`
config:\r\n* `xpack.actions.microsoftGraphApiScope` - overrides the
default Graph\r\nAPI scope value of
`https://graph.microsoft.com/.default`\r\n*
`xpack.actions.microsoftExchangeUrl` - overrides the default value
of\r\n`https://login.microsoftonline.com`\r\n\r\nThis allows users in
different Azure environments to customize their\r\nendpoints as
needed.\r\n\r\n## To Verify\r\n\r\nWe are unable to test this in a
different environment but we can verify\r\nthat the config overrides the
defaults as expected by setting the config\r\nvalues to something
different and the logging out the params that are\r\nsent to
`getOAuthClientCredentialsAccessToken`
in\r\n`x-pack/plugins/stack_connectors/server/connector_types/email/send_email.ts`.\r\nThen
create an MS Exchange email connector and test it to see that
the\r\nlogged values are overridden as
expected.\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"f7e4f7a636763d46cb6a38b21a5eb6e67595ddfe"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/175812","number":175812,"mergeCommit":{"message":"[Response
Ops][Actions] Adding configuration to override default MS Graph API
Scope and Exchange URL values (#175812)\n\nResolves
https://github.com/elastic/kibana/issues/166064\r\n\r\n##
Summary\r\n\r\nAdds the following configurations to the `kibana.yml`
config:\r\n* `xpack.actions.microsoftGraphApiScope` - overrides the
default Graph\r\nAPI scope value of
`https://graph.microsoft.com/.default`\r\n*
`xpack.actions.microsoftExchangeUrl` - overrides the default value
of\r\n`https://login.microsoftonline.com`\r\n\r\nThis allows users in
different Azure environments to customize their\r\nendpoints as
needed.\r\n\r\n## To Verify\r\n\r\nWe are unable to test this in a
different environment but we can verify\r\nthat the config overrides the
defaults as expected by setting the config\r\nvalues to something
different and the logging out the params that are\r\nsent to
`getOAuthClientCredentialsAccessToken`
in\r\n`x-pack/plugins/stack_connectors/server/connector_types/email/send_email.ts`.\r\nThen
create an MS Exchange email connector and test it to see that
the\r\nlogged values are overridden as
expected.\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine
<42973632+kibanamachine@users.noreply.github.com>","sha":"f7e4f7a636763d46cb6a38b21a5eb6e67595ddfe"}}]}]
BACKPORT-->

Co-authored-by: Ying Mao <ying.mao@elastic.co>
 2024-02-01 12:03:05 -07:00